]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_attr.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #5686 from qlyoung/fix-bgp-fqdn-capability-leak
[mirror_frr.git] / bgpd / bgp_attr.c
CommitLineData
718e3744 1/* BGP attributes management routines.
896014f4
DL		 2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "memory.h"
26#include "vector.h"
718e3744 27#include "stream.h"
28#include "log.h"
29#include "hash.h"
c8e7b895 30#include "jhash.h"
3f9c7369 31#include "queue.h"
f4c89855 32#include "table.h"
039f3a34 33#include "filter.h"
4dcadbef 34#include "command.h"
718e3744 35
36#include "bgpd/bgpd.h"
37#include "bgpd/bgp_attr.h"
38#include "bgpd/bgp_route.h"
39#include "bgpd/bgp_aspath.h"
40#include "bgpd/bgp_community.h"
41#include "bgpd/bgp_debug.h"
14454c9f 42#include "bgpd/bgp_errors.h"
9bedbb1e 43#include "bgpd/bgp_label.h"
718e3744 44#include "bgpd/bgp_packet.h"
45#include "bgpd/bgp_ecommunity.h"
57d187bc 46#include "bgpd/bgp_lcommunity.h"
3f9c7369 47#include "bgpd/bgp_updgrp.h"
6407da5a 48#include "bgpd/bgp_encap_types.h"
65efcfce 49#if ENABLE_BGP_VNC
d62a17ae 50#include "bgpd/rfapi/bgp_rfapi_cfg.h"
51#include "bgp_encap_types.h"
52#include "bgp_vnc_types.h"
65efcfce 53#endif
b18825eb 54#include "bgp_evpn.h"
7c40bf39 55#include "bgp_flowspec_private.h"
eee353c5 56#include "bgp_mac.h"
6b0655a2 57
718e3744 58/* Attribute strings for logging. */
d62a17ae 59static const struct message attr_str[] = {
60 {BGP_ATTR_ORIGIN, "ORIGIN"},
61 {BGP_ATTR_AS_PATH, "AS_PATH"},
62 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
63 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
64 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
65 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
66 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
67 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
68 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
69 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
70 {BGP_ATTR_DPA, "DPA"},
71 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
72 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
73 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
74 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
75 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
76 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
77 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
78 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
a21bd7a3 79 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
d62a17ae 80 {BGP_ATTR_ENCAP, "ENCAP"},
943d595a 81#if ENABLE_BGP_VNC_ATTR
d62a17ae 82 {BGP_ATTR_VNC, "VNC"},
65efcfce 83#endif
d62a17ae 84 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
85 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
86 {0}};
afcb7679 87
996c9314
LB		 88static const struct message attr_flag_str[] = {
89 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
90 {BGP_ATTR_FLAG_TRANS, "Transitive"},
91 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
92 /* bgp_attr_flags_diagnose() relies on this bit being last in
93 this list */
94 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
95 {0}};
6b0655a2 96
9bddac4b 97static struct hash *cluster_hash;
718e3744 98
d62a17ae 99static void *cluster_hash_alloc(void *p)
718e3744 100{
d62a17ae 101 const struct cluster_list *val = (const struct cluster_list *)p;
102 struct cluster_list *cluster;
718e3744 103
d62a17ae 104 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
105 cluster->length = val->length;
718e3744 106
d62a17ae 107 if (cluster->length) {
108 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
109 memcpy(cluster->list, val->list, val->length);
110 } else
111 cluster->list = NULL;
718e3744 112
d62a17ae 113 cluster->refcnt = 0;
718e3744 114
d62a17ae 115 return cluster;
718e3744 116}
117
118/* Cluster list related functions. */
d62a17ae 119static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
718e3744 120{
d62a17ae 121 struct cluster_list tmp;
122 struct cluster_list *cluster;
718e3744 123
d62a17ae 124 tmp.length = length;
125 tmp.list = pnt;
718e3744 126
d62a17ae 127 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
128 cluster->refcnt++;
129 return cluster;
718e3744 130}
131
d62a17ae 132int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
718e3744 133{
d62a17ae 134 int i;
135
136 for (i = 0; i < cluster->length / 4; i++)
137 if (cluster->list[i].s_addr == originator.s_addr)
138 return 1;
139 return 0;
718e3744 140}
141
d8b87afe 142static unsigned int cluster_hash_key_make(const void *p)
718e3744 143{
d62a17ae 144 const struct cluster_list *cluster = p;
718e3744 145
d62a17ae 146 return jhash(cluster->list, cluster->length, 0);
718e3744 147}
148
74df8d6d 149static bool cluster_hash_cmp(const void *p1, const void *p2)
718e3744 150{
d62a17ae 151 const struct cluster_list *cluster1 = p1;
152 const struct cluster_list *cluster2 = p2;
923de654 153
d62a17ae 154 return (cluster1->length == cluster2->length
5dd7070f
QY		 155 && (cluster1->list == cluster2->list
156 || memcmp(cluster1->list, cluster2->list, cluster1->length)
157 == 0));
718e3744 158}
159
d62a17ae 160static void cluster_free(struct cluster_list *cluster)
718e3744 161{
0a22ddfb 162 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
d62a17ae 163 XFREE(MTYPE_CLUSTER, cluster);
718e3744 164}
165
d62a17ae 166static struct cluster_list *cluster_intern(struct cluster_list *cluster)
718e3744 167{
d62a17ae 168 struct cluster_list *find;
718e3744 169
d62a17ae 170 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
171 find->refcnt++;
718e3744 172
d62a17ae 173 return find;
718e3744 174}
175
d62a17ae 176void cluster_unintern(struct cluster_list *cluster)
718e3744 177{
d62a17ae 178 if (cluster->refcnt)
179 cluster->refcnt--;
718e3744 180
d62a17ae 181 if (cluster->refcnt == 0) {
182 hash_release(cluster_hash, cluster);
183 cluster_free(cluster);
184 }
718e3744 185}
186
d62a17ae 187static void cluster_init(void)
718e3744 188{
996c9314 189 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
3f65c5b1 190 "BGP Cluster");
718e3744 191}
228da428 192
d62a17ae 193static void cluster_finish(void)
228da428 194{
d62a17ae 195 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
196 hash_free(cluster_hash);
197 cluster_hash = NULL;
228da428 198}
6b0655a2 199
bede7744
LB		 200static struct hash *encap_hash = NULL;
201#if ENABLE_BGP_VNC
202static struct hash *vnc_hash = NULL;
203#endif
204
d62a17ae 205struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
f4c89855 206{
d62a17ae 207 struct bgp_attr_encap_subtlv *new;
208 struct bgp_attr_encap_subtlv *tail;
209 struct bgp_attr_encap_subtlv *p;
f4c89855 210
d62a17ae 211 for (p = orig, tail = new = NULL; p; p = p->next) {
12f70478 212 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
d62a17ae 213 if (tail) {
214 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
215 tail = tail->next;
216 } else {
217 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
218 }
219 assert(tail);
220 memcpy(tail, p, size);
221 tail->next = NULL;
f4c89855 222 }
f4c89855 223
d62a17ae 224 return new;
f4c89855
LB		 225}
226
d62a17ae 227static void encap_free(struct bgp_attr_encap_subtlv *p)
f4c89855 228{
d62a17ae 229 struct bgp_attr_encap_subtlv *next;
230 while (p) {
231 next = p->next;
232 p->next = NULL;
233 XFREE(MTYPE_ENCAP_TLV, p);
234 p = next;
235 }
f4c89855
LB		 236}
237
d62a17ae 238void bgp_attr_flush_encap(struct attr *attr)
f4c89855 239{
d62a17ae 240 if (!attr)
241 return;
f4c89855 242
d62a17ae 243 if (attr->encap_subtlvs) {
244 encap_free(attr->encap_subtlvs);
245 attr->encap_subtlvs = NULL;
246 }
65efcfce 247#if ENABLE_BGP_VNC
d62a17ae 248 if (attr->vnc_subtlvs) {
249 encap_free(attr->vnc_subtlvs);
250 attr->vnc_subtlvs = NULL;
251 }
65efcfce 252#endif
f4c89855
LB		 253}
254
255/*
256 * Compare encap sub-tlv chains
257 *
258 * 1 = equivalent
259 * 0 = not equivalent
260 *
261 * This algorithm could be made faster if needed
262 */
36de6e0e
A		 263static int encap_same(const struct bgp_attr_encap_subtlv *h1,
264 const struct bgp_attr_encap_subtlv *h2)
f4c89855 265{
36de6e0e
A		 266 const struct bgp_attr_encap_subtlv *p;
267 const struct bgp_attr_encap_subtlv *q;
f4c89855 268
d62a17ae 269 if (h1 == h2)
270 return 1;
271 if (h1 == NULL || h2 == NULL)
272 return 0;
f4c89855 273
d62a17ae 274 for (p = h1; p; p = p->next) {
275 for (q = h2; q; q = q->next) {
276 if ((p->type == q->type) && (p->length == q->length)
277 && !memcmp(p->value, q->value, p->length)) {
f4c89855 278
d62a17ae 279 break;
280 }
281 }
282 if (!q)
283 return 0;
f4c89855 284 }
f4c89855 285
d62a17ae 286 for (p = h2; p; p = p->next) {
287 for (q = h1; q; q = q->next) {
288 if ((p->type == q->type) && (p->length == q->length)
289 && !memcmp(p->value, q->value, p->length)) {
f4c89855 290
d62a17ae 291 break;
292 }
293 }
294 if (!q)
295 return 0;
f4c89855 296 }
f4c89855 297
d62a17ae 298 return 1;
f4c89855
LB		 299}
300
d62a17ae 301static void *encap_hash_alloc(void *p)
bede7744 302{
d62a17ae 303 /* Encap structure is already allocated. */
304 return p;
bede7744
LB		 305}
306
d62a17ae 307typedef enum {
308 ENCAP_SUBTLV_TYPE,
bede7744 309#if ENABLE_BGP_VNC
d62a17ae 310 VNC_SUBTLV_TYPE
bede7744
LB		 311#endif
312} encap_subtlv_type;
313
314static struct bgp_attr_encap_subtlv *
d62a17ae 315encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
bede7744 316{
d62a17ae 317 struct bgp_attr_encap_subtlv *find;
318 struct hash *hash = encap_hash;
bede7744 319#if ENABLE_BGP_VNC
d62a17ae 320 if (type == VNC_SUBTLV_TYPE)
321 hash = vnc_hash;
bede7744
LB		 322#endif
323
d62a17ae 324 find = hash_get(hash, encap, encap_hash_alloc);
325 if (find != encap)
326 encap_free(encap);
327 find->refcnt++;
bede7744 328
d62a17ae 329 return find;
bede7744
LB		 330}
331
d62a17ae 332static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
333 encap_subtlv_type type)
bede7744 334{
d62a17ae 335 struct bgp_attr_encap_subtlv *encap = *encapp;
336 if (encap->refcnt)
337 encap->refcnt--;
bede7744 338
d62a17ae 339 if (encap->refcnt == 0) {
340 struct hash *hash = encap_hash;
bede7744 341#if ENABLE_BGP_VNC
d62a17ae 342 if (type == VNC_SUBTLV_TYPE)
343 hash = vnc_hash;
bede7744 344#endif
d62a17ae 345 hash_release(hash, encap);
346 encap_free(encap);
347 *encapp = NULL;
348 }
bede7744
LB		 349}
350
d8b87afe 351static unsigned int encap_hash_key_make(const void *p)
bede7744 352{
d62a17ae 353 const struct bgp_attr_encap_subtlv *encap = p;
bede7744 354
d62a17ae 355 return jhash(encap->value, encap->length, 0);
bede7744
LB		 356}
357
74df8d6d 358static bool encap_hash_cmp(const void *p1, const void *p2)
bede7744 359{
36de6e0e
A		 360 return encap_same((const struct bgp_attr_encap_subtlv *)p1,
361 (const struct bgp_attr_encap_subtlv *)p2);
bede7744
LB		 362}
363
d62a17ae 364static void encap_init(void)
bede7744 365{
996c9314 366 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 367 "BGP Encap Hash");
bede7744 368#if ENABLE_BGP_VNC
996c9314 369 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 370 "BGP VNC Hash");
bede7744
LB		 371#endif
372}
373
d62a17ae 374static void encap_finish(void)
bede7744 375{
d62a17ae 376 hash_clean(encap_hash, (void (*)(void *))encap_free);
377 hash_free(encap_hash);
378 encap_hash = NULL;
bede7744 379#if ENABLE_BGP_VNC
d62a17ae 380 hash_clean(vnc_hash, (void (*)(void *))encap_free);
381 hash_free(vnc_hash);
382 vnc_hash = NULL;
bede7744
LB		 383#endif
384}
385
d62a17ae 386static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
684a7227 387{
d62a17ae 388 if (!a1 && a2)
389 return false;
390 if (!a2 && a1)
391 return false;
392 if (!a1 && !a2)
393 return true;
394 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
ea7741a0 395 sizeof(struct bgp_route_evpn));
684a7227
PG		 396}
397
718e3744 398/* Unknown transit attribute. */
9bddac4b 399static struct hash *transit_hash;
718e3744 400
d62a17ae 401static void transit_free(struct transit *transit)
718e3744 402{
0a22ddfb 403 XFREE(MTYPE_TRANSIT_VAL, transit->val);
d62a17ae 404 XFREE(MTYPE_TRANSIT, transit);
718e3744 405}
406
d62a17ae 407static void *transit_hash_alloc(void *p)
718e3744 408{
d62a17ae 409 /* Transit structure is already allocated. */
410 return p;
718e3744 411}
412
d62a17ae 413static struct transit *transit_intern(struct transit *transit)
718e3744 414{
d62a17ae 415 struct transit *find;
718e3744 416
d62a17ae 417 find = hash_get(transit_hash, transit, transit_hash_alloc);
418 if (find != transit)
419 transit_free(transit);
420 find->refcnt++;
718e3744 421
d62a17ae 422 return find;
718e3744 423}
424
547357c4 425static void transit_unintern(struct transit **transit)
718e3744 426{
547357c4
QY		 427 if ((*transit)->refcnt)
428 (*transit)->refcnt--;
718e3744 429
547357c4
QY		 430 if ((*transit)->refcnt == 0) {
431 hash_release(transit_hash, *transit);
432 transit_free(*transit);
433 *transit = NULL;
d62a17ae 434 }
718e3744 435}
436
d8b87afe 437static unsigned int transit_hash_key_make(const void *p)
718e3744 438{
d62a17ae 439 const struct transit *transit = p;
718e3744 440
d62a17ae 441 return jhash(transit->val, transit->length, 0);
718e3744 442}
443
74df8d6d 444static bool transit_hash_cmp(const void *p1, const void *p2)
718e3744 445{
d62a17ae 446 const struct transit *transit1 = p1;
447 const struct transit *transit2 = p2;
923de654 448
d62a17ae 449 return (transit1->length == transit2->length
450 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
718e3744 451}
452
d62a17ae 453static void transit_init(void)
718e3744 454{
996c9314 455 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
3f65c5b1 456 "BGP Transit Hash");
718e3744 457}
228da428 458
d62a17ae 459static void transit_finish(void)
228da428 460{
d62a17ae 461 hash_clean(transit_hash, (void (*)(void *))transit_free);
462 hash_free(transit_hash);
463 transit_hash = NULL;
228da428 464}
6b0655a2 465
718e3744 466/* Attribute hash routines. */
9bddac4b 467static struct hash *attrhash;
718e3744 468
d62a17ae 469unsigned long int attr_count(void)
cbdfbaa5 470{
d62a17ae 471 return attrhash->count;
cbdfbaa5
PJ		 472}
473
d62a17ae 474unsigned long int attr_unknown_count(void)
cbdfbaa5 475{
d62a17ae 476 return transit_hash->count;
cbdfbaa5
PJ		 477}
478
d8b87afe 479unsigned int attrhash_key_make(const void *p)
718e3744 480{
d62a17ae 481 const struct attr *attr = (struct attr *)p;
482 uint32_t key = 0;
c8e7b895 483#define MIX(val) key = jhash_1word(val, key)
0d0268a6 484#define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
c8e7b895 485
0d0268a6 486 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
996c9314
LB		 487 MIX3(attr->local_pref, attr->aggregator_as,
488 attr->aggregator_addr.s_addr);
0d0268a6
LB		 489 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
490 attr->originator_id.s_addr);
491 MIX3(attr->tag, attr->label, attr->label_index);
d62a17ae 492
493 if (attr->aspath)
494 MIX(aspath_key_make(attr->aspath));
495 if (attr->community)
496 MIX(community_hash_make(attr->community));
497
498 if (attr->lcommunity)
499 MIX(lcommunity_hash_make(attr->lcommunity));
500 if (attr->ecommunity)
501 MIX(ecommunity_hash_make(attr->ecommunity));
502 if (attr->cluster)
503 MIX(cluster_hash_key_make(attr->cluster));
504 if (attr->transit)
505 MIX(transit_hash_key_make(attr->transit));
506 if (attr->encap_subtlvs)
507 MIX(encap_hash_key_make(attr->encap_subtlvs));
bede7744 508#if ENABLE_BGP_VNC
d62a17ae 509 if (attr->vnc_subtlvs)
510 MIX(encap_hash_key_make(attr->vnc_subtlvs));
bede7744 511#endif
d62a17ae 512 MIX(attr->mp_nexthop_len);
513 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
514 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
7b7d48e5 515 MIX3(attr->nh_ifindex, attr->nh_lla_ifindex, attr->distance);
951745bd 516 MIX(attr->rmap_table_id);
d62a17ae 517
518 return key;
519}
520
74df8d6d 521bool attrhash_cmp(const void *p1, const void *p2)
d62a17ae 522{
523 const struct attr *attr1 = p1;
524 const struct attr *attr2 = p2;
525
526 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
527 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
528 && attr1->aspath == attr2->aspath
529 && attr1->community == attr2->community && attr1->med == attr2->med
530 && attr1->local_pref == attr2->local_pref
