]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_attr.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ldpd: Convert to using LIB_ERR_XXX and zlog_ferr
[mirror_frr.git] / bgpd / bgp_attr.c
CommitLineData
718e3744 1/* BGP attributes management routines.
896014f4
DL		 2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "memory.h"
26#include "vector.h"
718e3744 27#include "stream.h"
28#include "log.h"
29#include "hash.h"
c8e7b895 30#include "jhash.h"
3f9c7369 31#include "queue.h"
f4c89855 32#include "table.h"
039f3a34 33#include "filter.h"
4dcadbef 34#include "command.h"
718e3744 35
36#include "bgpd/bgpd.h"
37#include "bgpd/bgp_attr.h"
38#include "bgpd/bgp_route.h"
39#include "bgpd/bgp_aspath.h"
40#include "bgpd/bgp_community.h"
41#include "bgpd/bgp_debug.h"
9bedbb1e 42#include "bgpd/bgp_label.h"
718e3744 43#include "bgpd/bgp_packet.h"
44#include "bgpd/bgp_ecommunity.h"
57d187bc 45#include "bgpd/bgp_lcommunity.h"
3f9c7369 46#include "bgpd/bgp_updgrp.h"
6407da5a 47#include "bgpd/bgp_encap_types.h"
65efcfce 48#if ENABLE_BGP_VNC
d62a17ae 49#include "bgpd/rfapi/bgp_rfapi_cfg.h"
50#include "bgp_encap_types.h"
51#include "bgp_vnc_types.h"
65efcfce 52#endif
b18825eb
PG		 53#include "bgp_encap_types.h"
54#include "bgp_evpn.h"
7c40bf39 55#include "bgp_flowspec_private.h"
6b0655a2 56
718e3744 57/* Attribute strings for logging. */
d62a17ae 58static const struct message attr_str[] = {
59 {BGP_ATTR_ORIGIN, "ORIGIN"},
60 {BGP_ATTR_AS_PATH, "AS_PATH"},
61 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
62 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
63 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
64 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
65 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
66 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
67 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
68 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
69 {BGP_ATTR_DPA, "DPA"},
70 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
71 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
72 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
73 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
74 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
75 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
76 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
77 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
a21bd7a3 78 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
d62a17ae 79 {BGP_ATTR_ENCAP, "ENCAP"},
65efcfce 80#if ENABLE_BGP_VNC
d62a17ae 81 {BGP_ATTR_VNC, "VNC"},
65efcfce 82#endif
d62a17ae 83 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
84 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
85 {0}};
afcb7679 86
996c9314
LB		 87static const struct message attr_flag_str[] = {
88 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
89 {BGP_ATTR_FLAG_TRANS, "Transitive"},
90 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
91 /* bgp_attr_flags_diagnose() relies on this bit being last in
92 this list */
93 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
94 {0}};
6b0655a2 95
9bddac4b 96static struct hash *cluster_hash;
718e3744 97
d62a17ae 98static void *cluster_hash_alloc(void *p)
718e3744 99{
d62a17ae 100 const struct cluster_list *val = (const struct cluster_list *)p;
101 struct cluster_list *cluster;
718e3744 102
d62a17ae 103 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
104 cluster->length = val->length;
718e3744 105
d62a17ae 106 if (cluster->length) {
107 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
108 memcpy(cluster->list, val->list, val->length);
109 } else
110 cluster->list = NULL;
718e3744 111
d62a17ae 112 cluster->refcnt = 0;
718e3744 113
d62a17ae 114 return cluster;
718e3744 115}
116
117/* Cluster list related functions. */
d62a17ae 118static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
718e3744 119{
d62a17ae 120 struct cluster_list tmp;
121 struct cluster_list *cluster;
718e3744 122
d62a17ae 123 tmp.length = length;
124 tmp.list = pnt;
718e3744 125
d62a17ae 126 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
127 cluster->refcnt++;
128 return cluster;
718e3744 129}
130
d62a17ae 131int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
718e3744 132{
d62a17ae 133 int i;
134
135 for (i = 0; i < cluster->length / 4; i++)
136 if (cluster->list[i].s_addr == originator.s_addr)
137 return 1;
138 return 0;
718e3744 139}
140
d62a17ae 141static unsigned int cluster_hash_key_make(void *p)
718e3744 142{
d62a17ae 143 const struct cluster_list *cluster = p;
718e3744 144
d62a17ae 145 return jhash(cluster->list, cluster->length, 0);
718e3744 146}
147
d62a17ae 148static int cluster_hash_cmp(const void *p1, const void *p2)
718e3744 149{
d62a17ae 150 const struct cluster_list *cluster1 = p1;
151 const struct cluster_list *cluster2 = p2;
923de654 152
d62a17ae 153 return (cluster1->length == cluster2->length
154 && memcmp(cluster1->list, cluster2->list, cluster1->length)
155 == 0);
718e3744 156}
157
d62a17ae 158static void cluster_free(struct cluster_list *cluster)
718e3744 159{
d62a17ae 160 if (cluster->list)
161 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
162 XFREE(MTYPE_CLUSTER, cluster);
718e3744 163}
164
d62a17ae 165static struct cluster_list *cluster_intern(struct cluster_list *cluster)
718e3744 166{
d62a17ae 167 struct cluster_list *find;
718e3744 168
d62a17ae 169 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
170 find->refcnt++;
718e3744 171
d62a17ae 172 return find;
718e3744 173}
174
d62a17ae 175void cluster_unintern(struct cluster_list *cluster)
718e3744 176{
d62a17ae 177 if (cluster->refcnt)
178 cluster->refcnt--;
718e3744 179
d62a17ae 180 if (cluster->refcnt == 0) {
181 hash_release(cluster_hash, cluster);
182 cluster_free(cluster);
183 }
718e3744 184}
185
d62a17ae 186static void cluster_init(void)
718e3744 187{
996c9314 188 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
3f65c5b1 189 "BGP Cluster");
718e3744 190}
228da428 191
d62a17ae 192static void cluster_finish(void)
228da428 193{
d62a17ae 194 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
195 hash_free(cluster_hash);
196 cluster_hash = NULL;
228da428 197}
6b0655a2 198
bede7744
LB		 199static struct hash *encap_hash = NULL;
200#if ENABLE_BGP_VNC
201static struct hash *vnc_hash = NULL;
202#endif
203
d62a17ae 204struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
f4c89855 205{
d62a17ae 206 struct bgp_attr_encap_subtlv *new;
207 struct bgp_attr_encap_subtlv *tail;
208 struct bgp_attr_encap_subtlv *p;
f4c89855 209
d62a17ae 210 for (p = orig, tail = new = NULL; p; p = p->next) {
12f70478 211 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
d62a17ae 212 if (tail) {
213 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
214 tail = tail->next;
215 } else {
216 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
217 }
218 assert(tail);
219 memcpy(tail, p, size);
220 tail->next = NULL;
f4c89855 221 }
f4c89855 222
d62a17ae 223 return new;
f4c89855
LB		 224}
225
d62a17ae 226static void encap_free(struct bgp_attr_encap_subtlv *p)
f4c89855 227{
d62a17ae 228 struct bgp_attr_encap_subtlv *next;
229 while (p) {
230 next = p->next;
231 p->next = NULL;
232 XFREE(MTYPE_ENCAP_TLV, p);
233 p = next;
234 }
f4c89855
LB		 235}
236
d62a17ae 237void bgp_attr_flush_encap(struct attr *attr)
f4c89855 238{
d62a17ae 239 if (!attr)
240 return;
f4c89855 241
d62a17ae 242 if (attr->encap_subtlvs) {
243 encap_free(attr->encap_subtlvs);
244 attr->encap_subtlvs = NULL;
245 }
65efcfce 246#if ENABLE_BGP_VNC
d62a17ae 247 if (attr->vnc_subtlvs) {
248 encap_free(attr->vnc_subtlvs);
249 attr->vnc_subtlvs = NULL;
250 }
65efcfce 251#endif
f4c89855
LB		 252}
253
254/*
255 * Compare encap sub-tlv chains
256 *
257 * 1 = equivalent
258 * 0 = not equivalent
259 *
260 * This algorithm could be made faster if needed
261 */
d62a17ae 262static int encap_same(struct bgp_attr_encap_subtlv *h1,
263 struct bgp_attr_encap_subtlv *h2)
f4c89855 264{
d62a17ae 265 struct bgp_attr_encap_subtlv *p;
266 struct bgp_attr_encap_subtlv *q;
f4c89855 267
d62a17ae 268 if (h1 == h2)
269 return 1;
270 if (h1 == NULL || h2 == NULL)
271 return 0;
f4c89855 272
d62a17ae 273 for (p = h1; p; p = p->next) {
274 for (q = h2; q; q = q->next) {
275 if ((p->type == q->type) && (p->length == q->length)
276 && !memcmp(p->value, q->value, p->length)) {
f4c89855 277
d62a17ae 278 break;
279 }
280 }
281 if (!q)
282 return 0;
f4c89855 283 }
f4c89855 284
d62a17ae 285 for (p = h2; p; p = p->next) {
286 for (q = h1; q; q = q->next) {
287 if ((p->type == q->type) && (p->length == q->length)
288 && !memcmp(p->value, q->value, p->length)) {
f4c89855 289
d62a17ae 290 break;
291 }
292 }
293 if (!q)
294 return 0;
f4c89855 295 }
f4c89855 296
d62a17ae 297 return 1;
f4c89855
LB		 298}
299
d62a17ae 300static void *encap_hash_alloc(void *p)
bede7744 301{
d62a17ae 302 /* Encap structure is already allocated. */
303 return p;
bede7744
LB		 304}
305
d62a17ae 306typedef enum {
307 ENCAP_SUBTLV_TYPE,
bede7744 308#if ENABLE_BGP_VNC
d62a17ae 309 VNC_SUBTLV_TYPE
bede7744
LB		 310#endif
311} encap_subtlv_type;
312
313static struct bgp_attr_encap_subtlv *
d62a17ae 314encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
bede7744 315{
d62a17ae 316 struct bgp_attr_encap_subtlv *find;
317 struct hash *hash = encap_hash;
bede7744 318#if ENABLE_BGP_VNC
d62a17ae 319 if (type == VNC_SUBTLV_TYPE)
320 hash = vnc_hash;
bede7744
LB		 321#endif
322
d62a17ae 323 find = hash_get(hash, encap, encap_hash_alloc);
324 if (find != encap)
325 encap_free(encap);
326 find->refcnt++;
bede7744 327
d62a17ae 328 return find;
bede7744
LB		 329}
330
d62a17ae 331static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
332 encap_subtlv_type type)
bede7744 333{
d62a17ae 334 struct bgp_attr_encap_subtlv *encap = *encapp;
335 if (encap->refcnt)
336 encap->refcnt--;
bede7744 337
d62a17ae 338 if (encap->refcnt == 0) {
339 struct hash *hash = encap_hash;
bede7744 340#if ENABLE_BGP_VNC
d62a17ae 341 if (type == VNC_SUBTLV_TYPE)
342 hash = vnc_hash;
bede7744 343#endif
d62a17ae 344 hash_release(hash, encap);
345 encap_free(encap);
346 *encapp = NULL;
347 }
bede7744
LB		 348}
349
d62a17ae 350static unsigned int encap_hash_key_make(void *p)
bede7744 351{
d62a17ae 352 const struct bgp_attr_encap_subtlv *encap = p;
bede7744 353
d62a17ae 354 return jhash(encap->value, encap->length, 0);
bede7744
LB		 355}
356
d62a17ae 357static int encap_hash_cmp(const void *p1, const void *p2)
bede7744 358{
d62a17ae 359 return encap_same((struct bgp_attr_encap_subtlv *)p1,
360 (struct bgp_attr_encap_subtlv *)p2);
bede7744
LB		 361}
362
d62a17ae 363static void encap_init(void)
bede7744 364{
996c9314 365 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 366 "BGP Encap Hash");
bede7744 367#if ENABLE_BGP_VNC
996c9314 368 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 369 "BGP VNC Hash");
bede7744
LB		 370#endif
371}
372
d62a17ae 373static void encap_finish(void)
bede7744 374{
d62a17ae 375 hash_clean(encap_hash, (void (*)(void *))encap_free);
376 hash_free(encap_hash);
377 encap_hash = NULL;
bede7744 378#if ENABLE_BGP_VNC
d62a17ae 379 hash_clean(vnc_hash, (void (*)(void *))encap_free);
380 hash_free(vnc_hash);
381 vnc_hash = NULL;
bede7744
LB		 382#endif
383}
384
d62a17ae 385static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
684a7227 386{
d62a17ae 387 if (!a1 && a2)
388 return false;
389 if (!a2 && a1)
390 return false;
391 if (!a1 && !a2)
392 return true;
393 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
394 sizeof(struct overlay_index));
684a7227
PG		 395}
396
718e3744 397/* Unknown transit attribute. */
9bddac4b 398static struct hash *transit_hash;
718e3744 399
d62a17ae 400static void transit_free(struct transit *transit)
718e3744 401{
d62a17ae 402 if (transit->val)
403 XFREE(MTYPE_TRANSIT_VAL, transit->val);
404 XFREE(MTYPE_TRANSIT, transit);
718e3744 405}
406
d62a17ae 407static void *transit_hash_alloc(void *p)
718e3744 408{
d62a17ae 409 /* Transit structure is already allocated. */
410 return p;
718e3744 411}
412
d62a17ae 413static struct transit *transit_intern(struct transit *transit)
718e3744 414{
d62a17ae 415 struct transit *find;
718e3744 416
d62a17ae 417 find = hash_get(transit_hash, transit, transit_hash_alloc);
418 if (find != transit)
419 transit_free(transit);
420 find->refcnt++;
718e3744 421
d62a17ae 422 return find;
718e3744 423}
424
d62a17ae 425void transit_unintern(struct transit *transit)
718e3744 426{
d62a17ae 427 if (transit->refcnt)
428 transit->refcnt--;
718e3744 429
d62a17ae 430 if (transit->refcnt == 0) {
431 hash_release(transit_hash, transit);
432 transit_free(transit);
433 }
718e3744 434}
435
d62a17ae 436static unsigned int transit_hash_key_make(void *p)
718e3744 437{
d62a17ae 438 const struct transit *transit = p;
718e3744 439
d62a17ae 440 return jhash(transit->val, transit->length, 0);
718e3744 441}
442
d62a17ae 443static int transit_hash_cmp(const void *p1, const void *p2)
718e3744 444{
d62a17ae 445 const struct transit *transit1 = p1;
446 const struct transit *transit2 = p2;
923de654 447
d62a17ae 448 return (transit1->length == transit2->length
449 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
718e3744 450}
451
d62a17ae 452static void transit_init(void)
718e3744 453{
996c9314 454 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
3f65c5b1 455 "BGP Transit Hash");
718e3744 456}
228da428 457
d62a17ae 458static void transit_finish(void)
228da428 459{
d62a17ae 460 hash_clean(transit_hash, (void (*)(void *))transit_free);
461 hash_free(transit_hash);
462 transit_hash = NULL;
228da428 463}
6b0655a2 464
718e3744 465/* Attribute hash routines. */
9bddac4b 466static struct hash *attrhash;
718e3744 467
fb982c25
PJ		 468/* Shallow copy of an attribute
469 * Though, not so shallow that it doesn't copy the contents
470 * of the attr_extra pointed to by 'extra'
471 */
d62a17ae 472void bgp_attr_dup(struct attr *new, struct attr *orig)
fb982c25 473{
d62a17ae 474 *new = *orig;
fb982c25
PJ		 475}
476
d62a17ae 477unsigned long int attr_count(void)
cbdfbaa5 478{
d62a17ae 479 return attrhash->count;
cbdfbaa5
PJ		 480}
481
d62a17ae 482unsigned long int attr_unknown_count(void)
cbdfbaa5 483{
d62a17ae 484 return transit_hash->count;
cbdfbaa5
PJ		 485}
486
d62a17ae 487unsigned int attrhash_key_make(void *p)
718e3744 488{
d62a17ae 489 const struct attr *attr = (struct attr *)p;
490 uint32_t key = 0;
c8e7b895 491#define MIX(val) key = jhash_1word(val, key)
