]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_attr.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bgpd: Validate large-community-list against UINT_MAX
[mirror_frr.git] / bgpd / bgp_attr.c
CommitLineData
718e3744 1/* BGP attributes management routines.
896014f4
DL		 2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "memory.h"
26#include "vector.h"
718e3744 27#include "stream.h"
28#include "log.h"
29#include "hash.h"
c8e7b895 30#include "jhash.h"
3f9c7369 31#include "queue.h"
f4c89855 32#include "table.h"
039f3a34 33#include "filter.h"
4dcadbef 34#include "command.h"
718e3744 35
36#include "bgpd/bgpd.h"
37#include "bgpd/bgp_attr.h"
38#include "bgpd/bgp_route.h"
39#include "bgpd/bgp_aspath.h"
40#include "bgpd/bgp_community.h"
41#include "bgpd/bgp_debug.h"
14454c9f 42#include "bgpd/bgp_errors.h"
9bedbb1e 43#include "bgpd/bgp_label.h"
718e3744 44#include "bgpd/bgp_packet.h"
45#include "bgpd/bgp_ecommunity.h"
57d187bc 46#include "bgpd/bgp_lcommunity.h"
3f9c7369 47#include "bgpd/bgp_updgrp.h"
6407da5a 48#include "bgpd/bgp_encap_types.h"
65efcfce 49#if ENABLE_BGP_VNC
d62a17ae 50#include "bgpd/rfapi/bgp_rfapi_cfg.h"
51#include "bgp_encap_types.h"
52#include "bgp_vnc_types.h"
65efcfce 53#endif
b18825eb
PG		 54#include "bgp_encap_types.h"
55#include "bgp_evpn.h"
7c40bf39 56#include "bgp_flowspec_private.h"
eee353c5 57#include "bgp_mac.h"
6b0655a2 58
718e3744 59/* Attribute strings for logging. */
d62a17ae 60static const struct message attr_str[] = {
61 {BGP_ATTR_ORIGIN, "ORIGIN"},
62 {BGP_ATTR_AS_PATH, "AS_PATH"},
63 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
64 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
65 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
66 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
67 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
68 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
69 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
70 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
71 {BGP_ATTR_DPA, "DPA"},
72 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
73 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
74 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
75 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
76 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
77 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
78 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
79 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
a21bd7a3 80 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
d62a17ae 81 {BGP_ATTR_ENCAP, "ENCAP"},
943d595a 82#if ENABLE_BGP_VNC_ATTR
d62a17ae 83 {BGP_ATTR_VNC, "VNC"},
65efcfce 84#endif
d62a17ae 85 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
86 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
87 {0}};
afcb7679 88
996c9314
LB		 89static const struct message attr_flag_str[] = {
90 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
91 {BGP_ATTR_FLAG_TRANS, "Transitive"},
92 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
93 /* bgp_attr_flags_diagnose() relies on this bit being last in
94 this list */
95 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
96 {0}};
6b0655a2 97
9bddac4b 98static struct hash *cluster_hash;
718e3744 99
d62a17ae 100static void *cluster_hash_alloc(void *p)
718e3744 101{
d62a17ae 102 const struct cluster_list *val = (const struct cluster_list *)p;
103 struct cluster_list *cluster;
718e3744 104
d62a17ae 105 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
106 cluster->length = val->length;
718e3744 107
d62a17ae 108 if (cluster->length) {
109 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
110 memcpy(cluster->list, val->list, val->length);
111 } else
112 cluster->list = NULL;
718e3744 113
d62a17ae 114 cluster->refcnt = 0;
718e3744 115
d62a17ae 116 return cluster;
718e3744 117}
118
119/* Cluster list related functions. */
d62a17ae 120static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
718e3744 121{
d62a17ae 122 struct cluster_list tmp;
123 struct cluster_list *cluster;
718e3744 124
d62a17ae 125 tmp.length = length;
126 tmp.list = pnt;
718e3744 127
d62a17ae 128 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
129 cluster->refcnt++;
130 return cluster;
718e3744 131}
132
d62a17ae 133int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
718e3744 134{
d62a17ae 135 int i;
136
137 for (i = 0; i < cluster->length / 4; i++)
138 if (cluster->list[i].s_addr == originator.s_addr)
139 return 1;
140 return 0;
718e3744 141}
142
d62a17ae 143static unsigned int cluster_hash_key_make(void *p)
718e3744 144{
d62a17ae 145 const struct cluster_list *cluster = p;
718e3744 146
d62a17ae 147 return jhash(cluster->list, cluster->length, 0);
718e3744 148}
149
74df8d6d 150static bool cluster_hash_cmp(const void *p1, const void *p2)
718e3744 151{
d62a17ae 152 const struct cluster_list *cluster1 = p1;
153 const struct cluster_list *cluster2 = p2;
923de654 154
d62a17ae 155 return (cluster1->length == cluster2->length
156 && memcmp(cluster1->list, cluster2->list, cluster1->length)
157 == 0);
718e3744 158}
159
d62a17ae 160static void cluster_free(struct cluster_list *cluster)
718e3744 161{
0a22ddfb 162 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
d62a17ae 163 XFREE(MTYPE_CLUSTER, cluster);
718e3744 164}
165
d62a17ae 166static struct cluster_list *cluster_intern(struct cluster_list *cluster)
718e3744 167{
d62a17ae 168 struct cluster_list *find;
718e3744 169
d62a17ae 170 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
171 find->refcnt++;
718e3744 172
d62a17ae 173 return find;
718e3744 174}
175
d62a17ae 176void cluster_unintern(struct cluster_list *cluster)
718e3744 177{
d62a17ae 178 if (cluster->refcnt)
179 cluster->refcnt--;
718e3744 180
d62a17ae 181 if (cluster->refcnt == 0) {
182 hash_release(cluster_hash, cluster);
183 cluster_free(cluster);
184 }
718e3744 185}
186
d62a17ae 187static void cluster_init(void)
718e3744 188{
996c9314 189 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
3f65c5b1 190 "BGP Cluster");
718e3744 191}
228da428 192
d62a17ae 193static void cluster_finish(void)
228da428 194{
d62a17ae 195 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
196 hash_free(cluster_hash);
197 cluster_hash = NULL;
228da428 198}
6b0655a2 199
bede7744
LB		 200static struct hash *encap_hash = NULL;
201#if ENABLE_BGP_VNC
202static struct hash *vnc_hash = NULL;
203#endif
204
d62a17ae 205struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
f4c89855 206{
d62a17ae 207 struct bgp_attr_encap_subtlv *new;
208 struct bgp_attr_encap_subtlv *tail;
209 struct bgp_attr_encap_subtlv *p;
f4c89855 210
d62a17ae 211 for (p = orig, tail = new = NULL; p; p = p->next) {
12f70478 212 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
d62a17ae 213 if (tail) {
214 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
215 tail = tail->next;
216 } else {
217 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
218 }
219 assert(tail);
220 memcpy(tail, p, size);
221 tail->next = NULL;
f4c89855 222 }
f4c89855 223
d62a17ae 224 return new;
f4c89855
LB		 225}
226
d62a17ae 227static void encap_free(struct bgp_attr_encap_subtlv *p)
f4c89855 228{
d62a17ae 229 struct bgp_attr_encap_subtlv *next;
230 while (p) {
231 next = p->next;
232 p->next = NULL;
233 XFREE(MTYPE_ENCAP_TLV, p);
234 p = next;
235 }
f4c89855
LB		 236}
237
d62a17ae 238void bgp_attr_flush_encap(struct attr *attr)
f4c89855 239{
d62a17ae 240 if (!attr)
241 return;
f4c89855 242
d62a17ae 243 if (attr->encap_subtlvs) {
244 encap_free(attr->encap_subtlvs);
245 attr->encap_subtlvs = NULL;
246 }
65efcfce 247#if ENABLE_BGP_VNC
d62a17ae 248 if (attr->vnc_subtlvs) {
249 encap_free(attr->vnc_subtlvs);
250 attr->vnc_subtlvs = NULL;
251 }
65efcfce 252#endif
f4c89855
LB		 253}
254
255/*
256 * Compare encap sub-tlv chains
257 *
258 * 1 = equivalent
259 * 0 = not equivalent
260 *
261 * This algorithm could be made faster if needed
262 */
36de6e0e
A		 263static int encap_same(const struct bgp_attr_encap_subtlv *h1,
264 const struct bgp_attr_encap_subtlv *h2)
f4c89855 265{
36de6e0e
A		 266 const struct bgp_attr_encap_subtlv *p;
267 const struct bgp_attr_encap_subtlv *q;
f4c89855 268
d62a17ae 269 if (h1 == h2)
270 return 1;
271 if (h1 == NULL || h2 == NULL)
272 return 0;
f4c89855 273
d62a17ae 274 for (p = h1; p; p = p->next) {
275 for (q = h2; q; q = q->next) {
276 if ((p->type == q->type) && (p->length == q->length)
277 && !memcmp(p->value, q->value, p->length)) {
f4c89855 278
d62a17ae 279 break;
280 }
281 }
282 if (!q)
283 return 0;
f4c89855 284 }
f4c89855 285
d62a17ae 286 for (p = h2; p; p = p->next) {
287 for (q = h1; q; q = q->next) {
288 if ((p->type == q->type) && (p->length == q->length)
289 && !memcmp(p->value, q->value, p->length)) {
f4c89855 290
d62a17ae 291 break;
292 }
293 }
294 if (!q)
295 return 0;
f4c89855 296 }
f4c89855 297
d62a17ae 298 return 1;
f4c89855
LB		 299}
300
d62a17ae 301static void *encap_hash_alloc(void *p)
bede7744 302{
d62a17ae 303 /* Encap structure is already allocated. */
304 return p;
bede7744
LB		 305}
306
d62a17ae 307typedef enum {
308 ENCAP_SUBTLV_TYPE,
bede7744 309#if ENABLE_BGP_VNC
d62a17ae 310 VNC_SUBTLV_TYPE
bede7744
LB		 311#endif
312} encap_subtlv_type;
313
314static struct bgp_attr_encap_subtlv *
d62a17ae 315encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
bede7744 316{
d62a17ae 317 struct bgp_attr_encap_subtlv *find;
318 struct hash *hash = encap_hash;
bede7744 319#if ENABLE_BGP_VNC
d62a17ae 320 if (type == VNC_SUBTLV_TYPE)
321 hash = vnc_hash;
bede7744
LB		 322#endif
323
d62a17ae 324 find = hash_get(hash, encap, encap_hash_alloc);
325 if (find != encap)
326 encap_free(encap);
327 find->refcnt++;
bede7744 328
d62a17ae 329 return find;
bede7744
LB		 330}
331
d62a17ae 332static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
333 encap_subtlv_type type)
bede7744 334{
d62a17ae 335 struct bgp_attr_encap_subtlv *encap = *encapp;
336 if (encap->refcnt)
337 encap->refcnt--;
bede7744 338
d62a17ae 339 if (encap->refcnt == 0) {
340 struct hash *hash = encap_hash;
bede7744 341#if ENABLE_BGP_VNC
d62a17ae 342 if (type == VNC_SUBTLV_TYPE)
343 hash = vnc_hash;
bede7744 344#endif
d62a17ae 345 hash_release(hash, encap);
346 encap_free(encap);
347 *encapp = NULL;
348 }
bede7744
LB		 349}
350
d62a17ae 351static unsigned int encap_hash_key_make(void *p)
bede7744 352{
d62a17ae 353 const struct bgp_attr_encap_subtlv *encap = p;
bede7744 354
d62a17ae 355 return jhash(encap->value, encap->length, 0);
bede7744
LB		 356}
357
74df8d6d 358static bool encap_hash_cmp(const void *p1, const void *p2)
bede7744 359{
36de6e0e
A		 360 return encap_same((const struct bgp_attr_encap_subtlv *)p1,
361 (const struct bgp_attr_encap_subtlv *)p2);
bede7744
LB		 362}
363
d62a17ae 364static void encap_init(void)
bede7744 365{
996c9314 366 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 367 "BGP Encap Hash");
bede7744 368#if ENABLE_BGP_VNC
996c9314 369 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 370 "BGP VNC Hash");
bede7744
LB		 371#endif
372}
373
d62a17ae 374static void encap_finish(void)
bede7744 375{
d62a17ae 376 hash_clean(encap_hash, (void (*)(void *))encap_free);
377 hash_free(encap_hash);
378 encap_hash = NULL;
bede7744 379#if ENABLE_BGP_VNC
d62a17ae 380 hash_clean(vnc_hash, (void (*)(void *))encap_free);
381 hash_free(vnc_hash);
382 vnc_hash = NULL;
bede7744
LB		 383#endif
384}
385
d62a17ae 386static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
684a7227 387{
d62a17ae 388 if (!a1 && a2)
389 return false;
390 if (!a2 && a1)
391 return false;
392 if (!a1 && !a2)
393 return true;
394 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
ea7741a0 395 sizeof(struct bgp_route_evpn));
684a7227
PG		 396}
397
718e3744 398/* Unknown transit attribute. */
9bddac4b 399static struct hash *transit_hash;
718e3744 400
d62a17ae 401static void transit_free(struct transit *transit)
718e3744 402{
0a22ddfb 403 XFREE(MTYPE_TRANSIT_VAL, transit->val);
d62a17ae 404 XFREE(MTYPE_TRANSIT, transit);
718e3744 405}
406
d62a17ae 407static void *transit_hash_alloc(void *p)
718e3744 408{
d62a17ae 409 /* Transit structure is already allocated. */
410 return p;
718e3744 411}
412
d62a17ae 413static struct transit *transit_intern(struct transit *transit)
718e3744 414{
d62a17ae 415 struct transit *find;
718e3744 416
d62a17ae 417 find = hash_get(transit_hash, transit, transit_hash_alloc);
418 if (find != transit)
419 transit_free(transit);
420 find->refcnt++;
718e3744 421
d62a17ae 422 return find;
718e3744 423}
424
d62a17ae 425void transit_unintern(struct transit *transit)
718e3744 426{
d62a17ae 427 if (transit->refcnt)
428 transit->refcnt--;
718e3744 429
d62a17ae 430 if (transit->refcnt == 0) {
431 hash_release(transit_hash, transit);
432 transit_free(transit);
433 }
718e3744 434}
435
d62a17ae 436static unsigned int transit_hash_key_make(void *p)
718e3744 437{
d62a17ae 438 const struct transit *transit = p;
718e3744 439
d62a17ae 440 return jhash(transit->val, transit->length, 0);
718e3744 441}
442
74df8d6d 443static bool transit_hash_cmp(const void *p1, const void *p2)
718e3744 444{
d62a17ae 445 const struct transit *transit1 = p1;
446 const struct transit *transit2 = p2;
923de654 447
d62a17ae 448 return (transit1->length == transit2->length
449 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
718e3744 450}
451
d62a17ae 452static void transit_init(void)
718e3744 453{
996c9314 454 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
3f65c5b1 455 "BGP Transit Hash");
718e3744 456}
228da428 457
d62a17ae 458static void transit_finish(void)
228da428 459{
d62a17ae 460 hash_clean(transit_hash, (void (*)(void *))transit_free);
461 hash_free(transit_hash);
462 transit_hash = NULL;
228da428 463}
6b0655a2 464
718e3744 465/* Attribute hash routines. */
9bddac4b 466static struct hash *attrhash;
718e3744 467
fb982c25
PJ		 468/* Shallow copy of an attribute
469 * Though, not so shallow that it doesn't copy the contents
470 * of the attr_extra pointed to by 'extra'
471 */
d62a17ae 472void bgp_attr_dup(struct attr *new, struct attr *orig)
fb982c25 473{
d62a17ae 474 *new = *orig;
fb982c25
PJ		 475}
476
d62a17ae 477unsigned long int attr_count(void)
cbdfbaa5 478{
d62a17ae 479 return attrhash->count;
cbdfbaa5
PJ		 480}
481
d62a17ae 482unsigned long int attr_unknown_count(void)
cbdfbaa5 483{
d62a17ae 484 return transit_hash->count;
cbdfbaa5
PJ		 485}
486
d62a17ae 487unsigned int attrhash_key_make(void *p)
718e3744 488{
d62a17ae 489 const struct attr *attr = (struct attr *)p;
490 uint32_t key = 0;
c8e7b895 491#define MIX(val) key = jhash_1word(val, key)
0d0268a6 492#define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
c8e7b895 493
0d0268a6 494 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
996c9314
LB		 495 MIX3(attr->local_pref, attr->aggregator_as,
496 attr->aggregator_addr.s_addr);
0d0268a6
LB		 497 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
498 attr->originator_id.s_addr);
499 MIX3(attr->tag, attr->label, attr->label_index);