531 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
532 if (attr1->aggregator_as == attr2->aggregator_as
533 && attr1->aggregator_addr.s_addr
534 == attr2->aggregator_addr.s_addr
535 && attr1->weight == attr2->weight
536 && attr1->tag == attr2->tag
537 && attr1->label_index == attr2->label_index
538 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
d62a17ae 539 && attr1->ecommunity == attr2->ecommunity
540 && attr1->lcommunity == attr2->lcommunity
541 && attr1->cluster == attr2->cluster
542 && attr1->transit == attr2->transit
951745bd 543 && attr1->rmap_table_id == attr2->rmap_table_id
d62a17ae 544 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
545 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
65efcfce 546#if ENABLE_BGP_VNC
d62a17ae 547 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
65efcfce 548#endif
0d0268a6
LB		 549 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
550 &attr2->mp_nexthop_global)
551 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
552 &attr2->mp_nexthop_local)
553 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
554 &attr2->mp_nexthop_global_in)
d62a17ae 555 && IPV4_ADDR_SAME(&attr1->originator_id,
556 &attr2->originator_id)
77e62f2b 557 && overlay_index_same(attr1, attr2)
558 && attr1->nh_ifindex == attr2->nh_ifindex
7b7d48e5
DS		 559 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex
560 && attr1->distance == attr2->distance)
74df8d6d 561 return true;
d62a17ae 562 }
aadc0905 563
74df8d6d 564 return false;
718e3744 565}
566
d62a17ae 567static void attrhash_init(void)
718e3744 568{
996c9314
LB		 569 attrhash =
570 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
718e3744 571}
572
289d2501
LB		 573/*
574 * special for hash_clean below
575 */
d62a17ae 576static void attr_vfree(void *attr)
289d2501 577{
d62a17ae 578 XFREE(MTYPE_ATTR, attr);
289d2501
LB		 579}
580
d62a17ae 581static void attrhash_finish(void)
228da428 582{
d62a17ae 583 hash_clean(attrhash, attr_vfree);
584 hash_free(attrhash);
585 attrhash = NULL;
228da428
CC		 586}
587
e3b78da8 588static void attr_show_all_iterator(struct hash_bucket *bucket, struct vty *vty)
718e3744 589{
e3b78da8 590 struct attr *attr = bucket->data;
718e3744 591
d62a17ae 592 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
593 inet_ntoa(attr->nexthop));
13b7e7f0 594 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
23a2a47e 595 attr->flag, attr->med, attr->local_pref, attr->origin,
13b7e7f0 596 attr->weight, attr->label);
718e3744 597}
598
d62a17ae 599void attr_show_all(struct vty *vty)
718e3744 600{
e3b78da8 601 hash_iterate(attrhash, (void (*)(struct hash_bucket *,
9d303b37
DL		 602 void *))attr_show_all_iterator,
603 vty);
718e3744 604}
605
d62a17ae 606static void *bgp_attr_hash_alloc(void *p)
718e3744 607{
d62a17ae 608 struct attr *val = (struct attr *)p;
609 struct attr *attr;
718e3744 610
d62a17ae 611 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
612 *attr = *val;
613 if (val->encap_subtlvs) {
614 val->encap_subtlvs = NULL;
615 }
65efcfce 616#if ENABLE_BGP_VNC
d62a17ae 617 if (val->vnc_subtlvs) {
618 val->vnc_subtlvs = NULL;
619 }
65efcfce 620#endif
d62a17ae 621 attr->refcnt = 0;
622 return attr;
718e3744 623}
624
625/* Internet argument attribute. */
d62a17ae 626struct attr *bgp_attr_intern(struct attr *attr)
627{
628 struct attr *find;
629
630 /* Intern referenced strucutre. */
631 if (attr->aspath) {
632 if (!attr->aspath->refcnt)
633 attr->aspath = aspath_intern(attr->aspath);
634 else
635 attr->aspath->refcnt++;
636 }
637 if (attr->community) {
638 if (!attr->community->refcnt)
639 attr->community = community_intern(attr->community);
640 else
641 attr->community->refcnt++;
642 }
643
644 if (attr->ecommunity) {
645 if (!attr->ecommunity->refcnt)
646 attr->ecommunity = ecommunity_intern(attr->ecommunity);
647 else
648 attr->ecommunity->refcnt++;
649 }
650 if (attr->lcommunity) {
651 if (!attr->lcommunity->refcnt)
652 attr->lcommunity = lcommunity_intern(attr->lcommunity);
653 else
654 attr->lcommunity->refcnt++;
655 }
656 if (attr->cluster) {
657 if (!attr->cluster->refcnt)
658 attr->cluster = cluster_intern(attr->cluster);
659 else
660 attr->cluster->refcnt++;
661 }
662 if (attr->transit) {
663 if (!attr->transit->refcnt)
664 attr->transit = transit_intern(attr->transit);
665 else
666 attr->transit->refcnt++;
667 }
668 if (attr->encap_subtlvs) {
669 if (!attr->encap_subtlvs->refcnt)
670 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
671 ENCAP_SUBTLV_TYPE);
672 else
673 attr->encap_subtlvs->refcnt++;
674 }
bede7744 675#if ENABLE_BGP_VNC
d62a17ae 676 if (attr->vnc_subtlvs) {
677 if (!attr->vnc_subtlvs->refcnt)
678 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
679 VNC_SUBTLV_TYPE);
680 else
681 attr->vnc_subtlvs->refcnt++;
682 }
aadc0905 683#endif
bede7744 684
dbbac180
DL		 685 /* At this point, attr only contains intern'd pointers. that means
686 * if we find it in attrhash, it has all the same pointers and we
687 * correctly updated the refcounts on these.
688 * If we don't find it, we need to allocate a one because in all
689 * cases this returns a new reference to a hashed attr, but the input
690 * wasn't on hash. */
d62a17ae 691 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
692 find->refcnt++;
693
694 return find;
718e3744 695}
696
697/* Make network statement's attribute. */
d7c0a89a 698struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
718e3744 699{
d62a17ae 700 memset(attr, 0, sizeof(struct attr));
03e214c8 701
d62a17ae 702 attr->origin = origin;
703 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
704 attr->aspath = aspath_empty();
705 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
706 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
707 attr->tag = 0;
708 attr->label_index = BGP_INVALID_LABEL_INDEX;
709 attr->label = MPLS_INVALID_LABEL;
710 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
711 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
712
713 return attr;
718e3744 714}
715
b5d58c32 716/* Create the attributes for an aggregate */
d7c0a89a 717struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
d62a17ae 718 struct aspath *aspath,
3da2cc32
DS		 719 struct community *community,
720 struct ecommunity *ecommunity,
dd18c5a9 721 struct lcommunity *lcommunity,
20894f50
DA		 722 struct bgp_aggregate *aggregate,
723 uint8_t atomic_aggregate,
724 struct prefix *p)
d62a17ae 725{
726 struct attr attr;
727 struct attr *new;
20894f50 728 int ret;
d62a17ae 729
730 memset(&attr, 0, sizeof(struct attr));
731
732 /* Origin attribute. */
733 attr.origin = origin;
734 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
735
736 /* AS path attribute. */
737 if (aspath)
738 attr.aspath = aspath_intern(aspath);
739 else
740 attr.aspath = aspath_empty();
741 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
742
743 /* Next hop attribute. */
744 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
745
746 if (community) {
d7c0a89a 747 uint32_t gshut = COMMUNITY_GSHUT;
7f323236
DW		 748
749 /* If we are not shutting down ourselves and we are
750 * aggregating a route that contains the GSHUT community we
751 * need to remove that community when creating the aggregate */
996c9314
LB		 752 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
753 && community_include(community, gshut)) {
7f323236
DW		 754 community_del_val(community, &gshut);
755 }
756
d62a17ae 757 attr.community = community;
758 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
759 }
760
3da2cc32
DS		 761 if (ecommunity) {
762 attr.ecommunity = ecommunity;
763 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
764 }
765
dd18c5a9
DS		 766 if (lcommunity) {
767 attr.lcommunity = lcommunity;
768 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
769 }
770
7f323236
DW		 771 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
772 bgp_attr_add_gshut_community(&attr);
773 }
774
d62a17ae 775 attr.label_index = BGP_INVALID_LABEL_INDEX;
776 attr.label = MPLS_INVALID_LABEL;
777 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
778 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
20894f50 779 if (!aggregate->as_set || atomic_aggregate)
d62a17ae 780 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
781 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
782 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
783 attr.aggregator_as = bgp->confed_id;
784 else
785 attr.aggregator_as = bgp->as;
786 attr.aggregator_addr = bgp->router_id;
787 attr.label_index = BGP_INVALID_LABEL_INDEX;
788 attr.label = MPLS_INVALID_LABEL;
789
20894f50
DA		 790 /* Apply route-map */
791 if (aggregate->rmap.name) {
792 struct attr attr_tmp = attr;
793 struct bgp_path_info rmap_path;
794
795 memset(&rmap_path, 0, sizeof(struct bgp_path_info));
796 rmap_path.peer = bgp->peer_self;
797 rmap_path.attr = &attr_tmp;
798
799 SET_FLAG(bgp->peer_self->rmap_type, PEER_RMAP_TYPE_AGGREGATE);
800
801 ret = route_map_apply(aggregate->rmap.map, p, RMAP_BGP,
802 &rmap_path);
803
804 bgp->peer_self->rmap_type = 0;
805
806 if (ret == RMAP_DENYMATCH) {
807 /* Free uninterned attribute. */
808 bgp_attr_flush(&attr_tmp);
809
810 /* Unintern original. */
811 aspath_unintern(&attr.aspath);
812 return NULL;
813 }
814
815 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN))
816 bgp_attr_add_gshut_community(&attr_tmp);
817
818 new = bgp_attr_intern(&attr_tmp);
819 } else {
820
821 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN))
822 bgp_attr_add_gshut_community(&attr);
823
824 new = bgp_attr_intern(&attr);
825 }
d62a17ae 826
827 aspath_unintern(&new->aspath);
828 return new;
718e3744 829}
830
b881c707 831/* Unintern just the sub-components of the attr, but not the attr */
d62a17ae 832void bgp_attr_unintern_sub(struct attr *attr)
833{
834 /* aspath refcount shoud be decrement. */
835 if (attr->aspath)
836 aspath_unintern(&attr->aspath);
837 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
838
839 if (attr->community)
840 community_unintern(&attr->community);
841 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
842
843 if (attr->ecommunity)
844 ecommunity_unintern(&attr->ecommunity);
845 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
846
847 if (attr->lcommunity)
848 lcommunity_unintern(&attr->lcommunity);
849 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
850
851 if (attr->cluster)
852 cluster_unintern(attr->cluster);
853 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
854
855 if (attr->transit)
547357c4 856 transit_unintern(&attr->transit);
d62a17ae 857
858 if (attr->encap_subtlvs)
859 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
bede7744
LB		 860
861#if ENABLE_BGP_VNC
d62a17ae 862 if (attr->vnc_subtlvs)
863 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
bede7744 864#endif
b881c707
PJ		 865}
866
f46d8e1e
DS		 867/*
868 * We have some show commands that let you experimentally
869 * apply a route-map. When we apply the route-map
870 * we are reseting values but not saving them for
871 * posterity via intern'ing( because route-maps don't
872 * do that) but at this point in time we need
873 * to compare the new attr to the old and if the
874 * routemap has changed it we need to, as Snoop Dog says,
875 * Drop it like it's hot
876 */
877void bgp_attr_undup(struct attr *new, struct attr *old)
878{
879 if (new->aspath != old->aspath)
880 aspath_free(new->aspath);
881
882 if (new->community != old->community)
3c1f53de 883 community_free(&new->community);
f46d8e1e
DS		 884
885 if (new->ecommunity != old->ecommunity)
886 ecommunity_free(&new->ecommunity);
887
888 if (new->lcommunity != old->lcommunity)
889 lcommunity_free(&new->lcommunity);
f46d8e1e
DS		 890}
891
718e3744 892/* Free bgp attribute and aspath. */
d62a17ae 893void bgp_attr_unintern(struct attr **pattr)
894{
895 struct attr *attr = *pattr;
896 struct attr *ret;
897 struct attr tmp;
898
899 /* Decrement attribute reference. */
900 attr->refcnt--;
901
902 tmp = *attr;
903
904 /* If reference becomes zero then free attribute object. */
905 if (attr->refcnt == 0) {
906 ret = hash_release(attrhash, attr);
907 assert(ret != NULL);
908 XFREE(MTYPE_ATTR, attr);
909 *pattr = NULL;
910 }
911
912 bgp_attr_unintern_sub(&tmp);
913}
914
915void bgp_attr_flush(struct attr *attr)
916{
917 if (attr->aspath && !attr->aspath->refcnt) {
918 aspath_free(attr->aspath);
919 attr->aspath = NULL;
920 }
3c1f53de
SMS		 921 if (attr->community && !attr->community->refcnt)
922 community_free(&attr->community);
d62a17ae 923 if (attr->ecommunity && !attr->ecommunity->refcnt)
924 ecommunity_free(&attr->ecommunity);
925 if (attr->lcommunity && !attr->lcommunity->refcnt)
926 lcommunity_free(&attr->lcommunity);
927 if (attr->cluster && !attr->cluster->refcnt) {
928 cluster_free(attr->cluster);
929 attr->cluster = NULL;
930 }
931 if (attr->transit && !attr->transit->refcnt) {
932 transit_free(attr->transit);
933 attr->transit = NULL;
934 }
935 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
936 encap_free(attr->encap_subtlvs);
937 attr->encap_subtlvs = NULL;
938 }
65efcfce 939#if ENABLE_BGP_VNC
d62a17ae 940 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
941 encap_free(attr->vnc_subtlvs);
942 attr->vnc_subtlvs = NULL;
943 }
aadc0905 944#endif
718e3744 945}
946
b881c707
PJ		 947/* Implement draft-scudder-idr-optional-transitive behaviour and
948 * avoid resetting sessions for malformed attributes which are
949 * are partial/optional and hence where the error likely was not
950 * introduced by the sending neighbour.
951 */
952static bgp_attr_parse_ret_t
d7c0a89a 953bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
d62a17ae 954 bgp_size_t length)
955{
956 struct peer *const peer = args->peer;
d7c0a89a 957 const uint8_t flags = args->flags;
d62a17ae 958 /* startp and length must be special-cased, as whether or not to
959 * send the attribute data with the NOTIFY depends on the error,
960 * the caller therefore signals this with the seperate length argument
961 */
d7c0a89a 962 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
d62a17ae 963
964 /* Only relax error handling for eBGP peers */
965 if (peer->sort != BGP_PEER_EBGP) {
966 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
967 notify_datap, length);
968 return BGP_ATTR_PARSE_ERROR;
969 }
970
971 /* Adjust the stream getp to the end of the attribute, in case we can
972 * still proceed but the caller hasn't read all the attribute.
973 */
974 stream_set_getp(BGP_INPUT(peer),
975 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
976 + args->total);
977
978 switch (args->type) {
979 /* where an attribute is relatively inconsequential, e.g. it does not
980 * affect route selection, and can be safely ignored, then any such
981 * attributes which are malformed should just be ignored and the route
982 * processed as normal.
983 */
984 case BGP_ATTR_AS4_AGGREGATOR:
985 case BGP_ATTR_AGGREGATOR:
986 case BGP_ATTR_ATOMIC_AGGREGATE:
987 return BGP_ATTR_PARSE_PROCEED;
988
989 /* Core attributes, particularly ones which may influence route
990 * selection, should always cause session resets
991 */
992 case BGP_ATTR_ORIGIN:
993 case BGP_ATTR_AS_PATH:
994 case BGP_ATTR_NEXT_HOP:
995 case BGP_ATTR_MULTI_EXIT_DISC:
996 case BGP_ATTR_LOCAL_PREF:
997 case BGP_ATTR_COMMUNITIES:
998 case BGP_ATTR_ORIGINATOR_ID:
999 case BGP_ATTR_CLUSTER_LIST:
1000 case BGP_ATTR_MP_REACH_NLRI:
1001 case BGP_ATTR_MP_UNREACH_NLRI:
1002 case BGP_ATTR_EXT_COMMUNITIES:
1003 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
1004 notify_datap, length);
1005 return BGP_ATTR_PARSE_ERROR;
1006 }
1007
1008 /* Partial optional attributes that are malformed should not cause
1009 * the whole session to be reset. Instead treat it as a withdrawal
1010 * of the routes, if possible.
1011 */
1012 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
1013 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1014 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
1015 return BGP_ATTR_PARSE_WITHDRAW;
1016
1017 /* default to reset */
1018 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
b881c707
PJ		 1019}
1020
afcb7679
DO		 1021/* Find out what is wrong with the path attribute flag bits and log the error.
