]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_attr.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #3007 from pacovn/static_analysis__shadow_variables2
[mirror_frr.git] / bgpd / bgp_attr.c
CommitLineData
718e3744 1/* BGP attributes management routines.
896014f4
DL		 2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "memory.h"
26#include "vector.h"
718e3744 27#include "stream.h"
28#include "log.h"
29#include "hash.h"
c8e7b895 30#include "jhash.h"
3f9c7369 31#include "queue.h"
f4c89855 32#include "table.h"
039f3a34 33#include "filter.h"
4dcadbef 34#include "command.h"
718e3744 35
36#include "bgpd/bgpd.h"
37#include "bgpd/bgp_attr.h"
38#include "bgpd/bgp_route.h"
39#include "bgpd/bgp_aspath.h"
40#include "bgpd/bgp_community.h"
41#include "bgpd/bgp_debug.h"
14454c9f 42#include "bgpd/bgp_errors.h"
9bedbb1e 43#include "bgpd/bgp_label.h"
718e3744 44#include "bgpd/bgp_packet.h"
45#include "bgpd/bgp_ecommunity.h"
57d187bc 46#include "bgpd/bgp_lcommunity.h"
3f9c7369 47#include "bgpd/bgp_updgrp.h"
6407da5a 48#include "bgpd/bgp_encap_types.h"
65efcfce 49#if ENABLE_BGP_VNC
d62a17ae 50#include "bgpd/rfapi/bgp_rfapi_cfg.h"
51#include "bgp_encap_types.h"
52#include "bgp_vnc_types.h"
65efcfce 53#endif
b18825eb
PG		 54#include "bgp_encap_types.h"
55#include "bgp_evpn.h"
7c40bf39 56#include "bgp_flowspec_private.h"
6b0655a2 57
718e3744 58/* Attribute strings for logging. */
d62a17ae 59static const struct message attr_str[] = {
60 {BGP_ATTR_ORIGIN, "ORIGIN"},
61 {BGP_ATTR_AS_PATH, "AS_PATH"},
62 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
63 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
64 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
65 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
66 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
67 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
68 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
69 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
70 {BGP_ATTR_DPA, "DPA"},
71 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
72 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
73 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
74 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
75 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
76 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
77 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
78 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
a21bd7a3 79 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
d62a17ae 80 {BGP_ATTR_ENCAP, "ENCAP"},
65efcfce 81#if ENABLE_BGP_VNC
d62a17ae 82 {BGP_ATTR_VNC, "VNC"},
65efcfce 83#endif
d62a17ae 84 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
85 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
86 {0}};
afcb7679 87
996c9314
LB		 88static const struct message attr_flag_str[] = {
89 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
90 {BGP_ATTR_FLAG_TRANS, "Transitive"},
91 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
92 /* bgp_attr_flags_diagnose() relies on this bit being last in
93 this list */
94 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
95 {0}};
6b0655a2 96
9bddac4b 97static struct hash *cluster_hash;
718e3744 98
d62a17ae 99static void *cluster_hash_alloc(void *p)
718e3744 100{
d62a17ae 101 const struct cluster_list *val = (const struct cluster_list *)p;
102 struct cluster_list *cluster;
718e3744 103
d62a17ae 104 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
105 cluster->length = val->length;