0d0268a6 492#define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
c8e7b895 493
0d0268a6 494 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
996c9314
LB		 495 MIX3(attr->local_pref, attr->aggregator_as,
496 attr->aggregator_addr.s_addr);
0d0268a6
LB		 497 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
498 attr->originator_id.s_addr);
499 MIX3(attr->tag, attr->label, attr->label_index);
d62a17ae 500
501 if (attr->aspath)
502 MIX(aspath_key_make(attr->aspath));
503 if (attr->community)
504 MIX(community_hash_make(attr->community));
505
506 if (attr->lcommunity)
507 MIX(lcommunity_hash_make(attr->lcommunity));
508 if (attr->ecommunity)
509 MIX(ecommunity_hash_make(attr->ecommunity));
510 if (attr->cluster)
511 MIX(cluster_hash_key_make(attr->cluster));
512 if (attr->transit)
513 MIX(transit_hash_key_make(attr->transit));
514 if (attr->encap_subtlvs)
515 MIX(encap_hash_key_make(attr->encap_subtlvs));
bede7744 516#if ENABLE_BGP_VNC
d62a17ae 517 if (attr->vnc_subtlvs)
518 MIX(encap_hash_key_make(attr->vnc_subtlvs));
bede7744 519#endif
d62a17ae 520 MIX(attr->mp_nexthop_len);
521 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
522 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
77e62f2b 523 MIX(attr->nh_ifindex);
524 MIX(attr->nh_lla_ifindex);
d62a17ae 525
526 return key;
527}
528
529int attrhash_cmp(const void *p1, const void *p2)
530{
531 const struct attr *attr1 = p1;
532 const struct attr *attr2 = p2;
533
534 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
535 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
536 && attr1->aspath == attr2->aspath
537 && attr1->community == attr2->community && attr1->med == attr2->med
538 && attr1->local_pref == attr2->local_pref
539 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
540 if (attr1->aggregator_as == attr2->aggregator_as
541 && attr1->aggregator_addr.s_addr
542 == attr2->aggregator_addr.s_addr
543 && attr1->weight == attr2->weight
544 && attr1->tag == attr2->tag
545 && attr1->label_index == attr2->label_index
546 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
d62a17ae 547 && attr1->ecommunity == attr2->ecommunity
548 && attr1->lcommunity == attr2->lcommunity
549 && attr1->cluster == attr2->cluster
550 && attr1->transit == attr2->transit
551 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
552 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
65efcfce 553#if ENABLE_BGP_VNC
d62a17ae 554 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
65efcfce 555#endif
0d0268a6
LB		 556 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
557 &attr2->mp_nexthop_global)
558 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
559 &attr2->mp_nexthop_local)
560 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
561 &attr2->mp_nexthop_global_in)
d62a17ae 562 && IPV4_ADDR_SAME(&attr1->originator_id,
563 &attr2->originator_id)
77e62f2b 564 && overlay_index_same(attr1, attr2)
565 && attr1->nh_ifindex == attr2->nh_ifindex
566 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex)
d62a17ae 567 return 1;
568 }
aadc0905 569
d62a17ae 570 return 0;
718e3744 571}
572
d62a17ae 573static void attrhash_init(void)
718e3744 574{
996c9314
LB		 575 attrhash =
576 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
718e3744 577}
578
289d2501
LB		 579/*
580 * special for hash_clean below
581 */
d62a17ae 582static void attr_vfree(void *attr)
289d2501 583{
d62a17ae 584 XFREE(MTYPE_ATTR, attr);
289d2501
LB		 585}
586
d62a17ae 587static void attrhash_finish(void)
228da428 588{
d62a17ae 589 hash_clean(attrhash, attr_vfree);
590 hash_free(attrhash);
591 attrhash = NULL;
228da428
CC		 592}
593
d62a17ae 594static void attr_show_all_iterator(struct hash_backet *backet, struct vty *vty)
718e3744 595{
d62a17ae 596 struct attr *attr = backet->data;
718e3744 597
d62a17ae 598 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
599 inet_ntoa(attr->nexthop));
13b7e7f0 600 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
23a2a47e 601 attr->flag, attr->med, attr->local_pref, attr->origin,
13b7e7f0 602 attr->weight, attr->label);
718e3744 603}
604
d62a17ae 605void attr_show_all(struct vty *vty)
718e3744 606{
9d303b37
DL		 607 hash_iterate(attrhash, (void (*)(struct hash_backet *,
608 void *))attr_show_all_iterator,
609 vty);
718e3744 610}
611
d62a17ae 612static void *bgp_attr_hash_alloc(void *p)
718e3744 613{
d62a17ae 614 struct attr *val = (struct attr *)p;
615 struct attr *attr;
718e3744 616
d62a17ae 617 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
618 *attr = *val;
619 if (val->encap_subtlvs) {
620 val->encap_subtlvs = NULL;
621 }
65efcfce 622#if ENABLE_BGP_VNC
d62a17ae 623 if (val->vnc_subtlvs) {
624 val->vnc_subtlvs = NULL;
625 }
65efcfce 626#endif
d62a17ae 627 attr->refcnt = 0;
628 return attr;
718e3744 629}
630
631/* Internet argument attribute. */
d62a17ae 632struct attr *bgp_attr_intern(struct attr *attr)
633{
634 struct attr *find;
635
636 /* Intern referenced strucutre. */
637 if (attr->aspath) {
638 if (!attr->aspath->refcnt)
639 attr->aspath = aspath_intern(attr->aspath);
640 else
641 attr->aspath->refcnt++;
642 }
643 if (attr->community) {
644 if (!attr->community->refcnt)
645 attr->community = community_intern(attr->community);
646 else
647 attr->community->refcnt++;
648 }
649
650 if (attr->ecommunity) {
651 if (!attr->ecommunity->refcnt)
652 attr->ecommunity = ecommunity_intern(attr->ecommunity);
653 else
654 attr->ecommunity->refcnt++;
655 }
656 if (attr->lcommunity) {
657 if (!attr->lcommunity->refcnt)
658 attr->lcommunity = lcommunity_intern(attr->lcommunity);
659 else
660 attr->lcommunity->refcnt++;
661 }
662 if (attr->cluster) {
663 if (!attr->cluster->refcnt)
664 attr->cluster = cluster_intern(attr->cluster);
665 else
666 attr->cluster->refcnt++;
667 }
668 if (attr->transit) {
669 if (!attr->transit->refcnt)
670 attr->transit = transit_intern(attr->transit);
671 else
672 attr->transit->refcnt++;
673 }
674 if (attr->encap_subtlvs) {
675 if (!attr->encap_subtlvs->refcnt)
676 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
677 ENCAP_SUBTLV_TYPE);
678 else
679 attr->encap_subtlvs->refcnt++;
680 }
bede7744 681#if ENABLE_BGP_VNC
d62a17ae 682 if (attr->vnc_subtlvs) {
683 if (!attr->vnc_subtlvs->refcnt)
684 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
685 VNC_SUBTLV_TYPE);
686 else
687 attr->vnc_subtlvs->refcnt++;
688 }
aadc0905 689#endif
bede7744 690
dbbac180
DL		 691 /* At this point, attr only contains intern'd pointers. that means
692 * if we find it in attrhash, it has all the same pointers and we
693 * correctly updated the refcounts on these.
694 * If we don't find it, we need to allocate a one because in all
695 * cases this returns a new reference to a hashed attr, but the input
696 * wasn't on hash. */
d62a17ae 697 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
698 find->refcnt++;
699
700 return find;
718e3744 701}
702
703/* Make network statement's attribute. */
d7c0a89a 704struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
718e3744 705{
d62a17ae 706 memset(attr, 0, sizeof(struct attr));
03e214c8 707
d62a17ae 708 attr->origin = origin;
709 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
710 attr->aspath = aspath_empty();
711 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
712 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
713 attr->tag = 0;
714 attr->label_index = BGP_INVALID_LABEL_INDEX;
715 attr->label = MPLS_INVALID_LABEL;
716 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
717 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
718
719 return attr;
718e3744 720}
721
b5d58c32 722/* Create the attributes for an aggregate */
d7c0a89a 723struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
d62a17ae 724 struct aspath *aspath,
725 struct community *community, int as_set,
d7c0a89a 726 uint8_t atomic_aggregate)
d62a17ae 727{
728 struct attr attr;
729 struct attr *new;
730
731 memset(&attr, 0, sizeof(struct attr));
732
733 /* Origin attribute. */
734 attr.origin = origin;
735 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
736
737 /* AS path attribute. */
738 if (aspath)
739 attr.aspath = aspath_intern(aspath);
740 else
741 attr.aspath = aspath_empty();
742 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
743
744 /* Next hop attribute. */
745 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
746
747 if (community) {
d7c0a89a 748 uint32_t gshut = COMMUNITY_GSHUT;
7f323236
DW		 749
750 /* If we are not shutting down ourselves and we are
751 * aggregating a route that contains the GSHUT community we
752 * need to remove that community when creating the aggregate */
996c9314
LB		 753 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
754 && community_include(community, gshut)) {
7f323236
DW		 755 community_del_val(community, &gshut);
756 }
757
d62a17ae 758 attr.community = community;
759 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
760 }
761
7f323236
DW		 762 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
763 bgp_attr_add_gshut_community(&attr);
764 }
765
d62a17ae 766 attr.label_index = BGP_INVALID_LABEL_INDEX;
767 attr.label = MPLS_INVALID_LABEL;
768 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
769 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
770 if (!as_set || atomic_aggregate)
771 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
772 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
773 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
774 attr.aggregator_as = bgp->confed_id;
775 else
776 attr.aggregator_as = bgp->as;
777 attr.aggregator_addr = bgp->router_id;
778 attr.label_index = BGP_INVALID_LABEL_INDEX;
779 attr.label = MPLS_INVALID_LABEL;
780
781 new = bgp_attr_intern(&attr);
782
783 aspath_unintern(&new->aspath);
784 return new;
718e3744 785}
786
b881c707 787/* Unintern just the sub-components of the attr, but not the attr */
d62a17ae 788void bgp_attr_unintern_sub(struct attr *attr)
789{
790 /* aspath refcount shoud be decrement. */
791 if (attr->aspath)
792 aspath_unintern(&attr->aspath);
793 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
794
795 if (attr->community)
796 community_unintern(&attr->community);
797 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
798
799 if (attr->ecommunity)
800 ecommunity_unintern(&attr->ecommunity);
801 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
802
803 if (attr->lcommunity)
804 lcommunity_unintern(&attr->lcommunity);
805 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
806
807 if (attr->cluster)
808 cluster_unintern(attr->cluster);
809 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
810
811 if (attr->transit)
812 transit_unintern(attr->transit);
813
814 if (attr->encap_subtlvs)
815 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
bede7744
LB		 816
817#if ENABLE_BGP_VNC
d62a17ae 818 if (attr->vnc_subtlvs)
819 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
bede7744 820#endif
b881c707
PJ		 821}
822
f46d8e1e
DS		 823/*
824 * We have some show commands that let you experimentally
825 * apply a route-map. When we apply the route-map
826 * we are reseting values but not saving them for
827 * posterity via intern'ing( because route-maps don't
828 * do that) but at this point in time we need
829 * to compare the new attr to the old and if the
830 * routemap has changed it we need to, as Snoop Dog says,
831 * Drop it like it's hot
832 */
833void bgp_attr_undup(struct attr *new, struct attr *old)
834{
835 if (new->aspath != old->aspath)
836 aspath_free(new->aspath);
837
838 if (new->community != old->community)
839 community_free(new->community);
840
841 if (new->ecommunity != old->ecommunity)
842 ecommunity_free(&new->ecommunity);
843
844 if (new->lcommunity != old->lcommunity)
845 lcommunity_free(&new->lcommunity);
f46d8e1e
DS		 846}
847
718e3744 848/* Free bgp attribute and aspath. */
d62a17ae 849void bgp_attr_unintern(struct attr **pattr)
850{
851 struct attr *attr = *pattr;
852 struct attr *ret;
853 struct attr tmp;
854
855 /* Decrement attribute reference. */
856 attr->refcnt--;
857
858 tmp = *attr;
859
860 /* If reference becomes zero then free attribute object. */
861 if (attr->refcnt == 0) {
862 ret = hash_release(attrhash, attr);
863 assert(ret != NULL);
864 XFREE(MTYPE_ATTR, attr);
865 *pattr = NULL;
866 }
867
868 bgp_attr_unintern_sub(&tmp);
869}
870
871void bgp_attr_flush(struct attr *attr)
872{
873 if (attr->aspath && !attr->aspath->refcnt) {
874 aspath_free(attr->aspath);
875 attr->aspath = NULL;
876 }
877 if (attr->community && !attr->community->refcnt) {
878 community_free(attr->community);
879 attr->community = NULL;
880 }
881
882 if (attr->ecommunity && !attr->ecommunity->refcnt)
883 ecommunity_free(&attr->ecommunity);
884 if (attr->lcommunity && !attr->lcommunity->refcnt)
885 lcommunity_free(&attr->lcommunity);
886 if (attr->cluster && !attr->cluster->refcnt) {
887 cluster_free(attr->cluster);
888 attr->cluster = NULL;
889 }
890 if (attr->transit && !attr->transit->refcnt) {
891 transit_free(attr->transit);
892 attr->transit = NULL;
893 }
894 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
895 encap_free(attr->encap_subtlvs);
896 attr->encap_subtlvs = NULL;
897 }
65efcfce 898#if ENABLE_BGP_VNC
d62a17ae 899 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
900 encap_free(attr->vnc_subtlvs);
901 attr->vnc_subtlvs = NULL;
902 }
aadc0905 903#endif
718e3744 904}
905
b881c707
PJ		 906/* Implement draft-scudder-idr-optional-transitive behaviour and
907 * avoid resetting sessions for malformed attributes which are
908 * are partial/optional and hence where the error likely was not
909 * introduced by the sending neighbour.
910 */
911static bgp_attr_parse_ret_t
d7c0a89a 912bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
d62a17ae 913 bgp_size_t length)
914{
915 struct peer *const peer = args->peer;
d7c0a89a 916 const uint8_t flags = args->flags;
d62a17ae 917 /* startp and length must be special-cased, as whether or not to
918 * send the attribute data with the NOTIFY depends on the error,
919 * the caller therefore signals this with the seperate length argument
920 */
d7c0a89a 921 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
d62a17ae 922
923 /* Only relax error handling for eBGP peers */
924 if (peer->sort != BGP_PEER_EBGP) {
925 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
926 notify_datap, length);
927 return BGP_ATTR_PARSE_ERROR;
928 }
929
930 /* Adjust the stream getp to the end of the attribute, in case we can
931 * still proceed but the caller hasn't read all the attribute.