1022 "Flag bits" here stand for Optional, Transitive and Partial, but not for
1023 Extended Length. Checking O/T/P bits at once implies, that the attribute
1024 being diagnosed is defined by RFC as either a "well-known" or an "optional,
1025 non-transitive" attribute. */
1026static void
d62a17ae 1027bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
d7c0a89a
QY		 1028 uint8_t desired_flags /* how RFC says it must be */
1029)
d62a17ae 1030{
d7c0a89a
QY		 1031 uint8_t seen = 0, i;
1032 uint8_t real_flags = args->flags;
1033 const uint8_t attr_code = args->type;
d62a17ae 1034
1035 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1036 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1037 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
1038 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1039 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
1c50c1c0
QY		 1040 flog_err(EC_BGP_ATTR_FLAG,
1041 "%s attribute must%s be flagged as \"%s\"",
1042 lookup_msg(attr_str, attr_code, NULL),
1043 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1044 ? ""
1045 : " not",
1046 attr_flag_str[i].str);
d62a17ae 1047 seen = 1;
1048 }
1049 if (!seen) {
1050 zlog_debug(
1051 "Strange, %s called for attr %s, but no problem found with flags"
1052 " (real flags 0x%x, desired 0x%x)",
1053 __func__, lookup_msg(attr_str, attr_code, NULL),
1054 real_flags, desired_flags);
1055 }
afcb7679
DO		 1056}
1057
3ecab4c8
PJ		 1058/* Required flags for attributes. EXTLEN will be masked off when testing,
1059 * as will PARTIAL for optional+transitive attributes.
1060 */
d7c0a89a
QY		 1061const uint8_t attr_flags_values[] = {
1062 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1063 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1064 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1065 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1066 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1067 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1068 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1069 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1070 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1071 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1072 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1073 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1074 [BGP_ATTR_EXT_COMMUNITIES] =
1075 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1076 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1077 [BGP_ATTR_AS4_AGGREGATOR] =
1078 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1079 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1080 [BGP_ATTR_LARGE_COMMUNITIES] =
1081 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1082 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
3ecab4c8 1083};
099111ef 1084static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
3ecab4c8 1085
d62a17ae 1086static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1087{
d7c0a89a
QY		 1088 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1089 const uint8_t flags = args->flags;
1090 const uint8_t attr_code = args->type;
d62a17ae 1091
1092 /* there may be attributes we don't know about */
1093 if (attr_code > attr_flags_values_max)
1094 return 0;
1095 if (attr_flags_values[attr_code] == 0)
1096 return 0;
1097
1098 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1099 * to
1100 * 1."
1101 */
1102 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1103 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
af4c2728 1104 flog_err(
e50f7cfd 1105 EC_BGP_ATTR_FLAG,
d62a17ae 1106 "%s well-known attributes must have transitive flag set (%x)",
1107 lookup_msg(attr_str, attr_code, NULL), flags);
1108 return 1;
1109 }
1110
1111 /* "For well-known attributes and for optional non-transitive
1112 * attributes,
1113 * the Partial bit MUST be set to 0."
1114 */
1115 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1116 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
e50f7cfd 1117 flog_err(EC_BGP_ATTR_FLAG,
1c50c1c0
QY		 1118 "%s well-known attribute "
1119 "must NOT have the partial flag set (%x)",
1120 lookup_msg(attr_str, attr_code, NULL), flags);
d62a17ae 1121 return 1;
1122 }
1123 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1124 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
e50f7cfd 1125 flog_err(EC_BGP_ATTR_FLAG,
1c50c1c0
QY		 1126 "%s optional + transitive attribute "
1127 "must NOT have the partial flag set (%x)",
1128 lookup_msg(attr_str, attr_code, NULL), flags);
d62a17ae 1129 return 1;
1130 }
1131 }
1132
1133 /* Optional transitive attributes may go through speakers that don't
1134 * reocgnise them and set the Partial bit.
1135 */
1136 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1137 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1138 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1139
1140 if ((flags & ~mask) == attr_flags_values[attr_code])
1141 return 0;
1142
1143 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1144 return 1;
3ecab4c8
PJ		 1145}
1146
718e3744 1147/* Get origin attribute of the update message. */
d62a17ae 1148static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1149{
1150 struct peer *const peer = args->peer;
1151 struct attr *const attr = args->attr;
1152 const bgp_size_t length = args->length;
1153
1154 /* If any recognized attribute has Attribute Length that conflicts
1155 with the expected length (based on the attribute type code), then
1156 the Error Subcode is set to Attribute Length Error. The Data
1157 field contains the erroneous attribute (type, length and
1158 value). */
1159 if (length != 1) {
e50f7cfd 1160 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1161 "Origin attribute length is not one %d", length);
d62a17ae 1162 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1163 args->total);
1164 }
1165
1166 /* Fetch origin attribute. */
1167 attr->origin = stream_getc(BGP_INPUT(peer));
1168
1169 /* If the ORIGIN attribute has an undefined value, then the Error
1170 Subcode is set to Invalid Origin Attribute. The Data field
1171 contains the unrecognized attribute (type, length and value). */
1172 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1173 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
e50f7cfd 1174 flog_err(EC_BGP_ATTR_ORIGIN,
1c50c1c0 1175 "Origin attribute value is invalid %d", attr->origin);
d62a17ae 1176 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1177 args->total);
1178 }
1179
1180 /* Set oring attribute flag. */
1181 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1182
1183 return 0;
718e3744 1184}
ab005298
PJ		 1185
1186/* Parse AS path information. This function is wrapper of
1187 aspath_parse. */
d62a17ae 1188static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1189{
1190 struct attr *const attr = args->attr;
1191 struct peer *const peer = args->peer;
1192 const bgp_size_t length = args->length;
1193
1194 /*
1195 * peer with AS4 => will get 4Byte ASnums
1196 * otherwise, will get 16 Bit
1197 */
424ab01d 1198 attr->aspath = aspath_parse(peer->curr, length,
d62a17ae 1199 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1200
1201 /* In case of IBGP, length will be zero. */
1202 if (!attr->aspath) {
e50f7cfd 1203 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1c50c1c0
QY		 1204 "Malformed AS path from %s, length is %d", peer->host,
1205 length);
d62a17ae 1206 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1207 0);
1208 }
0b2aa3a0 1209
d62a17ae 1210 /* Set aspath attribute flag. */
1211 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1212
1213 return BGP_ATTR_PARSE_PROCEED;
1214}
1215
1216static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1217 struct attr *const attr)
1218{
1219 /* These checks were part of bgp_attr_aspath, but with
1220 * as4 we should to check aspath things when
1221 * aspath synthesizing with as4_path has already taken place.
1222 * Otherwise we check ASPATH and use the synthesized thing, and that is
1223 * not right.
1224 * So do the checks later, i.e. here
1225 */
d62a17ae 1226 struct aspath *aspath;
1227
1228 /* Confederation sanity check. */
1229 if ((peer->sort == BGP_PEER_CONFED
1230 && !aspath_left_confed_check(attr->aspath))
1231 || (peer->sort == BGP_PEER_EBGP
1232 && aspath_confed_check(attr->aspath))) {
e50f7cfd 1233 flog_err(EC_BGP_ATTR_MAL_AS_PATH, "Malformed AS path from %s",
1c50c1c0 1234 peer->host);
d62a17ae 1235 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1236 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1237 return BGP_ATTR_PARSE_ERROR;
1238 }
cddb8112 1239
d62a17ae 1240 /* First AS check for EBGP. */
47cbc09b 1241 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
d62a17ae 1242 if (peer->sort == BGP_PEER_EBGP
1243 && !aspath_firstas_check(attr->aspath, peer->as)) {
e50f7cfd 1244 flog_err(EC_BGP_ATTR_FIRST_AS,
1c50c1c0
QY		 1245 "%s incorrect first AS (must be %u)",
1246 peer->host, peer->as);
d62a17ae 1247 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1248 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1249 return BGP_ATTR_PARSE_ERROR;
1250 }
1251 }
0b2aa3a0 1252
d62a17ae 1253 /* local-as prepend */
1254 if (peer->change_local_as
1255 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1256 aspath = aspath_dup(attr->aspath);
1257 aspath = aspath_add_seq(aspath, peer->change_local_as);
1258 aspath_unintern(&attr->aspath);
1259 attr->aspath = aspath_intern(aspath);
1260 }
0b2aa3a0 1261
d62a17ae 1262 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1263}
1264
ab005298
PJ		 1265/* Parse AS4 path information. This function is another wrapper of
1266 aspath_parse. */
d62a17ae 1267static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1268 struct aspath **as4_path)
ab005298 1269{
d62a17ae 1270 struct peer *const peer = args->peer;
1271 struct attr *const attr = args->attr;
1272 const bgp_size_t length = args->length;
ab005298 1273
424ab01d 1274 *as4_path = aspath_parse(peer->curr, length, 1);
b881c707 1275
d62a17ae 1276 /* In case of IBGP, length will be zero. */
1277 if (!*as4_path) {
e50f7cfd 1278 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1c50c1c0
QY		 1279 "Malformed AS4 path from %s, length is %d", peer->host,
1280 length);
d62a17ae 1281 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1282 0);
1283 }
ab005298 1284
d62a17ae 1285 /* Set aspath attribute flag. */
1286 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1287
1288 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1289}
1290
9738e9aa 1291/*
1292 * Check that the nexthop attribute is valid.
1293 */
1294bgp_attr_parse_ret_t
1295bgp_attr_nexthop_valid(struct peer *peer, struct attr *attr)
1296{
1297 in_addr_t nexthop_h;
1298
1299 nexthop_h = ntohl(attr->nexthop.s_addr);
1300 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1301 || IPV4_CLASS_DE(nexthop_h))
1302 && !BGP_DEBUG(allow_martians, ALLOW_MARTIANS)) {
7decb30c 1303 uint8_t data[7]; /* type(2) + length(1) + nhop(4) */
9738e9aa 1304 char buf[INET_ADDRSTRLEN];
1305
1306 inet_ntop(AF_INET, &attr->nexthop.s_addr, buf,
1307 INET_ADDRSTRLEN);
1308 flog_err(EC_BGP_ATTR_MARTIAN_NH, "Martian nexthop %s",
1309 buf);
7decb30c
DS		 1310 data[0] = BGP_ATTR_FLAG_TRANS;
1311 data[1] = BGP_ATTR_NEXT_HOP;
1312 data[2] = BGP_ATTR_NHLEN_IPV4;
1313 memcpy(&data[3], &attr->nexthop.s_addr, BGP_ATTR_NHLEN_IPV4);
1314 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1315 BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP,
1316 data, 7);
9738e9aa 1317 return BGP_ATTR_PARSE_ERROR;
1318 }
1319
1320 return BGP_ATTR_PARSE_PROCEED;
1321}
1322
718e3744 1323/* Nexthop attribute. */
d62a17ae 1324static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1325{
1326 struct peer *const peer = args->peer;
1327 struct attr *const attr = args->attr;
1328 const bgp_size_t length = args->length;
1329
d62a17ae 1330 /* Check nexthop attribute length. */
1331 if (length != 4) {
e50f7cfd 1332 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1333 "Nexthop attribute length isn't four [%d]", length);
d62a17ae 1334
1335 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1336 args->total);
1337 }
1338
88f33d66 1339 attr->nexthop.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1340 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1341
1342 return BGP_ATTR_PARSE_PROCEED;
718e3744 1343}
1344
1345/* MED atrribute. */
d62a17ae 1346static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
718e3744 1347{
d62a17ae 1348 struct peer *const peer = args->peer;
1349 struct attr *const attr = args->attr;
1350 const bgp_size_t length = args->length;
b881c707 1351
d62a17ae 1352 /* Length check. */
1353 if (length != 4) {
e50f7cfd 1354 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1355 "MED attribute length isn't four [%d]", length);
718e3744 1356
d62a17ae 1357 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1358 args->total);
1359 }
1360
424ab01d 1361 attr->med = stream_getl(peer->curr);
718e3744 1362
d62a17ae 1363 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
718e3744 1364
d62a17ae 1365 return BGP_ATTR_PARSE_PROCEED;
718e3744 1366}
1367
1368/* Local preference attribute. */
b881c707 1369static bgp_attr_parse_ret_t
d62a17ae 1370bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1371{
1372 struct peer *const peer = args->peer;
1373 struct attr *const attr = args->attr;
1374 const bgp_size_t length = args->length;
1375
1376 /* Length check. */
1377 if (length != 4) {
e50f7cfd 1378 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0 1379 "LOCAL_PREF attribute length isn't 4 [%u]", length);
d62a17ae 1380 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1381 args->total);
1382 }
1383
1384 /* If it is contained in an UPDATE message that is received from an
1385 external peer, then this attribute MUST be ignored by the
1386 receiving speaker. */
1387 if (peer->sort == BGP_PEER_EBGP) {
424ab01d 1388 stream_forward_getp(peer->curr, length);
d62a17ae 1389 return BGP_ATTR_PARSE_PROCEED;
1390 }
1391
424ab01d 1392 attr->local_pref = stream_getl(peer->curr);
d62a17ae 1393
7f323236 1394 /* Set the local-pref flag. */
d62a17ae 1395 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1396
1397 return BGP_ATTR_PARSE_PROCEED;
718e3744 1398}
1399
1400/* Atomic aggregate. */
d62a17ae 1401static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
718e3744 1402{
d62a17ae 1403 struct attr *const attr = args->attr;
1404 const bgp_size_t length = args->length;
1405
1406 /* Length check. */
1407 if (length != 0) {
e50f7cfd 1408 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0
QY		 1409 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1410 length);
d62a17ae 1411 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1412 args->total);
1413 }
718e3744 1414
d62a17ae 1415 /* Set atomic aggregate flag. */
1416 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
718e3744 1417
d62a17ae 1418 return BGP_ATTR_PARSE_PROCEED;
718e3744 1419}
1420
1421/* Aggregator attribute */
d62a17ae 1422static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1423{
1424 struct peer *const peer = args->peer;
1425 struct attr *const attr = args->attr;
1426 const bgp_size_t length = args->length;
1427
1428 int wantedlen = 6;
1429
1430 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1431 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1432 wantedlen = 8;
1433
1434 if (length != wantedlen) {
e50f7cfd 1435 flog_err(EC_BGP_ATTR_LEN,
1c50c1c0
QY		 1436 "AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1437 length);
d62a17ae 1438 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1439 args->total);
1440 }
1441
1442 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
424ab01d 1443 attr->aggregator_as = stream_getl(peer->curr);
d62a17ae 1444 else
424ab01d
QY		 1445 attr->aggregator_as = stream_getw(peer->curr);
1446 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1447
1448 /* Set atomic aggregate flag. */
1449 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1450
1451 return BGP_ATTR_PARSE_PROCEED;
718e3744 1452}
1453
0b2aa3a0 1454/* New Aggregator attribute */
b881c707 1455static bgp_attr_parse_ret_t
d62a17ae 1456bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1457 as_t *as4_aggregator_as,
1458 struct in_addr *as4_aggregator_addr)
1459{
1460 struct peer *const peer = args->peer;
1461 struct attr *const attr = args->attr;
1462 const bgp_size_t length = args->length;
1463
1464 if (length != 8) {
1c50c1c0
QY		 1465 flog_err(EC_BGP_ATTR_LEN, "New Aggregator length is not 8 [%d]",
1466 length);
d62a17ae 1467 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1468 0);
1469 }
1470
424ab01d
QY		 1471 *as4_aggregator_as = stream_getl(peer->curr);
1472 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1473
1474 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1475
1476 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1477}
1478
1479/* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1480 */
b881c707 1481static bgp_attr_parse_ret_t
d62a17ae 1482bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1483 struct aspath *as4_path, as_t as4_aggregator,
1484 struct in_addr *as4_aggregator_addr)
1485{
1486 int ignore_as4_path = 0;
1487 struct aspath *newpath;
1488
1489 if (!attr->aspath) {
1490 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1491 * have
1492 * checked that all well-known, mandatory attributes were
1493 * present.
1494 *
1495 * Can only be a problem with peer itself - hard error
1496 */
1497 return BGP_ATTR_PARSE_ERROR;
1498 }
1499
1500 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1501 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1502 * if given.
1503 * It is worth a warning though, because the peer really
1504 * should not send them
1505 */
1506 if (BGP_DEBUG(as4, AS4)) {
1507 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1508 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1509 "AS4 capable peer, yet it sent");
1510
1511 if (attr->flag
1512 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1513 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1514 peer->host,
1515 "AS4 capable peer, yet it sent");
1516 }
1517
1518 return BGP_ATTR_PARSE_PROCEED;
1519 }
1520
1521 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1522 * because that may override AS4_PATH
1523 */
1524 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1525 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1526 /* received both.