718e3744 106
d62a17ae 107 if (cluster->length) {
108 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
109 memcpy(cluster->list, val->list, val->length);
110 } else
111 cluster->list = NULL;
718e3744 112
d62a17ae 113 cluster->refcnt = 0;
718e3744 114
d62a17ae 115 return cluster;
718e3744 116}
117
118/* Cluster list related functions. */
d62a17ae 119static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
718e3744 120{
d62a17ae 121 struct cluster_list tmp;
122 struct cluster_list *cluster;
718e3744 123
d62a17ae 124 tmp.length = length;
125 tmp.list = pnt;
718e3744 126
d62a17ae 127 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
128 cluster->refcnt++;
129 return cluster;
718e3744 130}
131
d62a17ae 132int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
718e3744 133{
d62a17ae 134 int i;
135
136 for (i = 0; i < cluster->length / 4; i++)
137 if (cluster->list[i].s_addr == originator.s_addr)
138 return 1;
139 return 0;
718e3744 140}
141
d62a17ae 142static unsigned int cluster_hash_key_make(void *p)
718e3744 143{
d62a17ae 144 const struct cluster_list *cluster = p;
718e3744 145
d62a17ae 146 return jhash(cluster->list, cluster->length, 0);
718e3744 147}
148
d62a17ae 149static int cluster_hash_cmp(const void *p1, const void *p2)
718e3744 150{
d62a17ae 151 const struct cluster_list *cluster1 = p1;
152 const struct cluster_list *cluster2 = p2;
923de654 153
d62a17ae 154 return (cluster1->length == cluster2->length
155 && memcmp(cluster1->list, cluster2->list, cluster1->length)
156 == 0);
718e3744 157}
158
d62a17ae 159static void cluster_free(struct cluster_list *cluster)
718e3744 160{
d62a17ae 161 if (cluster->list)
162 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
163 XFREE(MTYPE_CLUSTER, cluster);
718e3744 164}
165
d62a17ae 166static struct cluster_list *cluster_intern(struct cluster_list *cluster)
718e3744 167{
d62a17ae 168 struct cluster_list *find;
718e3744 169
d62a17ae 170 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
171 find->refcnt++;
718e3744 172
d62a17ae 173 return find;
718e3744 174}
175
d62a17ae 176void cluster_unintern(struct cluster_list *cluster)
718e3744 177{
d62a17ae 178 if (cluster->refcnt)
179 cluster->refcnt--;
718e3744 180
d62a17ae 181 if (cluster->refcnt == 0) {
182 hash_release(cluster_hash, cluster);
183 cluster_free(cluster);
184 }
718e3744 185}
186
d62a17ae 187static void cluster_init(void)
718e3744 188{
996c9314 189 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
3f65c5b1 190 "BGP Cluster");
718e3744 191}
228da428 192
d62a17ae 193static void cluster_finish(void)
228da428 194{
d62a17ae 195 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
196 hash_free(cluster_hash);
197 cluster_hash = NULL;
228da428 198}
6b0655a2 199
bede7744
LB		 200static struct hash *encap_hash = NULL;
201#if ENABLE_BGP_VNC
202static struct hash *vnc_hash = NULL;
203#endif
204
d62a17ae 205struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
f4c89855 206{
d62a17ae 207 struct bgp_attr_encap_subtlv *new;
208 struct bgp_attr_encap_subtlv *tail;
209 struct bgp_attr_encap_subtlv *p;
f4c89855 210
d62a17ae 211 for (p = orig, tail = new = NULL; p; p = p->next) {
12f70478 212 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
d62a17ae 213 if (tail) {
214 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
215 tail = tail->next;
216 } else {
217 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
218 }
219 assert(tail);
220 memcpy(tail, p, size);
221 tail->next = NULL;
f4c89855 222 }
f4c89855 223
d62a17ae 224 return new;