932 */
933 stream_set_getp(BGP_INPUT(peer),
934 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
935 + args->total);
936
937 switch (args->type) {
938 /* where an attribute is relatively inconsequential, e.g. it does not
939 * affect route selection, and can be safely ignored, then any such
940 * attributes which are malformed should just be ignored and the route
941 * processed as normal.
942 */
943 case BGP_ATTR_AS4_AGGREGATOR:
944 case BGP_ATTR_AGGREGATOR:
945 case BGP_ATTR_ATOMIC_AGGREGATE:
946 return BGP_ATTR_PARSE_PROCEED;
947
948 /* Core attributes, particularly ones which may influence route
949 * selection, should always cause session resets
950 */
951 case BGP_ATTR_ORIGIN:
952 case BGP_ATTR_AS_PATH:
953 case BGP_ATTR_NEXT_HOP:
954 case BGP_ATTR_MULTI_EXIT_DISC:
955 case BGP_ATTR_LOCAL_PREF:
956 case BGP_ATTR_COMMUNITIES:
957 case BGP_ATTR_ORIGINATOR_ID:
958 case BGP_ATTR_CLUSTER_LIST:
959 case BGP_ATTR_MP_REACH_NLRI:
960 case BGP_ATTR_MP_UNREACH_NLRI:
961 case BGP_ATTR_EXT_COMMUNITIES:
962 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
963 notify_datap, length);
964 return BGP_ATTR_PARSE_ERROR;
965 }
966
967 /* Partial optional attributes that are malformed should not cause
968 * the whole session to be reset. Instead treat it as a withdrawal
969 * of the routes, if possible.
970 */
971 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
972 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
973 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
974 return BGP_ATTR_PARSE_WITHDRAW;
975
976 /* default to reset */
977 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
b881c707
PJ		 978}
979
afcb7679
DO		 980/* Find out what is wrong with the path attribute flag bits and log the error.
981 "Flag bits" here stand for Optional, Transitive and Partial, but not for
982 Extended Length. Checking O/T/P bits at once implies, that the attribute
983 being diagnosed is defined by RFC as either a "well-known" or an "optional,
984 non-transitive" attribute. */
985static void
d62a17ae 986bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
d7c0a89a
QY		 987 uint8_t desired_flags /* how RFC says it must be */
988)
d62a17ae 989{
d7c0a89a
QY		 990 uint8_t seen = 0, i;
991 uint8_t real_flags = args->flags;
992 const uint8_t attr_code = args->type;
d62a17ae 993
994 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
995 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
996 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
997 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
998 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
999 zlog_err("%s attribute must%s be flagged as \"%s\"",
1000 lookup_msg(attr_str, attr_code, NULL),
1001 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1002 ? ""
1003 : " not",
1004 attr_flag_str[i].str);
1005 seen = 1;
1006 }
1007 if (!seen) {
1008 zlog_debug(
1009 "Strange, %s called for attr %s, but no problem found with flags"
1010 " (real flags 0x%x, desired 0x%x)",
1011 __func__, lookup_msg(attr_str, attr_code, NULL),
1012 real_flags, desired_flags);
1013 }
afcb7679
DO		 1014}
1015
3ecab4c8
PJ		 1016/* Required flags for attributes. EXTLEN will be masked off when testing,
1017 * as will PARTIAL for optional+transitive attributes.
1018 */
d7c0a89a
QY		 1019const uint8_t attr_flags_values[] = {
1020 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1021 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1022 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1023 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1024 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1025 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1026 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1027 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1028 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1029 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1030 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1031 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1032 [BGP_ATTR_EXT_COMMUNITIES] =
1033 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1034 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1035 [BGP_ATTR_AS4_AGGREGATOR] =
1036 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1037 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1038 [BGP_ATTR_LARGE_COMMUNITIES] =
1039 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1040 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
3ecab4c8 1041};
099111ef 1042static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
3ecab4c8 1043
d62a17ae 1044static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1045{
d7c0a89a
QY		 1046 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1047 const uint8_t flags = args->flags;
1048 const uint8_t attr_code = args->type;
d62a17ae 1049
1050 /* there may be attributes we don't know about */
1051 if (attr_code > attr_flags_values_max)
1052 return 0;
1053 if (attr_flags_values[attr_code] == 0)
1054 return 0;
1055
1056 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1057 * to
1058 * 1."
1059 */
1060 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1061 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
1062 zlog_err(
1063 "%s well-known attributes must have transitive flag set (%x)",
1064 lookup_msg(attr_str, attr_code, NULL), flags);
1065 return 1;
1066 }
1067
1068 /* "For well-known attributes and for optional non-transitive
1069 * attributes,
1070 * the Partial bit MUST be set to 0."
1071 */
1072 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1073 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
1074 zlog_err(
1075 "%s well-known attribute "
1076 "must NOT have the partial flag set (%x)",
1077 lookup_msg(attr_str, attr_code, NULL), flags);
1078 return 1;
1079 }
1080 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1081 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
1082 zlog_err(
1083 "%s optional + transitive attribute "
1084 "must NOT have the partial flag set (%x)",
1085 lookup_msg(attr_str, attr_code, NULL), flags);
1086 return 1;
1087 }
1088 }
1089
1090 /* Optional transitive attributes may go through speakers that don't
1091 * reocgnise them and set the Partial bit.
1092 */
1093 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1094 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1095 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1096
1097 if ((flags & ~mask) == attr_flags_values[attr_code])
1098 return 0;
1099
1100 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1101 return 1;
3ecab4c8
PJ		 1102}
1103
718e3744 1104/* Get origin attribute of the update message. */
d62a17ae 1105static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1106{
1107 struct peer *const peer = args->peer;
1108 struct attr *const attr = args->attr;
1109 const bgp_size_t length = args->length;
1110
1111 /* If any recognized attribute has Attribute Length that conflicts
1112 with the expected length (based on the attribute type code), then
1113 the Error Subcode is set to Attribute Length Error. The Data
1114 field contains the erroneous attribute (type, length and
1115 value). */
1116 if (length != 1) {
1117 zlog_err("Origin attribute length is not one %d", length);
1118 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1119 args->total);
1120 }
1121
1122 /* Fetch origin attribute. */
1123 attr->origin = stream_getc(BGP_INPUT(peer));
1124
1125 /* If the ORIGIN attribute has an undefined value, then the Error
1126 Subcode is set to Invalid Origin Attribute. The Data field
1127 contains the unrecognized attribute (type, length and value). */
1128 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1129 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
1130 zlog_err("Origin attribute value is invalid %d", attr->origin);
1131 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1132 args->total);
1133 }
1134
1135 /* Set oring attribute flag. */
1136 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1137
1138 return 0;
718e3744 1139}
ab005298
PJ		 1140
1141/* Parse AS path information. This function is wrapper of
1142 aspath_parse. */
d62a17ae 1143static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1144{
1145 struct attr *const attr = args->attr;
1146 struct peer *const peer = args->peer;
1147 const bgp_size_t length = args->length;
1148
1149 /*
1150 * peer with AS4 => will get 4Byte ASnums
1151 * otherwise, will get 16 Bit
1152 */
424ab01d 1153 attr->aspath = aspath_parse(peer->curr, length,
d62a17ae 1154 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1155
1156 /* In case of IBGP, length will be zero. */
1157 if (!attr->aspath) {
1158 zlog_err("Malformed AS path from %s, length is %d", peer->host,
1159 length);
1160 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1161 0);
1162 }
0b2aa3a0 1163
d62a17ae 1164 /* Set aspath attribute flag. */
1165 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1166
1167 return BGP_ATTR_PARSE_PROCEED;
1168}
1169
1170static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1171 struct attr *const attr)
1172{
1173 /* These checks were part of bgp_attr_aspath, but with
1174 * as4 we should to check aspath things when
1175 * aspath synthesizing with as4_path has already taken place.
1176 * Otherwise we check ASPATH and use the synthesized thing, and that is
1177 * not right.
1178 * So do the checks later, i.e. here
1179 */
d62a17ae 1180 struct aspath *aspath;
1181
1182 /* Confederation sanity check. */
1183 if ((peer->sort == BGP_PEER_CONFED
1184 && !aspath_left_confed_check(attr->aspath))
1185 || (peer->sort == BGP_PEER_EBGP
1186 && aspath_confed_check(attr->aspath))) {
1187 zlog_err("Malformed AS path from %s", peer->host);
1188 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1189 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1190 return BGP_ATTR_PARSE_ERROR;
1191 }
cddb8112 1192
d62a17ae 1193 /* First AS check for EBGP. */
47cbc09b 1194 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
d62a17ae 1195 if (peer->sort == BGP_PEER_EBGP
1196 && !aspath_firstas_check(attr->aspath, peer->as)) {
1197 zlog_err("%s incorrect first AS (must be %u)",
1198 peer->host, peer->as);
1199 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1200 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1201 return BGP_ATTR_PARSE_ERROR;
1202 }
1203 }
0b2aa3a0 1204
d62a17ae 1205 /* local-as prepend */
1206 if (peer->change_local_as
1207 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1208 aspath = aspath_dup(attr->aspath);
1209 aspath = aspath_add_seq(aspath, peer->change_local_as);
1210 aspath_unintern(&attr->aspath);
1211 attr->aspath = aspath_intern(aspath);
1212 }
0b2aa3a0 1213
d62a17ae 1214 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1215}
1216
ab005298
PJ		 1217/* Parse AS4 path information. This function is another wrapper of
1218 aspath_parse. */
d62a17ae 1219static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1220 struct aspath **as4_path)
ab005298 1221{
d62a17ae 1222 struct peer *const peer = args->peer;
1223 struct attr *const attr = args->attr;
1224 const bgp_size_t length = args->length;
ab005298 1225
424ab01d 1226 *as4_path = aspath_parse(peer->curr, length, 1);
b881c707 1227
d62a17ae 1228 /* In case of IBGP, length will be zero. */
1229 if (!*as4_path) {
1230 zlog_err("Malformed AS4 path from %s, length is %d", peer->host,
1231 length);
1232 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1233 0);
1234 }
ab005298 1235
d62a17ae 1236 /* Set aspath attribute flag. */
1237 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1238
1239 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1240}
1241
718e3744 1242/* Nexthop attribute. */
d62a17ae 1243static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1244{
1245 struct peer *const peer = args->peer;
1246 struct attr *const attr = args->attr;
1247 const bgp_size_t length = args->length;
1248
1249 in_addr_t nexthop_h, nexthop_n;
1250
1251 /* Check nexthop attribute length. */
1252 if (length != 4) {
1253 zlog_err("Nexthop attribute length isn't four [%d]", length);
1254
1255 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1256 args->total);
1257 }
1258
1259 /* According to section 6.3 of RFC4271, syntactically incorrect NEXT_HOP
1260 attribute must result in a NOTIFICATION message (this is implemented
1261 below).
1262 At the same time, semantically incorrect NEXT_HOP is more likely to
1263 be just
1264 logged locally (this is implemented somewhere else). The UPDATE
1265 message
1266 gets ignored in any of these cases. */
424ab01d 1267 nexthop_n = stream_get_ipv4(peer->curr);
d62a17ae 1268 nexthop_h = ntohl(nexthop_n);
1269 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1270 || IPV4_CLASS_DE(nexthop_h))
1271 && !BGP_DEBUG(
1272 allow_martians,
1273 ALLOW_MARTIANS)) /* loopbacks may be used in testing */
1274 {
1275 char buf[INET_ADDRSTRLEN];
1276 inet_ntop(AF_INET, &nexthop_n, buf, INET_ADDRSTRLEN);
1277 zlog_err("Martian nexthop %s", buf);
1278 return bgp_attr_malformed(
1279 args, BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP, args->total);
1280 }
1281
1282 attr->nexthop.s_addr = nexthop_n;
1283 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1284
1285 return BGP_ATTR_PARSE_PROCEED;
718e3744 1286}
1287
1288/* MED atrribute. */
d62a17ae 1289static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
718e3744 1290{
d62a17ae 1291 struct peer *const peer = args->peer;
1292 struct attr *const attr = args->attr;
1293 const bgp_size_t length = args->length;
b881c707 1294
d62a17ae 1295 /* Length check. */
1296 if (length != 4) {
1297 zlog_err("MED attribute length isn't four [%d]", length);
718e3744 1298
d62a17ae 1299 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1300 args->total);
1301 }
1302
424ab01d 1303 attr->med = stream_getl(peer->curr);
718e3744 1304
d62a17ae 1305 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
718e3744 1306
d62a17ae 1307 return BGP_ATTR_PARSE_PROCEED;
718e3744 1308}
1309
1310/* Local preference attribute. */
b881c707 1311static bgp_attr_parse_ret_t
d62a17ae 1312bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1313{
1314 struct peer *const peer = args->peer;
1315 struct attr *const attr = args->attr;
1316 const bgp_size_t length = args->length;
1317
1318 /* Length check. */
1319 if (length != 4) {
1320 zlog_err("LOCAL_PREF attribute length isn't 4 [%u]", length);
1321 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1322 args->total);
1323 }
1324
1325 /* If it is contained in an UPDATE message that is received from an
1326 external peer, then this attribute MUST be ignored by the
1327 receiving speaker. */
1328 if (peer->sort == BGP_PEER_EBGP) {
424ab01d 1329 stream_forward_getp(peer->curr, length);
d62a17ae 1330 return BGP_ATTR_PARSE_PROCEED;
1331 }
1332
424ab01d 1333 attr->local_pref = stream_getl(peer->curr);
d62a17ae 1334
7f323236 1335 /* Set the local-pref flag. */
d62a17ae 1336 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1337
1338 return BGP_ATTR_PARSE_PROCEED;
718e3744 1339}
1340
1341/* Atomic aggregate. */
d62a17ae 1342static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
718e3744 1343{
d62a17ae 1344 struct attr *const attr = args->attr;
1345 const bgp_size_t length = args->length;
1346
1347 /* Length check. */
1348 if (length != 0) {
1349 zlog_err("ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1350 length);
1351 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1352 args->total);
1353 }
718e3744 1354
d62a17ae 1355 /* Set atomic aggregate flag. */
1356 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
718e3744 1357
d62a17ae 1358 return BGP_ATTR_PARSE_PROCEED;
718e3744 1359}
1360
1361/* Aggregator attribute */
d62a17ae 1362static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1363{
1364 struct peer *const peer = args->peer;
1365 struct attr *const attr = args->attr;
1366 const bgp_size_t length = args->length;
1367
1368 int wantedlen = 6;
1369
1370 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1371 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1372 wantedlen = 8;
1373
1374 if (length != wantedlen) {
1375 zlog_err("AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1376 length);
1377 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1378 args->total);
1379 }
1380
1381 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
424ab01d 1382 attr->aggregator_as = stream_getl(peer->curr);
d62a17ae 1383 else
424ab01d
QY		 1384 attr->aggregator_as = stream_getw(peer->curr);
1385 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1386
1387 /* Set atomic aggregate flag. */
1388 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1389
1390 return BGP_ATTR_PARSE_PROCEED;
718e3744 1391}
1392
0b2aa3a0 1393/* New Aggregator attribute */
b881c707 1394static bgp_attr_parse_ret_t
d62a17ae 1395bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1396 as_t *as4_aggregator_as,
1397 struct in_addr *as4_aggregator_addr)
1398{
1399 struct peer *const peer = args->peer;
1400 struct attr *const attr = args->attr;
1401 const bgp_size_t length = args->length;
1402
1403 if (length != 8) {
1404 zlog_err("New Aggregator length is not 8 [%d]", length);
1405 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1406 0);
1407 }
1408
424ab01d
QY		 1409 *as4_aggregator_as = stream_getl(peer->curr);
1410 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1411
1412 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1413
1414 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1415}
1416
1417/* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1418 */
b881c707 1419static bgp_attr_parse_ret_t
d62a17ae 1420bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1421 struct aspath *as4_path, as_t as4_aggregator,
1422 struct in_addr *as4_aggregator_addr)
1423{
1424 int ignore_as4_path = 0;
1425 struct aspath *newpath;
1426
1427 if (!attr->aspath) {
1428 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1429 * have
1430 * checked that all well-known, mandatory attributes were
1431 * present.