1527 * if the as_number in aggregator is not AS_TRANS,
1528 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1529 * and the Aggregator shall be taken as
1530 * info on the aggregating node, and the AS_PATH
1531 * shall be taken as the AS_PATH
1532 * otherwise
1533 * the Aggregator shall be ignored and the
1534 * AS4_AGGREGATOR shall be taken as the
1535 * Aggregating node and the AS_PATH is to be
1536 * constructed "as in all other cases"
1537 */
1538 if (attr->aggregator_as != BGP_AS_TRANS) {
1539 /* ignore */
1540 if (BGP_DEBUG(as4, AS4))
1541 zlog_debug(
1542 "[AS4] %s BGP not AS4 capable peer"
1543 " send AGGREGATOR != AS_TRANS and"
1544 " AS4_AGGREGATOR, so ignore"
1545 " AS4_AGGREGATOR and AS4_PATH",
1546 peer->host);
1547 ignore_as4_path = 1;
1548 } else {
1549 /* "New_aggregator shall be taken as aggregator"
1550 */
1551 attr->aggregator_as = as4_aggregator;
1552 attr->aggregator_addr.s_addr =
1553 as4_aggregator_addr->s_addr;
1554 }
1555 } else {
1556 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1557 * That is bogus - but reading the conditions
1558 * we have to handle AS4_AGGREGATOR as if it were
1559 * AGGREGATOR in that case
1560 */
1561 if (BGP_DEBUG(as4, AS4))
1562 zlog_debug(
1563 "[AS4] %s BGP not AS4 capable peer send"
1564 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1565 " it as if AGGREGATOR with AS_TRANS had been there",
1566 peer->host);
1567 attr->aggregator_as = as4_aggregator;
1568 /* sweep it under the carpet and simulate a "good"
1569 * AGGREGATOR */
1570 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1571 }
1572 }
1573
1574 /* need to reconcile NEW_AS_PATH and AS_PATH */
1575 if (!ignore_as4_path
1576 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1577 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
e8a3a0a0 1578 if (!newpath)
1579 return BGP_ATTR_PARSE_ERROR;
1580
d62a17ae 1581 aspath_unintern(&attr->aspath);
1582 attr->aspath = aspath_intern(newpath);
1583 }
1584 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1585}
1586
718e3744 1587/* Community attribute. */
b881c707 1588static bgp_attr_parse_ret_t
d62a17ae 1589bgp_attr_community(struct bgp_attr_parser_args *args)
1590{
1591 struct peer *const peer = args->peer;
1592 struct attr *const attr = args->attr;
1593 const bgp_size_t length = args->length;
1594
1595 if (length == 0) {
1596 attr->community = NULL;
1597 return BGP_ATTR_PARSE_PROCEED;
1598 }
1599
1600 attr->community =
d7c0a89a 1601 community_parse((uint32_t *)stream_pnt(peer->curr), length);
d62a17ae 1602
1603 /* XXX: fix community_parse to use stream API and remove this */
424ab01d 1604 stream_forward_getp(peer->curr, length);
d62a17ae 1605
1606 if (!attr->community)
1607 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1608 args->total);
1609
1610 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1611
1612 return BGP_ATTR_PARSE_PROCEED;
718e3744 1613}
1614
1615/* Originator ID attribute. */
b881c707 1616static bgp_attr_parse_ret_t
d62a17ae 1617bgp_attr_originator_id(struct bgp_attr_parser_args *args)
718e3744 1618{
d62a17ae 1619 struct peer *const peer = args->peer;
1620 struct attr *const attr = args->attr;
1621 const bgp_size_t length = args->length;
718e3744 1622
d62a17ae 1623 /* Length check. */
1624 if (length != 4) {
e50f7cfd 1625 flog_err(EC_BGP_ATTR_LEN, "Bad originator ID length %d",
1c50c1c0 1626 length);
718e3744 1627
d62a17ae 1628 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1629 args->total);
1630 }
1631
424ab01d 1632 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
718e3744 1633
d62a17ae 1634 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
718e3744 1635
d62a17ae 1636 return BGP_ATTR_PARSE_PROCEED;
718e3744 1637}
1638
1639/* Cluster list attribute. */
b881c707 1640static bgp_attr_parse_ret_t
d62a17ae 1641bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
718e3744 1642{
d62a17ae 1643 struct peer *const peer = args->peer;
1644 struct attr *const attr = args->attr;
1645 const bgp_size_t length = args->length;
1646
1647 /* Check length. */
1648 if (length % 4) {
1c50c1c0 1649 flog_err(EC_BGP_ATTR_LEN, "Bad cluster list length %d", length);
718e3744 1650
d62a17ae 1651 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1652 args->total);
1653 }
1654
1655 attr->cluster =
424ab01d 1656 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
718e3744 1657
d62a17ae 1658 /* XXX: Fix cluster_parse to use stream API and then remove this */
424ab01d 1659 stream_forward_getp(peer->curr, length);
718e3744 1660
d62a17ae 1661 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
718e3744 1662
d62a17ae 1663 return BGP_ATTR_PARSE_PROCEED;
718e3744 1664}
1665
1666/* Multiprotocol reachability information parse. */
d62a17ae 1667int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1668 struct bgp_nlri *mp_update)
1669{
1670 iana_afi_t pkt_afi;
1671 afi_t afi;
5c525538
RW		 1672 iana_safi_t pkt_safi;
1673 safi_t safi;
d62a17ae 1674 bgp_size_t nlri_len;
1675 size_t start;
1676 struct stream *s;
1677 struct peer *const peer = args->peer;
1678 struct attr *const attr = args->attr;
1679 const bgp_size_t length = args->length;
1680
1681 /* Set end of packet. */
1682 s = BGP_INPUT(peer);
1683 start = stream_get_getp(s);
1684
1685/* safe to read statically sized header? */
6e4ab12f 1686#define BGP_MP_REACH_MIN_SIZE 5
03292809 1687#define LEN_LEFT (length - (stream_get_getp(s) - start))
d62a17ae 1688 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
4cb5e18b
NT		 1689 zlog_info("%s: %s sent invalid length, %lu, of MP_REACH_NLRI",
1690 __func__, peer->host, (unsigned long)length);
d62a17ae 1691 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1692 }
1693
1694 /* Load AFI, SAFI. */
1695 pkt_afi = stream_getw(s);
1696 pkt_safi = stream_getc(s);
1697
1698 /* Convert AFI, SAFI to internal values, check. */
1699 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1700 /* Log if AFI or SAFI is unrecognized. This is not an error
1701 * unless
1702 * the attribute is otherwise malformed.
1703 */
1704 if (bgp_debug_update(peer, NULL, NULL, 0))
1705 zlog_debug(
4cb5e18b 1706 "%s sent unrecognizable AFI, %s or, SAFI, %s, of MP_REACH_NLRI",
748a041f
DS		 1707 peer->host, iana_afi2str(pkt_afi),
1708 iana_safi2str(pkt_safi));
d62a17ae 1709 return BGP_ATTR_PARSE_ERROR;
1710 }
1711
1712 /* Get nexthop length. */
1713 attr->mp_nexthop_len = stream_getc(s);
1714
1715 if (LEN_LEFT < attr->mp_nexthop_len) {
1716 zlog_info(
4cb5e18b 1717 "%s: %s sent next-hop length, %u, in MP_REACH_NLRI which goes past the end of attribute",
d62a17ae 1718 __func__, peer->host, attr->mp_nexthop_len);
1719 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1720 }
1721
1722 /* Nexthop length check. */
1723 switch (attr->mp_nexthop_len) {
7c40bf39 1724 case 0:
1725 if (safi != SAFI_FLOWSPEC) {
4cb5e18b 1726 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
7c40bf39 1727 __func__, peer->host, attr->mp_nexthop_len);
1728 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1729 }
1730 break;
b6453163
LB		 1731 case BGP_ATTR_NHLEN_VPNV4:
1732 stream_getl(s); /* RD high */
1733 stream_getl(s); /* RD low */
996c9314
LB		 1734 /*
1735 * NOTE: intentional fall through
1736 * - for consistency in rx processing
1737 *
1738 * The following comment is to signal GCC this intention
0437e105 1739 * and suppress the warning
996c9314
LB		 1740 */
1741 /* FALLTHRU */
d62a17ae 1742 case BGP_ATTR_NHLEN_IPV4:
1743 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1744 /* Probably needed for RFC 2283 */
1745 if (attr->nexthop.s_addr == 0)
1746 memcpy(&attr->nexthop.s_addr,
1747 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1748 break;
d62a17ae 1749 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1750 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1751 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1752 stream_getl(s); /* RD high */
1753 stream_getl(s); /* RD low */
1754 }
1755 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
17cdd31e
DS		 1756 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1757 if (!peer->nexthop.ifp) {
4cb5e18b 1758 zlog_warn("%s sent a v6 global attribute but address is a V6 LL and there's no peer interface information. Hence, withdrawing",
17cdd31e
DS		 1759 peer->host);
1760 return BGP_ATTR_PARSE_WITHDRAW;
1761 }
77e62f2b 1762 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
17cdd31e 1763 }
d62a17ae 1764 break;
1765 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1766 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1767 if (attr->mp_nexthop_len
1768 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1769 stream_getl(s); /* RD high */
1770 stream_getl(s); /* RD low */
1771 }
1772 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
17cdd31e
DS		 1773 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1774 if (!peer->nexthop.ifp) {
4cb5e18b 1775 zlog_warn("%s sent a v6 global and LL attribute but global address is a V6 LL and there's no peer interface information. Hence, withdrawing",
17cdd31e
DS		 1776 peer->host);
1777 return BGP_ATTR_PARSE_WITHDRAW;
1778 }
77e62f2b 1779 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
17cdd31e 1780 }
d62a17ae 1781 if (attr->mp_nexthop_len
1782 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1783 stream_getl(s); /* RD high */
1784 stream_getl(s); /* RD low */
1785 }
1786 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1787 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1788 char buf1[INET6_ADDRSTRLEN];
1789 char buf2[INET6_ADDRSTRLEN];
1790
1791 if (bgp_debug_update(peer, NULL, NULL, 1))
1792 zlog_debug(
4cb5e18b 1793 "%s sent next-hops %s and %s. Ignoring non-LL value",
d62a17ae 1794 peer->host,
1795 inet_ntop(AF_INET6,
1796 &attr->mp_nexthop_global,
1797 buf1, INET6_ADDRSTRLEN),
1798 inet_ntop(AF_INET6,
1799 &attr->mp_nexthop_local, buf2,
1800 INET6_ADDRSTRLEN));
1801
1802 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1803 }
17cdd31e 1804 if (!peer->nexthop.ifp) {
4cb5e18b 1805 zlog_warn("%s sent a v6 LL next-hop and there's no peer interface information. Hence, withdrawing",
17cdd31e
DS		 1806 peer->host);
1807 return BGP_ATTR_PARSE_WITHDRAW;
1808 }
77e62f2b 1809 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1810 break;
1811 default:
4cb5e18b 1812 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
d62a17ae 1813 __func__, peer->host, attr->mp_nexthop_len);
1814 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1815 }
1816
1817 if (!LEN_LEFT) {
4cb5e18b
NT		 1818 zlog_info("%s: %s sent SNPA which couldn't be read",
1819 __func__, peer->host);
d62a17ae 1820 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1821 }
1822
718e3744 1823 {
d7c0a89a 1824 uint8_t val;
d62a17ae 1825 if ((val = stream_getc(s)))
ade6974d 1826 flog_warn(
e50f7cfd 1827 EC_BGP_DEFUNCT_SNPA_LEN,
ade6974d
QY		 1828 "%s sent non-zero value, %u, for defunct SNPA-length field",
1829 peer->host, val);
d62a17ae 1830 }
1831
1832 /* must have nrli_len, what is left of the attribute */
1833 nlri_len = LEN_LEFT;
9b9df989 1834 if (nlri_len > STREAM_READABLE(s)) {
4cb5e18b
NT		 1835 zlog_info("%s: %s sent MP_REACH_NLRI which couldn't be read",
1836 __func__, peer->host);
d62a17ae 1837 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1838 }
1839
9b9df989 1840 if (!nlri_len) {
4cb5e18b 1841 zlog_info("%s: %s sent a zero-length NLRI. Hence, treating as a EOR marker",
9b9df989
DS		 1842 __func__, peer->host);
1843
1844 mp_update->afi = afi;
1845 mp_update->safi = safi;
1846 return BGP_ATTR_PARSE_EOR;
1847 }
1848
d62a17ae 1849 mp_update->afi = afi;
1850 mp_update->safi = safi;
1851 mp_update->nlri = stream_pnt(s);
1852 mp_update->length = nlri_len;
1853
1854 stream_forward_getp(s, nlri_len);
1855
1856 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1857
1858 return BGP_ATTR_PARSE_PROCEED;
03292809 1859#undef LEN_LEFT
718e3744 1860}
1861
1862/* Multiprotocol unreachable parse */
d62a17ae 1863int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1864 struct bgp_nlri *mp_withdraw)
1865{
1866 struct stream *s;
1867 iana_afi_t pkt_afi;
1868 afi_t afi;
5c525538
RW		 1869 iana_safi_t pkt_safi;
1870 safi_t safi;
d7c0a89a 1871 uint16_t withdraw_len;
d62a17ae 1872 struct peer *const peer = args->peer;
1873 struct attr *const attr = args->attr;
1874 const bgp_size_t length = args->length;
9cabb64b 1875
424ab01d 1876 s = peer->curr;
9cabb64b 1877
d62a17ae 1878#define BGP_MP_UNREACH_MIN_SIZE 3
1879 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1880 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1881
1882 pkt_afi = stream_getw(s);
1883 pkt_safi = stream_getc(s);
1884
1885 /* Convert AFI, SAFI to internal values, check. */
1886 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1887 /* Log if AFI or SAFI is unrecognized. This is not an error
1888 * unless
1889 * the attribute is otherwise malformed.
1890 */
1891 if (bgp_debug_update(peer, NULL, NULL, 0))
1892 zlog_debug(
748a041f
DS		 1893 "%s: MP_UNREACH received AFI %s or SAFI %s is unrecognized",
1894 peer->host, iana_afi2str(pkt_afi),
1895 iana_safi2str(pkt_safi));
d62a17ae 1896 return BGP_ATTR_PARSE_ERROR;
1897 }
718e3744 1898
d62a17ae 1899 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
718e3744 1900
d62a17ae 1901 mp_withdraw->afi = afi;
1902 mp_withdraw->safi = safi;
1903 mp_withdraw->nlri = stream_pnt(s);
1904 mp_withdraw->length = withdraw_len;
718e3744 1905
d62a17ae 1906 stream_forward_getp(s, withdraw_len);
37da8fa9 1907
d62a17ae 1908 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1909
1910 return BGP_ATTR_PARSE_PROCEED;
718e3744 1911}
1912
57d187bc
JS		 1913/* Large Community attribute. */
1914static bgp_attr_parse_ret_t
d62a17ae 1915bgp_attr_large_community(struct bgp_attr_parser_args *args)
1916{
1917 struct peer *const peer = args->peer;
1918 struct attr *const attr = args->attr;
1919 const bgp_size_t length = args->length;
1920
1921 /*
1922 * Large community follows new attribute format.
1923 */
1924 if (length == 0) {
1925 attr->lcommunity = NULL;
1926 /* Empty extcomm doesn't seem to be invalid per se */
1927 return BGP_ATTR_PARSE_PROCEED;
1928 }
57d187bc 1929
d62a17ae 1930 attr->lcommunity =
d7c0a89a 1931 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1932 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1933 stream_forward_getp(peer->curr, length);
57d187bc 1934
d62a17ae 1935 if (!attr->lcommunity)
1936 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1937 args->total);
57d187bc 1938
d62a17ae 1939 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
57d187bc 1940
d62a17ae 1941 return BGP_ATTR_PARSE_PROCEED;
57d187bc
JS		 1942}
1943
718e3744 1944/* Extended Community attribute. */
b881c707 1945static bgp_attr_parse_ret_t
d62a17ae 1946bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1947{
1948 struct peer *const peer = args->peer;
1949 struct attr *const attr = args->attr;
1950 const bgp_size_t length = args->length;
d7c0a89a 1951 uint8_t sticky = 0;
d62a17ae 1952
1953 if (length == 0) {
1954 attr->ecommunity = NULL;
1955 /* Empty extcomm doesn't seem to be invalid per se */
1956 return BGP_ATTR_PARSE_PROCEED;
1957 }
1958
1959 attr->ecommunity =
d7c0a89a 1960 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1961 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1962 stream_forward_getp(peer->curr, length);
d62a17ae 1963
1964 if (!attr->ecommunity)
1965 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1966 args->total);
1967
1968 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1969
1970 /* Extract MAC mobility sequence number, if any. */
1971 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1972 attr->sticky = sticky;
1973
ead40654
MK		 1974 /* Check if this is a Gateway MAC-IP advertisement */
1975 attr->default_gw = bgp_attr_default_gw(attr);
1976
68e33151
CS		 1977 /* Handle scenario where router flag ecommunity is not
1978 * set but default gw ext community is present.
1979 * Use default gateway, set and propogate R-bit.