d62a17ae 500
501 if (attr->aspath)
502 MIX(aspath_key_make(attr->aspath));
503 if (attr->community)
504 MIX(community_hash_make(attr->community));
505
506 if (attr->lcommunity)
507 MIX(lcommunity_hash_make(attr->lcommunity));
508 if (attr->ecommunity)
509 MIX(ecommunity_hash_make(attr->ecommunity));
510 if (attr->cluster)
511 MIX(cluster_hash_key_make(attr->cluster));
512 if (attr->transit)
513 MIX(transit_hash_key_make(attr->transit));
514 if (attr->encap_subtlvs)
515 MIX(encap_hash_key_make(attr->encap_subtlvs));
bede7744 516#if ENABLE_BGP_VNC
d62a17ae 517 if (attr->vnc_subtlvs)
518 MIX(encap_hash_key_make(attr->vnc_subtlvs));
bede7744 519#endif
d62a17ae 520 MIX(attr->mp_nexthop_len);
521 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
522 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
77e62f2b 523 MIX(attr->nh_ifindex);
524 MIX(attr->nh_lla_ifindex);
d62a17ae 525
526 return key;
527}
528
74df8d6d 529bool attrhash_cmp(const void *p1, const void *p2)
d62a17ae 530{
531 const struct attr *attr1 = p1;
532 const struct attr *attr2 = p2;
533
534 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
535 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
536 && attr1->aspath == attr2->aspath
537 && attr1->community == attr2->community && attr1->med == attr2->med
538 && attr1->local_pref == attr2->local_pref
539 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
540 if (attr1->aggregator_as == attr2->aggregator_as
541 && attr1->aggregator_addr.s_addr
542 == attr2->aggregator_addr.s_addr
543 && attr1->weight == attr2->weight
544 && attr1->tag == attr2->tag
545 && attr1->label_index == attr2->label_index
546 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
d62a17ae 547 && attr1->ecommunity == attr2->ecommunity
548 && attr1->lcommunity == attr2->lcommunity
549 && attr1->cluster == attr2->cluster
550 && attr1->transit == attr2->transit
551 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
552 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
65efcfce 553#if ENABLE_BGP_VNC
d62a17ae 554 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
65efcfce 555#endif
0d0268a6
LB		 556 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
557 &attr2->mp_nexthop_global)
558 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
559 &attr2->mp_nexthop_local)
560 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
561 &attr2->mp_nexthop_global_in)
d62a17ae 562 && IPV4_ADDR_SAME(&attr1->originator_id,
563 &attr2->originator_id)
77e62f2b 564 && overlay_index_same(attr1, attr2)
565 && attr1->nh_ifindex == attr2->nh_ifindex
566 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex)
74df8d6d 567 return true;
d62a17ae 568 }
aadc0905 569
74df8d6d 570 return false;
718e3744 571}
572
d62a17ae 573static void attrhash_init(void)
718e3744 574{
996c9314
LB		 575 attrhash =
576 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
718e3744 577}
578
289d2501
LB		 579/*
580 * special for hash_clean below
581 */
d62a17ae 582static void attr_vfree(void *attr)
289d2501 583{
d62a17ae 584 XFREE(MTYPE_ATTR, attr);
289d2501
LB		 585}
586
d62a17ae 587static void attrhash_finish(void)
228da428 588{
d62a17ae 589 hash_clean(attrhash, attr_vfree);
590 hash_free(attrhash);
591 attrhash = NULL;
228da428
CC		 592}
593
e3b78da8 594static void attr_show_all_iterator(struct hash_bucket *bucket, struct vty *vty)
718e3744 595{
e3b78da8 596 struct attr *attr = bucket->data;
718e3744 597
d62a17ae 598 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
599 inet_ntoa(attr->nexthop));
13b7e7f0 600 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
23a2a47e 601 attr->flag, attr->med, attr->local_pref, attr->origin,
13b7e7f0 602 attr->weight, attr->label);
718e3744 603}
604
d62a17ae 605void attr_show_all(struct vty *vty)
718e3744 606{
e3b78da8 607 hash_iterate(attrhash, (void (*)(struct hash_bucket *,
9d303b37
DL		 608 void *))attr_show_all_iterator,
609 vty);
718e3744 610}
611
d62a17ae 612static void *bgp_attr_hash_alloc(void *p)
718e3744 613{
d62a17ae 614 struct attr *val = (struct attr *)p;
615 struct attr *attr;
718e3744 616
d62a17ae 617 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
618 *attr = *val;
619 if (val->encap_subtlvs) {
620 val->encap_subtlvs = NULL;
621 }
65efcfce 622#if ENABLE_BGP_VNC
d62a17ae 623 if (val->vnc_subtlvs) {
624 val->vnc_subtlvs = NULL;
625 }
65efcfce 626#endif
d62a17ae 627 attr->refcnt = 0;
628 return attr;
718e3744 629}
630
631/* Internet argument attribute. */
d62a17ae 632struct attr *bgp_attr_intern(struct attr *attr)
633{
634 struct attr *find;
635
636 /* Intern referenced strucutre. */
637 if (attr->aspath) {
638 if (!attr->aspath->refcnt)
639 attr->aspath = aspath_intern(attr->aspath);
640 else
641 attr->aspath->refcnt++;
642 }
643 if (attr->community) {
644 if (!attr->community->refcnt)
645 attr->community = community_intern(attr->community);
646 else
647 attr->community->refcnt++;
648 }
649
650 if (attr->ecommunity) {
651 if (!attr->ecommunity->refcnt)
652 attr->ecommunity = ecommunity_intern(attr->ecommunity);
653 else
654 attr->ecommunity->refcnt++;
655 }
656 if (attr->lcommunity) {
657 if (!attr->lcommunity->refcnt)
658 attr->lcommunity = lcommunity_intern(attr->lcommunity);
659 else
660 attr->lcommunity->refcnt++;
661 }
662 if (attr->cluster) {
663 if (!attr->cluster->refcnt)
664 attr->cluster = cluster_intern(attr->cluster);
665 else
666 attr->cluster->refcnt++;
667 }
668 if (attr->transit) {
669 if (!attr->transit->refcnt)
670 attr->transit = transit_intern(attr->transit);
671 else
672 attr->transit->refcnt++;
673 }
674 if (attr->encap_subtlvs) {
675 if (!attr->encap_subtlvs->refcnt)
676 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
677 ENCAP_SUBTLV_TYPE);
678 else
679 attr->encap_subtlvs->refcnt++;
680 }
bede7744 681#if ENABLE_BGP_VNC
d62a17ae 682 if (attr->vnc_subtlvs) {
683 if (!attr->vnc_subtlvs->refcnt)
684 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
685 VNC_SUBTLV_TYPE);
686 else
687 attr->vnc_subtlvs->refcnt++;
688 }
aadc0905 689#endif
bede7744 690
dbbac180
DL		 691 /* At this point, attr only contains intern'd pointers. that means
692 * if we find it in attrhash, it has all the same pointers and we
693 * correctly updated the refcounts on these.
694 * If we don't find it, we need to allocate a one because in all
695 * cases this returns a new reference to a hashed attr, but the input
696 * wasn't on hash. */
d62a17ae 697 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
698 find->refcnt++;
699
700 return find;
718e3744 701}
702
703/* Make network statement's attribute. */
d7c0a89a 704struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
718e3744 705{
d62a17ae 706 memset(attr, 0, sizeof(struct attr));
03e214c8 707
d62a17ae 708 attr->origin = origin;
709 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
710 attr->aspath = aspath_empty();
711 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
712 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
713 attr->tag = 0;
714 attr->label_index = BGP_INVALID_LABEL_INDEX;
715 attr->label = MPLS_INVALID_LABEL;
716 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
717 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
718
719 return attr;
718e3744 720}
721
b5d58c32 722/* Create the attributes for an aggregate */
d7c0a89a 723struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
d62a17ae 724 struct aspath *aspath,
3da2cc32
DS		 725 struct community *community,
726 struct ecommunity *ecommunity,
dd18c5a9 727 struct lcommunity *lcommunity,
3da2cc32 728 int as_set, uint8_t atomic_aggregate)
d62a17ae 729{
730 struct attr attr;
731 struct attr *new;
732
733 memset(&attr, 0, sizeof(struct attr));
734
735 /* Origin attribute. */
736 attr.origin = origin;
737 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
738
739 /* AS path attribute. */
740 if (aspath)
741 attr.aspath = aspath_intern(aspath);
742 else
743 attr.aspath = aspath_empty();
744 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
745
746 /* Next hop attribute. */
747 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
748
749 if (community) {
d7c0a89a 750 uint32_t gshut = COMMUNITY_GSHUT;
7f323236
DW		 751
752 /* If we are not shutting down ourselves and we are
753 * aggregating a route that contains the GSHUT community we
754 * need to remove that community when creating the aggregate */
996c9314
LB		 755 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
756 && community_include(community, gshut)) {
7f323236
DW		 757 community_del_val(community, &gshut);
758 }
759
d62a17ae 760 attr.community = community;
761 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
762 }
763
3da2cc32
DS		 764 if (ecommunity) {
765 attr.ecommunity = ecommunity;
766 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
767 }
768
dd18c5a9
DS		 769 if (lcommunity) {
770 attr.lcommunity = lcommunity;
771 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
772 }
773
7f323236
DW		 774 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
775 bgp_attr_add_gshut_community(&attr);
776 }
777
d62a17ae 778 attr.label_index = BGP_INVALID_LABEL_INDEX;
779 attr.label = MPLS_INVALID_LABEL;
780 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
781 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
782 if (!as_set || atomic_aggregate)
783 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
784 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
785 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
786 attr.aggregator_as = bgp->confed_id;
787 else
788 attr.aggregator_as = bgp->as;
789 attr.aggregator_addr = bgp->router_id;
790 attr.label_index = BGP_INVALID_LABEL_INDEX;
791 attr.label = MPLS_INVALID_LABEL;
792
793 new = bgp_attr_intern(&attr);
794
795 aspath_unintern(&new->aspath);
796 return new;
718e3744 797}
798
b881c707 799/* Unintern just the sub-components of the attr, but not the attr */
d62a17ae 800void bgp_attr_unintern_sub(struct attr *attr)
801{
802 /* aspath refcount shoud be decrement. */
803 if (attr->aspath)
804 aspath_unintern(&attr->aspath);
805 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
806
807 if (attr->community)
808 community_unintern(&attr->community);
809 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
810
811 if (attr->ecommunity)
812 ecommunity_unintern(&attr->ecommunity);
813 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
814
815 if (attr->lcommunity)
816 lcommunity_unintern(&attr->lcommunity);
817 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
818
819 if (attr->cluster)
820 cluster_unintern(attr->cluster);
821 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
822
823 if (attr->transit)
824 transit_unintern(attr->transit);
825
826 if (attr->encap_subtlvs)
827 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
bede7744
LB		 828
829#if ENABLE_BGP_VNC
d62a17ae 830 if (attr->vnc_subtlvs)
831 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
bede7744 832#endif
b881c707
PJ		 833}
834
f46d8e1e
DS		 835/*
836 * We have some show commands that let you experimentally
837 * apply a route-map. When we apply the route-map
838 * we are reseting values but not saving them for
839 * posterity via intern'ing( because route-maps don't
840 * do that) but at this point in time we need
841 * to compare the new attr to the old and if the
842 * routemap has changed it we need to, as Snoop Dog says,
843 * Drop it like it's hot
844 */
845void bgp_attr_undup(struct attr *new, struct attr *old)
846{
847 if (new->aspath != old->aspath)
848 aspath_free(new->aspath);
849
850 if (new->community != old->community)
3c1f53de 851 community_free(&new->community);
f46d8e1e
DS		 852
853 if (new->ecommunity != old->ecommunity)
854 ecommunity_free(&new->ecommunity);
855
856 if (new->lcommunity != old->lcommunity)
857 lcommunity_free(&new->lcommunity);
f46d8e1e
DS		 858}
859
718e3744 860/* Free bgp attribute and aspath. */
d62a17ae 861void bgp_attr_unintern(struct attr **pattr)
862{
863 struct attr *attr = *pattr;
864 struct attr *ret;
865 struct attr tmp;
866
867 /* Decrement attribute reference. */
868 attr->refcnt--;
869
870 tmp = *attr;
871
872 /* If reference becomes zero then free attribute object. */
873 if (attr->refcnt == 0) {
874 ret = hash_release(attrhash, attr);
875 assert(ret != NULL);
876 XFREE(MTYPE_ATTR, attr);
877 *pattr = NULL;
878 }
879
880 bgp_attr_unintern_sub(&tmp);
881}
882
883void bgp_attr_flush(struct attr *attr)
884{
885 if (attr->aspath && !attr->aspath->refcnt) {
886 aspath_free(attr->aspath);
887 attr->aspath = NULL;
888 }
3c1f53de
SMS		 889 if (attr->community && !attr->community->refcnt)
890 community_free(&attr->community);
d62a17ae 891 if (attr->ecommunity && !attr->ecommunity->refcnt)
892 ecommunity_free(&attr->ecommunity);
893 if (attr->lcommunity && !attr->lcommunity->refcnt)
894 lcommunity_free(&attr->lcommunity);
895 if (attr->cluster && !attr->cluster->refcnt) {
896 cluster_free(attr->cluster);
897 attr->cluster = NULL;
898 }
899 if (attr->transit && !attr->transit->refcnt) {
900 transit_free(attr->transit);
901 attr->transit = NULL;
902 }
903 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
904 encap_free(attr->encap_subtlvs);
905 attr->encap_subtlvs = NULL;
906 }
65efcfce 907#if ENABLE_BGP_VNC
d62a17ae 908 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
909 encap_free(attr->vnc_subtlvs);
910 attr->vnc_subtlvs = NULL;
911 }
aadc0905 912#endif
718e3744 913}
914
b881c707
PJ		 915/* Implement draft-scudder-idr-optional-transitive behaviour and
916 * avoid resetting sessions for malformed attributes which are
917 * are partial/optional and hence where the error likely was not
918 * introduced by the sending neighbour.
919 */
920static bgp_attr_parse_ret_t
d7c0a89a 921bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
d62a17ae 922 bgp_size_t length)
923{
924 struct peer *const peer = args->peer;
d7c0a89a 925 const uint8_t flags = args->flags;
d62a17ae 926 /* startp and length must be special-cased, as whether or not to
927 * send the attribute data with the NOTIFY depends on the error,
928 * the caller therefore signals this with the seperate length argument
929 */
d7c0a89a 930 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
d62a17ae 931
932 /* Only relax error handling for eBGP peers */
933 if (peer->sort != BGP_PEER_EBGP) {
934 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
935 notify_datap, length);
936 return BGP_ATTR_PARSE_ERROR;
937 }
938
939 /* Adjust the stream getp to the end of the attribute, in case we can
940 * still proceed but the caller hasn't read all the attribute.
941 */
942 stream_set_getp(BGP_INPUT(peer),
943 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
944 + args->total);
945
946 switch (args->type) {
947 /* where an attribute is relatively inconsequential, e.g. it does not
948 * affect route selection, and can be safely ignored, then any such
949 * attributes which are malformed should just be ignored and the route
950 * processed as normal.