1432 *
1433 * Can only be a problem with peer itself - hard error
1434 */
1435 return BGP_ATTR_PARSE_ERROR;
1436 }
1437
1438 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1439 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1440 * if given.
1441 * It is worth a warning though, because the peer really
1442 * should not send them
1443 */
1444 if (BGP_DEBUG(as4, AS4)) {
1445 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1446 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1447 "AS4 capable peer, yet it sent");
1448
1449 if (attr->flag
1450 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1451 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1452 peer->host,
1453 "AS4 capable peer, yet it sent");
1454 }
1455
1456 return BGP_ATTR_PARSE_PROCEED;
1457 }
1458
1459 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1460 * because that may override AS4_PATH
1461 */
1462 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1463 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1464 /* received both.
1465 * if the as_number in aggregator is not AS_TRANS,
1466 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1467 * and the Aggregator shall be taken as
1468 * info on the aggregating node, and the AS_PATH
1469 * shall be taken as the AS_PATH
1470 * otherwise
1471 * the Aggregator shall be ignored and the
1472 * AS4_AGGREGATOR shall be taken as the
1473 * Aggregating node and the AS_PATH is to be
1474 * constructed "as in all other cases"
1475 */
1476 if (attr->aggregator_as != BGP_AS_TRANS) {
1477 /* ignore */
1478 if (BGP_DEBUG(as4, AS4))
1479 zlog_debug(
1480 "[AS4] %s BGP not AS4 capable peer"
1481 " send AGGREGATOR != AS_TRANS and"
1482 " AS4_AGGREGATOR, so ignore"
1483 " AS4_AGGREGATOR and AS4_PATH",
1484 peer->host);
1485 ignore_as4_path = 1;
1486 } else {
1487 /* "New_aggregator shall be taken as aggregator"
1488 */
1489 attr->aggregator_as = as4_aggregator;
1490 attr->aggregator_addr.s_addr =
1491 as4_aggregator_addr->s_addr;
1492 }
1493 } else {
1494 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1495 * That is bogus - but reading the conditions
1496 * we have to handle AS4_AGGREGATOR as if it were
1497 * AGGREGATOR in that case
1498 */
1499 if (BGP_DEBUG(as4, AS4))
1500 zlog_debug(
1501 "[AS4] %s BGP not AS4 capable peer send"
1502 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1503 " it as if AGGREGATOR with AS_TRANS had been there",
1504 peer->host);
1505 attr->aggregator_as = as4_aggregator;
1506 /* sweep it under the carpet and simulate a "good"
1507 * AGGREGATOR */
1508 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1509 }
1510 }
1511
1512 /* need to reconcile NEW_AS_PATH and AS_PATH */
1513 if (!ignore_as4_path
1514 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1515 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
e8a3a0a0 1516 if (!newpath)
1517 return BGP_ATTR_PARSE_ERROR;
1518
d62a17ae 1519 aspath_unintern(&attr->aspath);
1520 attr->aspath = aspath_intern(newpath);
1521 }
1522 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1523}
1524
718e3744 1525/* Community attribute. */
b881c707 1526static bgp_attr_parse_ret_t
d62a17ae 1527bgp_attr_community(struct bgp_attr_parser_args *args)
1528{
1529 struct peer *const peer = args->peer;
1530 struct attr *const attr = args->attr;
1531 const bgp_size_t length = args->length;
1532
1533 if (length == 0) {
1534 attr->community = NULL;
1535 return BGP_ATTR_PARSE_PROCEED;
1536 }
1537
1538 attr->community =
d7c0a89a 1539 community_parse((uint32_t *)stream_pnt(peer->curr), length);
d62a17ae 1540
1541 /* XXX: fix community_parse to use stream API and remove this */
424ab01d 1542 stream_forward_getp(peer->curr, length);
d62a17ae 1543
1544 if (!attr->community)
1545 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1546 args->total);
1547
1548 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1549
1550 return BGP_ATTR_PARSE_PROCEED;
718e3744 1551}
1552
1553/* Originator ID attribute. */
b881c707 1554static bgp_attr_parse_ret_t
d62a17ae 1555bgp_attr_originator_id(struct bgp_attr_parser_args *args)
718e3744 1556{
d62a17ae 1557 struct peer *const peer = args->peer;
1558 struct attr *const attr = args->attr;
1559 const bgp_size_t length = args->length;
718e3744 1560
d62a17ae 1561 /* Length check. */
1562 if (length != 4) {
1563 zlog_err("Bad originator ID length %d", length);
718e3744 1564
d62a17ae 1565 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1566 args->total);
1567 }
1568
424ab01d 1569 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
718e3744 1570
d62a17ae 1571 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
718e3744 1572
d62a17ae 1573 return BGP_ATTR_PARSE_PROCEED;
718e3744 1574}
1575
1576/* Cluster list attribute. */
b881c707 1577static bgp_attr_parse_ret_t
d62a17ae 1578bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
718e3744 1579{
d62a17ae 1580 struct peer *const peer = args->peer;
1581 struct attr *const attr = args->attr;
1582 const bgp_size_t length = args->length;
1583
1584 /* Check length. */
1585 if (length % 4) {
1586 zlog_err("Bad cluster list length %d", length);
718e3744 1587
d62a17ae 1588 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1589 args->total);
1590 }
1591
1592 attr->cluster =
424ab01d 1593 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
718e3744 1594
d62a17ae 1595 /* XXX: Fix cluster_parse to use stream API and then remove this */
424ab01d 1596 stream_forward_getp(peer->curr, length);
718e3744 1597
d62a17ae 1598 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
718e3744 1599
d62a17ae 1600 return BGP_ATTR_PARSE_PROCEED;
718e3744 1601}
1602
1603/* Multiprotocol reachability information parse. */
d62a17ae 1604int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1605 struct bgp_nlri *mp_update)
1606{
1607 iana_afi_t pkt_afi;
1608 afi_t afi;
5c525538
RW		 1609 iana_safi_t pkt_safi;
1610 safi_t safi;
d62a17ae 1611 bgp_size_t nlri_len;
1612 size_t start;
1613 struct stream *s;
1614 struct peer *const peer = args->peer;
1615 struct attr *const attr = args->attr;
1616 const bgp_size_t length = args->length;
1617
1618 /* Set end of packet. */
1619 s = BGP_INPUT(peer);
1620 start = stream_get_getp(s);
1621
1622/* safe to read statically sized header? */
6e4ab12f 1623#define BGP_MP_REACH_MIN_SIZE 5
03292809 1624#define LEN_LEFT (length - (stream_get_getp(s) - start))
d62a17ae 1625 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1626 zlog_info("%s: %s sent invalid length, %lu", __func__,
1627 peer->host, (unsigned long)length);
1628 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1629 }
1630
1631 /* Load AFI, SAFI. */
1632 pkt_afi = stream_getw(s);
1633 pkt_safi = stream_getc(s);
1634
1635 /* Convert AFI, SAFI to internal values, check. */
1636 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1637 /* Log if AFI or SAFI is unrecognized. This is not an error
1638 * unless
1639 * the attribute is otherwise malformed.
1640 */
1641 if (bgp_debug_update(peer, NULL, NULL, 0))
1642 zlog_debug(
1643 "%s: MP_REACH received AFI %u or SAFI %u is unrecognized",
1644 peer->host, pkt_afi, pkt_safi);
1645 return BGP_ATTR_PARSE_ERROR;
1646 }
1647
1648 /* Get nexthop length. */
1649 attr->mp_nexthop_len = stream_getc(s);
1650
1651 if (LEN_LEFT < attr->mp_nexthop_len) {
1652 zlog_info(
1653 "%s: %s, MP nexthop length, %u, goes past end of attribute",
1654 __func__, peer->host, attr->mp_nexthop_len);
1655 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1656 }
1657
1658 /* Nexthop length check. */
1659 switch (attr->mp_nexthop_len) {
7c40bf39 1660 case 0:
1661 if (safi != SAFI_FLOWSPEC) {
1662 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1663 __func__, peer->host, attr->mp_nexthop_len);
1664 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1665 }
1666 break;
b6453163
LB		 1667 case BGP_ATTR_NHLEN_VPNV4:
1668 stream_getl(s); /* RD high */
1669 stream_getl(s); /* RD low */
996c9314
LB		 1670 /*
1671 * NOTE: intentional fall through
1672 * - for consistency in rx processing
1673 *
1674 * The following comment is to signal GCC this intention
1675 * and supress the warning
1676 */
1677 /* FALLTHRU */
d62a17ae 1678 case BGP_ATTR_NHLEN_IPV4:
1679 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1680 /* Probably needed for RFC 2283 */
1681 if (attr->nexthop.s_addr == 0)
1682 memcpy(&attr->nexthop.s_addr,
1683 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1684 break;
d62a17ae 1685 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1686 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1687 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1688 stream_getl(s); /* RD high */
1689 stream_getl(s); /* RD low */
1690 }
1691 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
77e62f2b 1692 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global))
1693 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1694 break;
1695 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1696 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1697 if (attr->mp_nexthop_len
1698 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1699 stream_getl(s); /* RD high */
1700 stream_getl(s); /* RD low */
1701 }
1702 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
77e62f2b 1703 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global))
1704 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1705 if (attr->mp_nexthop_len
1706 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1707 stream_getl(s); /* RD high */
1708 stream_getl(s); /* RD low */
1709 }
1710 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1711 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1712 char buf1[INET6_ADDRSTRLEN];
1713 char buf2[INET6_ADDRSTRLEN];
1714
1715 if (bgp_debug_update(peer, NULL, NULL, 1))
1716 zlog_debug(
1717 "%s rcvd nexthops %s, %s -- ignoring non-LL value",
1718 peer->host,
1719 inet_ntop(AF_INET6,
1720 &attr->mp_nexthop_global,
1721 buf1, INET6_ADDRSTRLEN),
1722 inet_ntop(AF_INET6,
1723 &attr->mp_nexthop_local, buf2,
1724 INET6_ADDRSTRLEN));
1725
1726 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1727 }
77e62f2b 1728 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1729 break;
1730 default:
1731 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1732 __func__, peer->host, attr->mp_nexthop_len);
1733 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1734 }
1735
1736 if (!LEN_LEFT) {
1737 zlog_info("%s: (%s) Failed to read SNPA and NLRI(s)", __func__,
1738 peer->host);
1739 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1740 }
1741
718e3744 1742 {
d7c0a89a 1743 uint8_t val;
d62a17ae 1744 if ((val = stream_getc(s)))
1745 zlog_warn(
1746 "%s sent non-zero value, %u, for defunct SNPA-length field",
1747 peer->host, val);
1748 }
1749
1750 /* must have nrli_len, what is left of the attribute */
1751 nlri_len = LEN_LEFT;
9b9df989 1752 if (nlri_len > STREAM_READABLE(s)) {
d62a17ae 1753 zlog_info("%s: (%s) Failed to read NLRI", __func__, peer->host);
1754 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1755 }
1756
9b9df989
DS		 1757 if (!nlri_len) {
1758 zlog_info("%s: (%s) No Reachability, Treating as a EOR marker",
1759 __func__, peer->host);
1760
1761 mp_update->afi = afi;
1762 mp_update->safi = safi;
1763 return BGP_ATTR_PARSE_EOR;
1764 }
1765
d62a17ae 1766 mp_update->afi = afi;
1767 mp_update->safi = safi;
1768 mp_update->nlri = stream_pnt(s);
1769 mp_update->length = nlri_len;
1770
1771 stream_forward_getp(s, nlri_len);
1772
1773 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1774
1775 return BGP_ATTR_PARSE_PROCEED;
03292809 1776#undef LEN_LEFT
718e3744 1777}
1778
1779/* Multiprotocol unreachable parse */
d62a17ae 1780int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1781 struct bgp_nlri *mp_withdraw)
1782{
1783 struct stream *s;
1784 iana_afi_t pkt_afi;
1785 afi_t afi;
5c525538
RW		 1786 iana_safi_t pkt_safi;
1787 safi_t safi;
d7c0a89a 1788 uint16_t withdraw_len;
d62a17ae 1789 struct peer *const peer = args->peer;
1790 struct attr *const attr = args->attr;
1791 const bgp_size_t length = args->length;
9cabb64b 1792
424ab01d 1793 s = peer->curr;
9cabb64b 1794
d62a17ae 1795#define BGP_MP_UNREACH_MIN_SIZE 3
1796 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1797 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1798
1799 pkt_afi = stream_getw(s);
1800 pkt_safi = stream_getc(s);
1801
1802 /* Convert AFI, SAFI to internal values, check. */
1803 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1804 /* Log if AFI or SAFI is unrecognized. This is not an error
1805 * unless
1806 * the attribute is otherwise malformed.
1807 */
1808 if (bgp_debug_update(peer, NULL, NULL, 0))
1809 zlog_debug(
1810 "%s: MP_UNREACH received AFI %u or SAFI %u is unrecognized",
1811 peer->host, pkt_afi, pkt_safi);
1812 return BGP_ATTR_PARSE_ERROR;
1813 }
718e3744 1814
d62a17ae 1815 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
718e3744 1816
d62a17ae 1817 mp_withdraw->afi = afi;
1818 mp_withdraw->safi = safi;
1819 mp_withdraw->nlri = stream_pnt(s);
1820 mp_withdraw->length = withdraw_len;
718e3744 1821
d62a17ae 1822 stream_forward_getp(s, withdraw_len);
37da8fa9 1823
d62a17ae 1824 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1825
1826 return BGP_ATTR_PARSE_PROCEED;
718e3744 1827}
1828
57d187bc
JS		 1829/* Large Community attribute. */
1830static bgp_attr_parse_ret_t
d62a17ae 1831bgp_attr_large_community(struct bgp_attr_parser_args *args)
1832{
1833 struct peer *const peer = args->peer;
1834 struct attr *const attr = args->attr;
1835 const bgp_size_t length = args->length;
1836
1837 /*
1838 * Large community follows new attribute format.