1980 */
1981 if (attr->default_gw)
1982 attr->router_flag = 1;
1983
1984 /* Check EVPN Neighbor advertisement flags, R-bit */
1985 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1986
bc59a672 1987 /* Extract the Rmac, if any */
eee353c5
CS		 1988 if (bgp_attr_rmac(attr, &attr->rmac)) {
1989 if (bgp_debug_update(peer, NULL, NULL, 1) &&
1990 bgp_mac_exist(&attr->rmac)) {
1991 char buf1[ETHER_ADDR_STRLEN];
1992
1993 zlog_debug("%s: router mac %s is self mac",
1994 __func__,
1995 prefix_mac2str(&attr->rmac, buf1,
1996 sizeof(buf1)));
1997 }
1998
1999 }
bc59a672 2000
f4bd90c5
LK		 2001 /* Get the tunnel type from encap extended community */
2002 bgp_attr_extcom_tunnel_type(attr,
2003 (bgp_encap_types *)&attr->encap_tunneltype);
2004
d62a17ae 2005 return BGP_ATTR_PARSE_PROCEED;
718e3744 2006}
2007
f4c89855 2008/* Parse Tunnel Encap attribute in an UPDATE */
d62a17ae 2009static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
2010 bgp_size_t length, /* IN: attr's length field */
2011 struct attr *attr, /* IN: caller already allocated */
d7c0a89a
QY		 2012 uint8_t flag, /* IN: attr's flags field */
2013 uint8_t *startp)
d62a17ae 2014{
2015 bgp_size_t total;
d62a17ae 2016 uint16_t tunneltype = 0;
2017
2018 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
2019
2020 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
2021 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2022 zlog_info(
2023 "Tunnel Encap attribute flag isn't optional and transitive %d",
2024 flag);
2025 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2026 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2027 startp, total);
2028 return -1;
2029 }
2030
2031 if (BGP_ATTR_ENCAP == type) {
2032 /* read outer TLV type and length */
2033 uint16_t tlv_length;
2034
2035 if (length < 4) {
2036 zlog_info(
2037 "Tunnel Encap attribute not long enough to contain outer T,L");
2038 bgp_notify_send_with_data(
2039 peer, BGP_NOTIFY_UPDATE_ERR,
2040 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2041 return -1;
2042 }
2043 tunneltype = stream_getw(BGP_INPUT(peer));
2044 tlv_length = stream_getw(BGP_INPUT(peer));
2045 length -= 4;
2046
2047 if (tlv_length != length) {
4cb5e18b
NT		 2048 zlog_info("%s: tlv_length(%d) != length(%d)",
2049 __func__, tlv_length, length);
d62a17ae 2050 }
2051 }
2052
2053 while (length >= 4) {
2054 uint16_t subtype = 0;
2055 uint16_t sublength = 0;
2056 struct bgp_attr_encap_subtlv *tlv;
2057
2058 if (BGP_ATTR_ENCAP == type) {
2059 subtype = stream_getc(BGP_INPUT(peer));
2060 sublength = stream_getc(BGP_INPUT(peer));
2061 length -= 2;
65efcfce 2062#if ENABLE_BGP_VNC
d62a17ae 2063 } else {
2064 subtype = stream_getw(BGP_INPUT(peer));
2065 sublength = stream_getw(BGP_INPUT(peer));
2066 length -= 4;
65efcfce 2067#endif
d62a17ae 2068 }
2069
2070 if (sublength > length) {
2071 zlog_info(
2072 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2073 sublength, length);
2074 bgp_notify_send_with_data(
2075 peer, BGP_NOTIFY_UPDATE_ERR,
2076 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2077 return -1;
2078 }
2079
2080 /* alloc and copy sub-tlv */
2081 /* TBD make sure these are freed when attributes are released */
2082 tlv = XCALLOC(MTYPE_ENCAP_TLV,
996c9314 2083 sizeof(struct bgp_attr_encap_subtlv) + sublength);
d62a17ae 2084 tlv->type = subtype;
2085 tlv->length = sublength;
424ab01d 2086 stream_get(tlv->value, peer->curr, sublength);
d62a17ae 2087 length -= sublength;
2088
2089 /* attach tlv to encap chain */
2090 if (BGP_ATTR_ENCAP == type) {
e4002056 2091 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 2092 for (stlv_last = attr->encap_subtlvs;
2093 stlv_last && stlv_last->next;
2094 stlv_last = stlv_last->next)
2095 ;
2096 if (stlv_last) {
2097 stlv_last->next = tlv;
2098 } else {
2099 attr->encap_subtlvs = tlv;
2100 }
65efcfce 2101#if ENABLE_BGP_VNC
d62a17ae 2102 } else {
e4002056 2103 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 2104 for (stlv_last = attr->vnc_subtlvs;
2105 stlv_last && stlv_last->next;
2106 stlv_last = stlv_last->next)
2107 ;
2108 if (stlv_last) {
2109 stlv_last->next = tlv;
2110 } else {
2111 attr->vnc_subtlvs = tlv;
2112 }
aadc0905 2113#endif
d62a17ae 2114 }
d62a17ae 2115 }
f4c89855 2116
d62a17ae 2117 if (BGP_ATTR_ENCAP == type) {
2118 attr->encap_tunneltype = tunneltype;
2119 }
f4c89855 2120
d62a17ae 2121 if (length) {
2122 /* spurious leftover data */
2123 zlog_info(
2124 "Tunnel Encap attribute length is bad: %d leftover octets",
2125 length);
2126 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2127 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2128 startp, total);
2129 return -1;
2130 }
f4c89855 2131
d62a17ae 2132 return 0;
f4c89855
LB		 2133}
2134
30adbd4e
DS		 2135/*
2136 * Read an individual SID value returning how much data we have read
2137 * Returns 0 if there was an error that needs to be passed up the stack
c5a543b4 2138 */
f69aeb76 2139static bgp_attr_parse_ret_t bgp_attr_psid_sub(uint8_t type, uint16_t length,
30adbd4e
DS		 2140 struct bgp_attr_parser_args *args,
2141 struct bgp_nlri *mp_update)
d62a17ae 2142{
2143 struct peer *const peer = args->peer;
2144 struct attr *const attr = args->attr;
d7c0a89a 2145 uint32_t label_index;
d62a17ae 2146 struct in6_addr ipv6_sid;
d7c0a89a
QY		 2147 uint32_t srgb_base;
2148 uint32_t srgb_range;
d62a17ae 2149 int srgb_count;
2150
d62a17ae 2151 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
f69aeb76
QY		 2152 if (STREAM_READABLE(peer->curr) < length
2153 || length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
2154 flog_err(EC_BGP_ATTR_LEN,
2155 "Prefix SID label index length is %" PRIu16
2156 " instead of %u",
2157 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
30adbd4e
DS		 2158 return bgp_attr_malformed(args,
2159 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2160 args->total);
d62a17ae 2161 }
2162
2163 /* Ignore flags and reserved */
424ab01d
QY		 2164 stream_getc(peer->curr);
2165 stream_getw(peer->curr);
d62a17ae 2166
2167 /* Fetch the label index and see if it is valid. */
424ab01d 2168 label_index = stream_getl(peer->curr);
d62a17ae 2169 if (label_index == BGP_INVALID_LABEL_INDEX)
30adbd4e
DS		 2170 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2171 args->total);
d62a17ae 2172
2173 /* Store label index; subsequently, we'll check on
2174 * address-family */
2175 attr->label_index = label_index;
2176
2177 /*
2178 * Ignore the Label index attribute unless received for
2179 * labeled-unicast
2180 * SAFI.
2181 */
2182 if (!mp_update->length
2183 || mp_update->safi != SAFI_LABELED_UNICAST)
2184 attr->label_index = BGP_INVALID_LABEL_INDEX;
2185 }
2186
2187 /* Placeholder code for the IPv6 SID type */
2188 else if (type == BGP_PREFIX_SID_IPV6) {
f69aeb76
QY		 2189 if (STREAM_READABLE(peer->curr) < length
2190 || length != BGP_PREFIX_SID_IPV6_LENGTH) {
e50f7cfd 2191 flog_err(EC_BGP_ATTR_LEN,
f69aeb76
QY		 2192 "Prefix SID IPv6 length is %" PRIu16
2193 " instead of %u",
1c50c1c0 2194 length, BGP_PREFIX_SID_IPV6_LENGTH);
30adbd4e
DS		 2195 return bgp_attr_malformed(args,
2196 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2197 args->total);
d62a17ae 2198 }
2199
2200 /* Ignore reserved */
424ab01d
QY		 2201 stream_getc(peer->curr);
2202 stream_getw(peer->curr);
d62a17ae 2203
424ab01d 2204 stream_get(&ipv6_sid, peer->curr, 16);
d62a17ae 2205 }
2206
2207 /* Placeholder code for the Originator SRGB type */
2208 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
473046ee
QY		 2209 /*
2210 * ietf-idr-bgp-prefix-sid-05:
2211 * Length is the total length of the value portion of the
2212 * TLV: 2 + multiple of 6.
2213 *
2214 * peer->curr stream readp should be at the beginning of the 16
2215 * bit flag field at this point in the code.
2216 */
d62a17ae 2217
473046ee
QY		 2218 /*
2219 * Check that the TLV length field is sane: at least 2 bytes of
2220 * flag, and at least 1 SRGB (these are 6 bytes each)
2221 */
2222 if (length < (2 + BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH)) {
2223 flog_err(
2224 EC_BGP_ATTR_LEN,
2225 "Prefix SID Originator SRGB length field claims length of %" PRIu16 " bytes, but the minimum for this TLV type is %u",
2226 length,
2227 2 + BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2228 return bgp_attr_malformed(
2229 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2230 args->total);
2231 }
d62a17ae 2232
473046ee
QY		 2233 /*
2234 * Check that we actually have at least as much data as
2235 * specified by the length field
2236 */
2237 if (STREAM_READABLE(peer->curr) < length) {
f69aeb76 2238 flog_err(EC_BGP_ATTR_LEN,
473046ee
QY		 2239 "Prefix SID Originator SRGB specifies length %" PRIu16 ", but only %zu bytes remain",
2240 length, STREAM_READABLE(peer->curr));
f69aeb76
QY		 2241 return bgp_attr_malformed(
2242 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2243 args->total);
2244 }
2245
473046ee
QY		 2246 /*
2247 * Check that the portion of the TLV containing the sequence of
2248 * SRGBs corresponds to a multiple of the SRGB size; to get
2249 * that length, we skip the 16 bit flags field
2250 */
424ab01d 2251 stream_getw(peer->curr);
d62a17ae 2252 length -= 2;
d62a17ae 2253 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
af4c2728 2254 flog_err(
e50f7cfd 2255 EC_BGP_ATTR_LEN,
473046ee 2256 "Prefix SID Originator SRGB length field claims attribute SRGB sequence section is %" PRIu16 "bytes, but it must be a multiple of %u",
d62a17ae 2257 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2258 return bgp_attr_malformed(
2259 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2260 args->total);
2261 }
2262
2263 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2264
2265 for (int i = 0; i < srgb_count; i++) {
424ab01d
QY		 2266 stream_get(&srgb_base, peer->curr, 3);
2267 stream_get(&srgb_range, peer->curr, 3);
d62a17ae 2268 }
2269 }
2270
c6ca155d
HS		 2271 /*
2272 * Placeholder code for Unsupported TLV
2273 * - SRv6 L3 Service TLV (type5)
2274 * - SRv6 L2 Service TLV (type6)
2275 */
2276 else if (type == BGP_PREFIX_SID_SRV6_L3_SERVICE
2277 || type == BGP_PREFIX_SID_SRV6_L2_SERVICE) {
f69aeb76
QY		 2278
2279 if (STREAM_READABLE(peer->curr) < length) {
2280 flog_err(
2281 EC_BGP_ATTR_LEN,
2282 "Prefix SID SRv6 length is %" PRIu16
2283 " - too long, only %zu remaining in this UPDATE",
2284 length, STREAM_READABLE(peer->curr));
2285 return bgp_attr_malformed(
2286 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2287 args->total);
2288 }
2289
c6ca155d
HS		 2290 if (bgp_debug_update(peer, NULL, NULL, 1))
2291 zlog_debug(
2292 "%s attr Prefix-SID sub-type=%u is not supported, skipped",
2293 peer->host, type);
f69aeb76
QY		 2294
2295 stream_forward_getp(peer->curr, length);
c6ca155d
HS		 2296 }
2297
d62a17ae 2298 return BGP_ATTR_PARSE_PROCEED;
6cf48acc
VV		 2299}
2300
30adbd4e
DS		 2301/* Prefix SID attribute
2302 * draft-ietf-idr-bgp-prefix-sid-05
2303 */
f69aeb76
QY		 2304bgp_attr_parse_ret_t bgp_attr_prefix_sid(struct bgp_attr_parser_args *args,
2305 struct bgp_nlri *mp_update)
30adbd4e
DS		 2306{
2307 struct peer *const peer = args->peer;
2308 struct attr *const attr = args->attr;
2309 bgp_attr_parse_ret_t ret;
2310
2311 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2312
f69aeb76
QY		 2313 uint8_t type;
2314 uint16_t length;
2315 size_t headersz = sizeof(type) + sizeof(length);
30adbd4e 2316
f69aeb76 2317 while (STREAM_READABLE(peer->curr) > 0) {
30adbd4e 2318
f69aeb76
QY		 2319 if (STREAM_READABLE(peer->curr) < headersz) {
2320 flog_err(
2321 EC_BGP_ATTR_LEN,
2322 "Malformed Prefix SID attribute - insufficent data (need %zu for attribute header, have %zu remaining in UPDATE)",
2323 headersz, STREAM_READABLE(peer->curr));
2324 return bgp_attr_malformed(
2325 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2326 args->total);
2327 }
30adbd4e 2328
f69aeb76
QY		 2329 type = stream_getc(peer->curr);
2330 length = stream_getw(peer->curr);
30adbd4e 2331
f69aeb76 2332 if (STREAM_READABLE(peer->curr) < length) {
af4c2728 2333 flog_err(
e50f7cfd 2334 EC_BGP_ATTR_LEN,
f69aeb76
QY		 2335 "Malformed Prefix SID attribute - insufficient data (need %" PRIu8
2336 " for attribute body, have %zu remaining in UPDATE)",
2337 length, STREAM_READABLE(peer->curr));
30adbd4e
DS		 2338 return bgp_attr_malformed(args,
2339 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2340 args->total);
2341 }
f69aeb76
QY		 2342
2343 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2344
2345 if (ret != BGP_ATTR_PARSE_PROCEED)
2346 return ret;
30adbd4e
DS		 2347 }
2348
2349 return BGP_ATTR_PARSE_PROCEED;
2350}
2351
7fd077aa 2352/* PMSI tunnel attribute (RFC 6514)
2353 * Basic validation checks done here.
2354 */
2355static bgp_attr_parse_ret_t
2356bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2357{
2358 struct peer *const peer = args->peer;
2359 struct attr *const attr = args->attr;
2360 const bgp_size_t length = args->length;
d7c0a89a 2361 uint8_t tnl_type;
355f3c11 2362 int attr_parse_len = 2 + BGP_LABEL_BYTES;
7fd077aa 2363
2364 /* Verify that the receiver is expecting "ingress replication" as we
2365 * can only support that.
2366 */
355f3c11 2367 if (length < attr_parse_len) {
1c50c1c0
QY		 2368 flog_err(EC_BGP_ATTR_LEN, "Bad PMSI tunnel attribute length %d",
2369 length);
7fd077aa 2370 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2371 args->total);
2372 }
2373 stream_getc(peer->curr); /* Flags */
2374 tnl_type = stream_getc(peer->curr);
2375 if (tnl_type > PMSI_TNLTYPE_MAX) {
e50f7cfd 2376 flog_err(EC_BGP_ATTR_PMSI_TYPE,
1c50c1c0 2377 "Invalid PMSI tunnel attribute type %d", tnl_type);
7fd077aa 2378 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2379 args->total);
2380 }
2381 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2382 if (length != 9) {
e50f7cfd 2383 flog_err(EC_BGP_ATTR_PMSI_LEN,
1c50c1c0
QY		 2384 "Bad PMSI tunnel attribute length %d for IR",
2385 length);
052ea98b 2386 return bgp_attr_malformed(
2387 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2388 args->total);
7fd077aa 2389 }
2390 }
2391
2392 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2393 attr->pmsi_tnl_type = tnl_type;
355f3c11 2394 stream_get(&attr->label, peer->curr, BGP_LABEL_BYTES);
7fd077aa 2395
2396 /* Forward read pointer of input stream. */
355f3c11 2397 stream_forward_getp(peer->curr, length - attr_parse_len);
7fd077aa 2398
2399 return BGP_ATTR_PARSE_PROCEED;
2400}
2401
718e3744 2402/* BGP unknown attribute treatment. */
d62a17ae 2403static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2404{
2405 bgp_size_t total = args->total;
2406 struct transit *transit;
2407 struct peer *const peer = args->peer;
2408 struct attr *const attr = args->attr;
d7c0a89a
QY		 2409 uint8_t *const startp = args->startp;
2410 const uint8_t type = args->type;
2411 const uint8_t flag = args->flags;
d62a17ae 2412 const bgp_size_t length = args->length;
2413
2414 if (bgp_debug_update(peer, NULL, NULL, 1))
2415 zlog_debug(
2416 "%s Unknown attribute is received (type %d, length %d)",
2417 peer->host, type, length);
2418
2419 /* Forward read pointer of input stream. */
424ab01d 2420 stream_forward_getp(peer->curr, length);
d62a17ae 2421
2422 /* If any of the mandatory well-known attributes are not recognized,
2423 then the Error Subcode is set to Unrecognized Well-known
2424 Attribute. The Data field contains the unrecognized attribute
2425 (type, length and value). */
2426 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2427 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2428 args->total);
2429 }
2430
2431 /* Unrecognized non-transitive optional attributes must be quietly
2432 ignored and not passed along to other BGP peers. */
2433 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2434 return BGP_ATTR_PARSE_PROCEED;
2435
2436 /* If a path with recognized transitive optional attribute is
2437 accepted and passed along to other BGP peers and the Partial bit
2438 in the Attribute Flags octet is set to 1 by some previous AS, it
2439 is not set back to 0 by the current AS. */
2440 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2441
2442 /* Store transitive attribute to the end of attr->transit. */
2443 if (!attr->transit)
2444 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2445
2446 transit = attr->transit;
2447
2448 if (transit->val)
2449 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2450 transit->length + total);
2451 else
2452 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2453
2454 memcpy(transit->val + transit->length, startp, total);
2455 transit->length += total;
2456
2457 return BGP_ATTR_PARSE_PROCEED;
718e3744 2458}
2459
bb7bef14 2460/* Well-known attribute check. */
d62a17ae 2461static int bgp_attr_check(struct peer *peer, struct attr *attr)
2462{
d7c0a89a 2463 uint8_t type = 0;
d62a17ae 2464
2465 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2466 * empty UPDATE. */
2467 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2468 return BGP_ATTR_PARSE_PROCEED;
2469
2470 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2471 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2472 are present, it should. Check for any other attribute being present
2473 instead.