f4c89855
LB		 225}
226
d62a17ae 227static void encap_free(struct bgp_attr_encap_subtlv *p)
f4c89855 228{
d62a17ae 229 struct bgp_attr_encap_subtlv *next;
230 while (p) {
231 next = p->next;
232 p->next = NULL;
233 XFREE(MTYPE_ENCAP_TLV, p);
234 p = next;
235 }
f4c89855
LB		 236}
237
d62a17ae 238void bgp_attr_flush_encap(struct attr *attr)
f4c89855 239{
d62a17ae 240 if (!attr)
241 return;
f4c89855 242
d62a17ae 243 if (attr->encap_subtlvs) {
244 encap_free(attr->encap_subtlvs);
245 attr->encap_subtlvs = NULL;
246 }
65efcfce 247#if ENABLE_BGP_VNC
d62a17ae 248 if (attr->vnc_subtlvs) {
249 encap_free(attr->vnc_subtlvs);
250 attr->vnc_subtlvs = NULL;
251 }
65efcfce 252#endif
f4c89855
LB		 253}
254
255/*
256 * Compare encap sub-tlv chains
257 *
258 * 1 = equivalent
259 * 0 = not equivalent
260 *
261 * This algorithm could be made faster if needed
262 */
d62a17ae 263static int encap_same(struct bgp_attr_encap_subtlv *h1,
264 struct bgp_attr_encap_subtlv *h2)
f4c89855 265{
d62a17ae 266 struct bgp_attr_encap_subtlv *p;
267 struct bgp_attr_encap_subtlv *q;
f4c89855 268
d62a17ae 269 if (h1 == h2)
270 return 1;
271 if (h1 == NULL || h2 == NULL)
272 return 0;
f4c89855 273
d62a17ae 274 for (p = h1; p; p = p->next) {
275 for (q = h2; q; q = q->next) {
276 if ((p->type == q->type) && (p->length == q->length)
277 && !memcmp(p->value, q->value, p->length)) {
f4c89855 278
d62a17ae 279 break;
280 }
281 }
282 if (!q)
283 return 0;
f4c89855 284 }
f4c89855 285
d62a17ae 286 for (p = h2; p; p = p->next) {
287 for (q = h1; q; q = q->next) {
288 if ((p->type == q->type) && (p->length == q->length)
289 && !memcmp(p->value, q->value, p->length)) {
f4c89855 290
d62a17ae 291 break;
292 }
293 }
294 if (!q)
295 return 0;
f4c89855 296 }
f4c89855 297
d62a17ae 298 return 1;
f4c89855
LB		 299}
300
d62a17ae 301static void *encap_hash_alloc(void *p)
bede7744 302{
d62a17ae 303 /* Encap structure is already allocated. */
304 return p;
bede7744
LB		 305}
306
d62a17ae 307typedef enum {
308 ENCAP_SUBTLV_TYPE,
bede7744 309#if ENABLE_BGP_VNC
d62a17ae 310 VNC_SUBTLV_TYPE
bede7744
LB		 311#endif
312} encap_subtlv_type;
313
314static struct bgp_attr_encap_subtlv *
d62a17ae 315encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
bede7744 316{
d62a17ae 317 struct bgp_attr_encap_subtlv *find;
318 struct hash *hash = encap_hash;
bede7744 319#if ENABLE_BGP_VNC
d62a17ae 320 if (type == VNC_SUBTLV_TYPE)
321 hash = vnc_hash;
bede7744
LB		 322#endif
323
d62a17ae 324 find = hash_get(hash, encap, encap_hash_alloc);
325 if (find != encap)
326 encap_free(encap);
327 find->refcnt++;
bede7744 328
d62a17ae 329 return find;
bede7744
LB		 330}
331
d62a17ae 332static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
333 encap_subtlv_type type)
bede7744 334{
d62a17ae 335 struct bgp_attr_encap_subtlv *encap = *encapp;
336 if (encap->refcnt)
337 encap->refcnt--;
bede7744 338
d62a17ae 339 if (encap->refcnt == 0) {
340 struct hash *hash = encap_hash;
bede7744 341#if ENABLE_BGP_VNC
d62a17ae 342 if (type == VNC_SUBTLV_TYPE)
343 hash = vnc_hash;
bede7744 344#endif
d62a17ae 345 hash_release(hash, encap);
346 encap_free(encap);
347 *encapp = NULL;
348 }
bede7744
LB		 349}
350
d62a17ae 351static unsigned int encap_hash_key_make(void *p)
bede7744 352{
d62a17ae 353 const struct bgp_attr_encap_subtlv *encap = p;
bede7744 354
d62a17ae 355 return jhash(encap->value, encap->length, 0);
bede7744
LB		 356}
357
d62a17ae 358static int encap_hash_cmp(const void *p1, const void *p2)
bede7744 359{