1839 */
1840 if (length == 0) {
1841 attr->lcommunity = NULL;
1842 /* Empty extcomm doesn't seem to be invalid per se */
1843 return BGP_ATTR_PARSE_PROCEED;
1844 }
57d187bc 1845
d62a17ae 1846 attr->lcommunity =
d7c0a89a 1847 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1848 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1849 stream_forward_getp(peer->curr, length);
57d187bc 1850
d62a17ae 1851 if (!attr->lcommunity)
1852 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1853 args->total);
57d187bc 1854
d62a17ae 1855 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
57d187bc 1856
d62a17ae 1857 return BGP_ATTR_PARSE_PROCEED;
57d187bc
JS		 1858}
1859
718e3744 1860/* Extended Community attribute. */
b881c707 1861static bgp_attr_parse_ret_t
d62a17ae 1862bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1863{
1864 struct peer *const peer = args->peer;
1865 struct attr *const attr = args->attr;
1866 const bgp_size_t length = args->length;
d7c0a89a 1867 uint8_t sticky = 0;
d62a17ae 1868
1869 if (length == 0) {
1870 attr->ecommunity = NULL;
1871 /* Empty extcomm doesn't seem to be invalid per se */
1872 return BGP_ATTR_PARSE_PROCEED;
1873 }
1874
1875 attr->ecommunity =
d7c0a89a 1876 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1877 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1878 stream_forward_getp(peer->curr, length);
d62a17ae 1879
1880 if (!attr->ecommunity)
1881 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1882 args->total);
1883
1884 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1885
1886 /* Extract MAC mobility sequence number, if any. */
1887 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1888 attr->sticky = sticky;
1889
ead40654
MK		 1890 /* Check if this is a Gateway MAC-IP advertisement */
1891 attr->default_gw = bgp_attr_default_gw(attr);
1892
68e33151
CS		 1893 /* Handle scenario where router flag ecommunity is not
1894 * set but default gw ext community is present.
1895 * Use default gateway, set and propogate R-bit.
1896 */
1897 if (attr->default_gw)
1898 attr->router_flag = 1;
1899
1900 /* Check EVPN Neighbor advertisement flags, R-bit */
1901 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1902
bc59a672
MK		 1903 /* Extract the Rmac, if any */
1904 bgp_attr_rmac(attr, &attr->rmac);
1905
d62a17ae 1906 return BGP_ATTR_PARSE_PROCEED;
718e3744 1907}
1908
f4c89855 1909/* Parse Tunnel Encap attribute in an UPDATE */
d62a17ae 1910static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
1911 bgp_size_t length, /* IN: attr's length field */
1912 struct attr *attr, /* IN: caller already allocated */
d7c0a89a
QY		 1913 uint8_t flag, /* IN: attr's flags field */
1914 uint8_t *startp)
d62a17ae 1915{
1916 bgp_size_t total;
d62a17ae 1917 uint16_t tunneltype = 0;
1918
1919 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
1920
1921 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
1922 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
1923 zlog_info(
1924 "Tunnel Encap attribute flag isn't optional and transitive %d",
1925 flag);
1926 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1927 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
1928 startp, total);
1929 return -1;
1930 }
1931
1932 if (BGP_ATTR_ENCAP == type) {
1933 /* read outer TLV type and length */
1934 uint16_t tlv_length;
1935
1936 if (length < 4) {
1937 zlog_info(
1938 "Tunnel Encap attribute not long enough to contain outer T,L");
1939 bgp_notify_send_with_data(
1940 peer, BGP_NOTIFY_UPDATE_ERR,
1941 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1942 return -1;
1943 }
1944 tunneltype = stream_getw(BGP_INPUT(peer));
1945 tlv_length = stream_getw(BGP_INPUT(peer));
1946 length -= 4;
1947
1948 if (tlv_length != length) {
1949 zlog_info("%s: tlv_length(%d) != length(%d)", __func__,
1950 tlv_length, length);
1951 }
1952 }
1953
1954 while (length >= 4) {
1955 uint16_t subtype = 0;
1956 uint16_t sublength = 0;
1957 struct bgp_attr_encap_subtlv *tlv;
1958
1959 if (BGP_ATTR_ENCAP == type) {
1960 subtype = stream_getc(BGP_INPUT(peer));
1961 sublength = stream_getc(BGP_INPUT(peer));
1962 length -= 2;
65efcfce 1963#if ENABLE_BGP_VNC
d62a17ae 1964 } else {
1965 subtype = stream_getw(BGP_INPUT(peer));
1966 sublength = stream_getw(BGP_INPUT(peer));
1967 length -= 4;
65efcfce 1968#endif
d62a17ae 1969 }
1970
1971 if (sublength > length) {
1972 zlog_info(
1973 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
1974 sublength, length);
1975 bgp_notify_send_with_data(
1976 peer, BGP_NOTIFY_UPDATE_ERR,
1977 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1978 return -1;
1979 }
1980
1981 /* alloc and copy sub-tlv */
1982 /* TBD make sure these are freed when attributes are released */
1983 tlv = XCALLOC(MTYPE_ENCAP_TLV,
996c9314 1984 sizeof(struct bgp_attr_encap_subtlv) + sublength);
d62a17ae 1985 tlv->type = subtype;
1986 tlv->length = sublength;
424ab01d 1987 stream_get(tlv->value, peer->curr, sublength);
d62a17ae 1988 length -= sublength;
1989
1990 /* attach tlv to encap chain */
1991 if (BGP_ATTR_ENCAP == type) {
e4002056 1992 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 1993 for (stlv_last = attr->encap_subtlvs;
1994 stlv_last && stlv_last->next;
1995 stlv_last = stlv_last->next)
1996 ;
1997 if (stlv_last) {
1998 stlv_last->next = tlv;
1999 } else {
2000 attr->encap_subtlvs = tlv;
2001 }
65efcfce 2002#if ENABLE_BGP_VNC
d62a17ae 2003 } else {
e4002056 2004 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 2005 for (stlv_last = attr->vnc_subtlvs;
2006 stlv_last && stlv_last->next;
2007 stlv_last = stlv_last->next)
2008 ;
2009 if (stlv_last) {
2010 stlv_last->next = tlv;
2011 } else {
2012 attr->vnc_subtlvs = tlv;
2013 }
aadc0905 2014#endif
d62a17ae 2015 }
d62a17ae 2016 }
f4c89855 2017
d62a17ae 2018 if (BGP_ATTR_ENCAP == type) {
2019 attr->encap_tunneltype = tunneltype;
2020 }
f4c89855 2021
d62a17ae 2022 if (length) {
2023 /* spurious leftover data */
2024 zlog_info(
2025 "Tunnel Encap attribute length is bad: %d leftover octets",
2026 length);
2027 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2028 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2029 startp, total);
2030 return -1;
2031 }
f4c89855 2032
d62a17ae 2033 return 0;
f4c89855
LB		 2034}
2035
30adbd4e
DS		 2036/*
2037 * Read an individual SID value returning how much data we have read
2038 * Returns 0 if there was an error that needs to be passed up the stack
c5a543b4 2039 */
30adbd4e
DS		 2040static bgp_attr_parse_ret_t bgp_attr_psid_sub(int32_t type,
2041 int32_t length,
2042 struct bgp_attr_parser_args *args,
2043 struct bgp_nlri *mp_update)
d62a17ae 2044{
2045 struct peer *const peer = args->peer;
2046 struct attr *const attr = args->attr;
d7c0a89a 2047 uint32_t label_index;
d62a17ae 2048 struct in6_addr ipv6_sid;
d7c0a89a
QY		 2049 uint32_t srgb_base;
2050 uint32_t srgb_range;
d62a17ae 2051 int srgb_count;
2052
d62a17ae 2053 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2054 if (length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
2055 zlog_err(
30adbd4e
DS		 2056 "Prefix SID label index length is %d instead of %d",
2057 length,
2058 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
2059 return bgp_attr_malformed(args,
2060 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2061 args->total);
d62a17ae 2062 }
2063
2064 /* Ignore flags and reserved */
424ab01d
QY		 2065 stream_getc(peer->curr);
2066 stream_getw(peer->curr);
d62a17ae 2067
2068 /* Fetch the label index and see if it is valid. */
424ab01d 2069 label_index = stream_getl(peer->curr);
d62a17ae 2070 if (label_index == BGP_INVALID_LABEL_INDEX)
30adbd4e
DS		 2071 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2072 args->total);
d62a17ae 2073
2074 /* Store label index; subsequently, we'll check on
2075 * address-family */
2076 attr->label_index = label_index;
2077
2078 /*
2079 * Ignore the Label index attribute unless received for
2080 * labeled-unicast
2081 * SAFI.
2082 */
2083 if (!mp_update->length
2084 || mp_update->safi != SAFI_LABELED_UNICAST)
2085 attr->label_index = BGP_INVALID_LABEL_INDEX;
2086 }
2087
2088 /* Placeholder code for the IPv6 SID type */
2089 else if (type == BGP_PREFIX_SID_IPV6) {
2090 if (length != BGP_PREFIX_SID_IPV6_LENGTH) {
2091 zlog_err("Prefix SID IPv6 length is %d instead of %d",
2092 length, BGP_PREFIX_SID_IPV6_LENGTH);
30adbd4e
DS		 2093 return bgp_attr_malformed(args,
2094 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2095 args->total);
d62a17ae 2096 }
2097
2098 /* Ignore reserved */
424ab01d
QY		 2099 stream_getc(peer->curr);
2100 stream_getw(peer->curr);
d62a17ae 2101
424ab01d 2102 stream_get(&ipv6_sid, peer->curr, 16);
d62a17ae 2103 }
2104
2105 /* Placeholder code for the Originator SRGB type */
2106 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2107 /* Ignore flags */
424ab01d 2108 stream_getw(peer->curr);
d62a17ae 2109
2110 length -= 2;
2111
2112 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
2113 zlog_err(
2114 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2115 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2116 return bgp_attr_malformed(
2117 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2118 args->total);
2119 }
2120
2121 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2122
2123 for (int i = 0; i < srgb_count; i++) {
424ab01d
QY		 2124 stream_get(&srgb_base, peer->curr, 3);
2125 stream_get(&srgb_range, peer->curr, 3);
d62a17ae 2126 }
2127 }
2128
2129 return BGP_ATTR_PARSE_PROCEED;
6cf48acc
VV		 2130}
2131
30adbd4e
DS		 2132/* Prefix SID attribute
2133 * draft-ietf-idr-bgp-prefix-sid-05
2134 */
2135bgp_attr_parse_ret_t
2136bgp_attr_prefix_sid(int32_t tlength, struct bgp_attr_parser_args *args,
2137 struct bgp_nlri *mp_update)
2138{
2139 struct peer *const peer = args->peer;
2140 struct attr *const attr = args->attr;
2141 bgp_attr_parse_ret_t ret;
2142
2143 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2144
2145 while (tlength) {
2146 int32_t type, length;
2147
2148 type = stream_getc(peer->curr);
2149 length = stream_getw(peer->curr);
2150
2151 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2152
2153 if (ret != BGP_ATTR_PARSE_PROCEED)
2154 return ret;
2155 /*
2156 * Subtract length + the T and the L
2157 * since length is the Vector portion
2158 */
2159 tlength -= length + 3;
2160
2161 if (tlength < 0) {
2162 zlog_err("Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2163 length);
2164 return bgp_attr_malformed(args,
2165 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2166 args->total);
2167 }
2168 }
2169
2170 return BGP_ATTR_PARSE_PROCEED;
2171}
2172
7fd077aa 2173/* PMSI tunnel attribute (RFC 6514)
2174 * Basic validation checks done here.
2175 */
2176static bgp_attr_parse_ret_t
2177bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2178{
2179 struct peer *const peer = args->peer;
2180 struct attr *const attr = args->attr;
2181 const bgp_size_t length = args->length;
d7c0a89a 2182 uint8_t tnl_type;
7fd077aa 2183
2184 /* Verify that the receiver is expecting "ingress replication" as we
2185 * can only support that.
2186 */
2187 if (length < 2) {
2188 zlog_err("Bad PMSI tunnel attribute length %d", length);
2189 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2190 args->total);
2191 }
2192 stream_getc(peer->curr); /* Flags */
2193 tnl_type = stream_getc(peer->curr);
2194 if (tnl_type > PMSI_TNLTYPE_MAX) {
2195 zlog_err("Invalid PMSI tunnel attribute type %d", tnl_type);
2196 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2197 args->total);
2198 }
2199 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2200 if (length != 9) {
2201 zlog_err("Bad PMSI tunnel attribute length %d for IR",
052ea98b 2202 length);
2203 return bgp_attr_malformed(
2204 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2205 args->total);
7fd077aa 2206 }
2207 }
2208
2209 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2210 attr->pmsi_tnl_type = tnl_type;
2211
2212 /* Forward read pointer of input stream. */
2213 stream_forward_getp(peer->curr, length - 2);
2214
2215 return BGP_ATTR_PARSE_PROCEED;
2216}
2217
718e3744 2218/* BGP unknown attribute treatment. */
d62a17ae 2219static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2220{
2221 bgp_size_t total = args->total;
2222 struct transit *transit;
2223 struct peer *const peer = args->peer;
2224 struct attr *const attr = args->attr;
d7c0a89a
QY		 2225 uint8_t *const startp = args->startp;
2226 const uint8_t type = args->type;
2227 const uint8_t flag = args->flags;
d62a17ae 2228 const bgp_size_t length = args->length;
2229
2230 if (bgp_debug_update(peer, NULL, NULL, 1))
2231 zlog_debug(
2232 "%s Unknown attribute is received (type %d, length %d)",
2233 peer->host, type, length);
2234
2235 /* Forward read pointer of input stream. */
424ab01d 2236 stream_forward_getp(peer->curr, length);
d62a17ae 2237
2238 /* If any of the mandatory well-known attributes are not recognized,
2239 then the Error Subcode is set to Unrecognized Well-known
2240 Attribute. The Data field contains the unrecognized attribute
2241 (type, length and value). */
2242 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2243 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2244 args->total);
2245 }
2246
2247 /* Unrecognized non-transitive optional attributes must be quietly
2248 ignored and not passed along to other BGP peers. */
2249 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2250 return BGP_ATTR_PARSE_PROCEED;
2251
2252 /* If a path with recognized transitive optional attribute is
2253 accepted and passed along to other BGP peers and the Partial bit
2254 in the Attribute Flags octet is set to 1 by some previous AS, it
2255 is not set back to 0 by the current AS. */
2256 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2257
2258 /* Store transitive attribute to the end of attr->transit. */
2259 if (!attr->transit)
2260 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2261
2262 transit = attr->transit;
2263
2264 if (transit->val)
2265 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2266 transit->length + total);
2267 else
2268 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2269
2270 memcpy(transit->val + transit->length, startp, total);
2271 transit->length += total;
2272
2273 return BGP_ATTR_PARSE_PROCEED;
718e3744 2274}
2275
bb7bef14 2276/* Well-known attribute check. */
d62a17ae 2277static int bgp_attr_check(struct peer *peer, struct attr *attr)
2278{
d7c0a89a 2279 uint8_t type = 0;
d62a17ae 2280
2281 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2282 * empty UPDATE. */
2283 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2284 return BGP_ATTR_PARSE_PROCEED;
2285
2286 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2287 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2288 are present, it should. Check for any other attribute being present
2289 instead.