2474 */
404c82d5
PG		 2475 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2476 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
d62a17ae 2477 return BGP_ATTR_PARSE_PROCEED;
2478
2479 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2480 type = BGP_ATTR_ORIGIN;
2481
2482 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2483 type = BGP_ATTR_AS_PATH;
2484
2485 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2486 * and
2487 * NLRI is empty. We can't easily check NLRI empty here though.
2488 */
2489 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2490 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2491 type = BGP_ATTR_NEXT_HOP;
2492
2493 if (peer->sort == BGP_PEER_IBGP
2494 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2495 type = BGP_ATTR_LOCAL_PREF;
2496
2497 if (type) {
e50f7cfd 2498 flog_warn(EC_BGP_MISSING_ATTRIBUTE,
559aaa30 2499 "%s Missing well-known attribute %s.", peer->host,
d62a17ae 2500 lookup_msg(attr_str, type, NULL));
2501 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2502 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2503 1);
2504 return BGP_ATTR_PARSE_ERROR;
2505 }
2506 return BGP_ATTR_PARSE_PROCEED;
bb7bef14
PJ		 2507}
2508
718e3744 2509/* Read attribute of update packet. This function is called from
8b366b9c 2510 bgp_update_receive() in bgp_packet.c. */
d62a17ae 2511bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2512 bgp_size_t size, struct bgp_nlri *mp_update,
2513 struct bgp_nlri *mp_withdraw)
2514{
f7813c7c 2515 bgp_attr_parse_ret_t ret;
d7c0a89a
QY		 2516 uint8_t flag = 0;
2517 uint8_t type = 0;
d62a17ae 2518 bgp_size_t length;
d7c0a89a
QY		 2519 uint8_t *startp, *endp;
2520 uint8_t *attr_endp;
2521 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
d62a17ae 2522 /* we need the as4_path only until we have synthesized the as_path with
2523 * it */
2524 /* same goes for as4_aggregator */
2525 struct aspath *as4_path = NULL;
2526 as_t as4_aggregator = 0;
2527 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2528
2529 /* Initialize bitmap. */
2530 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2531
2532 /* End pointer of BGP attribute. */
2533 endp = BGP_INPUT_PNT(peer) + size;
2534
2535 /* Get attributes to the end of attribute length. */
2536 while (BGP_INPUT_PNT(peer) < endp) {
2537 /* Check remaining length check.*/
2538 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2539 /* XXX warning: long int format, int arg (arg 5) */
ade6974d 2540 flog_warn(
e50f7cfd 2541 EC_BGP_ATTRIBUTE_TOO_SMALL,
ade6974d
QY		 2542 "%s: error BGP attribute length %lu is smaller than min len",
2543 peer->host,
2544 (unsigned long)(endp
2545 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2546
2547 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2548 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
b6a171c7
QY		 2549 ret = BGP_ATTR_PARSE_ERROR;
2550 goto done;
d62a17ae 2551 }
718e3744 2552
d62a17ae 2553 /* Fetch attribute flag and type. */
2554 startp = BGP_INPUT_PNT(peer);
2555 /* "The lower-order four bits of the Attribute Flags octet are
2556 unused. They MUST be zero when sent and MUST be ignored when
2557 received." */
2558 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2559 type = stream_getc(BGP_INPUT(peer));
2560
2561 /* Check whether Extended-Length applies and is in bounds */
2562 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2563 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
ade6974d 2564 flog_warn(
e50f7cfd 2565 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL,
ade6974d
QY		 2566 "%s: Extended length set, but just %lu bytes of attr header",
2567 peer->host,
2568 (unsigned long)(endp
2569 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2570
2571 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2572 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
b6a171c7
QY		 2573 ret = BGP_ATTR_PARSE_ERROR;
2574 goto done;
d62a17ae 2575 }
718e3744 2576
d62a17ae 2577 /* Check extended attribue length bit. */
2578 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2579 length = stream_getw(BGP_INPUT(peer));
2580 else
2581 length = stream_getc(BGP_INPUT(peer));
718e3744 2582
d62a17ae 2583 /* If any attribute appears more than once in the UPDATE
2584 message, then the Error Subcode is set to Malformed Attribute
2585 List. */
718e3744 2586
d62a17ae 2587 if (CHECK_BITMAP(seen, type)) {
ade6974d 2588 flog_warn(
e50f7cfd 2589 EC_BGP_ATTRIBUTE_REPEATED,
ade6974d
QY		 2590 "%s: error BGP attribute type %d appears twice in a message",
2591 peer->host, type);
718e3744 2592
d62a17ae 2593 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2594 BGP_NOTIFY_UPDATE_MAL_ATTR);
b6a171c7
QY		 2595 ret = BGP_ATTR_PARSE_ERROR;
2596 goto done;
d62a17ae 2597 }
2598
2599 /* Set type to bitmap to check duplicate attribute. `type' is
2600 unsigned char so it never overflow bitmap range. */
2601
2602 SET_BITMAP(seen, type);
2603
2604 /* Overflow check. */
2605 attr_endp = BGP_INPUT_PNT(peer) + length;
2606
2607 if (attr_endp > endp) {
ade6974d 2608 flog_warn(
e50f7cfd 2609 EC_BGP_ATTRIBUTE_TOO_LARGE,
ade6974d
QY		 2610 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2611 peer->host, type, length, size, attr_endp,
2612 endp);
dacffad4
QY		 2613 /*
2614 * RFC 4271 6.3
2615 * If any recognized attribute has an Attribute
2616 * Length that conflicts with the expected length
2617 * (based on the attribute type code), then the
2618 * Error Subcode MUST be set to Attribute Length
2619 * Error. The Data field MUST contain the erroneous
2620 * attribute (type, length, and value).
2621 * ----------
2622 * We do not currently have a good way to determine the
2623 * length of the attribute independent of the length
2624 * received in the message. Instead we send the
2625 * minimum between the amount of data we have and the
2626 * amount specified by the attribute length field.
2627 *
2628 * Instead of directly passing in the packet buffer and
2629 * offset we use the stream_get* functions to read into
2630 * a stack buffer, since they perform bounds checking
2631 * and we are working with untrusted data.
2632 */
2633 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2634 memset(ndata, 0x00, sizeof(ndata));
2635 size_t lfl =
2636 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2637 /* Rewind to end of flag field */
2638 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2639 /* Type */
2640 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2641 /* Length */
2642 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2643 /* Value */
2644 size_t atl = attr_endp - startp;
2645 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2646 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2647
d62a17ae 2648 bgp_notify_send_with_data(
2649 peer, BGP_NOTIFY_UPDATE_ERR,
dacffad4
QY		 2650 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2651 ndl + lfl + 1);
2652
b6a171c7
QY		 2653 ret = BGP_ATTR_PARSE_ERROR;
2654 goto done;
d62a17ae 2655 }
2656
2657 struct bgp_attr_parser_args attr_args = {
2658 .peer = peer,
2659 .length = length,
2660 .attr = attr,
2661 .type = type,
2662 .flags = flag,
2663 .startp = startp,
2664 .total = attr_endp - startp,
2665 };
2666
2667
2668 /* If any recognized attribute has Attribute Flags that conflict
2669 with the Attribute Type Code, then the Error Subcode is set
2670 to
2671 Attribute Flags Error. The Data field contains the erroneous
2672 attribute (type, length and value). */
2673 if (bgp_attr_flag_invalid(&attr_args)) {
d62a17ae 2674 ret = bgp_attr_malformed(
2675 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2676 attr_args.total);
2677 if (ret == BGP_ATTR_PARSE_PROCEED)
2678 continue;
b6a171c7 2679 goto done;
d62a17ae 2680 }
2681
2682 /* OK check attribute and store it's value. */
2683 switch (type) {
2684 case BGP_ATTR_ORIGIN:
2685 ret = bgp_attr_origin(&attr_args);
2686 break;
2687 case BGP_ATTR_AS_PATH:
2688 ret = bgp_attr_aspath(&attr_args);
2689 break;
2690 case BGP_ATTR_AS4_PATH:
2691 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2692 break;
2693 case BGP_ATTR_NEXT_HOP:
2694 ret = bgp_attr_nexthop(&attr_args);
2695 break;
2696 case BGP_ATTR_MULTI_EXIT_DISC:
2697 ret = bgp_attr_med(&attr_args);
2698 break;
2699 case BGP_ATTR_LOCAL_PREF:
2700 ret = bgp_attr_local_pref(&attr_args);
2701 break;
2702 case BGP_ATTR_ATOMIC_AGGREGATE:
2703 ret = bgp_attr_atomic(&attr_args);
2704 break;
2705 case BGP_ATTR_AGGREGATOR:
2706 ret = bgp_attr_aggregator(&attr_args);
2707 break;
2708 case BGP_ATTR_AS4_AGGREGATOR:
2709 ret = bgp_attr_as4_aggregator(&attr_args,
2710 &as4_aggregator,
2711 &as4_aggregator_addr);
2712 break;
2713 case BGP_ATTR_COMMUNITIES:
2714 ret = bgp_attr_community(&attr_args);
2715 break;
2716 case BGP_ATTR_LARGE_COMMUNITIES:
2717 ret = bgp_attr_large_community(&attr_args);
2718 break;
2719 case BGP_ATTR_ORIGINATOR_ID:
2720 ret = bgp_attr_originator_id(&attr_args);
2721 break;
2722 case BGP_ATTR_CLUSTER_LIST:
2723 ret = bgp_attr_cluster_list(&attr_args);
2724 break;
2725 case BGP_ATTR_MP_REACH_NLRI:
2726 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2727 break;
2728 case BGP_ATTR_MP_UNREACH_NLRI:
2729 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2730 break;
2731 case BGP_ATTR_EXT_COMMUNITIES:
2732 ret = bgp_attr_ext_communities(&attr_args);
2733 break;
943d595a 2734#if ENABLE_BGP_VNC_ATTR
d62a17ae 2735 case BGP_ATTR_VNC:
65efcfce 2736#endif
d62a17ae 2737 case BGP_ATTR_ENCAP:
2738 ret = bgp_attr_encap(type, peer, length, attr, flag,
2739 startp);
2740 break;
2741 case BGP_ATTR_PREFIX_SID:
f69aeb76 2742 ret = bgp_attr_prefix_sid(&attr_args, mp_update);
d62a17ae 2743 break;
7fd077aa 2744 case BGP_ATTR_PMSI_TUNNEL:
2745 ret = bgp_attr_pmsi_tunnel(&attr_args);
2746 break;
d62a17ae 2747 default:
2748 ret = bgp_attr_unknown(&attr_args);
2749 break;
2750 }
2751
2752 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2753 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2754 BGP_NOTIFY_UPDATE_MAL_ATTR);
2755 ret = BGP_ATTR_PARSE_ERROR;
b6a171c7 2756 goto done;
d62a17ae 2757 }
2758
9b9df989 2759 if (ret == BGP_ATTR_PARSE_EOR) {
b6a171c7 2760 goto done;
9b9df989
DS		 2761 }
2762
d62a17ae 2763 if (ret == BGP_ATTR_PARSE_ERROR) {
e50f7cfd 2764 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR,
559aaa30 2765 "%s: Attribute %s, parse error", peer->host,
d62a17ae 2766 lookup_msg(attr_str, type, NULL));
b6a171c7 2767 goto done;
d62a17ae 2768 }
2769 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
ade6974d 2770 flog_warn(
e50f7cfd 2771 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW,
d62a17ae 2772 "%s: Attribute %s, parse error - treating as withdrawal",
2773 peer->host, lookup_msg(attr_str, type, NULL));
b6a171c7 2774 goto done;
d62a17ae 2775 }
2776
2777 /* Check the fetched length. */
2778 if (BGP_INPUT_PNT(peer) != attr_endp) {
e50f7cfd 2779 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR,
559aaa30 2780 "%s: BGP attribute %s, fetch error",
d62a17ae 2781 peer->host, lookup_msg(attr_str, type, NULL));
2782 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2783 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
b6a171c7
QY		 2784 ret = BGP_ATTR_PARSE_ERROR;
2785 goto done;
d62a17ae 2786 }
718e3744 2787 }
d62a17ae 2788
2789 /* Check final read pointer is same as end pointer. */
2790 if (BGP_INPUT_PNT(peer) != endp) {
e50f7cfd 2791 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH,
559aaa30 2792 "%s: BGP attribute %s, length mismatch", peer->host,
d62a17ae 2793 lookup_msg(attr_str, type, NULL));
2794 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2795 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
b6a171c7
QY		 2796
2797 ret = BGP_ATTR_PARSE_ERROR;
2798 goto done;
d62a17ae 2799 }
2800
88f33d66 2801 /*
2802 * RFC4271: If the NEXT_HOP attribute field is syntactically incorrect,
2803 * then the Error Subcode MUST be set to Invalid NEXT_HOP Attribute.
2804 * This is implemented below and will result in a NOTIFICATION. If the
2805 * NEXT_HOP attribute is semantically incorrect, the error SHOULD be
2806 * logged, and the route SHOULD be ignored. In this case, a NOTIFICATION
2807 * message SHOULD NOT be sent. This is implemented elsewhere.
2808 *
2809 * RFC4760: An UPDATE message that carries no NLRI, other than the one
2810 * encoded in the MP_REACH_NLRI attribute, SHOULD NOT carry the NEXT_HOP
2811 * attribute. If such a message contains the NEXT_HOP attribute, the BGP
2812 * speaker that receives the message SHOULD ignore this attribute.
2813 */
2814 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2815 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
9738e9aa 2816 if (bgp_attr_nexthop_valid(peer, attr) < 0) {
b6a171c7
QY		 2817 ret = BGP_ATTR_PARSE_ERROR;
2818 goto done;
88f33d66 2819 }
2820 }
2821
d62a17ae 2822 /* Check all mandatory well-known attributes are present */
b6a171c7
QY		 2823 if ((ret = bgp_attr_check(peer, attr)) < 0)
2824 goto done;
d62a17ae 2825
2826 /*
2827 * At this place we can see whether we got AS4_PATH and/or
2828 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2829 * We can not do this before we've read all attributes because
2830 * the as4 handling does not say whether AS4_PATH has to be sent
2831 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2832 * in relationship to AGGREGATOR.
2833 * So, to be defensive, we are not relying on any order and read
2834 * all attributes first, including these 32bit ones, and now,
2835 * afterwards, we look what and if something is to be done for as4.
2836 *
2837 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2838 * MP_UNREACH_NLRI.
2839 */
2840 /* actually... this doesn't ever return failure currently, but
2841 * better safe than sorry */
2842 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2843 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2844 &as4_aggregator_addr)) {
2845 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2846 BGP_NOTIFY_UPDATE_MAL_ATTR);
b6a171c7
QY		 2847 ret = BGP_ATTR_PARSE_ERROR;
2848 goto done;
d62a17ae 2849 }
2850
d62a17ae 2851 /*
2852 * Finally do the checks on the aspath we did not do yet
2853 * because we waited for a potentially synthesized aspath.