d62a17ae 360 return encap_same((struct bgp_attr_encap_subtlv *)p1,
361 (struct bgp_attr_encap_subtlv *)p2);
bede7744
LB		 362}
363
d62a17ae 364static void encap_init(void)
bede7744 365{
996c9314 366 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 367 "BGP Encap Hash");
bede7744 368#if ENABLE_BGP_VNC
996c9314 369 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
3f65c5b1 370 "BGP VNC Hash");
bede7744
LB		 371#endif
372}
373
d62a17ae 374static void encap_finish(void)
bede7744 375{
d62a17ae 376 hash_clean(encap_hash, (void (*)(void *))encap_free);
377 hash_free(encap_hash);
378 encap_hash = NULL;
bede7744 379#if ENABLE_BGP_VNC
d62a17ae 380 hash_clean(vnc_hash, (void (*)(void *))encap_free);
381 hash_free(vnc_hash);
382 vnc_hash = NULL;
bede7744
LB		 383#endif
384}
385
d62a17ae 386static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
684a7227 387{
d62a17ae 388 if (!a1 && a2)
389 return false;
390 if (!a2 && a1)
391 return false;
392 if (!a1 && !a2)
393 return true;
394 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
395 sizeof(struct overlay_index));
684a7227
PG		 396}
397
718e3744 398/* Unknown transit attribute. */
9bddac4b 399static struct hash *transit_hash;
718e3744 400
d62a17ae 401static void transit_free(struct transit *transit)
718e3744 402{
d62a17ae 403 if (transit->val)
404 XFREE(MTYPE_TRANSIT_VAL, transit->val);
405 XFREE(MTYPE_TRANSIT, transit);
718e3744 406}
407
d62a17ae 408static void *transit_hash_alloc(void *p)
718e3744 409{
d62a17ae 410 /* Transit structure is already allocated. */
411 return p;
718e3744 412}
413
d62a17ae 414static struct transit *transit_intern(struct transit *transit)
718e3744 415{
d62a17ae 416 struct transit *find;
718e3744 417
d62a17ae 418 find = hash_get(transit_hash, transit, transit_hash_alloc);
419 if (find != transit)
420 transit_free(transit);
421 find->refcnt++;
718e3744 422
d62a17ae 423 return find;
718e3744 424}
425
d62a17ae 426void transit_unintern(struct transit *transit)
718e3744 427{
d62a17ae 428 if (transit->refcnt)
429 transit->refcnt--;
718e3744 430
d62a17ae 431 if (transit->refcnt == 0) {
432 hash_release(transit_hash, transit);
433 transit_free(transit);
434 }
718e3744 435}
436
d62a17ae 437static unsigned int transit_hash_key_make(void *p)
718e3744 438{
d62a17ae 439 const struct transit *transit = p;
718e3744 440
d62a17ae 441 return jhash(transit->val, transit->length, 0);
718e3744 442}
443
d62a17ae 444static int transit_hash_cmp(const void *p1, const void *p2)
718e3744 445{
d62a17ae 446 const struct transit *transit1 = p1;
447 const struct transit *transit2 = p2;
923de654 448
d62a17ae 449 return (transit1->length == transit2->length
450 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
718e3744 451}
452
d62a17ae 453static void transit_init(void)
718e3744 454{
996c9314 455 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
3f65c5b1 456 "BGP Transit Hash");
718e3744 457}
228da428 458
d62a17ae 459static void transit_finish(void)
228da428 460{
d62a17ae 461 hash_clean(transit_hash, (void (*)(void *))transit_free);
462 hash_free(transit_hash);
463 transit_hash = NULL;
228da428 464}
6b0655a2 465
718e3744 466/* Attribute hash routines. */
9bddac4b 467static struct hash *attrhash;
718e3744 468
fb982c25
PJ		 469/* Shallow copy of an attribute
470 * Though, not so shallow that it doesn't copy the contents
471 * of the attr_extra pointed to by 'extra'
472 */
d62a17ae 473void bgp_attr_dup(struct attr *new, struct attr *orig)
fb982c25 474{
d62a17ae 475 *new = *orig;
fb982c25
PJ		 476}
477