951 */
952 case BGP_ATTR_AS4_AGGREGATOR:
953 case BGP_ATTR_AGGREGATOR:
954 case BGP_ATTR_ATOMIC_AGGREGATE:
955 return BGP_ATTR_PARSE_PROCEED;
956
957 /* Core attributes, particularly ones which may influence route
958 * selection, should always cause session resets
959 */
960 case BGP_ATTR_ORIGIN:
961 case BGP_ATTR_AS_PATH:
962 case BGP_ATTR_NEXT_HOP:
963 case BGP_ATTR_MULTI_EXIT_DISC:
964 case BGP_ATTR_LOCAL_PREF:
965 case BGP_ATTR_COMMUNITIES:
966 case BGP_ATTR_ORIGINATOR_ID:
967 case BGP_ATTR_CLUSTER_LIST:
968 case BGP_ATTR_MP_REACH_NLRI:
969 case BGP_ATTR_MP_UNREACH_NLRI:
970 case BGP_ATTR_EXT_COMMUNITIES:
971 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
972 notify_datap, length);
973 return BGP_ATTR_PARSE_ERROR;
974 }
975
976 /* Partial optional attributes that are malformed should not cause
977 * the whole session to be reset. Instead treat it as a withdrawal
978 * of the routes, if possible.
979 */
980 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
981 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
982 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
983 return BGP_ATTR_PARSE_WITHDRAW;
984
985 /* default to reset */
986 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
b881c707
PJ		 987}
988
afcb7679
DO		 989/* Find out what is wrong with the path attribute flag bits and log the error.
990 "Flag bits" here stand for Optional, Transitive and Partial, but not for
991 Extended Length. Checking O/T/P bits at once implies, that the attribute
992 being diagnosed is defined by RFC as either a "well-known" or an "optional,
993 non-transitive" attribute. */
994static void
d62a17ae 995bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
d7c0a89a
QY		 996 uint8_t desired_flags /* how RFC says it must be */
997)
d62a17ae 998{
d7c0a89a
QY		 999 uint8_t seen = 0, i;
1000 uint8_t real_flags = args->flags;
1001 const uint8_t attr_code = args->type;
d62a17ae 1002
1003 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1004 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1005 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
1006 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1007 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
1c50c1c0
QY		 1008 flog_err(EC_BGP_ATTR_FLAG,
1009 "%s attribute must%s be flagged as \"%s\"",
1010 lookup_msg(attr_str, attr_code, NULL),
1011 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1012 ? ""
1013 : " not",
1014 attr_flag_str[i].str);
d62a17ae 1015 seen = 1;
1016 }
1017 if (!seen) {
1018 zlog_debug(
1019 "Strange, %s called for attr %s, but no problem found with flags"
1020 " (real flags 0x%x, desired 0x%x)",
1021 __func__, lookup_msg(attr_str, attr_code, NULL),
1022 real_flags, desired_flags);
1023 }
afcb7679
DO		 1024}
1025
3ecab4c8
PJ		 1026/* Required flags for attributes. EXTLEN will be masked off when testing,
1027 * as will PARTIAL for optional+transitive attributes.
1028 */
d7c0a89a
QY		 1029const uint8_t attr_flags_values[] = {
1030 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1031 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1032 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1033 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1034 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1035 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1036 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1037 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1038 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1039 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1040 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1041 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1042 [BGP_ATTR_EXT_COMMUNITIES] =
1043 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1044 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1045 [BGP_ATTR_AS4_AGGREGATOR] =
1046 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1047 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1048 [BGP_ATTR_LARGE_COMMUNITIES] =
1049 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1050 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
3ecab4c8 1051};
099111ef 1052static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
3ecab4c8 1053
d62a17ae 1054static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1055{
d7c0a89a
QY		 1056 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1057 const uint8_t flags = args->flags;
1058 const uint8_t attr_code = args->type;
d62a17ae 1059
1060 /* there may be attributes we don't know about */
1061 if (attr_code > attr_flags_values_max)
1062 return 0;
1063 if (attr_flags_values[attr_code] == 0)
1064 return 0;
1065
1066 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1067 * to
1068 * 1."
1069 */
1070 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1071 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
af4c2728 1072 flog_err(
e50f7cfd 1073 EC_BGP_ATTR_FLAG,
d62a17ae 1074 "%s well-known attributes must have transitive flag set (%x)",
1075 lookup_msg(attr_str, attr_code, NULL), flags);
1076 return 1;
1077 }
1078
1079 /* "For well-known attributes and for optional non-transitive
1080 * attributes,
1081 * the Partial bit MUST be set to 0."
1082 */
1083 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1084 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
e50f7cfd 1085 flog_err(EC_BGP_ATTR_FLAG,
1c50c1c0
QY		 1086 "%s well-known attribute "
1087 "must NOT have the partial flag set (%x)",
1088 lookup_msg(attr_str, attr_code, NULL), flags);
d62a17ae 1089 return 1;
1090 }
1091 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1092 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
e50f7cfd 1093 flog_err(EC_BGP_ATTR_FLAG,
1c50c1c0
QY		 1094 "%s optional + transitive attribute "
1095 "must NOT have the partial flag set (%x)",
1096 lookup_msg(attr_str, attr_code, NULL), flags);
d62a17ae 1097 return 1;
1098 }
1099 }
1100
1101 /* Optional transitive attributes may go through speakers that don't
1102 * reocgnise them and set the Partial bit.
1103 */
1104 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1105 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1106 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1107
1108 if ((flags & ~mask) == attr_flags_values[attr_code])
1109 return 0;
1110
1111 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1112 return 1;
3ecab4c8
PJ		 1113}
1114
718e3744 1115/* Get origin attribute of the update message. */
d62a17ae 1116static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1117{
1118 struct peer *const peer = args->peer;
1119 struct attr *const attr = args->attr;
1120 const bgp_size_t length = args->length;
1121
1122 /* If any recognized attribute has Attribute Length that conflicts
1123 with the expected length (based on the attribute type code), then
1124 the Error Subcode is set to Attribute Length Error. The Data
1125 field contains the erroneous attribute (type, length and
1126 value). */
1127 if (length != 1) {
e50f7cfd 1128 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1129 "Origin attribute length is not one %d", length);
d62a17ae 1130 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1131 args->total);
1132 }
1133
1134 /* Fetch origin attribute. */
1135 attr->origin = stream_getc(BGP_INPUT(peer));
1136
1137 /* If the ORIGIN attribute has an undefined value, then the Error
1138 Subcode is set to Invalid Origin Attribute. The Data field
1139 contains the unrecognized attribute (type, length and value). */
1140 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1141 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
e50f7cfd 1142 flog_err(EC_BGP_ATTR_ORIGIN,
1c50c1c0 1143 "Origin attribute value is invalid %d", attr->origin);
d62a17ae 1144 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1145 args->total);
1146 }
1147
1148 /* Set oring attribute flag. */
1149 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1150
1151 return 0;
718e3744 1152}
ab005298
PJ		 1153
1154/* Parse AS path information. This function is wrapper of
1155 aspath_parse. */
d62a17ae 1156static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1157{
1158 struct attr *const attr = args->attr;
1159 struct peer *const peer = args->peer;
1160 const bgp_size_t length = args->length;
1161
1162 /*
1163 * peer with AS4 => will get 4Byte ASnums
1164 * otherwise, will get 16 Bit
1165 */
424ab01d 1166 attr->aspath = aspath_parse(peer->curr, length,
d62a17ae 1167 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1168
1169 /* In case of IBGP, length will be zero. */
1170 if (!attr->aspath) {
e50f7cfd 1171 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1c50c1c0
QY		 1172 "Malformed AS path from %s, length is %d", peer->host,
1173 length);
d62a17ae 1174 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1175 0);
1176 }
0b2aa3a0 1177
d62a17ae 1178 /* Set aspath attribute flag. */
1179 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1180
1181 return BGP_ATTR_PARSE_PROCEED;
1182}
1183
1184static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1185 struct attr *const attr)
1186{
1187 /* These checks were part of bgp_attr_aspath, but with
1188 * as4 we should to check aspath things when
1189 * aspath synthesizing with as4_path has already taken place.
1190 * Otherwise we check ASPATH and use the synthesized thing, and that is
1191 * not right.
1192 * So do the checks later, i.e. here
1193 */
d62a17ae 1194 struct aspath *aspath;
1195
1196 /* Confederation sanity check. */
1197 if ((peer->sort == BGP_PEER_CONFED
1198 && !aspath_left_confed_check(attr->aspath))
1199 || (peer->sort == BGP_PEER_EBGP
1200 && aspath_confed_check(attr->aspath))) {
e50f7cfd 1201 flog_err(EC_BGP_ATTR_MAL_AS_PATH, "Malformed AS path from %s",
1c50c1c0 1202 peer->host);
d62a17ae 1203 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1204 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1205 return BGP_ATTR_PARSE_ERROR;
1206 }
cddb8112 1207
d62a17ae 1208 /* First AS check for EBGP. */
47cbc09b 1209 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
d62a17ae 1210 if (peer->sort == BGP_PEER_EBGP
1211 && !aspath_firstas_check(attr->aspath, peer->as)) {
e50f7cfd 1212 flog_err(EC_BGP_ATTR_FIRST_AS,
1c50c1c0
QY		 1213 "%s incorrect first AS (must be %u)",
1214 peer->host, peer->as);
d62a17ae 1215 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1216 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1217 return BGP_ATTR_PARSE_ERROR;
1218 }
1219 }
0b2aa3a0 1220
d62a17ae 1221 /* local-as prepend */
1222 if (peer->change_local_as
1223 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1224 aspath = aspath_dup(attr->aspath);
1225 aspath = aspath_add_seq(aspath, peer->change_local_as);
1226 aspath_unintern(&attr->aspath);
1227 attr->aspath = aspath_intern(aspath);
1228 }
0b2aa3a0 1229
d62a17ae 1230 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1231}
1232
ab005298
PJ		 1233/* Parse AS4 path information. This function is another wrapper of
1234 aspath_parse. */
d62a17ae 1235static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1236 struct aspath **as4_path)
ab005298 1237{
d62a17ae 1238 struct peer *const peer = args->peer;
1239 struct attr *const attr = args->attr;
1240 const bgp_size_t length = args->length;
ab005298 1241
424ab01d 1242 *as4_path = aspath_parse(peer->curr, length, 1);
b881c707 1243
d62a17ae 1244 /* In case of IBGP, length will be zero. */
1245 if (!*as4_path) {
e50f7cfd 1246 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1c50c1c0
QY		 1247 "Malformed AS4 path from %s, length is %d", peer->host,
1248 length);
d62a17ae 1249 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1250 0);
1251 }
ab005298 1252
d62a17ae 1253 /* Set aspath attribute flag. */
1254 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1255
1256 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1257}
1258
718e3744 1259/* Nexthop attribute. */
d62a17ae 1260static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1261{
1262 struct peer *const peer = args->peer;
1263 struct attr *const attr = args->attr;
1264 const bgp_size_t length = args->length;
1265
1266 in_addr_t nexthop_h, nexthop_n;
1267
1268 /* Check nexthop attribute length. */
1269 if (length != 4) {
e50f7cfd 1270 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1271 "Nexthop attribute length isn't four [%d]", length);
d62a17ae 1272
1273 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1274 args->total);
1275 }
1276
1277 /* According to section 6.3 of RFC4271, syntactically incorrect NEXT_HOP
1278 attribute must result in a NOTIFICATION message (this is implemented
1279 below).
1280 At the same time, semantically incorrect NEXT_HOP is more likely to
1281 be just
1282 logged locally (this is implemented somewhere else). The UPDATE
1283 message
1284 gets ignored in any of these cases. */
424ab01d 1285 nexthop_n = stream_get_ipv4(peer->curr);
d62a17ae 1286 nexthop_h = ntohl(nexthop_n);
1287 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1288 || IPV4_CLASS_DE(nexthop_h))
1289 && !BGP_DEBUG(
1290 allow_martians,
1291 ALLOW_MARTIANS)) /* loopbacks may be used in testing */
1292 {
1293 char buf[INET_ADDRSTRLEN];
1294 inet_ntop(AF_INET, &nexthop_n, buf, INET_ADDRSTRLEN);
e50f7cfd 1295 flog_err(EC_BGP_ATTR_MARTIAN_NH, "Martian nexthop %s", buf);
d62a17ae 1296 return bgp_attr_malformed(
1297 args, BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP, args->total);
1298 }
1299
1300 attr->nexthop.s_addr = nexthop_n;
1301 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1302
1303 return BGP_ATTR_PARSE_PROCEED;
718e3744 1304}
1305
1306/* MED atrribute. */
d62a17ae 1307static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
718e3744 1308{
d62a17ae 1309 struct peer *const peer = args->peer;
1310 struct attr *const attr = args->attr;
1311 const bgp_size_t length = args->length;
b881c707 1312
d62a17ae 1313 /* Length check. */
1314 if (length != 4) {
e50f7cfd 1315 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1316 "MED attribute length isn't four [%d]", length);
718e3744 1317
d62a17ae 1318 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1319 args->total);
1320 }
1321
424ab01d 1322 attr->med = stream_getl(peer->curr);
718e3744 1323
d62a17ae 1324 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
718e3744 1325
d62a17ae 1326 return BGP_ATTR_PARSE_PROCEED;
718e3744 1327}
1328
1329/* Local preference attribute. */
b881c707 1330static bgp_attr_parse_ret_t
d62a17ae 1331bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1332{
1333 struct peer *const peer = args->peer;
1334 struct attr *const attr = args->attr;
1335 const bgp_size_t length = args->length;
1336
1337 /* Length check. */
1338 if (length != 4) {
e50f7cfd 1339 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1340 "LOCAL_PREF attribute length isn't 4 [%u]", length);
d62a17ae 1341 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1342 args->total);
1343 }
1344
1345 /* If it is contained in an UPDATE message that is received from an
1346 external peer, then this attribute MUST be ignored by the
1347 receiving speaker. */
1348 if (peer->sort == BGP_PEER_EBGP) {
424ab01d 1349 stream_forward_getp(peer->curr, length);
d62a17ae 1350 return BGP_ATTR_PARSE_PROCEED;
1351 }
1352
424ab01d 1353 attr->local_pref = stream_getl(peer->curr);
d62a17ae 1354
7f323236 1355 /* Set the local-pref flag. */
d62a17ae 1356 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1357
1358 return BGP_ATTR_PARSE_PROCEED;
718e3744 1359}
1360
1361/* Atomic aggregate. */
d62a17ae 1362static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
718e3744 1363{
d62a17ae 1364 struct attr *const attr = args->attr;
1365 const bgp_size_t length = args->length;
1366
1367 /* Length check. */
1368 if (length != 0) {
e50f7cfd 1369 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0
QY		 1370 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1371 length);
d62a17ae 1372 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1373 args->total);
1374 }
718e3744 1375
d62a17ae 1376 /* Set atomic aggregate flag. */
1377 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
718e3744 1378
d62a17ae 1379 return BGP_ATTR_PARSE_PROCEED;
718e3744 1380}
1381
1382/* Aggregator attribute */
d62a17ae 1383static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1384{
1385 struct peer *const peer = args->peer;
1386 struct attr *const attr = args->attr;
1387 const bgp_size_t length = args->length;
1388
1389 int wantedlen = 6;
1390
1391 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1392 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1393 wantedlen = 8;
1394
1395 if (length != wantedlen) {
e50f7cfd 1396 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0
QY		 1397 "AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1398 length);
d62a17ae 1399 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1400 args->total);
1401 }
1402
1403 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
424ab01d 1404 attr->aggregator_as = stream_getl(peer->curr);
d62a17ae 1405 else
424ab01d
QY		 1406 attr->aggregator_as = stream_getw(peer->curr);
1407 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1408
1409 /* Set atomic aggregate flag. */
1410 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1411
1412 return BGP_ATTR_PARSE_PROCEED;
718e3744 1413}
1414
0b2aa3a0 1415/* New Aggregator attribute */
b881c707 1416static bgp_attr_parse_ret_t
d62a17ae 1417bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1418 as_t *as4_aggregator_as,
1419 struct in_addr *as4_aggregator_addr)
1420{
1421 struct peer *const peer = args->peer;
1422 struct attr *const attr = args->attr;
1423 const bgp_size_t length = args->length;
1424
1425 if (length != 8) {
1c50c1c0
QY		 1426 flog_err(EC_BGP_ATTR_LEN, "New Aggregator length is not 8 [%d]",
1427 length);
d62a17ae 1428 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1429 0);
1430 }
1431
424ab01d
QY		 1432 *as4_aggregator_as = stream_getl(peer->curr);
1433 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1434
1435 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1436
1437 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1438}
1439
1440/* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1441 */
b881c707 1442static bgp_attr_parse_ret_t
d62a17ae 1443bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1444 struct aspath *as4_path, as_t as4_aggregator,
1445 struct in_addr *as4_aggregator_addr)
1446{
1447 int ignore_as4_path = 0;
1448 struct aspath *newpath;
1449
1450 if (!attr->aspath) {
1451 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1452 * have
1453 * checked that all well-known, mandatory attributes were
1454 * present.