2290 */
404c82d5
PG		 2291 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2292 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
d62a17ae 2293 return BGP_ATTR_PARSE_PROCEED;
2294
2295 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2296 type = BGP_ATTR_ORIGIN;
2297
2298 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2299 type = BGP_ATTR_AS_PATH;
2300
2301 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2302 * and
2303 * NLRI is empty. We can't easily check NLRI empty here though.
2304 */
2305 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2306 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2307 type = BGP_ATTR_NEXT_HOP;
2308
2309 if (peer->sort == BGP_PEER_IBGP
2310 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2311 type = BGP_ATTR_LOCAL_PREF;
2312
2313 if (type) {
2314 zlog_warn("%s Missing well-known attribute %s.", peer->host,
2315 lookup_msg(attr_str, type, NULL));
2316 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2317 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2318 1);
2319 return BGP_ATTR_PARSE_ERROR;
2320 }
2321 return BGP_ATTR_PARSE_PROCEED;
bb7bef14
PJ		 2322}
2323
718e3744 2324/* Read attribute of update packet. This function is called from
8b366b9c 2325 bgp_update_receive() in bgp_packet.c. */
d62a17ae 2326bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2327 bgp_size_t size, struct bgp_nlri *mp_update,
2328 struct bgp_nlri *mp_withdraw)
2329{
2330 int ret;
d7c0a89a
QY		 2331 uint8_t flag = 0;
2332 uint8_t type = 0;
d62a17ae 2333 bgp_size_t length;
d7c0a89a
QY		 2334 uint8_t *startp, *endp;
2335 uint8_t *attr_endp;
2336 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
d62a17ae 2337 /* we need the as4_path only until we have synthesized the as_path with
2338 * it */
2339 /* same goes for as4_aggregator */
2340 struct aspath *as4_path = NULL;
2341 as_t as4_aggregator = 0;
2342 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2343
2344 /* Initialize bitmap. */
2345 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2346
2347 /* End pointer of BGP attribute. */
2348 endp = BGP_INPUT_PNT(peer) + size;
2349
2350 /* Get attributes to the end of attribute length. */
2351 while (BGP_INPUT_PNT(peer) < endp) {
2352 /* Check remaining length check.*/
2353 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2354 /* XXX warning: long int format, int arg (arg 5) */
2355 zlog_warn(
2356 "%s: error BGP attribute length %lu is smaller than min len",
2357 peer->host,
2358 (unsigned long)(endp
2d34fb80 2359 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2360
2361 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2362 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2363 return BGP_ATTR_PARSE_ERROR;
2364 }
718e3744 2365
d62a17ae 2366 /* Fetch attribute flag and type. */
2367 startp = BGP_INPUT_PNT(peer);
2368 /* "The lower-order four bits of the Attribute Flags octet are
2369 unused. They MUST be zero when sent and MUST be ignored when
2370 received." */
2371 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2372 type = stream_getc(BGP_INPUT(peer));
2373
2374 /* Check whether Extended-Length applies and is in bounds */
2375 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2376 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
2377 zlog_warn(
2378 "%s: Extended length set, but just %lu bytes of attr header",
2379 peer->host,
2380 (unsigned long)(endp
2d34fb80 2381 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2382
2383 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2384 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2385 return BGP_ATTR_PARSE_ERROR;
2386 }
718e3744 2387
d62a17ae 2388 /* Check extended attribue length bit. */
2389 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2390 length = stream_getw(BGP_INPUT(peer));
2391 else
2392 length = stream_getc(BGP_INPUT(peer));
718e3744 2393
d62a17ae 2394 /* If any attribute appears more than once in the UPDATE
2395 message, then the Error Subcode is set to Malformed Attribute
2396 List. */
718e3744 2397
d62a17ae 2398 if (CHECK_BITMAP(seen, type)) {
2399 zlog_warn(
2400 "%s: error BGP attribute type %d appears twice in a message",
2401 peer->host, type);
718e3744 2402
d62a17ae 2403 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2404 BGP_NOTIFY_UPDATE_MAL_ATTR);
2405 return BGP_ATTR_PARSE_ERROR;
2406 }
2407
2408 /* Set type to bitmap to check duplicate attribute. `type' is
2409 unsigned char so it never overflow bitmap range. */
2410
2411 SET_BITMAP(seen, type);
2412
2413 /* Overflow check. */
2414 attr_endp = BGP_INPUT_PNT(peer) + length;
2415
2416 if (attr_endp > endp) {
2417 zlog_warn(
2418 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2419 peer->host, type, length, size, attr_endp,
2420 endp);
dacffad4
QY		 2421 /*
2422 * RFC 4271 6.3
2423 * If any recognized attribute has an Attribute
2424 * Length that conflicts with the expected length
2425 * (based on the attribute type code), then the
2426 * Error Subcode MUST be set to Attribute Length
2427 * Error. The Data field MUST contain the erroneous
2428 * attribute (type, length, and value).
2429 * ----------
2430 * We do not currently have a good way to determine the
2431 * length of the attribute independent of the length
2432 * received in the message. Instead we send the
2433 * minimum between the amount of data we have and the
2434 * amount specified by the attribute length field.
2435 *
2436 * Instead of directly passing in the packet buffer and
2437 * offset we use the stream_get* functions to read into
2438 * a stack buffer, since they perform bounds checking
2439 * and we are working with untrusted data.
2440 */
2441 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2442 memset(ndata, 0x00, sizeof(ndata));
2443 size_t lfl =
2444 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2445 /* Rewind to end of flag field */
2446 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2447 /* Type */
2448 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2449 /* Length */
2450 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2451 /* Value */
2452 size_t atl = attr_endp - startp;
2453 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2454 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2455
d62a17ae 2456 bgp_notify_send_with_data(
2457 peer, BGP_NOTIFY_UPDATE_ERR,
dacffad4
QY		 2458 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2459 ndl + lfl + 1);
2460
d62a17ae 2461 return BGP_ATTR_PARSE_ERROR;
2462 }
2463
2464 struct bgp_attr_parser_args attr_args = {
2465 .peer = peer,
2466 .length = length,
2467 .attr = attr,
2468 .type = type,
2469 .flags = flag,
2470 .startp = startp,
2471 .total = attr_endp - startp,
2472 };
2473
2474
2475 /* If any recognized attribute has Attribute Flags that conflict
2476 with the Attribute Type Code, then the Error Subcode is set
2477 to
2478 Attribute Flags Error. The Data field contains the erroneous
2479 attribute (type, length and value). */
2480 if (bgp_attr_flag_invalid(&attr_args)) {
2481 bgp_attr_parse_ret_t ret;
2482 ret = bgp_attr_malformed(
2483 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2484 attr_args.total);
2485 if (ret == BGP_ATTR_PARSE_PROCEED)
2486 continue;
2487 return ret;
2488 }
2489
2490 /* OK check attribute and store it's value. */
2491 switch (type) {
2492 case BGP_ATTR_ORIGIN:
2493 ret = bgp_attr_origin(&attr_args);
2494 break;
2495 case BGP_ATTR_AS_PATH:
2496 ret = bgp_attr_aspath(&attr_args);
2497 break;
2498 case BGP_ATTR_AS4_PATH:
2499 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2500 break;
2501 case BGP_ATTR_NEXT_HOP:
2502 ret = bgp_attr_nexthop(&attr_args);
2503 break;
2504 case BGP_ATTR_MULTI_EXIT_DISC:
2505 ret = bgp_attr_med(&attr_args);
2506 break;
2507 case BGP_ATTR_LOCAL_PREF:
2508 ret = bgp_attr_local_pref(&attr_args);
2509 break;
2510 case BGP_ATTR_ATOMIC_AGGREGATE:
2511 ret = bgp_attr_atomic(&attr_args);
2512 break;
2513 case BGP_ATTR_AGGREGATOR:
2514 ret = bgp_attr_aggregator(&attr_args);
2515 break;
2516 case BGP_ATTR_AS4_AGGREGATOR:
2517 ret = bgp_attr_as4_aggregator(&attr_args,
2518 &as4_aggregator,
2519 &as4_aggregator_addr);
2520 break;
2521 case BGP_ATTR_COMMUNITIES:
2522 ret = bgp_attr_community(&attr_args);
2523 break;
2524 case BGP_ATTR_LARGE_COMMUNITIES:
2525 ret = bgp_attr_large_community(&attr_args);
2526 break;
2527 case BGP_ATTR_ORIGINATOR_ID:
2528 ret = bgp_attr_originator_id(&attr_args);
2529 break;
2530 case BGP_ATTR_CLUSTER_LIST:
2531 ret = bgp_attr_cluster_list(&attr_args);
2532 break;
2533 case BGP_ATTR_MP_REACH_NLRI:
2534 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2535 break;
2536 case BGP_ATTR_MP_UNREACH_NLRI:
2537 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2538 break;
2539 case BGP_ATTR_EXT_COMMUNITIES:
2540 ret = bgp_attr_ext_communities(&attr_args);
2541 break;
65efcfce 2542#if ENABLE_BGP_VNC
d62a17ae 2543 case BGP_ATTR_VNC:
65efcfce 2544#endif
d62a17ae 2545 case BGP_ATTR_ENCAP:
2546 ret = bgp_attr_encap(type, peer, length, attr, flag,
2547 startp);
2548 break;
2549 case BGP_ATTR_PREFIX_SID:
30adbd4e
DS		 2550 ret = bgp_attr_prefix_sid(length,
2551 &attr_args, mp_update);
d62a17ae 2552 break;
7fd077aa 2553 case BGP_ATTR_PMSI_TUNNEL:
2554 ret = bgp_attr_pmsi_tunnel(&attr_args);
2555 break;
d62a17ae 2556 default:
2557 ret = bgp_attr_unknown(&attr_args);
2558 break;
2559 }
2560
2561 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2562 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2563 BGP_NOTIFY_UPDATE_MAL_ATTR);
2564 ret = BGP_ATTR_PARSE_ERROR;
2565 }
2566
9b9df989
DS		 2567 if (ret == BGP_ATTR_PARSE_EOR) {
2568 if (as4_path)
2569 aspath_unintern(&as4_path);
2570 return ret;
2571 }
2572
d62a17ae 2573 /* If hard error occured immediately return to the caller. */
2574 if (ret == BGP_ATTR_PARSE_ERROR) {
2575 zlog_warn("%s: Attribute %s, parse error", peer->host,
2576 lookup_msg(attr_str, type, NULL));
2577 if (as4_path)
2578 aspath_unintern(&as4_path);
2579 return ret;
2580 }
2581 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2582
2583 zlog_warn(
2584 "%s: Attribute %s, parse error - treating as withdrawal",
2585 peer->host, lookup_msg(attr_str, type, NULL));
2586 if (as4_path)
2587 aspath_unintern(&as4_path);
2588 return ret;
2589 }
2590
2591 /* Check the fetched length. */
2592 if (BGP_INPUT_PNT(peer) != attr_endp) {
2593 zlog_warn("%s: BGP attribute %s, fetch error",
2594 peer->host, lookup_msg(attr_str, type, NULL));
2595 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2596 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2597 if (as4_path)
2598 aspath_unintern(&as4_path);
2599 return BGP_ATTR_PARSE_ERROR;
2600 }
718e3744 2601 }
d62a17ae 2602
2603 /* Check final read pointer is same as end pointer. */
2604 if (BGP_INPUT_PNT(peer) != endp) {
2605 zlog_warn("%s: BGP attribute %s, length mismatch", peer->host,
2606 lookup_msg(attr_str, type, NULL));
2607 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2608 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2609 if (as4_path)
2610 aspath_unintern(&as4_path);
2611 return BGP_ATTR_PARSE_ERROR;
2612 }
2613
2614 /* Check all mandatory well-known attributes are present */
718e3744 2615 {
d62a17ae 2616 bgp_attr_parse_ret_t ret;
2617 if ((ret = bgp_attr_check(peer, attr)) < 0) {
2618 if (as4_path)
2619 aspath_unintern(&as4_path);
2620 return ret;
2621 }
2622 }
2623
2624 /*
2625 * At this place we can see whether we got AS4_PATH and/or
2626 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2627 * We can not do this before we've read all attributes because
2628 * the as4 handling does not say whether AS4_PATH has to be sent
2629 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2630 * in relationship to AGGREGATOR.
2631 * So, to be defensive, we are not relying on any order and read
2632 * all attributes first, including these 32bit ones, and now,
2633 * afterwards, we look what and if something is to be done for as4.
2634 *
2635 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2636 * MP_UNREACH_NLRI.
2637 */
2638 /* actually... this doesn't ever return failure currently, but
2639 * better safe than sorry */
2640 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2641 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2642 &as4_aggregator_addr)) {
2643 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2644 BGP_NOTIFY_UPDATE_MAL_ATTR);
2645 if (as4_path)
2646 aspath_unintern(&as4_path);
2647 return BGP_ATTR_PARSE_ERROR;
2648 }
2649
2650 /* At this stage, we have done all fiddling with as4, and the
2651 * resulting info is in attr->aggregator resp. attr->aspath
2652 * so we can chuck as4_aggregator and as4_path alltogether in
2653 * order to save memory
2654 */
2655 if (as4_path) {
2656 aspath_unintern(&as4_path); /* unintern - it is in the hash */
2657 /* The flag that we got this is still there, but that does not
2658 * do any trouble
2659 */
2660 }
2661 /*
2662 * The "rest" of the code does nothing with as4_aggregator.
2663 * there is no memory attached specifically which is not part
2664 * of the attr.
2665 * so ignoring just means do nothing.
2666 */
2667 /*
2668 * Finally do the checks on the aspath we did not do yet
2669 * because we waited for a potentially synthesized aspath.