d62a17ae 478unsigned long int attr_count(void)
cbdfbaa5 479{
d62a17ae 480 return attrhash->count;
cbdfbaa5
PJ		 481}
482
d62a17ae 483unsigned long int attr_unknown_count(void)
cbdfbaa5 484{
d62a17ae 485 return transit_hash->count;
cbdfbaa5
PJ		 486}
487
d62a17ae 488unsigned int attrhash_key_make(void *p)
718e3744 489{
d62a17ae 490 const struct attr *attr = (struct attr *)p;
491 uint32_t key = 0;
c8e7b895 492#define MIX(val) key = jhash_1word(val, key)
0d0268a6 493#define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
c8e7b895 494
0d0268a6 495 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
996c9314
LB		 496 MIX3(attr->local_pref, attr->aggregator_as,
497 attr->aggregator_addr.s_addr);
0d0268a6
LB		 498 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
499 attr->originator_id.s_addr);
500 MIX3(attr->tag, attr->label, attr->label_index);
d62a17ae 501
502 if (attr->aspath)
503 MIX(aspath_key_make(attr->aspath));
504 if (attr->community)
505 MIX(community_hash_make(attr->community));
506
507 if (attr->lcommunity)
508 MIX(lcommunity_hash_make(attr->lcommunity));
509 if (attr->ecommunity)
510 MIX(ecommunity_hash_make(attr->ecommunity));
511 if (attr->cluster)
512 MIX(cluster_hash_key_make(attr->cluster));
513 if (attr->transit)
514 MIX(transit_hash_key_make(attr->transit));
515 if (attr->encap_subtlvs)
516 MIX(encap_hash_key_make(attr->encap_subtlvs));
bede7744 517#if ENABLE_BGP_VNC
d62a17ae 518 if (attr->vnc_subtlvs)
519 MIX(encap_hash_key_make(attr->vnc_subtlvs));
bede7744 520#endif
d62a17ae 521 MIX(attr->mp_nexthop_len);
522 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
523 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
77e62f2b 524 MIX(attr->nh_ifindex);
525 MIX(attr->nh_lla_ifindex);
d62a17ae 526
527 return key;
528}
529
530int attrhash_cmp(const void *p1, const void *p2)
531{
532 const struct attr *attr1 = p1;
533 const struct attr *attr2 = p2;
534
535 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
536 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
537 && attr1->aspath == attr2->aspath
538 && attr1->community == attr2->community && attr1->med == attr2->med
539 && attr1->local_pref == attr2->local_pref
540 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
541 if (attr1->aggregator_as == attr2->aggregator_as
542 && attr1->aggregator_addr.s_addr
543 == attr2->aggregator_addr.s_addr
544 && attr1->weight == attr2->weight
545 && attr1->tag == attr2->tag
546 && attr1->label_index == attr2->label_index
547 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
d62a17ae 548 && attr1->ecommunity == attr2->ecommunity
549 && attr1->lcommunity == attr2->lcommunity
550 && attr1->cluster == attr2->cluster
551 && attr1->transit == attr2->transit
552 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
553 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
65efcfce 554#if ENABLE_BGP_VNC
d62a17ae 555 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
65efcfce 556#endif
0d0268a6
LB		 557 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
558 &attr2->mp_nexthop_global)
559 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
560 &attr2->mp_nexthop_local)
561 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
562 &attr2->mp_nexthop_global_in)
d62a17ae 563 && IPV4_ADDR_SAME(&attr1->originator_id,
564 &attr2->originator_id)
77e62f2b 565 && overlay_index_same(attr1, attr2)
566 && attr1->nh_ifindex == attr2->nh_ifindex
567 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex)
d62a17ae 568 return 1;
569 }
aadc0905 570