1455 *
1456 * Can only be a problem with peer itself - hard error
1457 */
1458 return BGP_ATTR_PARSE_ERROR;
1459 }
1460
1461 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1462 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1463 * if given.
1464 * It is worth a warning though, because the peer really
1465 * should not send them
1466 */
1467 if (BGP_DEBUG(as4, AS4)) {
1468 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1469 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1470 "AS4 capable peer, yet it sent");
1471
1472 if (attr->flag
1473 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1474 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1475 peer->host,
1476 "AS4 capable peer, yet it sent");
1477 }
1478
1479 return BGP_ATTR_PARSE_PROCEED;
1480 }
1481
1482 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1483 * because that may override AS4_PATH
1484 */
1485 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1486 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1487 /* received both.
1488 * if the as_number in aggregator is not AS_TRANS,
1489 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1490 * and the Aggregator shall be taken as
1491 * info on the aggregating node, and the AS_PATH
1492 * shall be taken as the AS_PATH
1493 * otherwise
1494 * the Aggregator shall be ignored and the
1495 * AS4_AGGREGATOR shall be taken as the
1496 * Aggregating node and the AS_PATH is to be
1497 * constructed "as in all other cases"
1498 */
1499 if (attr->aggregator_as != BGP_AS_TRANS) {
1500 /* ignore */
1501 if (BGP_DEBUG(as4, AS4))
1502 zlog_debug(
1503 "[AS4] %s BGP not AS4 capable peer"
1504 " send AGGREGATOR != AS_TRANS and"
1505 " AS4_AGGREGATOR, so ignore"
1506 " AS4_AGGREGATOR and AS4_PATH",
1507 peer->host);
1508 ignore_as4_path = 1;
1509 } else {
1510 /* "New_aggregator shall be taken as aggregator"
1511 */
1512 attr->aggregator_as = as4_aggregator;
1513 attr->aggregator_addr.s_addr =
1514 as4_aggregator_addr->s_addr;
1515 }
1516 } else {
1517 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1518 * That is bogus - but reading the conditions
1519 * we have to handle AS4_AGGREGATOR as if it were
1520 * AGGREGATOR in that case
1521 */
1522 if (BGP_DEBUG(as4, AS4))
1523 zlog_debug(
1524 "[AS4] %s BGP not AS4 capable peer send"
1525 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1526 " it as if AGGREGATOR with AS_TRANS had been there",
1527 peer->host);
1528 attr->aggregator_as = as4_aggregator;
1529 /* sweep it under the carpet and simulate a "good"
1530 * AGGREGATOR */
1531 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1532 }
1533 }
1534
1535 /* need to reconcile NEW_AS_PATH and AS_PATH */
1536 if (!ignore_as4_path
1537 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1538 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
e8a3a0a0 1539 if (!newpath)
1540 return BGP_ATTR_PARSE_ERROR;
1541
d62a17ae 1542 aspath_unintern(&attr->aspath);
1543 attr->aspath = aspath_intern(newpath);
1544 }
1545 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1546}
1547
718e3744 1548/* Community attribute. */
b881c707 1549static bgp_attr_parse_ret_t
d62a17ae 1550bgp_attr_community(struct bgp_attr_parser_args *args)
1551{
1552 struct peer *const peer = args->peer;
1553 struct attr *const attr = args->attr;
1554 const bgp_size_t length = args->length;
1555
1556 if (length == 0) {
1557 attr->community = NULL;
1558 return BGP_ATTR_PARSE_PROCEED;
1559 }
1560
1561 attr->community =
d7c0a89a 1562 community_parse((uint32_t *)stream_pnt(peer->curr), length);
d62a17ae 1563
1564 /* XXX: fix community_parse to use stream API and remove this */
424ab01d 1565 stream_forward_getp(peer->curr, length);
d62a17ae 1566
1567 if (!attr->community)
1568 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1569 args->total);
1570
1571 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1572
1573 return BGP_ATTR_PARSE_PROCEED;
718e3744 1574}
1575
1576/* Originator ID attribute. */
b881c707 1577static bgp_attr_parse_ret_t
d62a17ae 1578bgp_attr_originator_id(struct bgp_attr_parser_args *args)
718e3744 1579{
d62a17ae 1580 struct peer *const peer = args->peer;
1581 struct attr *const attr = args->attr;
1582 const bgp_size_t length = args->length;
718e3744 1583
d62a17ae 1584 /* Length check. */
1585 if (length != 4) {
e50f7cfd 1586 flog_err(EC_BGP_ATTR_LEN, "Bad originator ID length %d",
1c50c1c0 1587 length);
718e3744 1588
d62a17ae 1589 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1590 args->total);
1591 }
1592
424ab01d 1593 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
718e3744 1594
d62a17ae 1595 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
718e3744 1596
d62a17ae 1597 return BGP_ATTR_PARSE_PROCEED;
718e3744 1598}
1599
1600/* Cluster list attribute. */
b881c707 1601static bgp_attr_parse_ret_t
d62a17ae 1602bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
718e3744 1603{
d62a17ae 1604 struct peer *const peer = args->peer;
1605 struct attr *const attr = args->attr;
1606 const bgp_size_t length = args->length;
1607
1608 /* Check length. */
1609 if (length % 4) {
1c50c1c0 1610 flog_err(EC_BGP_ATTR_LEN, "Bad cluster list length %d", length);
718e3744 1611
d62a17ae 1612 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1613 args->total);
1614 }
1615
1616 attr->cluster =
424ab01d 1617 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
718e3744 1618
d62a17ae 1619 /* XXX: Fix cluster_parse to use stream API and then remove this */
424ab01d 1620 stream_forward_getp(peer->curr, length);
718e3744 1621
d62a17ae 1622 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
718e3744 1623
d62a17ae 1624 return BGP_ATTR_PARSE_PROCEED;
718e3744 1625}
1626
1627/* Multiprotocol reachability information parse. */
d62a17ae 1628int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1629 struct bgp_nlri *mp_update)
1630{
1631 iana_afi_t pkt_afi;
1632 afi_t afi;
5c525538
RW		 1633 iana_safi_t pkt_safi;
1634 safi_t safi;
d62a17ae 1635 bgp_size_t nlri_len;
1636 size_t start;
1637 struct stream *s;
1638 struct peer *const peer = args->peer;
1639 struct attr *const attr = args->attr;
1640 const bgp_size_t length = args->length;
1641
1642 /* Set end of packet. */
1643 s = BGP_INPUT(peer);
1644 start = stream_get_getp(s);
1645
1646/* safe to read statically sized header? */
6e4ab12f 1647#define BGP_MP_REACH_MIN_SIZE 5
03292809 1648#define LEN_LEFT (length - (stream_get_getp(s) - start))
d62a17ae 1649 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1650 zlog_info("%s: %s sent invalid length, %lu", __func__,
1651 peer->host, (unsigned long)length);
1652 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1653 }
1654
1655 /* Load AFI, SAFI. */
1656 pkt_afi = stream_getw(s);
1657 pkt_safi = stream_getc(s);
1658
1659 /* Convert AFI, SAFI to internal values, check. */
1660 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1661 /* Log if AFI or SAFI is unrecognized. This is not an error
1662 * unless
1663 * the attribute is otherwise malformed.
1664 */
1665 if (bgp_debug_update(peer, NULL, NULL, 0))
1666 zlog_debug(
1667 "%s: MP_REACH received AFI %u or SAFI %u is unrecognized",
1668 peer->host, pkt_afi, pkt_safi);
1669 return BGP_ATTR_PARSE_ERROR;
1670 }
1671
1672 /* Get nexthop length. */
1673 attr->mp_nexthop_len = stream_getc(s);
1674
1675 if (LEN_LEFT < attr->mp_nexthop_len) {
1676 zlog_info(
1677 "%s: %s, MP nexthop length, %u, goes past end of attribute",
1678 __func__, peer->host, attr->mp_nexthop_len);
1679 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1680 }
1681
1682 /* Nexthop length check. */
1683 switch (attr->mp_nexthop_len) {
7c40bf39 1684 case 0:
1685 if (safi != SAFI_FLOWSPEC) {
1686 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1687 __func__, peer->host, attr->mp_nexthop_len);
1688 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1689 }
1690 break;
b6453163
LB		 1691 case BGP_ATTR_NHLEN_VPNV4:
1692 stream_getl(s); /* RD high */
1693 stream_getl(s); /* RD low */
996c9314
LB		 1694 /*
1695 * NOTE: intentional fall through
1696 * - for consistency in rx processing
1697 *
1698 * The following comment is to signal GCC this intention
0437e105 1699 * and suppress the warning
996c9314
LB		 1700 */
1701 /* FALLTHRU */
d62a17ae 1702 case BGP_ATTR_NHLEN_IPV4:
1703 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1704 /* Probably needed for RFC 2283 */
1705 if (attr->nexthop.s_addr == 0)
1706 memcpy(&attr->nexthop.s_addr,
1707 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1708 break;
d62a17ae 1709 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1710 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1711 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1712 stream_getl(s); /* RD high */
1713 stream_getl(s); /* RD low */
1714 }
1715 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
17cdd31e
DS		 1716 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1717 if (!peer->nexthop.ifp) {
13366862 1718 zlog_warn("%s: Received a V6/VPNV6 Global attribute but address is a V6 LL and we have no peer interface information, withdrawing",
17cdd31e
DS		 1719 peer->host);
1720 return BGP_ATTR_PARSE_WITHDRAW;
1721 }
77e62f2b 1722 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
17cdd31e 1723 }
d62a17ae 1724 break;
1725 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1726 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1727 if (attr->mp_nexthop_len
1728 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1729 stream_getl(s); /* RD high */
1730 stream_getl(s); /* RD low */
1731 }
1732 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
17cdd31e
DS		 1733 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1734 if (!peer->nexthop.ifp) {
13366862 1735 zlog_warn("%s: Received V6/VPNV6 Global and LL attribute but global address is a V6 LL and we have no peer interface information, withdrawing",
17cdd31e
DS		 1736 peer->host);
1737 return BGP_ATTR_PARSE_WITHDRAW;
1738 }
77e62f2b 1739 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
17cdd31e 1740 }
d62a17ae 1741 if (attr->mp_nexthop_len
1742 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1743 stream_getl(s); /* RD high */
1744 stream_getl(s); /* RD low */
1745 }
1746 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1747 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1748 char buf1[INET6_ADDRSTRLEN];
1749 char buf2[INET6_ADDRSTRLEN];
1750
1751 if (bgp_debug_update(peer, NULL, NULL, 1))
1752 zlog_debug(
1753 "%s rcvd nexthops %s, %s -- ignoring non-LL value",
1754 peer->host,
1755 inet_ntop(AF_INET6,
1756 &attr->mp_nexthop_global,
1757 buf1, INET6_ADDRSTRLEN),
1758 inet_ntop(AF_INET6,
1759 &attr->mp_nexthop_local, buf2,
1760 INET6_ADDRSTRLEN));
1761
1762 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1763 }
17cdd31e 1764 if (!peer->nexthop.ifp) {
13366862 1765 zlog_warn("%s: Received a V6 LL nexthop and we have no peer interface information, withdrawing",
17cdd31e
DS		 1766 peer->host);
1767 return BGP_ATTR_PARSE_WITHDRAW;
1768 }
77e62f2b 1769 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1770 break;
1771 default:
1772 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1773 __func__, peer->host, attr->mp_nexthop_len);
1774 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1775 }
1776
1777 if (!LEN_LEFT) {
1778 zlog_info("%s: (%s) Failed to read SNPA and NLRI(s)", __func__,
1779 peer->host);
1780 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1781 }
1782
718e3744 1783 {
d7c0a89a 1784 uint8_t val;
d62a17ae 1785 if ((val = stream_getc(s)))
ade6974d 1786 flog_warn(
e50f7cfd 1787 EC_BGP_DEFUNCT_SNPA_LEN,
ade6974d
QY		 1788 "%s sent non-zero value, %u, for defunct SNPA-length field",
1789 peer->host, val);
d62a17ae 1790 }
1791
1792 /* must have nrli_len, what is left of the attribute */
1793 nlri_len = LEN_LEFT;
9b9df989 1794 if (nlri_len > STREAM_READABLE(s)) {
d62a17ae 1795 zlog_info("%s: (%s) Failed to read NLRI", __func__, peer->host);
1796 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1797 }
1798
9b9df989
DS		 1799 if (!nlri_len) {
1800 zlog_info("%s: (%s) No Reachability, Treating as a EOR marker",
1801 __func__, peer->host);
1802
1803 mp_update->afi = afi;
1804 mp_update->safi = safi;
1805 return BGP_ATTR_PARSE_EOR;
1806 }
1807
d62a17ae 1808 mp_update->afi = afi;
1809 mp_update->safi = safi;
1810 mp_update->nlri = stream_pnt(s);
1811 mp_update->length = nlri_len;
1812
1813 stream_forward_getp(s, nlri_len);
1814
1815 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1816
1817 return BGP_ATTR_PARSE_PROCEED;
03292809 1818#undef LEN_LEFT
718e3744 1819}
1820
1821/* Multiprotocol unreachable parse */
d62a17ae 1822int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1823 struct bgp_nlri *mp_withdraw)
1824{
1825 struct stream *s;
1826 iana_afi_t pkt_afi;
1827 afi_t afi;
5c525538
RW		 1828 iana_safi_t pkt_safi;
1829 safi_t safi;
d7c0a89a 1830 uint16_t withdraw_len;
d62a17ae 1831 struct peer *const peer = args->peer;
1832 struct attr *const attr = args->attr;
1833 const bgp_size_t length = args->length;
9cabb64b 1834
424ab01d 1835 s = peer->curr;
9cabb64b 1836
d62a17ae 1837#define BGP_MP_UNREACH_MIN_SIZE 3
1838 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1839 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1840
1841 pkt_afi = stream_getw(s);
1842 pkt_safi = stream_getc(s);
1843
1844 /* Convert AFI, SAFI to internal values, check. */
1845 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1846 /* Log if AFI or SAFI is unrecognized. This is not an error
1847 * unless
1848 * the attribute is otherwise malformed.
1849 */
1850 if (bgp_debug_update(peer, NULL, NULL, 0))
1851 zlog_debug(
1852 "%s: MP_UNREACH received AFI %u or SAFI %u is unrecognized",
1853 peer->host, pkt_afi, pkt_safi);
1854 return BGP_ATTR_PARSE_ERROR;
1855 }
718e3744 1856
d62a17ae 1857 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
718e3744 1858
d62a17ae 1859 mp_withdraw->afi = afi;
1860 mp_withdraw->safi = safi;
1861 mp_withdraw->nlri = stream_pnt(s);
1862 mp_withdraw->length = withdraw_len;
718e3744 1863
d62a17ae 1864 stream_forward_getp(s, withdraw_len);
37da8fa9 1865
d62a17ae 1866 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1867
1868 return BGP_ATTR_PARSE_PROCEED;
718e3744 1869}
1870
57d187bc
JS		 1871/* Large Community attribute. */
1872static bgp_attr_parse_ret_t
d62a17ae 1873bgp_attr_large_community(struct bgp_attr_parser_args *args)
1874{
1875 struct peer *const peer = args->peer;
1876 struct attr *const attr = args->attr;
1877 const bgp_size_t length = args->length;
1878
1879 /*
1880 * Large community follows new attribute format.