2670 */
2671 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2672 ret = bgp_attr_aspath_check(peer, attr);
2673 if (ret != BGP_ATTR_PARSE_PROCEED)
2674 return ret;
2675 }
2676 /* Finally intern unknown attribute. */
2677 if (attr->transit)
2678 attr->transit = transit_intern(attr->transit);
2679 if (attr->encap_subtlvs)
2680 attr->encap_subtlvs =
2681 encap_intern(attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
bede7744 2682#if ENABLE_BGP_VNC
d62a17ae 2683 if (attr->vnc_subtlvs)
2684 attr->vnc_subtlvs =
2685 encap_intern(attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
bede7744 2686#endif
718e3744 2687
d62a17ae 2688 return BGP_ATTR_PARSE_PROCEED;
2689}
2690
2691size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2692 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2693 struct attr *attr)
2694{
2695 size_t sizep;
2696 iana_afi_t pkt_afi;
5c525538 2697 iana_safi_t pkt_safi;
d62a17ae 2698 afi_t nh_afi;
2699
2700 /* Set extended bit always to encode the attribute length as 2 bytes */
2701 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2702 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2703 sizep = stream_get_endp(s);
2704 stream_putw(s, 0); /* Marker: Attribute length. */
2705
2706
2707 /* Convert AFI, SAFI to values for packet. */
2708 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2709
2710 stream_putw(s, pkt_afi); /* AFI */
2711 stream_putc(s, pkt_safi); /* SAFI */
2712
2713 /* Nexthop AFI */
ce78a6fb 2714 if (afi == AFI_IP
2715 && (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
d62a17ae 2716 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
d62a17ae 2717 else
2718 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2719
2720 /* Nexthop */
2721 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2722 switch (nh_afi) {
2723 case AFI_IP:
2724 switch (safi) {
2725 case SAFI_UNICAST:
2726 case SAFI_MULTICAST:
2727 case SAFI_LABELED_UNICAST:
2728 stream_putc(s, 4);
2729 stream_put_ipv4(s, attr->nexthop.s_addr);
2730 break;
2731 case SAFI_MPLS_VPN:
2732 stream_putc(s, 12);
2733 stream_putl(s, 0); /* RD = 0, per RFC */
2734 stream_putl(s, 0);
2735 stream_put(s, &attr->mp_nexthop_global_in, 4);
2736 break;
2737 case SAFI_ENCAP:
2738 case SAFI_EVPN:
2739 stream_putc(s, 4);
2740 stream_put(s, &attr->mp_nexthop_global_in, 4);
2741 break;
7c40bf39 2742 case SAFI_FLOWSPEC:
2743 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 2744 default:
2745 break;
2746 }
2747 break;
2748 case AFI_IP6:
2749 switch (safi) {
2750 case SAFI_UNICAST:
2751 case SAFI_MULTICAST:
2752 case SAFI_LABELED_UNICAST:
2753 case SAFI_EVPN: {
2754 if (attr->mp_nexthop_len
2755 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2756 stream_putc(s,
2757 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
2758 stream_put(s, &attr->mp_nexthop_global,
2759 IPV6_MAX_BYTELEN);
2760 stream_put(s, &attr->mp_nexthop_local,
2761 IPV6_MAX_BYTELEN);
2762 } else {
2763 stream_putc(s, IPV6_MAX_BYTELEN);
2764 stream_put(s, &attr->mp_nexthop_global,
2765 IPV6_MAX_BYTELEN);
2766 }
2767 } break;
2768 case SAFI_MPLS_VPN: {
2769 if (attr->mp_nexthop_len
2770 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
2771 stream_putc(s, 24);
2772 stream_putl(s, 0); /* RD = 0, per RFC */
2773 stream_putl(s, 0);
2774 stream_put(s, &attr->mp_nexthop_global,
2775 IPV6_MAX_BYTELEN);
2776 } else if (attr->mp_nexthop_len
2777 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2778 stream_putc(s, 48);
2779 stream_putl(s, 0); /* RD = 0, per RFC */
2780 stream_putl(s, 0);
2781 stream_put(s, &attr->mp_nexthop_global,
2782 IPV6_MAX_BYTELEN);
2783 stream_putl(s, 0); /* RD = 0, per RFC */
2784 stream_putl(s, 0);
2785 stream_put(s, &attr->mp_nexthop_local,
2786 IPV6_MAX_BYTELEN);
2787 }
2788 } break;
2789 case SAFI_ENCAP:
2790 stream_putc(s, IPV6_MAX_BYTELEN);
2791 stream_put(s, &attr->mp_nexthop_global,
2792 IPV6_MAX_BYTELEN);
2793 break;
7c40bf39 2794 case SAFI_FLOWSPEC:
2795 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 2796 default:
2797 break;
2798 }
2799 break;
8c71e481 2800 default:
a83da8e1
PG		 2801 if (safi != SAFI_FLOWSPEC)
2802 zlog_err(
2803 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
2804 peer->host, afi, safi, attr->mp_nexthop_len);
d62a17ae 2805 break;
2806 }
2807
2808 /* SNPA */
2809 stream_putc(s, 0);
2810 return sizep;
2811}
2812
2813void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
2814 struct prefix *p, struct prefix_rd *prd,
d7c0a89a
QY		 2815 mpls_label_t *label, uint32_t num_labels,
2816 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 2817 struct attr *attr)
d62a17ae 2818{
2819 if (safi == SAFI_MPLS_VPN) {
2820 if (addpath_encode)
2821 stream_putl(s, addpath_tx_id);
2822 /* Label, RD, Prefix write. */
2823 stream_putc(s, p->prefixlen + 88);
2824 stream_put(s, label, BGP_LABEL_BYTES);
2825 stream_put(s, prd->val, 8);
2826 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
2827 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
2828 /* EVPN prefix - contents depend on type */
996c9314
LB		 2829 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
2830 addpath_encode, addpath_tx_id);
d62a17ae 2831 } else if (safi == SAFI_LABELED_UNICAST) {
2832 /* Prefix write with label. */
2833 stream_put_labeled_prefix(s, p, label);
7c40bf39 2834 } else if (safi == SAFI_FLOWSPEC) {
2835 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
2836 stream_putc(s, PSIZE (p->prefixlen)+2);
2837 else
2838 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
2839 stream_putc(s, 2);/* Filter type */
2840 stream_putc(s, p->prefixlen);/* Prefix length */
2841 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
d62a17ae 2842 } else
2843 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
2844}
2845
2846size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
2847{
2848 int size = PSIZE(p->prefixlen);
2849 if (safi == SAFI_MPLS_VPN)
2850 size += 88;
2851 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
2852 size += 232; // TODO: Maximum possible for type-2, type-3 and
2853 // type-5
2854 return size;
8c71e481
PM		 2855}
2856
f4c89855 2857/*
65efcfce 2858 * Encodes the tunnel encapsulation attribute,
d62a17ae 2859 * and with ENABLE_BGP_VNC the VNC attribute which uses
65efcfce 2860 * almost the same TLV format
f4c89855 2861 */
d62a17ae 2862static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
2863 struct stream *s, struct attr *attr,
2864 uint8_t attrtype)
2865{
2866 unsigned int attrlenfield = 0;
2867 unsigned int attrhdrlen = 0;
2868 struct bgp_attr_encap_subtlv *subtlvs;
2869 struct bgp_attr_encap_subtlv *st;
2870 const char *attrname;
2871
9d303b37
DL		 2872 if (!attr || (attrtype == BGP_ATTR_ENCAP
2873 && (!attr->encap_tunneltype
2874 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
d62a17ae 2875 return;
2876
2877 switch (attrtype) {
f4c89855 2878 case BGP_ATTR_ENCAP:
d62a17ae 2879 attrname = "Tunnel Encap";
2880 subtlvs = attr->encap_subtlvs;
2881 if (subtlvs == NULL) /* nothing to do */
2882 return;
2883 /*
2884 * The tunnel encap attr has an "outer" tlv.
2885 * T = tunneltype,
2886 * L = total length of subtlvs,
2887 * V = concatenated subtlvs.
2888 */
2889 attrlenfield = 2 + 2; /* T + L */
2890 attrhdrlen = 1 + 1; /* subTLV T + L */
2891 break;
f4c89855 2892
65efcfce
LB		 2893#if ENABLE_BGP_VNC
2894 case BGP_ATTR_VNC:
d62a17ae 2895 attrname = "VNC";
2896 subtlvs = attr->vnc_subtlvs;
2897 if (subtlvs == NULL) /* nothing to do */
2898 return;
2899 attrlenfield = 0; /* no outer T + L */
2900 attrhdrlen = 2 + 2; /* subTLV T + L */
2901 break;
65efcfce
LB		 2902#endif
2903
f4c89855 2904 default:
d62a17ae 2905 assert(0);
2906 }
2907
2908 /* compute attr length */
2909 for (st = subtlvs; st; st = st->next) {
2910 attrlenfield += (attrhdrlen + st->length);
2911 }
2912
2913 if (attrlenfield > 0xffff) {
2914 zlog_info("%s attribute is too long (length=%d), can't send it",
2915 attrname, attrlenfield);
2916 return;
2917 }
2918
2919 if (attrlenfield > 0xff) {
2920 /* 2-octet length field */
996c9314
LB		 2921 stream_putc(s,
2922 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
2923 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 2924 stream_putc(s, attrtype);
2925 stream_putw(s, attrlenfield & 0xffff);
2926 } else {
2927 /* 1-octet length field */
2928 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
2929 stream_putc(s, attrtype);
2930 stream_putc(s, attrlenfield & 0xff);
2931 }
2932
2933 if (attrtype == BGP_ATTR_ENCAP) {
2934 /* write outer T+L */
2935 stream_putw(s, attr->encap_tunneltype);
2936 stream_putw(s, attrlenfield - 4);
2937 }
2938
2939 /* write each sub-tlv */
2940 for (st = subtlvs; st; st = st->next) {
2941 if (attrtype == BGP_ATTR_ENCAP) {
2942 stream_putc(s, st->type);
2943 stream_putc(s, st->length);
65efcfce 2944#if ENABLE_BGP_VNC
d62a17ae 2945 } else {
2946 stream_putw(s, st->type);
2947 stream_putw(s, st->length);
65efcfce 2948#endif
d62a17ae 2949 }
2950 stream_put(s, st->value, st->length);
2951 }
f4c89855 2952}
f4c89855 2953
d62a17ae 2954void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
8c71e481 2955{
d62a17ae 2956 /* Set MP attribute length. Don't count the (2) bytes used to encode
2957 the attr length */
2958 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
8c71e481
PM		 2959}
2960
718e3744 2961/* Make attribute packet. */
d62a17ae 2962bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
2963 struct stream *s, struct attr *attr,
2964 struct bpacket_attr_vec_arr *vecarr,
2965 struct prefix *p, afi_t afi, safi_t safi,
2966 struct peer *from, struct prefix_rd *prd,
d7c0a89a
QY		 2967 mpls_label_t *label, uint32_t num_labels,
2968 int addpath_encode, uint32_t addpath_tx_id)
d62a17ae 2969{
2970 size_t cp;
2971 size_t aspath_sizep;
2972 struct aspath *aspath;
2973 int send_as4_path = 0;
2974 int send_as4_aggregator = 0;
2975 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
2976
2977 if (!bgp)
2978 bgp = peer->bgp;
2979
2980 /* Remember current pointer. */
2981 cp = stream_get_endp(s);
2982
2983 if (p
2984 && !((afi == AFI_IP && safi == SAFI_UNICAST)
2985 && !peer_cap_enhe(peer, afi, safi))) {
2986 size_t mpattrlen_pos = 0;
2987
2988 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
2989 vecarr, attr);
996c9314
LB		 2990 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
2991 num_labels, addpath_encode,
2992 addpath_tx_id, attr);
d62a17ae 2993 bgp_packet_mpattr_end(s, mpattrlen_pos);
718e3744 2994 }
d62a17ae 2995
2996 /* Origin attribute. */
2997 stream_putc(s, BGP_ATTR_FLAG_TRANS);
2998 stream_putc(s, BGP_ATTR_ORIGIN);
2999 stream_putc(s, 1);
3000 stream_putc(s, attr->origin);
3001
3002 /* AS path attribute. */
3003
3004 /* If remote-peer is EBGP */
3005 if (peer->sort == BGP_PEER_EBGP
3006 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3007 PEER_FLAG_AS_PATH_UNCHANGED)
3008 || attr->aspath->segments == NULL)
3009 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3010 PEER_FLAG_RSERVER_CLIENT))) {
3011 aspath = aspath_dup(attr->aspath);
3012
3013 /* Even though we may not be configured for confederations we
3014 * may have
3015 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3016 aspath = aspath_delete_confed_seq(aspath);
3017
3018 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3019 /* Stuff our path CONFED_ID on the front */
3020 aspath = aspath_add_seq(aspath, bgp->confed_id);
3021 } else {
3022 if (peer->change_local_as) {
3023 /* If replace-as is specified, we only use the
3024 change_local_as when
3025 advertising routes. */
3026 if (!CHECK_FLAG(
3027 peer->flags,
3028 PEER_FLAG_LOCAL_AS_REPLACE_AS)) {
3029 aspath = aspath_add_seq(aspath,
3030 peer->local_as);
3031 }
3032 aspath = aspath_add_seq(aspath,
3033 peer->change_local_as);
3034 } else {
3035 aspath = aspath_add_seq(aspath, peer->local_as);
3036 }
3037 }
3038 } else if (peer->sort == BGP_PEER_CONFED) {
3039 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3040 * thing */
3041 aspath = aspath_dup(attr->aspath);
3042 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3043 } else
3044 aspath = attr->aspath;
3045
3046 /* If peer is not AS4 capable, then:
3047 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3048 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3049 * segment
3050 * types are in it (i.e. exclude them if they are there)
3051 * AND do this only if there is at least one asnum > 65535 in the
3052 * path!
3053 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3054 * change
3055 * all ASnums > 65535 to BGP_AS_TRANS
3056 */
3057
3058 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3059 stream_putc(s, BGP_ATTR_AS_PATH);
3060 aspath_sizep = stream_get_endp(s);
3061 stream_putw(s, 0);
3062 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3063
3064 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3065 * in the path
3066 */
3067 if (!use32bit && aspath_has_as4(aspath))
3068 send_as4_path =
3069 1; /* we'll do this later, at the correct place */
3070
3071 /* Nexthop attribute. */
3072 if (afi == AFI_IP && safi == SAFI_UNICAST
3073 && !peer_cap_enhe(peer, afi, safi)) {
3074 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3075 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3076 stream_putc(s, BGP_ATTR_NEXT_HOP);
3077 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3078 attr);
3079 stream_putc(s, 4);
3080 stream_put_ipv4(s, attr->nexthop.s_addr);
3081 } else if (peer_cap_enhe(from, afi, safi)) {
3082 /*
3083 * Likely this is the case when an IPv4 prefix was
3084 * received with
3085 * Extended Next-hop capability and now being advertised
3086 * to
3087 * non-ENHE peers.
3088 * Setting the mandatory (ipv4) next-hop attribute here
3089 * to enable
3090 * implicit next-hop self with correct (ipv4 address
3091 * family).
3092 */
3093 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3094 stream_putc(s, BGP_ATTR_NEXT_HOP);
3095 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3096 NULL);
3097 stream_putc(s, 4);
3098 stream_put_ipv4(s, 0);
3099 }
718e3744 3100 }
d62a17ae 3101
3102 /* MED attribute. */
3103 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3104 || bgp->maxmed_active) {
3105 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3106 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3107 stream_putc(s, 4);
3108 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3109 : attr->med));
3110 }
3111
3112 /* Local preference. */
3113 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3114 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3115 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3116 stream_putc(s, 4);
3117 stream_putl(s, attr->local_pref);
3118 }
3119
3120 /* Atomic aggregate. */
3121 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3122 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3123 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3124 stream_putc(s, 0);
3125 }
3126
3127 /* Aggregator. */
3128 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3129 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3130 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3131 stream_putc(s, BGP_ATTR_AGGREGATOR);
3132
3133 if (use32bit) {
3134 /* AS4 capable peer */
3135 stream_putc(s, 8);
3136 stream_putl(s, attr->aggregator_as);
3137 } else {
3138 /* 2-byte AS peer */
3139 stream_putc(s, 6);
3140
3141 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3142 * used? */
3143 if (attr->aggregator_as > 65535) {
3144 stream_putw(s, BGP_AS_TRANS);
3145
3146 /* we have to send AS4_AGGREGATOR, too.
3147 * we'll do that later in order to send
3148 * attributes in ascending
3149 * order.
3150 */
3151 send_as4_aggregator = 1;
3152 } else
d7c0a89a 3153 stream_putw(s, (uint16_t)attr->aggregator_as);
d62a17ae 3154 }
3155 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3156 }
3157
3158 /* Community attribute. */
3159 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3160 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3161 if (attr->community->size * 4 > 255) {
996c9314
LB		 3162 stream_putc(s,
3163 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3164 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3165 stream_putc(s, BGP_ATTR_COMMUNITIES);
3166 stream_putw(s, attr->community->size * 4);
3167 } else {
996c9314
LB		 3168 stream_putc(s,
3169 BGP_ATTR_FLAG_OPTIONAL
3170 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3171 stream_putc(s, BGP_ATTR_COMMUNITIES);
3172 stream_putc(s, attr->community->size * 4);
4372df71 3173 }
d62a17ae 3174 stream_put(s, attr->community->val, attr->community->size * 4);
3175 }
3176
3177 /*
3178 * Large Community attribute.