d62a17ae 571 return 0;
718e3744 572}
573
d62a17ae 574static void attrhash_init(void)
718e3744 575{
996c9314
LB		 576 attrhash =
577 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
718e3744 578}
579
289d2501
LB		 580/*
581 * special for hash_clean below
582 */
d62a17ae 583static void attr_vfree(void *attr)
289d2501 584{
d62a17ae 585 XFREE(MTYPE_ATTR, attr);
289d2501
LB		 586}
587
d62a17ae 588static void attrhash_finish(void)
228da428 589{
d62a17ae 590 hash_clean(attrhash, attr_vfree);
591 hash_free(attrhash);
592 attrhash = NULL;
228da428
CC		 593}
594
d62a17ae 595static void attr_show_all_iterator(struct hash_backet *backet, struct vty *vty)
718e3744 596{
d62a17ae 597 struct attr *attr = backet->data;
718e3744 598
d62a17ae 599 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
600 inet_ntoa(attr->nexthop));
13b7e7f0 601 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
23a2a47e 602 attr->flag, attr->med, attr->local_pref, attr->origin,
13b7e7f0 603 attr->weight, attr->label);
718e3744 604}
605
d62a17ae 606void attr_show_all(struct vty *vty)
718e3744 607{
9d303b37
DL		 608 hash_iterate(attrhash, (void (*)(struct hash_backet *,
609 void *))attr_show_all_iterator,
610 vty);
718e3744 611}
612
d62a17ae 613static void *bgp_attr_hash_alloc(void *p)
718e3744 614{
d62a17ae 615 struct attr *val = (struct attr *)p;
616 struct attr *attr;
718e3744 617
d62a17ae 618 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
619 *attr = *val;
620 if (val->encap_subtlvs) {
621 val->encap_subtlvs = NULL;
622 }
65efcfce 623#if ENABLE_BGP_VNC
d62a17ae 624 if (val->vnc_subtlvs) {
625 val->vnc_subtlvs = NULL;
626 }
65efcfce 627#endif
d62a17ae 628 attr->refcnt = 0;
629 return attr;
718e3744 630}
631
632/* Internet argument attribute. */
d62a17ae 633struct attr *bgp_attr_intern(struct attr *attr)
634{
635 struct attr *find;
636
637 /* Intern referenced strucutre. */
638 if (attr->aspath) {
639 if (!attr->aspath->refcnt)
640 attr->aspath = aspath_intern(attr->aspath);
641 else
642 attr->aspath->refcnt++;
643 }
644 if (attr->community) {
645 if (!attr->community->refcnt)
646 attr->community = community_intern(attr->community);
647 else
648 attr->community->refcnt++;
649 }
650
651 if (attr->ecommunity) {
652 if (!attr->ecommunity->refcnt)
653 attr->ecommunity = ecommunity_intern(attr->ecommunity);
654 else
655 attr->ecommunity->refcnt++;
656 }
657 if (attr->lcommunity) {
658 if (!attr->lcommunity->refcnt)
659 attr->lcommunity = lcommunity_intern(attr->lcommunity);
660 else
661 attr->lcommunity->refcnt++;
662 }
663 if (attr->cluster) {
664 if (!attr->cluster->refcnt)
665 attr->cluster = cluster_intern(attr->cluster);
666 else
667 attr->cluster->refcnt++;
668 }
669 if (attr->transit) {
670 if (!attr->transit->refcnt)
671 attr->transit = transit_intern(attr->transit);
672 else
673 attr->transit->refcnt++;
674 }
675 if (attr->encap_subtlvs) {
676 if (!attr->encap_subtlvs->refcnt)
677 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
678 ENCAP_SUBTLV_TYPE);
679 else
680 attr->encap_subtlvs->refcnt++;
681 }
bede7744 682#if ENABLE_BGP_VNC
d62a17ae 683 if (attr->vnc_subtlvs) {
684 if (!attr->vnc_subtlvs->refcnt)
685 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
686 VNC_SUBTLV_TYPE);
687 else
688 attr->vnc_subtlvs->refcnt++;
689 }
aadc0905 690#endif
bede7744 691
dbbac180
DL		 692 /* At this point, attr only contains intern'd pointers. that means
693 * if we find it in attrhash, it has all the same pointers and we
694 * correctly updated the refcounts on these.