1881 */
1882 if (length == 0) {
1883 attr->lcommunity = NULL;
1884 /* Empty extcomm doesn't seem to be invalid per se */
1885 return BGP_ATTR_PARSE_PROCEED;
1886 }
57d187bc 1887
d62a17ae 1888 attr->lcommunity =
d7c0a89a 1889 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1890 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1891 stream_forward_getp(peer->curr, length);
57d187bc 1892
d62a17ae 1893 if (!attr->lcommunity)
1894 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1895 args->total);
57d187bc 1896
d62a17ae 1897 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
57d187bc 1898
d62a17ae 1899 return BGP_ATTR_PARSE_PROCEED;
57d187bc
JS		 1900}
1901
718e3744 1902/* Extended Community attribute. */
b881c707 1903static bgp_attr_parse_ret_t
d62a17ae 1904bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1905{
1906 struct peer *const peer = args->peer;
1907 struct attr *const attr = args->attr;
1908 const bgp_size_t length = args->length;
d7c0a89a 1909 uint8_t sticky = 0;
d62a17ae 1910
1911 if (length == 0) {
1912 attr->ecommunity = NULL;
1913 /* Empty extcomm doesn't seem to be invalid per se */
1914 return BGP_ATTR_PARSE_PROCEED;
1915 }
1916
1917 attr->ecommunity =
d7c0a89a 1918 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1919 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1920 stream_forward_getp(peer->curr, length);
d62a17ae 1921
1922 if (!attr->ecommunity)
1923 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1924 args->total);
1925
1926 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1927
1928 /* Extract MAC mobility sequence number, if any. */
1929 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1930 attr->sticky = sticky;
1931
ead40654
MK		 1932 /* Check if this is a Gateway MAC-IP advertisement */
1933 attr->default_gw = bgp_attr_default_gw(attr);
1934
68e33151
CS		 1935 /* Handle scenario where router flag ecommunity is not
1936 * set but default gw ext community is present.
1937 * Use default gateway, set and propogate R-bit.
1938 */
1939 if (attr->default_gw)
1940 attr->router_flag = 1;
1941
1942 /* Check EVPN Neighbor advertisement flags, R-bit */
1943 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1944
bc59a672 1945 /* Extract the Rmac, if any */
eee353c5
CS		 1946 if (bgp_attr_rmac(attr, &attr->rmac)) {
1947 if (bgp_debug_update(peer, NULL, NULL, 1) &&
1948 bgp_mac_exist(&attr->rmac)) {
1949 char buf1[ETHER_ADDR_STRLEN];
1950
1951 zlog_debug("%s: router mac %s is self mac",
1952 __func__,
1953 prefix_mac2str(&attr->rmac, buf1,
1954 sizeof(buf1)));
1955 }
1956
1957 }
bc59a672 1958
d62a17ae 1959 return BGP_ATTR_PARSE_PROCEED;
718e3744 1960}
1961
f4c89855 1962/* Parse Tunnel Encap attribute in an UPDATE */
d62a17ae 1963static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
1964 bgp_size_t length, /* IN: attr's length field */
1965 struct attr *attr, /* IN: caller already allocated */
d7c0a89a
QY		 1966 uint8_t flag, /* IN: attr's flags field */
1967 uint8_t *startp)
d62a17ae 1968{
1969 bgp_size_t total;
d62a17ae 1970 uint16_t tunneltype = 0;
1971
1972 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
1973
1974 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
1975 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
1976 zlog_info(
1977 "Tunnel Encap attribute flag isn't optional and transitive %d",
1978 flag);
1979 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1980 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
1981 startp, total);
1982 return -1;
1983 }
1984
1985 if (BGP_ATTR_ENCAP == type) {
1986 /* read outer TLV type and length */
1987 uint16_t tlv_length;
1988
1989 if (length < 4) {
1990 zlog_info(
1991 "Tunnel Encap attribute not long enough to contain outer T,L");
1992 bgp_notify_send_with_data(
1993 peer, BGP_NOTIFY_UPDATE_ERR,
1994 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1995 return -1;
1996 }
1997 tunneltype = stream_getw(BGP_INPUT(peer));
1998 tlv_length = stream_getw(BGP_INPUT(peer));
1999 length -= 4;
2000
2001 if (tlv_length != length) {
2002 zlog_info("%s: tlv_length(%d) != length(%d)", __func__,
2003 tlv_length, length);
2004 }
2005 }
2006
2007 while (length >= 4) {
2008 uint16_t subtype = 0;
2009 uint16_t sublength = 0;
2010 struct bgp_attr_encap_subtlv *tlv;
2011
2012 if (BGP_ATTR_ENCAP == type) {
2013 subtype = stream_getc(BGP_INPUT(peer));
2014 sublength = stream_getc(BGP_INPUT(peer));
2015 length -= 2;
65efcfce 2016#if ENABLE_BGP_VNC
d62a17ae 2017 } else {
2018 subtype = stream_getw(BGP_INPUT(peer));
2019 sublength = stream_getw(BGP_INPUT(peer));
2020 length -= 4;
65efcfce 2021#endif
d62a17ae 2022 }
2023
2024 if (sublength > length) {
2025 zlog_info(
2026 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2027 sublength, length);
2028 bgp_notify_send_with_data(
2029 peer, BGP_NOTIFY_UPDATE_ERR,
2030 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2031 return -1;
2032 }
2033
2034 /* alloc and copy sub-tlv */
2035 /* TBD make sure these are freed when attributes are released */
2036 tlv = XCALLOC(MTYPE_ENCAP_TLV,
996c9314 2037 sizeof(struct bgp_attr_encap_subtlv) + sublength);
d62a17ae 2038 tlv->type = subtype;
2039 tlv->length = sublength;
424ab01d 2040 stream_get(tlv->value, peer->curr, sublength);
d62a17ae 2041 length -= sublength;
2042
2043 /* attach tlv to encap chain */
2044 if (BGP_ATTR_ENCAP == type) {
e4002056 2045 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 2046 for (stlv_last = attr->encap_subtlvs;
2047 stlv_last && stlv_last->next;
2048 stlv_last = stlv_last->next)
2049 ;
2050 if (stlv_last) {
2051 stlv_last->next = tlv;
2052 } else {
2053 attr->encap_subtlvs = tlv;
2054 }
65efcfce 2055#if ENABLE_BGP_VNC
d62a17ae 2056 } else {
e4002056 2057 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 2058 for (stlv_last = attr->vnc_subtlvs;
2059 stlv_last && stlv_last->next;
2060 stlv_last = stlv_last->next)
2061 ;
2062 if (stlv_last) {
2063 stlv_last->next = tlv;
2064 } else {
2065 attr->vnc_subtlvs = tlv;
2066 }
aadc0905 2067#endif
d62a17ae 2068 }
d62a17ae 2069 }
f4c89855 2070
d62a17ae 2071 if (BGP_ATTR_ENCAP == type) {
2072 attr->encap_tunneltype = tunneltype;
2073 }
f4c89855 2074
d62a17ae 2075 if (length) {
2076 /* spurious leftover data */
2077 zlog_info(
2078 "Tunnel Encap attribute length is bad: %d leftover octets",
2079 length);
2080 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2081 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2082 startp, total);
2083 return -1;
2084 }
f4c89855 2085
d62a17ae 2086 return 0;
f4c89855
LB		 2087}
2088
30adbd4e
DS		 2089/*
2090 * Read an individual SID value returning how much data we have read
2091 * Returns 0 if there was an error that needs to be passed up the stack
c5a543b4 2092 */
30adbd4e
DS		 2093static bgp_attr_parse_ret_t bgp_attr_psid_sub(int32_t type,
2094 int32_t length,
2095 struct bgp_attr_parser_args *args,
2096 struct bgp_nlri *mp_update)
d62a17ae 2097{
2098 struct peer *const peer = args->peer;
2099 struct attr *const attr = args->attr;
d7c0a89a 2100 uint32_t label_index;
d62a17ae 2101 struct in6_addr ipv6_sid;
d7c0a89a
QY		 2102 uint32_t srgb_base;
2103 uint32_t srgb_range;
d62a17ae 2104 int srgb_count;
2105
d62a17ae 2106 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2107 if (length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
af4c2728 2108 flog_err(
e50f7cfd 2109 EC_BGP_ATTR_LEN,
14454c9f
DS		 2110 "Prefix SID label index length is %d instead of %d",
2111 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
30adbd4e
DS		 2112 return bgp_attr_malformed(args,
2113 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2114 args->total);
d62a17ae 2115 }
2116
2117 /* Ignore flags and reserved */
424ab01d
QY		 2118 stream_getc(peer->curr);
2119 stream_getw(peer->curr);
d62a17ae 2120
2121 /* Fetch the label index and see if it is valid. */
424ab01d 2122 label_index = stream_getl(peer->curr);
d62a17ae 2123 if (label_index == BGP_INVALID_LABEL_INDEX)
30adbd4e
DS		 2124 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2125 args->total);
d62a17ae 2126
2127 /* Store label index; subsequently, we'll check on
2128 * address-family */
2129 attr->label_index = label_index;
2130
2131 /*
2132 * Ignore the Label index attribute unless received for
2133 * labeled-unicast
2134 * SAFI.
2135 */
2136 if (!mp_update->length
2137 || mp_update->safi != SAFI_LABELED_UNICAST)
2138 attr->label_index = BGP_INVALID_LABEL_INDEX;
2139 }
2140
2141 /* Placeholder code for the IPv6 SID type */
2142 else if (type == BGP_PREFIX_SID_IPV6) {
2143 if (length != BGP_PREFIX_SID_IPV6_LENGTH) {
e50f7cfd 2144 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0
QY		 2145 "Prefix SID IPv6 length is %d instead of %d",
2146 length, BGP_PREFIX_SID_IPV6_LENGTH);
30adbd4e
DS		 2147 return bgp_attr_malformed(args,
2148 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2149 args->total);
d62a17ae 2150 }
2151
2152 /* Ignore reserved */
424ab01d
QY		 2153 stream_getc(peer->curr);
2154 stream_getw(peer->curr);
d62a17ae 2155
424ab01d 2156 stream_get(&ipv6_sid, peer->curr, 16);
d62a17ae 2157 }
2158
2159 /* Placeholder code for the Originator SRGB type */
2160 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2161 /* Ignore flags */
424ab01d 2162 stream_getw(peer->curr);
d62a17ae 2163
2164 length -= 2;
2165
2166 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
af4c2728 2167 flog_err(
e50f7cfd 2168 EC_BGP_ATTR_LEN,
d62a17ae 2169 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2170 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2171 return bgp_attr_malformed(
2172 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2173 args->total);
2174 }
2175
2176 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2177
2178 for (int i = 0; i < srgb_count; i++) {
424ab01d
QY		 2179 stream_get(&srgb_base, peer->curr, 3);
2180 stream_get(&srgb_range, peer->curr, 3);
d62a17ae 2181 }
2182 }
2183
2184 return BGP_ATTR_PARSE_PROCEED;
6cf48acc
VV		 2185}
2186
30adbd4e
DS		 2187/* Prefix SID attribute
2188 * draft-ietf-idr-bgp-prefix-sid-05
2189 */
2190bgp_attr_parse_ret_t
2191bgp_attr_prefix_sid(int32_t tlength, struct bgp_attr_parser_args *args,
2192 struct bgp_nlri *mp_update)
2193{
2194 struct peer *const peer = args->peer;
2195 struct attr *const attr = args->attr;
2196 bgp_attr_parse_ret_t ret;
2197
2198 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2199
2200 while (tlength) {
2201 int32_t type, length;
2202
2203 type = stream_getc(peer->curr);
2204 length = stream_getw(peer->curr);
2205
2206 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2207
2208 if (ret != BGP_ATTR_PARSE_PROCEED)
2209 return ret;
2210 /*
2211 * Subtract length + the T and the L
2212 * since length is the Vector portion
2213 */
2214 tlength -= length + 3;
2215
2216 if (tlength < 0) {
af4c2728 2217 flog_err(
e50f7cfd 2218 EC_BGP_ATTR_LEN,
14454c9f
DS		 2219 "Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2220 length);
30adbd4e
DS		 2221 return bgp_attr_malformed(args,
2222 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2223 args->total);
2224 }
2225 }
2226
2227 return BGP_ATTR_PARSE_PROCEED;
2228}
2229
7fd077aa 2230/* PMSI tunnel attribute (RFC 6514)
2231 * Basic validation checks done here.
2232 */
2233static bgp_attr_parse_ret_t
2234bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2235{
2236 struct peer *const peer = args->peer;
2237 struct attr *const attr = args->attr;
2238 const bgp_size_t length = args->length;
d7c0a89a 2239 uint8_t tnl_type;
355f3c11 2240 int attr_parse_len = 2 + BGP_LABEL_BYTES;
7fd077aa 2241
2242 /* Verify that the receiver is expecting "ingress replication" as we
2243 * can only support that.
2244 */
355f3c11 2245 if (length < attr_parse_len) {
1c50c1c0
QY		 2246 flog_err(EC_BGP_ATTR_LEN, "Bad PMSI tunnel attribute length %d",
2247 length);
7fd077aa 2248 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2249 args->total);
2250 }
2251 stream_getc(peer->curr); /* Flags */
2252 tnl_type = stream_getc(peer->curr);
2253 if (tnl_type > PMSI_TNLTYPE_MAX) {
e50f7cfd 2254 flog_err(EC_BGP_ATTR_PMSI_TYPE,
1c50c1c0 2255 "Invalid PMSI tunnel attribute type %d", tnl_type);
7fd077aa 2256 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2257 args->total);
2258 }
2259 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2260 if (length != 9) {
e50f7cfd 2261 flog_err(EC_BGP_ATTR_PMSI_LEN,
1c50c1c0
QY		 2262 "Bad PMSI tunnel attribute length %d for IR",
2263 length);
052ea98b 2264 return bgp_attr_malformed(
2265 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2266 args->total);
7fd077aa 2267 }
2268 }
2269
2270 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2271 attr->pmsi_tnl_type = tnl_type;
355f3c11 2272 stream_get(&attr->label, peer->curr, BGP_LABEL_BYTES);
7fd077aa 2273
2274 /* Forward read pointer of input stream. */
355f3c11 2275 stream_forward_getp(peer->curr, length - attr_parse_len);
7fd077aa 2276
2277 return BGP_ATTR_PARSE_PROCEED;
2278}
2279
718e3744 2280/* BGP unknown attribute treatment. */
d62a17ae 2281static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2282{
2283 bgp_size_t total = args->total;
2284 struct transit *transit;
2285 struct peer *const peer = args->peer;
2286 struct attr *const attr = args->attr;
d7c0a89a
QY		 2287 uint8_t *const startp = args->startp;
2288 const uint8_t type = args->type;
2289 const uint8_t flag = args->flags;
d62a17ae 2290 const bgp_size_t length = args->length;
2291
2292 if (bgp_debug_update(peer, NULL, NULL, 1))
2293 zlog_debug(
2294 "%s Unknown attribute is received (type %d, length %d)",
2295 peer->host, type, length);
2296
2297 /* Forward read pointer of input stream. */
424ab01d 2298 stream_forward_getp(peer->curr, length);
d62a17ae 2299
2300 /* If any of the mandatory well-known attributes are not recognized,
2301 then the Error Subcode is set to Unrecognized Well-known
2302 Attribute. The Data field contains the unrecognized attribute
2303 (type, length and value). */
2304 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2305 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2306 args->total);
2307 }
2308
2309 /* Unrecognized non-transitive optional attributes must be quietly
2310 ignored and not passed along to other BGP peers. */
2311 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2312 return BGP_ATTR_PARSE_PROCEED;
2313
2314 /* If a path with recognized transitive optional attribute is
2315 accepted and passed along to other BGP peers and the Partial bit
2316 in the Attribute Flags octet is set to 1 by some previous AS, it
2317 is not set back to 0 by the current AS. */
2318 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2319
2320 /* Store transitive attribute to the end of attr->transit. */
2321 if (!attr->transit)
2322 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2323
2324 transit = attr->transit;
2325
2326 if (transit->val)
2327 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2328 transit->length + total);
2329 else
2330 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2331
2332 memcpy(transit->val + transit->length, startp, total);
2333 transit->length += total;
2334
2335 return BGP_ATTR_PARSE_PROCEED;
718e3744 2336}
2337
bb7bef14 2338/* Well-known attribute check. */
d62a17ae 2339static int bgp_attr_check(struct peer *peer, struct attr *attr)
2340{
d7c0a89a 2341 uint8_t type = 0;
d62a17ae 2342
2343 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2344 * empty UPDATE. */
2345 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2346 return BGP_ATTR_PARSE_PROCEED;
2347
2348 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2349 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2350 are present, it should. Check for any other attribute being present
2351 instead.