3179 */
3180 if (CHECK_FLAG(peer->af_flags[afi][safi],
3181 PEER_FLAG_SEND_LARGE_COMMUNITY)
3182 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
79dab4b7 3183 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3184 stream_putc(s,
3185 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3186 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3187 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3188 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3189 } else {
996c9314
LB		 3190 stream_putc(s,
3191 BGP_ATTR_FLAG_OPTIONAL
3192 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3193 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3194 stream_putc(s, lcom_length(attr->lcommunity));
4372df71 3195 }
d62a17ae 3196 stream_put(s, attr->lcommunity->val,
79dab4b7 3197 lcom_length(attr->lcommunity));
d62a17ae 3198 }
4372df71 3199
d62a17ae 3200 /* Route Reflector. */
3201 if (peer->sort == BGP_PEER_IBGP && from
3202 && from->sort == BGP_PEER_IBGP) {
3203 /* Originator ID. */
3204 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3205 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3206 stream_putc(s, 4);
3207
3208 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3209 stream_put_in_addr(s, &attr->originator_id);
3210 else
3211 stream_put_in_addr(s, &from->remote_id);
3212
3213 /* Cluster list. */
3214 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3215 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3216
3217 if (attr->cluster) {
3218 stream_putc(s, attr->cluster->length + 4);
3219 /* If this peer configuration's parent BGP has
3220 * cluster_id. */
3221 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3222 stream_put_in_addr(s, &bgp->cluster_id);
3223 else
3224 stream_put_in_addr(s, &bgp->router_id);
3225 stream_put(s, attr->cluster->list,
3226 attr->cluster->length);
3227 } else {
3228 stream_putc(s, 4);
3229 /* If this peer configuration's parent BGP has
3230 * cluster_id. */
3231 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3232 stream_put_in_addr(s, &bgp->cluster_id);
3233 else
3234 stream_put_in_addr(s, &bgp->router_id);
3235 }
3236 }
4372df71 3237
d62a17ae 3238 /* Extended Communities attribute. */
3239 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3240 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3241 if (peer->sort == BGP_PEER_IBGP
3242 || peer->sort == BGP_PEER_CONFED) {
3243 if (attr->ecommunity->size * 8 > 255) {
996c9314
LB		 3244 stream_putc(s,
3245 BGP_ATTR_FLAG_OPTIONAL
3246 | BGP_ATTR_FLAG_TRANS
3247 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3248 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3249 stream_putw(s, attr->ecommunity->size * 8);
3250 } else {
996c9314
LB		 3251 stream_putc(s,
3252 BGP_ATTR_FLAG_OPTIONAL
3253 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3254 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3255 stream_putc(s, attr->ecommunity->size * 8);
3256 }
3257 stream_put(s, attr->ecommunity->val,
3258 attr->ecommunity->size * 8);
3259 } else {
d7c0a89a 3260 uint8_t *pnt;
d62a17ae 3261 int tbit;
3262 int ecom_tr_size = 0;
3263 int i;
3264
3265 for (i = 0; i < attr->ecommunity->size; i++) {
3266 pnt = attr->ecommunity->val + (i * 8);
3267 tbit = *pnt;
3268
3269 if (CHECK_FLAG(tbit,
3270 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3271 continue;
3272
3273 ecom_tr_size++;
3274 }
3275
3276 if (ecom_tr_size) {
3277 if (ecom_tr_size * 8 > 255) {
3278 stream_putc(
3279 s,
3280 BGP_ATTR_FLAG_OPTIONAL
3281 | BGP_ATTR_FLAG_TRANS
3282 | BGP_ATTR_FLAG_EXTLEN);
3283 stream_putc(s,
3284 BGP_ATTR_EXT_COMMUNITIES);
3285 stream_putw(s, ecom_tr_size * 8);
3286 } else {
3287 stream_putc(
3288 s,
3289 BGP_ATTR_FLAG_OPTIONAL
3290 | BGP_ATTR_FLAG_TRANS);
3291 stream_putc(s,
3292 BGP_ATTR_EXT_COMMUNITIES);
3293 stream_putc(s, ecom_tr_size * 8);
3294 }
3295
3296 for (i = 0; i < attr->ecommunity->size; i++) {
3297 pnt = attr->ecommunity->val + (i * 8);
3298 tbit = *pnt;
3299
3300 if (CHECK_FLAG(
3301 tbit,
3302 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3303 continue;
3304
3305 stream_put(s, pnt, 8);
3306 }
3307 }
3308 }
3309 }
4372df71 3310
d62a17ae 3311 /* Label index attribute. */
3312 if (safi == SAFI_LABELED_UNICAST) {
3313 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
d7c0a89a 3314 uint32_t label_index;
d62a17ae 3315
3316 label_index = attr->label_index;
3317
3318 if (label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3319 stream_putc(s,
3320 BGP_ATTR_FLAG_OPTIONAL
3321 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3322 stream_putc(s, BGP_ATTR_PREFIX_SID);
3323 stream_putc(s, 10);
3324 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3325 stream_putw(s,
3326 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3327 stream_putc(s, 0); // reserved
3328 stream_putw(s, 0); // flags
3329 stream_putl(s, label_index);
3330 }
4372df71 3331 }
d62a17ae 3332 }
3333
3334 if (send_as4_path) {
3335 /* If the peer is NOT As4 capable, AND */
3336 /* there are ASnums > 65535 in path THEN
3337 * give out AS4_PATH */
3338
3339 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3340 * path segments!
3341 * Hm, I wonder... confederation things *should* only be at
3342 * the beginning of an aspath, right? Then we should use
3343 * aspath_delete_confed_seq for this, because it is already
3344 * there! (JK)
3345 * Folks, talk to me: what is reasonable here!?
3346 */
3347 aspath = aspath_delete_confed_seq(aspath);
3348
996c9314
LB		 3349 stream_putc(s,
3350 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3351 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3352 stream_putc(s, BGP_ATTR_AS4_PATH);
3353 aspath_sizep = stream_get_endp(s);
3354 stream_putw(s, 0);
3355 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3356 }
3357
3358 if (aspath != attr->aspath)
3359 aspath_free(aspath);
3360
3361 if (send_as4_aggregator) {
3362 /* send AS4_AGGREGATOR, at this place */
3363 /* this section of code moved here in order to ensure the
3364 * correct
3365 * *ascending* order of attributes
3366 */
3367 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3368 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3369 stream_putc(s, 8);
3370 stream_putl(s, attr->aggregator_as);
3371 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3372 }
3373
3374 if (((afi == AFI_IP || afi == AFI_IP6)
3375 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3376 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3377 /* Tunnel Encap attribute */
3378 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
65efcfce
LB		 3379
3380#if ENABLE_BGP_VNC
d62a17ae 3381 /* VNC attribute */
3382 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
65efcfce 3383#endif
d62a17ae 3384 }
587ff0fd 3385
a21bd7a3
DW		 3386 /* PMSI Tunnel */
3387 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3388 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3389 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3390 stream_putc(s, 9); // Length
3391 stream_putc(s, 0); // Flags
7fd077aa 3392 stream_putc(s, PMSI_TNLTYPE_INGR_REPL); // IR (6)
996c9314
LB		 3393 stream_put(s, &(attr->label),
3394 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
30d85a30
LB		 3395 stream_put_ipv4(s, attr->nexthop.s_addr);
3396 // Unicast tunnel endpoint IP address
a21bd7a3
DW		 3397 }
3398
d62a17ae 3399 /* Unknown transit attribute. */
3400 if (attr->transit)
3401 stream_put(s, attr->transit->val, attr->transit->length);
718e3744 3402
d62a17ae 3403 /* Return total size of attribute. */
3404 return stream_get_endp(s) - cp;
718e3744 3405}
3406
d62a17ae 3407size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
718e3744 3408{
d62a17ae 3409 unsigned long attrlen_pnt;
3410 iana_afi_t pkt_afi;
5c525538 3411 iana_safi_t pkt_safi;
718e3744 3412
d62a17ae 3413 /* Set extended bit always to encode the attribute length as 2 bytes */
3414 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3415 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
718e3744 3416
d62a17ae 3417 attrlen_pnt = stream_get_endp(s);
3418 stream_putw(s, 0); /* Length of this attribute. */
718e3744 3419
d62a17ae 3420 /* Convert AFI, SAFI to values for packet. */
3421 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
9cabb64b 3422
d62a17ae 3423 stream_putw(s, pkt_afi);
3424 stream_putc(s, pkt_safi);
9cabb64b 3425
d62a17ae 3426 return attrlen_pnt;
8c71e481 3427}
718e3744 3428
d62a17ae 3429void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3430 safi_t safi, struct prefix_rd *prd,
d7c0a89a
QY		 3431 mpls_label_t *label, uint32_t num_labels,
3432 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 3433 struct attr *attr)
8c71e481 3434{
d7c0a89a 3435 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
cd1964ff 3436
b57ba6d2 3437 if (safi == SAFI_LABELED_UNICAST) {
d62a17ae 3438 label = (mpls_label_t *)wlabel;
b57ba6d2
MK		 3439 num_labels = 1;
3440 }
cd1964ff 3441
996c9314 3442 return bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
d62a17ae 3443 addpath_encode, addpath_tx_id, attr);
8c71e481 3444}
718e3744 3445
d62a17ae 3446void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
8c71e481 3447{
d62a17ae 3448 bgp_packet_mpattr_end(s, attrlen_pnt);
718e3744 3449}
3450
3451/* Initialization of attribute. */
d62a17ae 3452void bgp_attr_init(void)
718e3744 3453{
d62a17ae 3454 aspath_init();
3455 attrhash_init();
3456 community_init();
3457 ecommunity_init();
3458 lcommunity_init();
3459 cluster_init();
3460 transit_init();
3461 encap_init();
718e3744 3462}
3463
d62a17ae 3464void bgp_attr_finish(void)
228da428 3465{
d62a17ae 3466 aspath_finish();
3467 attrhash_finish();
3468 community_finish();
3469 ecommunity_finish();
3470 lcommunity_finish();
3471 cluster_finish();
3472 transit_finish();
3473 encap_finish();
228da428
CC		 3474}
3475
718e3744 3476/* Make attribute packet. */
d62a17ae 3477void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3478 struct prefix *prefix)
3479{
3480 unsigned long cp;
3481 unsigned long len;
3482 size_t aspath_lenp;
3483 struct aspath *aspath;
3484 int addpath_encode = 0;
d7c0a89a 3485 uint32_t addpath_tx_id = 0;
d62a17ae 3486
3487 /* Remember current pointer. */
3488 cp = stream_get_endp(s);
3489
3490 /* Place holder of length. */
3491 stream_putw(s, 0);
3492
3493 /* Origin attribute. */
3494 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3495 stream_putc(s, BGP_ATTR_ORIGIN);
3496 stream_putc(s, 1);
3497 stream_putc(s, attr->origin);
3498
3499 aspath = attr->aspath;
3500
3501 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3502 stream_putc(s, BGP_ATTR_AS_PATH);
3503 aspath_lenp = stream_get_endp(s);
3504 stream_putw(s, 0);
3505
3506 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3507
3508 /* Nexthop attribute. */
3509 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3510 if (prefix != NULL && prefix->family != AF_INET6) {
3511 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3512 stream_putc(s, BGP_ATTR_NEXT_HOP);
3513 stream_putc(s, 4);
3514 stream_put_ipv4(s, attr->nexthop.s_addr);
718e3744 3515 }
d62a17ae 3516
3517 /* MED attribute. */
3518 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3519 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3520 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3521 stream_putc(s, 4);
3522 stream_putl(s, attr->med);
3523 }
3524
3525 /* Local preference. */
3526 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3527 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3528 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3529 stream_putc(s, 4);
3530 stream_putl(s, attr->local_pref);
3531 }
3532
3533 /* Atomic aggregate. */
3534 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3535 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3536 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3537 stream_putc(s, 0);
3538 }
3539
3540 /* Aggregator. */
3541 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3542 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3543 stream_putc(s, BGP_ATTR_AGGREGATOR);
3544 stream_putc(s, 8);
3545 stream_putl(s, attr->aggregator_as);
3546 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3547 }
3548
3549 /* Community attribute. */
3550 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3551 if (attr->community->size * 4 > 255) {
996c9314
LB		 3552 stream_putc(s,
3553 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3554 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3555 stream_putc(s, BGP_ATTR_COMMUNITIES);
3556 stream_putw(s, attr->community->size * 4);
3557 } else {
996c9314
LB		 3558 stream_putc(s,
3559 BGP_ATTR_FLAG_OPTIONAL
3560 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3561 stream_putc(s, BGP_ATTR_COMMUNITIES);
3562 stream_putc(s, attr->community->size * 4);
3563 }
3564 stream_put(s, attr->community->val, attr->community->size * 4);
3565 }
3566
3567 /* Large Community attribute. */
3568 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
79dab4b7 3569 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3570 stream_putc(s,
3571 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3572 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3573 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3574 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3575 } else {
996c9314
LB		 3576 stream_putc(s,
3577 BGP_ATTR_FLAG_OPTIONAL
3578 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3579 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3580 stream_putc(s, lcom_length(attr->lcommunity));
d62a17ae 3581 }
3582
996c9314
LB		 3583 stream_put(s, attr->lcommunity->val,
3584 lcom_length(attr->lcommunity));
d62a17ae 3585 }
3586
3587 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3588 if (prefix != NULL && prefix->family == AF_INET6
3589 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3590 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3591 int sizep;
3592
3593 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3594 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3595 sizep = stream_get_endp(s);
3596
3597 /* MP header */
3598 stream_putc(s, 0); /* Marker: Attribute length. */
3599 stream_putw(s, AFI_IP6); /* AFI */
3600 stream_putc(s, SAFI_UNICAST); /* SAFI */
3601
3602 /* Next hop */
3603 stream_putc(s, attr->mp_nexthop_len);
3604 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3605 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3606 stream_put(s, &attr->mp_nexthop_local,
3607 IPV6_MAX_BYTELEN);
3608
3609 /* SNPA */
3610 stream_putc(s, 0);
3611
3612 /* Prefix */
3613 stream_put_prefix_addpath(s, prefix, addpath_encode,
3614 addpath_tx_id);
3615
3616 /* Set MP attribute length. */
3617 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3618 }
3619
3620 /* Prefix SID */
3621 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3622 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3623 stream_putc(s,
3624 BGP_ATTR_FLAG_OPTIONAL
3625 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3626 stream_putc(s, BGP_ATTR_PREFIX_SID);
3627 stream_putc(s, 10);
3628 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3629 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3630 stream_putc(s, 0); // reserved
3631 stream_putw(s, 0); // flags
3632 stream_putl(s, attr->label_index);
3633 }
3634 }
3635
3636 /* Return total size of attribute. */
3637 len = stream_get_endp(s) - cp - 2;
3638 stream_putw_at(s, cp, len);
718e3744 3639}
FRRouting mirror