2854 */
2855 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2856 ret = bgp_attr_aspath_check(peer, attr);
2857 if (ret != BGP_ATTR_PARSE_PROCEED)
b6a171c7 2858 goto done;
d62a17ae 2859 }
718e3744 2860
b6a171c7 2861 ret = BGP_ATTR_PARSE_PROCEED;
b6a171c7 2862done:
5e0e9c09 2863
b6a171c7
QY		 2864 /*
2865 * At this stage, we have done all fiddling with as4, and the
2866 * resulting info is in attr->aggregator resp. attr->aspath so
2867 * we can chuck as4_aggregator and as4_path alltogether in order
2868 * to save memory
2869 */
2870 if (as4_path) {
2871 /*
2872 * unintern - it is in the hash
2873 * The flag that we got this is still there, but that
2874 * does not do any trouble
2875 */
2876 aspath_unintern(&as4_path);
2877 }
2878
2879 if (ret != BGP_ATTR_PARSE_ERROR) {
2880 /* Finally intern unknown attribute. */
2881 if (attr->transit)
2882 attr->transit = transit_intern(attr->transit);
2883 if (attr->encap_subtlvs)
2884 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
2885 ENCAP_SUBTLV_TYPE);
5e0e9c09
QY		 2886#if ENABLE_BGP_VNC
2887 if (attr->vnc_subtlvs)
2888 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
2889 VNC_SUBTLV_TYPE);
2890#endif
2891 } else {
2892 if (attr->transit) {
2893 transit_free(attr->transit);
2894 attr->transit = NULL;
2895 }
2896
2897 bgp_attr_flush_encap(attr);
2898 };
2899
2900 /* Sanity checks */
d62a17ae 2901 if (attr->transit)
5e0e9c09 2902 assert(attr->transit->refcnt > 0);
d62a17ae 2903 if (attr->encap_subtlvs)
5e0e9c09 2904 assert(attr->encap_subtlvs->refcnt > 0);
bede7744 2905#if ENABLE_BGP_VNC
d62a17ae 2906 if (attr->vnc_subtlvs)
5e0e9c09 2907 assert(attr->vnc_subtlvs->refcnt > 0);
bede7744 2908#endif
718e3744 2909
b6a171c7 2910 return ret;
d62a17ae 2911}
2912
f4bd90c5
LK		 2913/*
2914 * Extract the tunnel type from extended community
2915 */
2916void bgp_attr_extcom_tunnel_type(struct attr *attr,
fa346686 2917 bgp_encap_types *tunnel_type)
f4bd90c5
LK		 2918{
2919 struct ecommunity *ecom;
2920 int i;
2921 if (!attr)
fa346686 2922 return;
f4bd90c5
LK		 2923
2924 ecom = attr->ecommunity;
2925 if (!ecom || !ecom->size)
fa346686 2926 return;
f4bd90c5
LK		 2927
2928 for (i = 0; i < ecom->size; i++) {
2929 uint8_t *pnt;
2930 uint8_t type, sub_type;
2931
2932 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2933 type = pnt[0];
2934 sub_type = pnt[1];
2935 if (!(type == ECOMMUNITY_ENCODE_OPAQUE &&
2936 sub_type == ECOMMUNITY_OPAQUE_SUBTYPE_ENCAP))
2937 continue;
2938 *tunnel_type = ((pnt[6] << 8) | pnt[7]);
fa346686 2939 return;
f4bd90c5
LK		 2940 }
2941
fa346686 2942 return;
f4bd90c5
LK		 2943}
2944
d62a17ae 2945size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2946 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2947 struct attr *attr)
2948{
2949 size_t sizep;
2950 iana_afi_t pkt_afi;
5c525538 2951 iana_safi_t pkt_safi;
d62a17ae 2952 afi_t nh_afi;
2953
2954 /* Set extended bit always to encode the attribute length as 2 bytes */
2955 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2956 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2957 sizep = stream_get_endp(s);
2958 stream_putw(s, 0); /* Marker: Attribute length. */
2959
2960
2961 /* Convert AFI, SAFI to values for packet. */
2962 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2963
2964 stream_putw(s, pkt_afi); /* AFI */
2965 stream_putc(s, pkt_safi); /* SAFI */
2966
2967 /* Nexthop AFI */
ce78a6fb 2968 if (afi == AFI_IP
88b8d81a
DS		 2969 && (safi == SAFI_UNICAST ||
2970 safi == SAFI_LABELED_UNICAST ||
2971 safi == SAFI_MULTICAST))
d62a17ae 2972 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
d62a17ae 2973 else
2974 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2975
2976 /* Nexthop */
2977 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2978 switch (nh_afi) {
2979 case AFI_IP:
2980 switch (safi) {
2981 case SAFI_UNICAST:
2982 case SAFI_MULTICAST:
2983 case SAFI_LABELED_UNICAST:
2984 stream_putc(s, 4);
2985 stream_put_ipv4(s, attr->nexthop.s_addr);
2986 break;
2987 case SAFI_MPLS_VPN:
2988 stream_putc(s, 12);
2989 stream_putl(s, 0); /* RD = 0, per RFC */
2990 stream_putl(s, 0);
2991 stream_put(s, &attr->mp_nexthop_global_in, 4);
2992 break;
2993 case SAFI_ENCAP:
2994 case SAFI_EVPN:
2995 stream_putc(s, 4);
2996 stream_put(s, &attr->mp_nexthop_global_in, 4);
2997 break;
7c40bf39 2998 case SAFI_FLOWSPEC:
2999 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 3000 default:
3001 break;
3002 }
3003 break;
3004 case AFI_IP6:
3005 switch (safi) {
3006 case SAFI_UNICAST:
3007 case SAFI_MULTICAST:
3008 case SAFI_LABELED_UNICAST:
3009 case SAFI_EVPN: {
3010 if (attr->mp_nexthop_len
3011 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
3012 stream_putc(s,
3013 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
3014 stream_put(s, &attr->mp_nexthop_global,
3015 IPV6_MAX_BYTELEN);
3016 stream_put(s, &attr->mp_nexthop_local,
3017 IPV6_MAX_BYTELEN);
3018 } else {
3019 stream_putc(s, IPV6_MAX_BYTELEN);
3020 stream_put(s, &attr->mp_nexthop_global,
3021 IPV6_MAX_BYTELEN);
3022 }
3023 } break;
3024 case SAFI_MPLS_VPN: {
3025 if (attr->mp_nexthop_len
3026 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
3027 stream_putc(s, 24);
3028 stream_putl(s, 0); /* RD = 0, per RFC */
3029 stream_putl(s, 0);
3030 stream_put(s, &attr->mp_nexthop_global,
3031 IPV6_MAX_BYTELEN);
3032 } else if (attr->mp_nexthop_len
3033 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
3034 stream_putc(s, 48);
3035 stream_putl(s, 0); /* RD = 0, per RFC */
3036 stream_putl(s, 0);
3037 stream_put(s, &attr->mp_nexthop_global,
3038 IPV6_MAX_BYTELEN);
3039 stream_putl(s, 0); /* RD = 0, per RFC */
3040 stream_putl(s, 0);
3041 stream_put(s, &attr->mp_nexthop_local,
3042 IPV6_MAX_BYTELEN);
3043 }
3044 } break;
3045 case SAFI_ENCAP:
3046 stream_putc(s, IPV6_MAX_BYTELEN);
3047 stream_put(s, &attr->mp_nexthop_global,
3048 IPV6_MAX_BYTELEN);
3049 break;
7c40bf39 3050 case SAFI_FLOWSPEC:
3051 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 3052 default:
3053 break;
3054 }
3055 break;
8c71e481 3056 default:
a83da8e1 3057 if (safi != SAFI_FLOWSPEC)
af4c2728 3058 flog_err(
e50f7cfd 3059 EC_BGP_ATTR_NH_SEND_LEN,
14454c9f
DS		 3060 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
3061 peer->host, afi, safi, attr->mp_nexthop_len);
d62a17ae 3062 break;
3063 }
3064
3065 /* SNPA */
3066 stream_putc(s, 0);
3067 return sizep;
3068}
3069
3070void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
3071 struct prefix *p, struct prefix_rd *prd,
d7c0a89a
QY		 3072 mpls_label_t *label, uint32_t num_labels,
3073 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 3074 struct attr *attr)
d62a17ae 3075{
3076 if (safi == SAFI_MPLS_VPN) {
3077 if (addpath_encode)
3078 stream_putl(s, addpath_tx_id);
3079 /* Label, RD, Prefix write. */
3080 stream_putc(s, p->prefixlen + 88);
3081 stream_put(s, label, BGP_LABEL_BYTES);
3082 stream_put(s, prd->val, 8);
3083 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
3084 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
3085 /* EVPN prefix - contents depend on type */
996c9314
LB		 3086 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
3087 addpath_encode, addpath_tx_id);
d62a17ae 3088 } else if (safi == SAFI_LABELED_UNICAST) {
3089 /* Prefix write with label. */
ec15e1b5
QY		 3090 stream_put_labeled_prefix(s, p, label, addpath_encode,
3091 addpath_tx_id);
7c40bf39 3092 } else if (safi == SAFI_FLOWSPEC) {
3093 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
3094 stream_putc(s, PSIZE (p->prefixlen)+2);
3095 else
3096 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
3097 stream_putc(s, 2);/* Filter type */
3098 stream_putc(s, p->prefixlen);/* Prefix length */
3099 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
d62a17ae 3100 } else
3101 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
3102}
3103
3104size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
3105{
3106 int size = PSIZE(p->prefixlen);
3107 if (safi == SAFI_MPLS_VPN)
3108 size += 88;
4195afbf
EDP		 3109 else if (safi == SAFI_LABELED_UNICAST)
3110 size += BGP_LABEL_BYTES;
d62a17ae 3111 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
3112 size += 232; // TODO: Maximum possible for type-2, type-3 and
3113 // type-5
3114 return size;
8c71e481
PM		 3115}
3116
f4c89855 3117/*
65efcfce 3118 * Encodes the tunnel encapsulation attribute,
d62a17ae 3119 * and with ENABLE_BGP_VNC the VNC attribute which uses
65efcfce 3120 * almost the same TLV format
f4c89855 3121 */
d62a17ae 3122static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
3123 struct stream *s, struct attr *attr,
3124 uint8_t attrtype)
3125{
3126 unsigned int attrlenfield = 0;
3127 unsigned int attrhdrlen = 0;
3128 struct bgp_attr_encap_subtlv *subtlvs;
3129 struct bgp_attr_encap_subtlv *st;
3130 const char *attrname;
3131
9d303b37
DL		 3132 if (!attr || (attrtype == BGP_ATTR_ENCAP
3133 && (!attr->encap_tunneltype
3134 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
d62a17ae 3135 return;
3136
3137 switch (attrtype) {
f4c89855 3138 case BGP_ATTR_ENCAP:
d62a17ae 3139 attrname = "Tunnel Encap";
3140 subtlvs = attr->encap_subtlvs;
3141 if (subtlvs == NULL) /* nothing to do */
3142 return;
3143 /*
3144 * The tunnel encap attr has an "outer" tlv.
3145 * T = tunneltype,
3146 * L = total length of subtlvs,
3147 * V = concatenated subtlvs.
3148 */
3149 attrlenfield = 2 + 2; /* T + L */
3150 attrhdrlen = 1 + 1; /* subTLV T + L */
3151 break;
f4c89855 3152
943d595a 3153#if ENABLE_BGP_VNC_ATTR
65efcfce 3154 case BGP_ATTR_VNC:
d62a17ae 3155 attrname = "VNC";
3156 subtlvs = attr->vnc_subtlvs;
3157 if (subtlvs == NULL) /* nothing to do */
3158 return;
3159 attrlenfield = 0; /* no outer T + L */
3160 attrhdrlen = 2 + 2; /* subTLV T + L */
3161 break;
65efcfce
LB		 3162#endif
3163
f4c89855 3164 default:
d62a17ae 3165 assert(0);
3166 }
3167
3168 /* compute attr length */
3169 for (st = subtlvs; st; st = st->next) {
3170 attrlenfield += (attrhdrlen + st->length);
3171 }
3172
3173 if (attrlenfield > 0xffff) {
3174 zlog_info("%s attribute is too long (length=%d), can't send it",
3175 attrname, attrlenfield);
3176 return;
3177 }
3178
3179 if (attrlenfield > 0xff) {
3180 /* 2-octet length field */
996c9314
LB		 3181 stream_putc(s,
3182 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3183 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3184 stream_putc(s, attrtype);
3185 stream_putw(s, attrlenfield & 0xffff);
3186 } else {
3187 /* 1-octet length field */
3188 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
3189 stream_putc(s, attrtype);
3190 stream_putc(s, attrlenfield & 0xff);
3191 }
3192
3193 if (attrtype == BGP_ATTR_ENCAP) {
3194 /* write outer T+L */
3195 stream_putw(s, attr->encap_tunneltype);
3196 stream_putw(s, attrlenfield - 4);
3197 }
3198
3199 /* write each sub-tlv */
3200 for (st = subtlvs; st; st = st->next) {
3201 if (attrtype == BGP_ATTR_ENCAP) {
3202 stream_putc(s, st->type);
3203 stream_putc(s, st->length);
65efcfce 3204#if ENABLE_BGP_VNC
d62a17ae 3205 } else {
3206 stream_putw(s, st->type);
3207 stream_putw(s, st->length);
65efcfce 3208#endif
d62a17ae 3209 }
3210 stream_put(s, st->value, st->length);
3211 }
f4c89855 3212}
f4c89855 3213
d62a17ae 3214void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
8c71e481 3215{
d62a17ae 3216 /* Set MP attribute length. Don't count the (2) bytes used to encode
3217 the attr length */
3218 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
8c71e481
PM		 3219}
3220
6b5a72a3
DA		 3221static int bgp_append_local_as(struct peer *peer, afi_t afi, safi_t safi)
3222{
3223 if (!BGP_AS_IS_PRIVATE(peer->local_as)
3224 || (BGP_AS_IS_PRIVATE(peer->local_as)
3225 && !CHECK_FLAG(peer->af_flags[afi][safi],
3226 PEER_FLAG_REMOVE_PRIVATE_AS)
3227 && !CHECK_FLAG(peer->af_flags[afi][safi],
3228 PEER_FLAG_REMOVE_PRIVATE_AS_ALL)
3229 && !CHECK_FLAG(peer->af_flags[afi][safi],
3230 PEER_FLAG_REMOVE_PRIVATE_AS_REPLACE)
3231 && !CHECK_FLAG(peer->af_flags[afi][safi],
3232 PEER_FLAG_REMOVE_PRIVATE_AS_ALL_REPLACE)))
3233 return 1;
3234 return 0;
3235}
3236
718e3744 3237/* Make attribute packet. */
d62a17ae 3238bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
3239 struct stream *s, struct attr *attr,
3240 struct bpacket_attr_vec_arr *vecarr,
3241 struct prefix *p, afi_t afi, safi_t safi,
3242 struct peer *from, struct prefix_rd *prd,
d7c0a89a
QY		 3243 mpls_label_t *label, uint32_t num_labels,
3244 int addpath_encode, uint32_t addpath_tx_id)
d62a17ae 3245{
3246 size_t cp;
3247 size_t aspath_sizep;
3248 struct aspath *aspath;
3249 int send_as4_path = 0;
3250 int send_as4_aggregator = 0;
3251 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
3252
3253 if (!bgp)
3254 bgp = peer->bgp;
3255
3256 /* Remember current pointer. */
3257 cp = stream_get_endp(s);
3258
3259 if (p
3260 && !((afi == AFI_IP && safi == SAFI_UNICAST)
3261 && !peer_cap_enhe(peer, afi, safi))) {
3262 size_t mpattrlen_pos = 0;
3263
3264 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
3265 vecarr, attr);
996c9314
LB		 3266 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3267 num_labels, addpath_encode,
3268 addpath_tx_id, attr);
d62a17ae 3269 bgp_packet_mpattr_end(s, mpattrlen_pos);
718e3744 3270 }
d62a17ae 3271
3272 /* Origin attribute. */
3273 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3274 stream_putc(s, BGP_ATTR_ORIGIN);
3275 stream_putc(s, 1);
3276 stream_putc(s, attr->origin);
3277
3278 /* AS path attribute. */
3279
3280 /* If remote-peer is EBGP */
3281 if (peer->sort == BGP_PEER_EBGP
3282 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3283 PEER_FLAG_AS_PATH_UNCHANGED)
3284 || attr->aspath->segments == NULL)
3285 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3286 PEER_FLAG_RSERVER_CLIENT))) {
3287 aspath = aspath_dup(attr->aspath);
3288
3289 /* Even though we may not be configured for confederations we
3290 * may have
3291 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3292 aspath = aspath_delete_confed_seq(aspath);
3293
3294 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3295 /* Stuff our path CONFED_ID on the front */
3296 aspath = aspath_add_seq(aspath, bgp->confed_id);
3297 } else {
3298 if (peer->change_local_as) {
3299 /* If replace-as is specified, we only use the
3300 change_local_as when
3301 advertising routes. */
6b5a72a3
DA		 3302 if (!CHECK_FLAG(peer->flags,
3303 PEER_FLAG_LOCAL_AS_REPLACE_AS))
3304 if (bgp_append_local_as(peer, afi,
3305 safi))
3306 aspath = aspath_add_seq(
3307 aspath, peer->local_as);
d62a17ae 3308 aspath = aspath_add_seq(aspath,
3309 peer->change_local_as);
3310 } else {
3311 aspath = aspath_add_seq(aspath, peer->local_as);
3312 }
3313 }
3314 } else if (peer->sort == BGP_PEER_CONFED) {
3315 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3316 * thing */
3317 aspath = aspath_dup(attr->aspath);
3318 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3319 } else
3320 aspath = attr->aspath;
3321
3322 /* If peer is not AS4 capable, then:
3323 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3324 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3325 * segment
3326 * types are in it (i.e. exclude them if they are there)
3327 * AND do this only if there is at least one asnum > 65535 in the
3328 * path!