2352 */
404c82d5
PG		 2353 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2354 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
d62a17ae 2355 return BGP_ATTR_PARSE_PROCEED;
2356
2357 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2358 type = BGP_ATTR_ORIGIN;
2359
2360 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2361 type = BGP_ATTR_AS_PATH;
2362
2363 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2364 * and
2365 * NLRI is empty. We can't easily check NLRI empty here though.
2366 */
2367 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2368 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2369 type = BGP_ATTR_NEXT_HOP;
2370
2371 if (peer->sort == BGP_PEER_IBGP
2372 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2373 type = BGP_ATTR_LOCAL_PREF;
2374
2375 if (type) {
e50f7cfd 2376 flog_warn(EC_BGP_MISSING_ATTRIBUTE,
559aaa30 2377 "%s Missing well-known attribute %s.", peer->host,
d62a17ae 2378 lookup_msg(attr_str, type, NULL));
2379 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2380 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2381 1);
2382 return BGP_ATTR_PARSE_ERROR;
2383 }
2384 return BGP_ATTR_PARSE_PROCEED;
bb7bef14
PJ		 2385}
2386
718e3744 2387/* Read attribute of update packet. This function is called from
8b366b9c 2388 bgp_update_receive() in bgp_packet.c. */
d62a17ae 2389bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2390 bgp_size_t size, struct bgp_nlri *mp_update,
2391 struct bgp_nlri *mp_withdraw)
2392{
f7813c7c 2393 bgp_attr_parse_ret_t ret;
d7c0a89a
QY		 2394 uint8_t flag = 0;
2395 uint8_t type = 0;
d62a17ae 2396 bgp_size_t length;
d7c0a89a
QY		 2397 uint8_t *startp, *endp;
2398 uint8_t *attr_endp;
2399 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
d62a17ae 2400 /* we need the as4_path only until we have synthesized the as_path with
2401 * it */
2402 /* same goes for as4_aggregator */
2403 struct aspath *as4_path = NULL;
2404 as_t as4_aggregator = 0;
2405 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2406
2407 /* Initialize bitmap. */
2408 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2409
2410 /* End pointer of BGP attribute. */
2411 endp = BGP_INPUT_PNT(peer) + size;
2412
2413 /* Get attributes to the end of attribute length. */
2414 while (BGP_INPUT_PNT(peer) < endp) {
2415 /* Check remaining length check.*/
2416 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2417 /* XXX warning: long int format, int arg (arg 5) */
ade6974d 2418 flog_warn(
e50f7cfd 2419 EC_BGP_ATTRIBUTE_TOO_SMALL,
ade6974d
QY		 2420 "%s: error BGP attribute length %lu is smaller than min len",
2421 peer->host,
2422 (unsigned long)(endp
2423 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2424
2425 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2426 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2427 return BGP_ATTR_PARSE_ERROR;
2428 }
718e3744 2429
d62a17ae 2430 /* Fetch attribute flag and type. */
2431 startp = BGP_INPUT_PNT(peer);
2432 /* "The lower-order four bits of the Attribute Flags octet are
2433 unused. They MUST be zero when sent and MUST be ignored when
2434 received." */
2435 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2436 type = stream_getc(BGP_INPUT(peer));
2437
2438 /* Check whether Extended-Length applies and is in bounds */
2439 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2440 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
ade6974d 2441 flog_warn(
e50f7cfd 2442 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL,
ade6974d
QY		 2443 "%s: Extended length set, but just %lu bytes of attr header",
2444 peer->host,
2445 (unsigned long)(endp
2446 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2447
2448 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2449 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2450 return BGP_ATTR_PARSE_ERROR;
2451 }
718e3744 2452
d62a17ae 2453 /* Check extended attribue length bit. */
2454 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2455 length = stream_getw(BGP_INPUT(peer));
2456 else
2457 length = stream_getc(BGP_INPUT(peer));
718e3744 2458
d62a17ae 2459 /* If any attribute appears more than once in the UPDATE
2460 message, then the Error Subcode is set to Malformed Attribute
2461 List. */
718e3744 2462
d62a17ae 2463 if (CHECK_BITMAP(seen, type)) {
ade6974d 2464 flog_warn(
e50f7cfd 2465 EC_BGP_ATTRIBUTE_REPEATED,
ade6974d
QY		 2466 "%s: error BGP attribute type %d appears twice in a message",
2467 peer->host, type);
718e3744 2468
d62a17ae 2469 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2470 BGP_NOTIFY_UPDATE_MAL_ATTR);
2471 return BGP_ATTR_PARSE_ERROR;
2472 }
2473
2474 /* Set type to bitmap to check duplicate attribute. `type' is
2475 unsigned char so it never overflow bitmap range. */
2476
2477 SET_BITMAP(seen, type);
2478
2479 /* Overflow check. */
2480 attr_endp = BGP_INPUT_PNT(peer) + length;
2481
2482 if (attr_endp > endp) {
ade6974d 2483 flog_warn(
e50f7cfd 2484 EC_BGP_ATTRIBUTE_TOO_LARGE,
ade6974d
QY		 2485 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2486 peer->host, type, length, size, attr_endp,
2487 endp);
dacffad4
QY		 2488 /*
2489 * RFC 4271 6.3
2490 * If any recognized attribute has an Attribute
2491 * Length that conflicts with the expected length
2492 * (based on the attribute type code), then the
2493 * Error Subcode MUST be set to Attribute Length
2494 * Error. The Data field MUST contain the erroneous
2495 * attribute (type, length, and value).
2496 * ----------
2497 * We do not currently have a good way to determine the
2498 * length of the attribute independent of the length
2499 * received in the message. Instead we send the
2500 * minimum between the amount of data we have and the
2501 * amount specified by the attribute length field.
2502 *
2503 * Instead of directly passing in the packet buffer and
2504 * offset we use the stream_get* functions to read into
2505 * a stack buffer, since they perform bounds checking
2506 * and we are working with untrusted data.
2507 */
2508 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2509 memset(ndata, 0x00, sizeof(ndata));
2510 size_t lfl =
2511 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2512 /* Rewind to end of flag field */
2513 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2514 /* Type */
2515 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2516 /* Length */
2517 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2518 /* Value */
2519 size_t atl = attr_endp - startp;
2520 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2521 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2522
d62a17ae 2523 bgp_notify_send_with_data(
2524 peer, BGP_NOTIFY_UPDATE_ERR,
dacffad4
QY		 2525 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2526 ndl + lfl + 1);
2527
d62a17ae 2528 return BGP_ATTR_PARSE_ERROR;
2529 }
2530
2531 struct bgp_attr_parser_args attr_args = {
2532 .peer = peer,
2533 .length = length,
2534 .attr = attr,
2535 .type = type,
2536 .flags = flag,
2537 .startp = startp,
2538 .total = attr_endp - startp,
2539 };
2540
2541
2542 /* If any recognized attribute has Attribute Flags that conflict
2543 with the Attribute Type Code, then the Error Subcode is set
2544 to
2545 Attribute Flags Error. The Data field contains the erroneous
2546 attribute (type, length and value). */
2547 if (bgp_attr_flag_invalid(&attr_args)) {
d62a17ae 2548 ret = bgp_attr_malformed(
2549 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2550 attr_args.total);
2551 if (ret == BGP_ATTR_PARSE_PROCEED)
2552 continue;
2553 return ret;
2554 }
2555
2556 /* OK check attribute and store it's value. */
2557 switch (type) {
2558 case BGP_ATTR_ORIGIN:
2559 ret = bgp_attr_origin(&attr_args);
2560 break;
2561 case BGP_ATTR_AS_PATH:
2562 ret = bgp_attr_aspath(&attr_args);
2563 break;
2564 case BGP_ATTR_AS4_PATH:
2565 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2566 break;
2567 case BGP_ATTR_NEXT_HOP:
2568 ret = bgp_attr_nexthop(&attr_args);
2569 break;
2570 case BGP_ATTR_MULTI_EXIT_DISC:
2571 ret = bgp_attr_med(&attr_args);
2572 break;
2573 case BGP_ATTR_LOCAL_PREF:
2574 ret = bgp_attr_local_pref(&attr_args);
2575 break;
2576 case BGP_ATTR_ATOMIC_AGGREGATE:
2577 ret = bgp_attr_atomic(&attr_args);
2578 break;
2579 case BGP_ATTR_AGGREGATOR:
2580 ret = bgp_attr_aggregator(&attr_args);
2581 break;
2582 case BGP_ATTR_AS4_AGGREGATOR:
2583 ret = bgp_attr_as4_aggregator(&attr_args,
2584 &as4_aggregator,
2585 &as4_aggregator_addr);
2586 break;
2587 case BGP_ATTR_COMMUNITIES:
2588 ret = bgp_attr_community(&attr_args);
2589 break;
2590 case BGP_ATTR_LARGE_COMMUNITIES:
2591 ret = bgp_attr_large_community(&attr_args);
2592 break;
2593 case BGP_ATTR_ORIGINATOR_ID:
2594 ret = bgp_attr_originator_id(&attr_args);
2595 break;
2596 case BGP_ATTR_CLUSTER_LIST:
2597 ret = bgp_attr_cluster_list(&attr_args);
2598 break;
2599 case BGP_ATTR_MP_REACH_NLRI:
2600 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2601 break;
2602 case BGP_ATTR_MP_UNREACH_NLRI:
2603 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2604 break;
2605 case BGP_ATTR_EXT_COMMUNITIES:
2606 ret = bgp_attr_ext_communities(&attr_args);
2607 break;
943d595a 2608#if ENABLE_BGP_VNC_ATTR
d62a17ae 2609 case BGP_ATTR_VNC:
65efcfce 2610#endif
d62a17ae 2611 case BGP_ATTR_ENCAP:
2612 ret = bgp_attr_encap(type, peer, length, attr, flag,
2613 startp);
2614 break;
2615 case BGP_ATTR_PREFIX_SID:
30adbd4e
DS		 2616 ret = bgp_attr_prefix_sid(length,
2617 &attr_args, mp_update);
d62a17ae 2618 break;
7fd077aa 2619 case BGP_ATTR_PMSI_TUNNEL:
2620 ret = bgp_attr_pmsi_tunnel(&attr_args);
2621 break;
d62a17ae 2622 default:
2623 ret = bgp_attr_unknown(&attr_args);
2624 break;
2625 }
2626
2627 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2628 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2629 BGP_NOTIFY_UPDATE_MAL_ATTR);
2630 ret = BGP_ATTR_PARSE_ERROR;
2631 }
2632
9b9df989
DS		 2633 if (ret == BGP_ATTR_PARSE_EOR) {
2634 if (as4_path)
2635 aspath_unintern(&as4_path);
2636 return ret;
2637 }
2638
0437e105 2639 /* If hard error occurred immediately return to the caller. */
d62a17ae 2640 if (ret == BGP_ATTR_PARSE_ERROR) {
e50f7cfd 2641 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR,
559aaa30 2642 "%s: Attribute %s, parse error", peer->host,
d62a17ae 2643 lookup_msg(attr_str, type, NULL));
2644 if (as4_path)
2645 aspath_unintern(&as4_path);
2646 return ret;
2647 }
2648 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2649
ade6974d 2650 flog_warn(
e50f7cfd 2651 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW,
d62a17ae 2652 "%s: Attribute %s, parse error - treating as withdrawal",
2653 peer->host, lookup_msg(attr_str, type, NULL));
2654 if (as4_path)
2655 aspath_unintern(&as4_path);
2656 return ret;
2657 }
2658
2659 /* Check the fetched length. */
2660 if (BGP_INPUT_PNT(peer) != attr_endp) {
e50f7cfd 2661 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR,
559aaa30 2662 "%s: BGP attribute %s, fetch error",
d62a17ae 2663 peer->host, lookup_msg(attr_str, type, NULL));
2664 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2665 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2666 if (as4_path)
2667 aspath_unintern(&as4_path);
2668 return BGP_ATTR_PARSE_ERROR;
2669 }
718e3744 2670 }
d62a17ae 2671
2672 /* Check final read pointer is same as end pointer. */
2673 if (BGP_INPUT_PNT(peer) != endp) {
e50f7cfd 2674 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH,
559aaa30 2675 "%s: BGP attribute %s, length mismatch", peer->host,
d62a17ae 2676 lookup_msg(attr_str, type, NULL));
2677 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2678 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2679 if (as4_path)
2680 aspath_unintern(&as4_path);
2681 return BGP_ATTR_PARSE_ERROR;
2682 }
2683
2684 /* Check all mandatory well-known attributes are present */
f7813c7c
A		 2685 if ((ret = bgp_attr_check(peer, attr)) < 0) {
2686 if (as4_path)
2687 aspath_unintern(&as4_path);
2688 return ret;
d62a17ae 2689 }
2690
2691 /*
2692 * At this place we can see whether we got AS4_PATH and/or
2693 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2694 * We can not do this before we've read all attributes because
2695 * the as4 handling does not say whether AS4_PATH has to be sent
2696 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2697 * in relationship to AGGREGATOR.
2698 * So, to be defensive, we are not relying on any order and read
2699 * all attributes first, including these 32bit ones, and now,
2700 * afterwards, we look what and if something is to be done for as4.
2701 *
2702 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2703 * MP_UNREACH_NLRI.
2704 */
2705 /* actually... this doesn't ever return failure currently, but
2706 * better safe than sorry */
2707 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2708 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2709 &as4_aggregator_addr)) {
2710 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2711 BGP_NOTIFY_UPDATE_MAL_ATTR);
2712 if (as4_path)
2713 aspath_unintern(&as4_path);
2714 return BGP_ATTR_PARSE_ERROR;
2715 }
2716
2717 /* At this stage, we have done all fiddling with as4, and the
2718 * resulting info is in attr->aggregator resp. attr->aspath
2719 * so we can chuck as4_aggregator and as4_path alltogether in
2720 * order to save memory
2721 */
2722 if (as4_path) {
2723 aspath_unintern(&as4_path); /* unintern - it is in the hash */
2724 /* The flag that we got this is still there, but that does not
2725 * do any trouble
2726 */
2727 }
2728 /*
2729 * The "rest" of the code does nothing with as4_aggregator.
2730 * there is no memory attached specifically which is not part
2731 * of the attr.
2732 * so ignoring just means do nothing.
2733 */
2734 /*
2735 * Finally do the checks on the aspath we did not do yet
2736 * because we waited for a potentially synthesized aspath.