695 * If we don't find it, we need to allocate a one because in all
696 * cases this returns a new reference to a hashed attr, but the input
697 * wasn't on hash. */
d62a17ae 698 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
699 find->refcnt++;
700
701 return find;
718e3744 702}
703
704/* Make network statement's attribute. */
d7c0a89a 705struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
718e3744 706{
d62a17ae 707 memset(attr, 0, sizeof(struct attr));
03e214c8 708
d62a17ae 709 attr->origin = origin;
710 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
711 attr->aspath = aspath_empty();
712 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
713 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
714 attr->tag = 0;
715 attr->label_index = BGP_INVALID_LABEL_INDEX;
716 attr->label = MPLS_INVALID_LABEL;
717 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
718 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
719
720 return attr;
718e3744 721}
722
b5d58c32 723/* Create the attributes for an aggregate */
d7c0a89a 724struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
d62a17ae 725 struct aspath *aspath,
726 struct community *community, int as_set,
d7c0a89a 727 uint8_t atomic_aggregate)
d62a17ae 728{
729 struct attr attr;
730 struct attr *new;
731
732 memset(&attr, 0, sizeof(struct attr));
733
734 /* Origin attribute. */
735 attr.origin = origin;
736 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
737
738 /* AS path attribute. */
739 if (aspath)
740 attr.aspath = aspath_intern(aspath);
741 else
742 attr.aspath = aspath_empty();
743 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
744
745 /* Next hop attribute. */
746 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
747
748 if (community) {
d7c0a89a 749 uint32_t gshut = COMMUNITY_GSHUT;
7f323236
DW		 750
751 /* If we are not shutting down ourselves and we are
752 * aggregating a route that contains the GSHUT community we
753 * need to remove that community when creating the aggregate */
996c9314
LB		 754 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
755 && community_include(community, gshut)) {
7f323236
DW		 756 community_del_val(community, &gshut);
757 }
758
d62a17ae 759 attr.community = community;
760 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
761 }
762
7f323236
DW		 763 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
764 bgp_attr_add_gshut_community(&attr);
765 }
766
d62a17ae 767 attr.label_index = BGP_INVALID_LABEL_INDEX;
768 attr.label = MPLS_INVALID_LABEL;
769 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
770 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
771 if (!as_set || atomic_aggregate)
772 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
773 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
774 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
775 attr.aggregator_as = bgp->confed_id;
776 else
777 attr.aggregator_as = bgp->as;
778 attr.aggregator_addr = bgp->router_id;
779 attr.label_index = BGP_INVALID_LABEL_INDEX;
780 attr.label = MPLS_INVALID_LABEL;
781
782 new = bgp_attr_intern(&attr);
783
784 aspath_unintern(&new->aspath);
785 return new;
718e3744 786}
787
b881c707 788/* Unintern just the sub-components of the attr, but not the attr */
d62a17ae 789void bgp_attr_unintern_sub(struct attr *attr)
790{
791 /* aspath refcount shoud be decrement. */
792 if (attr->aspath)
793 aspath_unintern(&attr->aspath);
794 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
795
796 if (attr->community)
797 community_unintern(&attr->community);
798 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
799
800 if (attr->ecommunity)
801 ecommunity_unintern(&attr->ecommunity);
802 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
803
804 if (attr->lcommunity)
805 lcommunity_unintern(&attr->lcommunity);
806 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
807
808 if (attr->cluster)
809 cluster_unintern(attr->cluster);
810 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
811
812 if (attr->transit)
813 transit_unintern(attr->transit);
814
815 if (attr->encap_subtlvs)
816 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
bede7744
LB		 817
818#if ENABLE_BGP_VNC
d62a17ae 819 if (attr->vnc_subtlvs)
820 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
bede7744 821#endif
b881c707