3329 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3330 * change
3331 * all ASnums > 65535 to BGP_AS_TRANS
3332 */
3333
3334 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3335 stream_putc(s, BGP_ATTR_AS_PATH);
3336 aspath_sizep = stream_get_endp(s);
3337 stream_putw(s, 0);
3338 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3339
3340 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3341 * in the path
3342 */
3343 if (!use32bit && aspath_has_as4(aspath))
3344 send_as4_path =
3345 1; /* we'll do this later, at the correct place */
3346
3347 /* Nexthop attribute. */
3348 if (afi == AFI_IP && safi == SAFI_UNICAST
3349 && !peer_cap_enhe(peer, afi, safi)) {
b96306f0
DS		 3350 afi_t nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
3351
d62a17ae 3352 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3353 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3354 stream_putc(s, BGP_ATTR_NEXT_HOP);
3355 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3356 attr);
3357 stream_putc(s, 4);
3358 stream_put_ipv4(s, attr->nexthop.s_addr);
b96306f0
DS		 3359 } else if (peer_cap_enhe(from, afi, safi)
3360 || (nh_afi == AFI_IP6)) {
d62a17ae 3361 /*
3362 * Likely this is the case when an IPv4 prefix was
b96306f0
DS		 3363 * received with Extended Next-hop capability in this
3364 * or another vrf and is now being advertised to
3365 * non-ENHE peers. Since peer_cap_enhe only checks
3366 * peers in this vrf, also check the nh_afi to catch
3367 * the case where the originator was in another vrf.
d62a17ae 3368 * Setting the mandatory (ipv4) next-hop attribute here
b96306f0
DS		 3369 * to enable implicit next-hop self with correct A-F
3370 * (ipv4 address family).
d62a17ae 3371 */
3372 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3373 stream_putc(s, BGP_ATTR_NEXT_HOP);
3374 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3375 NULL);
3376 stream_putc(s, 4);
3377 stream_put_ipv4(s, 0);
3378 }
718e3744 3379 }
d62a17ae 3380
3381 /* MED attribute. */
3382 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3383 || bgp->maxmed_active) {
3384 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3385 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3386 stream_putc(s, 4);
3387 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3388 : attr->med));
3389 }
3390
3391 /* Local preference. */
3392 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3393 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3394 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3395 stream_putc(s, 4);
3396 stream_putl(s, attr->local_pref);
3397 }
3398
3399 /* Atomic aggregate. */
3400 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3401 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3402 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3403 stream_putc(s, 0);
3404 }
3405
3406 /* Aggregator. */
3407 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3408 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3409 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3410 stream_putc(s, BGP_ATTR_AGGREGATOR);
3411
3412 if (use32bit) {
3413 /* AS4 capable peer */
3414 stream_putc(s, 8);
3415 stream_putl(s, attr->aggregator_as);
3416 } else {
3417 /* 2-byte AS peer */
3418 stream_putc(s, 6);
3419
3420 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3421 * used? */
3422 if (attr->aggregator_as > 65535) {
3423 stream_putw(s, BGP_AS_TRANS);
3424
3425 /* we have to send AS4_AGGREGATOR, too.
3426 * we'll do that later in order to send
3427 * attributes in ascending
3428 * order.
3429 */
3430 send_as4_aggregator = 1;
3431 } else
d7c0a89a 3432 stream_putw(s, (uint16_t)attr->aggregator_as);
d62a17ae 3433 }
3434 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3435 }
3436
3437 /* Community attribute. */
3438 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3439 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3440 if (attr->community->size * 4 > 255) {
996c9314
LB		 3441 stream_putc(s,
3442 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3443 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3444 stream_putc(s, BGP_ATTR_COMMUNITIES);
3445 stream_putw(s, attr->community->size * 4);
3446 } else {
996c9314
LB		 3447 stream_putc(s,
3448 BGP_ATTR_FLAG_OPTIONAL
3449 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3450 stream_putc(s, BGP_ATTR_COMMUNITIES);
3451 stream_putc(s, attr->community->size * 4);
4372df71 3452 }
d62a17ae 3453 stream_put(s, attr->community->val, attr->community->size * 4);
3454 }
3455
3456 /*
3457 * Large Community attribute.
3458 */
3459 if (CHECK_FLAG(peer->af_flags[afi][safi],
3460 PEER_FLAG_SEND_LARGE_COMMUNITY)
3461 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
79dab4b7 3462 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3463 stream_putc(s,
3464 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3465 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3466 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3467 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3468 } else {
996c9314
LB		 3469 stream_putc(s,
3470 BGP_ATTR_FLAG_OPTIONAL
3471 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3472 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3473 stream_putc(s, lcom_length(attr->lcommunity));
4372df71 3474 }
d62a17ae 3475 stream_put(s, attr->lcommunity->val,
79dab4b7 3476 lcom_length(attr->lcommunity));
d62a17ae 3477 }
4372df71 3478
d62a17ae 3479 /* Route Reflector. */
3480 if (peer->sort == BGP_PEER_IBGP && from
3481 && from->sort == BGP_PEER_IBGP) {
3482 /* Originator ID. */
3483 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3484 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3485 stream_putc(s, 4);
3486
3487 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3488 stream_put_in_addr(s, &attr->originator_id);
3489 else
3490 stream_put_in_addr(s, &from->remote_id);
3491
3492 /* Cluster list. */
3493 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3494 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3495
3496 if (attr->cluster) {
3497 stream_putc(s, attr->cluster->length + 4);
3498 /* If this peer configuration's parent BGP has
3499 * cluster_id. */
3500 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3501 stream_put_in_addr(s, &bgp->cluster_id);
3502 else
3503 stream_put_in_addr(s, &bgp->router_id);
3504 stream_put(s, attr->cluster->list,
3505 attr->cluster->length);
3506 } else {
3507 stream_putc(s, 4);
3508 /* If this peer configuration's parent BGP has
3509 * cluster_id. */
3510 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3511 stream_put_in_addr(s, &bgp->cluster_id);
3512 else
3513 stream_put_in_addr(s, &bgp->router_id);
3514 }
3515 }
4372df71 3516
d62a17ae 3517 /* Extended Communities attribute. */
3518 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3519 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3520 if (peer->sort == BGP_PEER_IBGP
3521 || peer->sort == BGP_PEER_CONFED) {
3522 if (attr->ecommunity->size * 8 > 255) {
996c9314
LB		 3523 stream_putc(s,
3524 BGP_ATTR_FLAG_OPTIONAL
3525 | BGP_ATTR_FLAG_TRANS
3526 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3527 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3528 stream_putw(s, attr->ecommunity->size * 8);
3529 } else {
996c9314
LB		 3530 stream_putc(s,
3531 BGP_ATTR_FLAG_OPTIONAL
3532 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3533 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3534 stream_putc(s, attr->ecommunity->size * 8);
3535 }
3536 stream_put(s, attr->ecommunity->val,
3537 attr->ecommunity->size * 8);
3538 } else {
d7c0a89a 3539 uint8_t *pnt;
d62a17ae 3540 int tbit;
3541 int ecom_tr_size = 0;
3542 int i;
3543
3544 for (i = 0; i < attr->ecommunity->size; i++) {
3545 pnt = attr->ecommunity->val + (i * 8);
3546 tbit = *pnt;
3547
3548 if (CHECK_FLAG(tbit,
3549 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3550 continue;
3551
3552 ecom_tr_size++;
3553 }
3554
3555 if (ecom_tr_size) {
3556 if (ecom_tr_size * 8 > 255) {
3557 stream_putc(
3558 s,
3559 BGP_ATTR_FLAG_OPTIONAL
3560 | BGP_ATTR_FLAG_TRANS
3561 | BGP_ATTR_FLAG_EXTLEN);
3562 stream_putc(s,
3563 BGP_ATTR_EXT_COMMUNITIES);
3564 stream_putw(s, ecom_tr_size * 8);
3565 } else {
3566 stream_putc(
3567 s,
3568 BGP_ATTR_FLAG_OPTIONAL
3569 | BGP_ATTR_FLAG_TRANS);
3570 stream_putc(s,
3571 BGP_ATTR_EXT_COMMUNITIES);
3572 stream_putc(s, ecom_tr_size * 8);
3573 }
3574
3575 for (i = 0; i < attr->ecommunity->size; i++) {
3576 pnt = attr->ecommunity->val + (i * 8);
3577 tbit = *pnt;
3578
3579 if (CHECK_FLAG(
3580 tbit,
3581 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3582 continue;
3583
3584 stream_put(s, pnt, 8);
3585 }
3586 }
3587 }
3588 }
4372df71 3589
d62a17ae 3590 /* Label index attribute. */
3591 if (safi == SAFI_LABELED_UNICAST) {
3592 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
d7c0a89a 3593 uint32_t label_index;
d62a17ae 3594
3595 label_index = attr->label_index;
3596
3597 if (label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3598 stream_putc(s,
3599 BGP_ATTR_FLAG_OPTIONAL
3600 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3601 stream_putc(s, BGP_ATTR_PREFIX_SID);
3602 stream_putc(s, 10);
3603 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3604 stream_putw(s,
3605 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3606 stream_putc(s, 0); // reserved
3607 stream_putw(s, 0); // flags
3608 stream_putl(s, label_index);
3609 }
4372df71 3610 }
d62a17ae 3611 }
3612
3613 if (send_as4_path) {
3614 /* If the peer is NOT As4 capable, AND */
3615 /* there are ASnums > 65535 in path THEN
3616 * give out AS4_PATH */
3617
3618 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3619 * path segments!
3620 * Hm, I wonder... confederation things *should* only be at
3621 * the beginning of an aspath, right? Then we should use
3622 * aspath_delete_confed_seq for this, because it is already
3623 * there! (JK)
3624 * Folks, talk to me: what is reasonable here!?
3625 */
3626 aspath = aspath_delete_confed_seq(aspath);
3627
996c9314
LB		 3628 stream_putc(s,
3629 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3630 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3631 stream_putc(s, BGP_ATTR_AS4_PATH);
3632 aspath_sizep = stream_get_endp(s);
3633 stream_putw(s, 0);
3634 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3635 }
3636
3637 if (aspath != attr->aspath)
3638 aspath_free(aspath);
3639
3640 if (send_as4_aggregator) {
3641 /* send AS4_AGGREGATOR, at this place */
3642 /* this section of code moved here in order to ensure the
3643 * correct
3644 * *ascending* order of attributes
3645 */
3646 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3647 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3648 stream_putc(s, 8);
3649 stream_putl(s, attr->aggregator_as);
3650 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3651 }
3652
3653 if (((afi == AFI_IP || afi == AFI_IP6)
3654 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3655 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3656 /* Tunnel Encap attribute */
3657 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
65efcfce 3658
943d595a 3659#if ENABLE_BGP_VNC_ATTR
d62a17ae 3660 /* VNC attribute */
3661 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
65efcfce 3662#endif
d62a17ae 3663 }
587ff0fd 3664
a21bd7a3
DW		 3665 /* PMSI Tunnel */
3666 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3667 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3668 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3669 stream_putc(s, 9); // Length
3670 stream_putc(s, 0); // Flags
d03239d0 3671 stream_putc(s, attr->pmsi_tnl_type);
996c9314
LB		 3672 stream_put(s, &(attr->label),
3673 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
30d85a30
LB		 3674 stream_put_ipv4(s, attr->nexthop.s_addr);
3675 // Unicast tunnel endpoint IP address
a21bd7a3
DW		 3676 }
3677
d62a17ae 3678 /* Unknown transit attribute. */
3679 if (attr->transit)
3680 stream_put(s, attr->transit->val, attr->transit->length);
718e3744 3681
d62a17ae 3682 /* Return total size of attribute. */
3683 return stream_get_endp(s) - cp;
718e3744 3684}
3685
d62a17ae 3686size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
718e3744 3687{
d62a17ae 3688 unsigned long attrlen_pnt;
3689 iana_afi_t pkt_afi;
5c525538 3690 iana_safi_t pkt_safi;
718e3744 3691
d62a17ae 3692 /* Set extended bit always to encode the attribute length as 2 bytes */
3693 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3694 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
718e3744 3695
d62a17ae 3696 attrlen_pnt = stream_get_endp(s);
3697 stream_putw(s, 0); /* Length of this attribute. */
718e3744 3698
d62a17ae 3699 /* Convert AFI, SAFI to values for packet. */
3700 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
9cabb64b 3701
d62a17ae 3702 stream_putw(s, pkt_afi);
3703 stream_putc(s, pkt_safi);
9cabb64b 3704
d62a17ae 3705 return attrlen_pnt;
8c71e481 3706}
718e3744 3707
d62a17ae 3708void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3709 safi_t safi, struct prefix_rd *prd,
d7c0a89a
QY		 3710 mpls_label_t *label, uint32_t num_labels,
3711 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 3712 struct attr *attr)
8c71e481 3713{
d7c0a89a 3714 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
cd1964ff 3715
b57ba6d2 3716 if (safi == SAFI_LABELED_UNICAST) {
d62a17ae 3717 label = (mpls_label_t *)wlabel;
b57ba6d2
MK		 3718 num_labels = 1;
3719 }
cd1964ff 3720
d90b788e
A		 3721 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
3722 addpath_encode, addpath_tx_id, attr);
8c71e481 3723}
718e3744 3724
d62a17ae 3725void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
8c71e481 3726{
d62a17ae 3727 bgp_packet_mpattr_end(s, attrlen_pnt);
718e3744 3728}
3729
3730/* Initialization of attribute. */
d62a17ae 3731void bgp_attr_init(void)
718e3744 3732{
d62a17ae 3733 aspath_init();
3734 attrhash_init();
3735 community_init();
3736 ecommunity_init();
3737 lcommunity_init();
3738 cluster_init();
3739 transit_init();
3740 encap_init();
718e3744 3741}
3742
d62a17ae 3743void bgp_attr_finish(void)
228da428 3744{
d62a17ae 3745 aspath_finish();
3746 attrhash_finish();
3747 community_finish();
3748 ecommunity_finish();
3749 lcommunity_finish();
3750 cluster_finish();
3751 transit_finish();
3752 encap_finish();
228da428
CC		 3753}
3754
718e3744 3755/* Make attribute packet. */
d62a17ae 3756void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3757 struct prefix *prefix)
3758{
3759 unsigned long cp;
3760 unsigned long len;
3761 size_t aspath_lenp;
3762 struct aspath *aspath;
3763 int addpath_encode = 0;
d7c0a89a 3764 uint32_t addpath_tx_id = 0;
d62a17ae 3765
3766 /* Remember current pointer. */
3767 cp = stream_get_endp(s);
3768
3769 /* Place holder of length. */
3770 stream_putw(s, 0);
3771
3772 /* Origin attribute. */
3773 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3774 stream_putc(s, BGP_ATTR_ORIGIN);
3775 stream_putc(s, 1);
3776 stream_putc(s, attr->origin);
3777
3778 aspath = attr->aspath;
3779
3780 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3781 stream_putc(s, BGP_ATTR_AS_PATH);
3782 aspath_lenp = stream_get_endp(s);
3783 stream_putw(s, 0);
3784
3785 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3786
3787 /* Nexthop attribute. */
3788 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3789 if (prefix != NULL && prefix->family != AF_INET6) {
3790 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3791 stream_putc(s, BGP_ATTR_NEXT_HOP);
3792 stream_putc(s, 4);
3793 stream_put_ipv4(s, attr->nexthop.s_addr);
718e3744 3794 }
d62a17ae 3795
3796 /* MED attribute. */
3797 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3798 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3799 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3800 stream_putc(s, 4);
3801 stream_putl(s, attr->med);
3802 }
3803
3804 /* Local preference. */
3805 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3806 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3807 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3808 stream_putc(s, 4);
3809 stream_putl(s, attr->local_pref);
3810 }
3811
3812 /* Atomic aggregate. */
3813 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3814 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3815 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3816 stream_putc(s, 0);
3817 }
3818
3819 /* Aggregator. */
3820 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3821 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3822 stream_putc(s, BGP_ATTR_AGGREGATOR);
3823 stream_putc(s, 8);
3824 stream_putl(s, attr->aggregator_as);
3825 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3826 }
3827
3828 /* Community attribute. */
3829 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3830 if (attr->community->size * 4 > 255) {
996c9314
LB		 3831 stream_putc(s,
3832 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3833 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3834 stream_putc(s, BGP_ATTR_COMMUNITIES);
3835 stream_putw(s, attr->community->size * 4);
3836 } else {
996c9314
LB		 3837 stream_putc(s,
3838 BGP_ATTR_FLAG_OPTIONAL
3839 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3840 stream_putc(s, BGP_ATTR_COMMUNITIES);
3841 stream_putc(s, attr->community->size * 4);
3842 }
3843 stream_put(s, attr->community->val, attr->community->size * 4);
3844 }
3845
3846 /* Large Community attribute. */
3847 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
79dab4b7 3848 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3849 stream_putc(s,
3850 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3851 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3852 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3853 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3854 } else {
996c9314
LB		 3855 stream_putc(s,
3856 BGP_ATTR_FLAG_OPTIONAL
3857 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3858 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3859 stream_putc(s, lcom_length(attr->lcommunity));
d62a17ae 3860 }
3861
996c9314
LB		 3862 stream_put(s, attr->lcommunity->val,
3863 lcom_length(attr->lcommunity));
d62a17ae 3864 }
3865
3866 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3867 if (prefix != NULL && prefix->family == AF_INET6
3868 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3869 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3870 int sizep;
3871
3872 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3873 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3874 sizep = stream_get_endp(s);
3875
3876 /* MP header */
3877 stream_putc(s, 0); /* Marker: Attribute length. */
3878 stream_putw(s, AFI_IP6); /* AFI */
3879 stream_putc(s, SAFI_UNICAST); /* SAFI */
3880
3881 /* Next hop */
3882 stream_putc(s, attr->mp_nexthop_len);
3883 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3884 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3885 stream_put(s, &attr->mp_nexthop_local,
3886 IPV6_MAX_BYTELEN);
3887
3888 /* SNPA */
3889 stream_putc(s, 0);
3890
3891 /* Prefix */
3892 stream_put_prefix_addpath(s, prefix, addpath_encode,
3893 addpath_tx_id);
3894
3895 /* Set MP attribute length. */
3896 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3897 }
3898
3899 /* Prefix SID */
3900 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3901 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3902 stream_putc(s,
3903 BGP_ATTR_FLAG_OPTIONAL
3904 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3905 stream_putc(s, BGP_ATTR_PREFIX_SID);
3906 stream_putc(s, 10);
3907 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3908 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3909 stream_putc(s, 0); // reserved
3910 stream_putw(s, 0); // flags
3911 stream_putl(s, attr->label_index);
3912 }
3913 }
3914
3915 /* Return total size of attribute. */
3916 len = stream_get_endp(s) - cp - 2;
3917 stream_putw_at(s, cp, len);
718e3744 3918}
FRRouting mirror