2737 */
2738 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2739 ret = bgp_attr_aspath_check(peer, attr);
2740 if (ret != BGP_ATTR_PARSE_PROCEED)
2741 return ret;
2742 }
2743 /* Finally intern unknown attribute. */
2744 if (attr->transit)
2745 attr->transit = transit_intern(attr->transit);
2746 if (attr->encap_subtlvs)
2747 attr->encap_subtlvs =
2748 encap_intern(attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
bede7744 2749#if ENABLE_BGP_VNC
d62a17ae 2750 if (attr->vnc_subtlvs)
2751 attr->vnc_subtlvs =
2752 encap_intern(attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
bede7744 2753#endif
718e3744 2754
d62a17ae 2755 return BGP_ATTR_PARSE_PROCEED;
2756}
2757
2758size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2759 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2760 struct attr *attr)
2761{
2762 size_t sizep;
2763 iana_afi_t pkt_afi;
5c525538 2764 iana_safi_t pkt_safi;
d62a17ae 2765 afi_t nh_afi;
2766
2767 /* Set extended bit always to encode the attribute length as 2 bytes */
2768 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2769 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2770 sizep = stream_get_endp(s);
2771 stream_putw(s, 0); /* Marker: Attribute length. */
2772
2773
2774 /* Convert AFI, SAFI to values for packet. */
2775 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2776
2777 stream_putw(s, pkt_afi); /* AFI */
2778 stream_putc(s, pkt_safi); /* SAFI */
2779
2780 /* Nexthop AFI */
ce78a6fb 2781 if (afi == AFI_IP
2782 && (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
d62a17ae 2783 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
d62a17ae 2784 else
2785 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2786
2787 /* Nexthop */
2788 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2789 switch (nh_afi) {
2790 case AFI_IP:
2791 switch (safi) {
2792 case SAFI_UNICAST:
2793 case SAFI_MULTICAST:
2794 case SAFI_LABELED_UNICAST:
2795 stream_putc(s, 4);
2796 stream_put_ipv4(s, attr->nexthop.s_addr);
2797 break;
2798 case SAFI_MPLS_VPN:
2799 stream_putc(s, 12);
2800 stream_putl(s, 0); /* RD = 0, per RFC */
2801 stream_putl(s, 0);
2802 stream_put(s, &attr->mp_nexthop_global_in, 4);
2803 break;
2804 case SAFI_ENCAP:
2805 case SAFI_EVPN:
2806 stream_putc(s, 4);
2807 stream_put(s, &attr->mp_nexthop_global_in, 4);
2808 break;
7c40bf39 2809 case SAFI_FLOWSPEC:
2810 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 2811 default:
2812 break;
2813 }
2814 break;
2815 case AFI_IP6:
2816 switch (safi) {
2817 case SAFI_UNICAST:
2818 case SAFI_MULTICAST:
2819 case SAFI_LABELED_UNICAST:
2820 case SAFI_EVPN: {
2821 if (attr->mp_nexthop_len
2822 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2823 stream_putc(s,
2824 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
2825 stream_put(s, &attr->mp_nexthop_global,
2826 IPV6_MAX_BYTELEN);
2827 stream_put(s, &attr->mp_nexthop_local,
2828 IPV6_MAX_BYTELEN);
2829 } else {
2830 stream_putc(s, IPV6_MAX_BYTELEN);
2831 stream_put(s, &attr->mp_nexthop_global,
2832 IPV6_MAX_BYTELEN);
2833 }
2834 } break;
2835 case SAFI_MPLS_VPN: {
2836 if (attr->mp_nexthop_len
2837 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
2838 stream_putc(s, 24);
2839 stream_putl(s, 0); /* RD = 0, per RFC */
2840 stream_putl(s, 0);
2841 stream_put(s, &attr->mp_nexthop_global,
2842 IPV6_MAX_BYTELEN);
2843 } else if (attr->mp_nexthop_len
2844 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2845 stream_putc(s, 48);
2846 stream_putl(s, 0); /* RD = 0, per RFC */
2847 stream_putl(s, 0);
2848 stream_put(s, &attr->mp_nexthop_global,
2849 IPV6_MAX_BYTELEN);
2850 stream_putl(s, 0); /* RD = 0, per RFC */
2851 stream_putl(s, 0);
2852 stream_put(s, &attr->mp_nexthop_local,
2853 IPV6_MAX_BYTELEN);
2854 }
2855 } break;
2856 case SAFI_ENCAP:
2857 stream_putc(s, IPV6_MAX_BYTELEN);
2858 stream_put(s, &attr->mp_nexthop_global,
2859 IPV6_MAX_BYTELEN);
2860 break;
7c40bf39 2861 case SAFI_FLOWSPEC:
2862 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 2863 default:
2864 break;
2865 }
2866 break;
8c71e481 2867 default:
a83da8e1 2868 if (safi != SAFI_FLOWSPEC)
af4c2728 2869 flog_err(
e50f7cfd 2870 EC_BGP_ATTR_NH_SEND_LEN,
14454c9f
DS		 2871 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
2872 peer->host, afi, safi, attr->mp_nexthop_len);
d62a17ae 2873 break;
2874 }
2875
2876 /* SNPA */
2877 stream_putc(s, 0);
2878 return sizep;
2879}
2880
2881void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
2882 struct prefix *p, struct prefix_rd *prd,
d7c0a89a
QY		 2883 mpls_label_t *label, uint32_t num_labels,
2884 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 2885 struct attr *attr)
d62a17ae 2886{
2887 if (safi == SAFI_MPLS_VPN) {
2888 if (addpath_encode)
2889 stream_putl(s, addpath_tx_id);
2890 /* Label, RD, Prefix write. */
2891 stream_putc(s, p->prefixlen + 88);
2892 stream_put(s, label, BGP_LABEL_BYTES);
2893 stream_put(s, prd->val, 8);
2894 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
2895 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
2896 /* EVPN prefix - contents depend on type */
996c9314
LB		 2897 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
2898 addpath_encode, addpath_tx_id);
d62a17ae 2899 } else if (safi == SAFI_LABELED_UNICAST) {
2900 /* Prefix write with label. */
2901 stream_put_labeled_prefix(s, p, label);
7c40bf39 2902 } else if (safi == SAFI_FLOWSPEC) {
2903 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
2904 stream_putc(s, PSIZE (p->prefixlen)+2);
2905 else
2906 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
2907 stream_putc(s, 2);/* Filter type */
2908 stream_putc(s, p->prefixlen);/* Prefix length */
2909 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
d62a17ae 2910 } else
2911 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
2912}
2913
2914size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
2915{
2916 int size = PSIZE(p->prefixlen);
2917 if (safi == SAFI_MPLS_VPN)
2918 size += 88;
2919 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
2920 size += 232; // TODO: Maximum possible for type-2, type-3 and
2921 // type-5
2922 return size;
8c71e481
PM		 2923}
2924
f4c89855 2925/*
65efcfce 2926 * Encodes the tunnel encapsulation attribute,
d62a17ae 2927 * and with ENABLE_BGP_VNC the VNC attribute which uses
65efcfce 2928 * almost the same TLV format
f4c89855 2929 */
d62a17ae 2930static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
2931 struct stream *s, struct attr *attr,
2932 uint8_t attrtype)
2933{
2934 unsigned int attrlenfield = 0;
2935 unsigned int attrhdrlen = 0;
2936 struct bgp_attr_encap_subtlv *subtlvs;
2937 struct bgp_attr_encap_subtlv *st;
2938 const char *attrname;
2939
9d303b37
DL		 2940 if (!attr || (attrtype == BGP_ATTR_ENCAP
2941 && (!attr->encap_tunneltype
2942 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
d62a17ae 2943 return;
2944
2945 switch (attrtype) {
f4c89855 2946 case BGP_ATTR_ENCAP:
d62a17ae 2947 attrname = "Tunnel Encap";
2948 subtlvs = attr->encap_subtlvs;
2949 if (subtlvs == NULL) /* nothing to do */
2950 return;
2951 /*
2952 * The tunnel encap attr has an "outer" tlv.
2953 * T = tunneltype,
2954 * L = total length of subtlvs,
2955 * V = concatenated subtlvs.
2956 */
2957 attrlenfield = 2 + 2; /* T + L */
2958 attrhdrlen = 1 + 1; /* subTLV T + L */
2959 break;
f4c89855 2960
943d595a 2961#if ENABLE_BGP_VNC_ATTR
65efcfce 2962 case BGP_ATTR_VNC:
d62a17ae 2963 attrname = "VNC";
2964 subtlvs = attr->vnc_subtlvs;
2965 if (subtlvs == NULL) /* nothing to do */
2966 return;
2967 attrlenfield = 0; /* no outer T + L */
2968 attrhdrlen = 2 + 2; /* subTLV T + L */
2969 break;
65efcfce
LB		 2970#endif
2971
f4c89855 2972 default:
d62a17ae 2973 assert(0);
2974 }
2975
2976 /* compute attr length */
2977 for (st = subtlvs; st; st = st->next) {
2978 attrlenfield += (attrhdrlen + st->length);
2979 }
2980
2981 if (attrlenfield > 0xffff) {
2982 zlog_info("%s attribute is too long (length=%d), can't send it",
2983 attrname, attrlenfield);
2984 return;
2985 }
2986
2987 if (attrlenfield > 0xff) {
2988 /* 2-octet length field */
996c9314
LB		 2989 stream_putc(s,
2990 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
2991 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 2992 stream_putc(s, attrtype);
2993 stream_putw(s, attrlenfield & 0xffff);
2994 } else {
2995 /* 1-octet length field */
2996 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
2997 stream_putc(s, attrtype);
2998 stream_putc(s, attrlenfield & 0xff);
2999 }
3000
3001 if (attrtype == BGP_ATTR_ENCAP) {
3002 /* write outer T+L */
3003 stream_putw(s, attr->encap_tunneltype);
3004 stream_putw(s, attrlenfield - 4);
3005 }
3006
3007 /* write each sub-tlv */
3008 for (st = subtlvs; st; st = st->next) {
3009 if (attrtype == BGP_ATTR_ENCAP) {
3010 stream_putc(s, st->type);
3011 stream_putc(s, st->length);
65efcfce 3012#if ENABLE_BGP_VNC
d62a17ae 3013 } else {
3014 stream_putw(s, st->type);
3015 stream_putw(s, st->length);
65efcfce 3016#endif
d62a17ae 3017 }
3018 stream_put(s, st->value, st->length);
3019 }
f4c89855 3020}
f4c89855 3021
d62a17ae 3022void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
8c71e481 3023{
d62a17ae 3024 /* Set MP attribute length. Don't count the (2) bytes used to encode
3025 the attr length */
3026 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
8c71e481
PM		 3027}
3028
6b5a72a3
DA		 3029static int bgp_append_local_as(struct peer *peer, afi_t afi, safi_t safi)
3030{
3031 if (!BGP_AS_IS_PRIVATE(peer->local_as)
3032 || (BGP_AS_IS_PRIVATE(peer->local_as)
3033 && !CHECK_FLAG(peer->af_flags[afi][safi],
3034 PEER_FLAG_REMOVE_PRIVATE_AS)
3035 && !CHECK_FLAG(peer->af_flags[afi][safi],
3036 PEER_FLAG_REMOVE_PRIVATE_AS_ALL)
3037 && !CHECK_FLAG(peer->af_flags[afi][safi],
3038 PEER_FLAG_REMOVE_PRIVATE_AS_REPLACE)
3039 && !CHECK_FLAG(peer->af_flags[afi][safi],
3040 PEER_FLAG_REMOVE_PRIVATE_AS_ALL_REPLACE)))
3041 return 1;
3042 return 0;
3043}
3044
718e3744 3045/* Make attribute packet. */
d62a17ae 3046bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
3047 struct stream *s, struct attr *attr,
3048 struct bpacket_attr_vec_arr *vecarr,
3049 struct prefix *p, afi_t afi, safi_t safi,
3050 struct peer *from, struct prefix_rd *prd,
d7c0a89a
QY		 3051 mpls_label_t *label, uint32_t num_labels,
3052 int addpath_encode, uint32_t addpath_tx_id)
d62a17ae 3053{
3054 size_t cp;
3055 size_t aspath_sizep;
3056 struct aspath *aspath;
3057 int send_as4_path = 0;
3058 int send_as4_aggregator = 0;
3059 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
3060
3061 if (!bgp)
3062 bgp = peer->bgp;
3063
3064 /* Remember current pointer. */
3065 cp = stream_get_endp(s);
3066
3067 if (p
3068 && !((afi == AFI_IP && safi == SAFI_UNICAST)
3069 && !peer_cap_enhe(peer, afi, safi))) {
3070 size_t mpattrlen_pos = 0;
3071
3072 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
3073 vecarr, attr);
996c9314
LB		 3074 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3075 num_labels, addpath_encode,
3076 addpath_tx_id, attr);
d62a17ae 3077 bgp_packet_mpattr_end(s, mpattrlen_pos);
718e3744 3078 }
d62a17ae 3079
3080 /* Origin attribute. */
3081 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3082 stream_putc(s, BGP_ATTR_ORIGIN);
3083 stream_putc(s, 1);
3084 stream_putc(s, attr->origin);
3085
3086 /* AS path attribute. */
3087
3088 /* If remote-peer is EBGP */
3089 if (peer->sort == BGP_PEER_EBGP
3090 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3091 PEER_FLAG_AS_PATH_UNCHANGED)
3092 || attr->aspath->segments == NULL)
3093 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3094 PEER_FLAG_RSERVER_CLIENT))) {
3095 aspath = aspath_dup(attr->aspath);
3096
3097 /* Even though we may not be configured for confederations we
3098 * may have
3099 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3100 aspath = aspath_delete_confed_seq(aspath);
3101
3102 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3103 /* Stuff our path CONFED_ID on the front */
3104 aspath = aspath_add_seq(aspath, bgp->confed_id);
3105 } else {
3106 if (peer->change_local_as) {
3107 /* If replace-as is specified, we only use the
3108 change_local_as when
3109 advertising routes. */
6b5a72a3
DA		 3110 if (!CHECK_FLAG(peer->flags,
3111 PEER_FLAG_LOCAL_AS_REPLACE_AS))
3112 if (bgp_append_local_as(peer, afi,
3113 safi))
3114 aspath = aspath_add_seq(
3115 aspath, peer->local_as);
d62a17ae 3116 aspath = aspath_add_seq(aspath,
3117 peer->change_local_as);
3118 } else {
3119 aspath = aspath_add_seq(aspath, peer->local_as);
3120 }
3121 }
3122 } else if (peer->sort == BGP_PEER_CONFED) {
3123 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3124 * thing */
3125 aspath = aspath_dup(attr->aspath);
3126 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3127 } else
3128 aspath = attr->aspath;
3129
3130 /* If peer is not AS4 capable, then:
3131 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3132 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3133 * segment
3134 * types are in it (i.e. exclude them if they are there)
3135 * AND do this only if there is at least one asnum > 65535 in the
3136 * path!
3137 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3138 * change
3139 * all ASnums > 65535 to BGP_AS_TRANS
3140 */
3141
3142 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3143 stream_putc(s, BGP_ATTR_AS_PATH);
3144 aspath_sizep = stream_get_endp(s);
3145 stream_putw(s, 0);
3146 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3147
3148 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3149 * in the path
3150 */
3151 if (!use32bit && aspath_has_as4(aspath))
3152 send_as4_path =
3153 1; /* we'll do this later, at the correct place */
3154
3155 /* Nexthop attribute. */
3156 if (afi == AFI_IP && safi == SAFI_UNICAST
3157 && !peer_cap_enhe(peer, afi, safi)) {
3158 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3159 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3160 stream_putc(s, BGP_ATTR_NEXT_HOP);
3161 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3162 attr);
3163 stream_putc(s, 4);
3164 stream_put_ipv4(s, attr->nexthop.s_addr);
3165 } else if (peer_cap_enhe(from, afi, safi)) {
3166 /*
3167 * Likely this is the case when an IPv4 prefix was
3168 * received with
3169 * Extended Next-hop capability and now being advertised
3170 * to
3171 * non-ENHE peers.
3172 * Setting the mandatory (ipv4) next-hop attribute here
3173 * to enable
3174 * implicit next-hop self with correct (ipv4 address
3175 * family).
3176 */
3177 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3178 stream_putc(s, BGP_ATTR_NEXT_HOP);
3179 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3180 NULL);
3181 stream_putc(s, 4);
3182 stream_put_ipv4(s, 0);
3183 }
718e3744 3184 }
d62a17ae 3185
3186 /* MED attribute. */
3187 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3188 || bgp->maxmed_active) {
3189 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3190 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3191 stream_putc(s, 4);
3192 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3193 : attr->med));
3194 }
3195
3196 /* Local preference. */
3197 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3198 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3199 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3200 stream_putc(s, 4);
3201 stream_putl(s, attr->local_pref);
3202 }
3203
3204 /* Atomic aggregate. */
3205 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3206 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3207 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3208 stream_putc(s, 0);
3209 }
3210
3211 /* Aggregator. */
3212 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3213 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3214 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3215 stream_putc(s, BGP_ATTR_AGGREGATOR);
3216
3217 if (use32bit) {
3218 /* AS4 capable peer */
3219 stream_putc(s, 8);
3220 stream_putl(s, attr->aggregator_as);
3221 } else {
3222 /* 2-byte AS peer */
3223 stream_putc(s, 6);
3224
3225 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3226 * used? */
3227 if (attr->aggregator_as > 65535) {
3228 stream_putw(s, BGP_AS_TRANS);
3229
3230 /* we have to send AS4_AGGREGATOR, too.
3231 * we'll do that later in order to send
3232 * attributes in ascending
3233 * order.
3234 */
3235 send_as4_aggregator = 1;
3236 } else
d7c0a89a 3237 stream_putw(s, (uint16_t)attr->aggregator_as);
d62a17ae 3238 }
3239 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3240 }
3241
3242 /* Community attribute. */
3243 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3244 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3245 if (attr->community->size * 4 > 255) {
996c9314
LB		 3246 stream_putc(s,
3247 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3248 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3249 stream_putc(s, BGP_ATTR_COMMUNITIES);
3250 stream_putw(s, attr->community->size * 4);
3251 } else {
996c9314
LB		 3252 stream_putc(s,
3253 BGP_ATTR_FLAG_OPTIONAL
3254 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3255 stream_putc(s, BGP_ATTR_COMMUNITIES);
3256 stream_putc(s, attr->community->size * 4);
4372df71 3257 }
d62a17ae 3258 stream_put(s, attr->community->val, attr->community->size * 4);
3259 }
3260
3261 /*
3262 * Large Community attribute.
3263 */
3264 if (CHECK_FLAG(peer->af_flags[afi][safi],
3265 PEER_FLAG_SEND_LARGE_COMMUNITY)
3266 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
79dab4b7 3267 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3268 stream_putc(s,
3269 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3270 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3271 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3272 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3273 } else {
996c9314
LB		 3274 stream_putc(s,
3275 BGP_ATTR_FLAG_OPTIONAL
3276 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3277 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3278 stream_putc(s, lcom_length(attr->lcommunity));
4372df71 3279 }
d62a17ae 3280 stream_put(s, attr->lcommunity->val,
79dab4b7 3281 lcom_length(attr->lcommunity));
d62a17ae 3282 }
4372df71 3283
d62a17ae 3284 /* Route Reflector. */
3285 if (peer->sort == BGP_PEER_IBGP && from
3286 && from->sort == BGP_PEER_IBGP) {
3287 /* Originator ID. */
3288 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3289 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3290 stream_putc(s, 4);
3291
3292 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3293 stream_put_in_addr(s, &attr->originator_id);
3294 else
3295 stream_put_in_addr(s, &from->remote_id);
3296
3297 /* Cluster list. */
3298 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3299 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3300
3301 if (attr->cluster) {
3302 stream_putc(s, attr->cluster->length + 4);
3303 /* If this peer configuration's parent BGP has
3304 * cluster_id. */
3305 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3306 stream_put_in_addr(s, &bgp->cluster_id);
3307 else
3308 stream_put_in_addr(s, &bgp->router_id);
3309 stream_put(s, attr->cluster->list,
3310 attr->cluster->length);
3311 } else {
3312 stream_putc(s, 4);
3313 /* If this peer configuration's parent BGP has
3314 * cluster_id. */
3315 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3316 stream_put_in_addr(s, &bgp->cluster_id);
3317 else
3318 stream_put_in_addr(s, &bgp->router_id);
3319 }
3320 }
4372df71 3321
d62a17ae 3322 /* Extended Communities attribute. */
3323 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3324 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3325 if (peer->sort == BGP_PEER_IBGP
3326 || peer->sort == BGP_PEER_CONFED) {
3327 if (attr->ecommunity->size * 8 > 255) {
996c9314
LB		 3328 stream_putc(s,
3329 BGP_ATTR_FLAG_OPTIONAL
3330 | BGP_ATTR_FLAG_TRANS
3331 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3332 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3333 stream_putw(s, attr->ecommunity->size * 8);
3334 } else {
996c9314
LB		 3335 stream_putc(s,
3336 BGP_ATTR_FLAG_OPTIONAL
3337 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3338 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3339 stream_putc(s, attr->ecommunity->size * 8);
3340 }
3341 stream_put(s, attr->ecommunity->val,
3342 attr->ecommunity->size * 8);
3343 } else {
d7c0a89a 3344 uint8_t *pnt;
d62a17ae 3345 int tbit;
3346 int ecom_tr_size = 0;
3347 int i;
3348
3349 for (i = 0; i < attr->ecommunity->size; i++) {
3350 pnt = attr->ecommunity->val + (i * 8);
3351 tbit = *pnt;
3352
3353 if (CHECK_FLAG(tbit,
3354 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3355 continue;
3356
3357 ecom_tr_size++;
3358 }
3359
3360 if (ecom_tr_size) {
3361 if (ecom_tr_size * 8 > 255) {
3362 stream_putc(
3363 s,
3364 BGP_ATTR_FLAG_OPTIONAL
3365 | BGP_ATTR_FLAG_TRANS
3366 | BGP_ATTR_FLAG_EXTLEN);
3367 stream_putc(s,
3368 BGP_ATTR_EXT_COMMUNITIES);
3369 stream_putw(s, ecom_tr_size * 8);
3370 } else {
3371 stream_putc(
3372 s,
3373 BGP_ATTR_FLAG_OPTIONAL
3374 | BGP_ATTR_FLAG_TRANS);
3375 stream_putc(s,
3376 BGP_ATTR_EXT_COMMUNITIES);
3377 stream_putc(s, ecom_tr_size * 8);
3378 }
3379
3380 for (i = 0; i < attr->ecommunity->size; i++) {
3381 pnt = attr->ecommunity->val + (i * 8);
3382 tbit = *pnt;
3383
3384 if (CHECK_FLAG(
3385 tbit,
3386 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3387 continue;
3388
3389 stream_put(s, pnt, 8);
3390 }
3391 }
3392 }
3393 }
4372df71 3394
d62a17ae 3395 /* Label index attribute. */
3396 if (safi == SAFI_LABELED_UNICAST) {
3397 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
d7c0a89a 3398 uint32_t label_index;
d62a17ae 3399
3400 label_index = attr->label_index;
3401
3402 if (label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3403 stream_putc(s,
3404 BGP_ATTR_FLAG_OPTIONAL
3405 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3406 stream_putc(s, BGP_ATTR_PREFIX_SID);
3407 stream_putc(s, 10);
3408 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3409 stream_putw(s,
3410 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3411 stream_putc(s, 0); // reserved
3412 stream_putw(s, 0); // flags
3413 stream_putl(s, label_index);
3414 }
4372df71 3415 }
d62a17ae 3416 }
3417
3418 if (send_as4_path) {
3419 /* If the peer is NOT As4 capable, AND */
3420 /* there are ASnums > 65535 in path THEN
3421 * give out AS4_PATH */
3422
3423 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3424 * path segments!
3425 * Hm, I wonder... confederation things *should* only be at
3426 * the beginning of an aspath, right? Then we should use
3427 * aspath_delete_confed_seq for this, because it is already
3428 * there! (JK)
3429 * Folks, talk to me: what is reasonable here!?
3430 */
3431 aspath = aspath_delete_confed_seq(aspath);
3432
996c9314
LB		 3433 stream_putc(s,
3434 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3435 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3436 stream_putc(s, BGP_ATTR_AS4_PATH);
3437 aspath_sizep = stream_get_endp(s);
3438 stream_putw(s, 0);
3439 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3440 }
3441
3442 if (aspath != attr->aspath)
3443 aspath_free(aspath);
3444
3445 if (send_as4_aggregator) {
3446 /* send AS4_AGGREGATOR, at this place */
3447 /* this section of code moved here in order to ensure the
3448 * correct
3449 * *ascending* order of attributes
3450 */
3451 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3452 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3453 stream_putc(s, 8);
3454 stream_putl(s, attr->aggregator_as);
3455 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3456 }
3457
3458 if (((afi == AFI_IP || afi == AFI_IP6)
3459 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3460 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3461 /* Tunnel Encap attribute */
3462 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
65efcfce 3463
943d595a 3464#if ENABLE_BGP_VNC_ATTR
d62a17ae 3465 /* VNC attribute */
3466 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
65efcfce 3467#endif
d62a17ae 3468 }
587ff0fd 3469
a21bd7a3
DW		 3470 /* PMSI Tunnel */
3471 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3472 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3473 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3474 stream_putc(s, 9); // Length
3475 stream_putc(s, 0); // Flags
d03239d0 3476 stream_putc(s, attr->pmsi_tnl_type);
996c9314
LB		 3477 stream_put(s, &(attr->label),
3478 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
30d85a30
LB		 3479 stream_put_ipv4(s, attr->nexthop.s_addr);
3480 // Unicast tunnel endpoint IP address
a21bd7a3
DW		 3481 }
3482
d62a17ae 3483 /* Unknown transit attribute. */
3484 if (attr->transit)
3485 stream_put(s, attr->transit->val, attr->transit->length);
718e3744 3486
d62a17ae 3487 /* Return total size of attribute. */
3488 return stream_get_endp(s) - cp;
718e3744 3489}
3490
d62a17ae 3491size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
718e3744 3492{
d62a17ae 3493 unsigned long attrlen_pnt;
3494 iana_afi_t pkt_afi;
5c525538 3495 iana_safi_t pkt_safi;
718e3744 3496
d62a17ae 3497 /* Set extended bit always to encode the attribute length as 2 bytes */
3498 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3499 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
718e3744 3500
d62a17ae 3501 attrlen_pnt = stream_get_endp(s);
3502 stream_putw(s, 0); /* Length of this attribute. */
718e3744 3503
d62a17ae 3504 /* Convert AFI, SAFI to values for packet. */
3505 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
9cabb64b 3506
d62a17ae 3507 stream_putw(s, pkt_afi);
3508 stream_putc(s, pkt_safi);
9cabb64b 3509
d62a17ae 3510 return attrlen_pnt;
8c71e481 3511}
718e3744 3512
d62a17ae 3513void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3514 safi_t safi, struct prefix_rd *prd,
d7c0a89a
QY		 3515 mpls_label_t *label, uint32_t num_labels,
3516 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 3517 struct attr *attr)
8c71e481 3518{
d7c0a89a 3519 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
cd1964ff 3520
b57ba6d2 3521 if (safi == SAFI_LABELED_UNICAST) {
d62a17ae 3522 label = (mpls_label_t *)wlabel;
b57ba6d2
MK		 3523 num_labels = 1;
3524 }
cd1964ff 3525
d90b788e
A		 3526 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
3527 addpath_encode, addpath_tx_id, attr);
8c71e481 3528}
718e3744 3529
d62a17ae 3530void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
8c71e481 3531{
d62a17ae 3532 bgp_packet_mpattr_end(s, attrlen_pnt);
718e3744 3533}
3534
3535/* Initialization of attribute. */
d62a17ae 3536void bgp_attr_init(void)
718e3744 3537{
d62a17ae 3538 aspath_init();
3539 attrhash_init();
3540 community_init();
3541 ecommunity_init();
3542 lcommunity_init();
3543 cluster_init();
3544 transit_init();
3545 encap_init();
718e3744 3546}
3547
d62a17ae 3548void bgp_attr_finish(void)
228da428 3549{
d62a17ae 3550 aspath_finish();
3551 attrhash_finish();
3552 community_finish();
3553 ecommunity_finish();
3554 lcommunity_finish();
3555 cluster_finish();
3556 transit_finish();
3557 encap_finish();
228da428
CC		 3558}
3559
718e3744 3560/* Make attribute packet. */
d62a17ae 3561void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3562 struct prefix *prefix)
3563{
3564 unsigned long cp;
3565 unsigned long len;
3566 size_t aspath_lenp;
3567 struct aspath *aspath;
3568 int addpath_encode = 0;
d7c0a89a 3569 uint32_t addpath_tx_id = 0;
d62a17ae 3570
3571 /* Remember current pointer. */
3572 cp = stream_get_endp(s);
3573
3574 /* Place holder of length. */
3575 stream_putw(s, 0);
3576
3577 /* Origin attribute. */
3578 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3579 stream_putc(s, BGP_ATTR_ORIGIN);
3580 stream_putc(s, 1);
3581 stream_putc(s, attr->origin);
3582
3583 aspath = attr->aspath;
3584
3585 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3586 stream_putc(s, BGP_ATTR_AS_PATH);
3587 aspath_lenp = stream_get_endp(s);
3588 stream_putw(s, 0);
3589
3590 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3591
3592 /* Nexthop attribute. */
3593 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3594 if (prefix != NULL && prefix->family != AF_INET6) {
3595 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3596 stream_putc(s, BGP_ATTR_NEXT_HOP);
3597 stream_putc(s, 4);
3598 stream_put_ipv4(s, attr->nexthop.s_addr);
718e3744 3599 }
d62a17ae 3600
3601 /* MED attribute. */
3602 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3603 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3604 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3605 stream_putc(s, 4);
3606 stream_putl(s, attr->med);
3607 }
3608
3609 /* Local preference. */
3610 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3611 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3612 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3613 stream_putc(s, 4);
3614 stream_putl(s, attr->local_pref);
3615 }
3616
3617 /* Atomic aggregate. */
3618 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3619 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3620 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3621 stream_putc(s, 0);
3622 }
3623
3624 /* Aggregator. */
3625 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3626 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3627 stream_putc(s, BGP_ATTR_AGGREGATOR);
3628 stream_putc(s, 8);
3629 stream_putl(s, attr->aggregator_as);
3630 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3631 }
3632
3633 /* Community attribute. */
3634 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3635 if (attr->community->size * 4 > 255) {
996c9314
LB		 3636 stream_putc(s,
3637 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3638 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3639 stream_putc(s, BGP_ATTR_COMMUNITIES);
3640 stream_putw(s, attr->community->size * 4);
3641 } else {
996c9314
LB		 3642 stream_putc(s,
3643 BGP_ATTR_FLAG_OPTIONAL
3644 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3645 stream_putc(s, BGP_ATTR_COMMUNITIES);
3646 stream_putc(s, attr->community->size * 4);
3647 }
3648 stream_put(s, attr->community->val, attr->community->size * 4);
3649 }
3650
3651 /* Large Community attribute. */
3652 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
79dab4b7 3653 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3654 stream_putc(s,
3655 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3656 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3657 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3658 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3659 } else {
996c9314
LB		 3660 stream_putc(s,
3661 BGP_ATTR_FLAG_OPTIONAL
3662 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3663 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3664 stream_putc(s, lcom_length(attr->lcommunity));
d62a17ae 3665 }
3666
996c9314
LB		 3667 stream_put(s, attr->lcommunity->val,
3668 lcom_length(attr->lcommunity));
d62a17ae 3669 }
3670
3671 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3672 if (prefix != NULL && prefix->family == AF_INET6
3673 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3674 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3675 int sizep;
3676
3677 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3678 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3679 sizep = stream_get_endp(s);
3680
3681 /* MP header */
3682 stream_putc(s, 0); /* Marker: Attribute length. */
3683 stream_putw(s, AFI_IP6); /* AFI */
3684 stream_putc(s, SAFI_UNICAST); /* SAFI */
3685
3686 /* Next hop */
3687 stream_putc(s, attr->mp_nexthop_len);
3688 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3689 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3690 stream_put(s, &attr->mp_nexthop_local,
3691 IPV6_MAX_BYTELEN);
3692
3693 /* SNPA */
3694 stream_putc(s, 0);
3695
3696 /* Prefix */
3697 stream_put_prefix_addpath(s, prefix, addpath_encode,
3698 addpath_tx_id);
3699
3700 /* Set MP attribute length. */
3701 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3702 }
3703
3704 /* Prefix SID */
3705 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3706 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3707 stream_putc(s,
3708 BGP_ATTR_FLAG_OPTIONAL
3709 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3710 stream_putc(s, BGP_ATTR_PREFIX_SID);
3711 stream_putc(s, 10);
3712 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3713 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3714 stream_putc(s, 0); // reserved
3715 stream_putw(s, 0); // flags
3716 stream_putl(s, attr->label_index);
3717 }
3718 }
3719
3720 /* Return total size of attribute. */
3721 len = stream_get_endp(s) - cp - 2;
3722 stream_putw_at(s, cp, len);
718e3744 3723}
FRRouting mirror