PJ		 822}
823
f46d8e1e
DS		 824/*
825 * We have some show commands that let you experimentally
826 * apply a route-map. When we apply the route-map
827 * we are reseting values but not saving them for
828 * posterity via intern'ing( because route-maps don't
829 * do that) but at this point in time we need
830 * to compare the new attr to the old and if the
831 * routemap has changed it we need to, as Snoop Dog says,
832 * Drop it like it's hot
833 */
834void bgp_attr_undup(struct attr *new, struct attr *old)
835{
836 if (new->aspath != old->aspath)
837 aspath_free(new->aspath);
838
839 if (new->community != old->community)
840 community_free(new->community);
841
842 if (new->ecommunity != old->ecommunity)
843 ecommunity_free(&new->ecommunity);
844
845 if (new->lcommunity != old->lcommunity)
846 lcommunity_free(&new->lcommunity);
f46d8e1e
DS		 847}
848
718e3744 849/* Free bgp attribute and aspath. */
d62a17ae 850void bgp_attr_unintern(struct attr **pattr)
851{
852 struct attr *attr = *pattr;
853 struct attr *ret;
854 struct attr tmp;
855
856 /* Decrement attribute reference. */
857 attr->refcnt--;
858
859 tmp = *attr;
860
861 /* If reference becomes zero then free attribute object. */
862 if (attr->refcnt == 0) {
863 ret = hash_release(attrhash, attr);
864 assert(ret != NULL);
865 XFREE(MTYPE_ATTR, attr);
866 *pattr = NULL;
867 }
868
869 bgp_attr_unintern_sub(&tmp);
870}
871
872void bgp_attr_flush(struct attr *attr)
873{
874 if (attr->aspath && !attr->aspath->refcnt) {
875 aspath_free(attr->aspath);
876 attr->aspath = NULL;
877 }
878 if (attr->community && !attr->community->refcnt) {
879 community_free(attr->community);
880 attr->community = NULL;
881 }
882
883 if (attr->ecommunity && !attr->ecommunity->refcnt)
884 ecommunity_free(&attr->ecommunity);
885 if (attr->lcommunity && !attr->lcommunity->refcnt)
886 lcommunity_free(&attr->lcommunity);
887 if (attr->cluster && !attr->cluster->refcnt) {
888 cluster_free(attr->cluster);
889 attr->cluster = NULL;
890 }
891 if (attr->transit && !attr->transit->refcnt) {
892 transit_free(attr->transit);
893 attr->transit = NULL;
894 }
895 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
896 encap_free(attr->encap_subtlvs);
897 attr->encap_subtlvs = NULL;
898 }
65efcfce 899#if ENABLE_BGP_VNC
d62a17ae 900 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
901 encap_free(attr->vnc_subtlvs);
902 attr->vnc_subtlvs = NULL;
903 }
aadc0905 904#endif
718e3744 905}
906
b881c707
PJ		 907/* Implement draft-scudder-idr-optional-transitive behaviour and
908 * avoid resetting sessions for malformed attributes which are
909 * are partial/optional and hence where the error likely was not
910 * introduced by the sending neighbour.
911 */
912static bgp_attr_parse_ret_t
d7c0a89a 913bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
d62a17ae 914 bgp_size_t length)
915{
916 struct peer *const peer = args->peer;
d7c0a89a 917 const uint8_t flags = args->flags;
d62a17ae 918 /* startp and length must be special-cased, as whether or not to
919 * send the attribute data with the NOTIFY depends on the error,
920 * the caller therefore signals this with the seperate length argument
921 */
d7c0a89a 922 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
d62a17ae 923
924 /* Only relax error handling for eBGP peers */
925 if (peer->sort != BGP_PEER_EBGP) {
926 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
927 notify_datap, length);
928 return BGP_ATTR_PARSE_ERROR;
929 }
930
931 /* Adjust the stream getp to the end of the attribute, in case we can
932 * still proceed but the caller hasn't read all the attribute.
933 */
934 stream_set_getp(BGP_INPUT(peer),
935 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
936 + args->total);
937
938 switch (args->type) {
939 /* where an attribute is relatively inconsequential, e.g. it does not
940 * affect route selection, and can be safely ignored, then any such
941 * attributes which are malformed should just be ignored and the route
942 * processed as normal.
943 */
944 case BGP_ATTR_AS4_AGGREGATOR:
945 case BGP_ATTR_AGGREGATOR:
946 case BGP_ATTR_ATOMIC_AGGREGATE:
947 return BGP_ATTR_PARSE_PROCEED;
948
949 /* Core attributes, particularly ones which may influence route
950 * selection, should always cause session resets
951 */
952 case BGP_ATTR_ORIGIN:
953 case BGP_ATTR_AS_PATH:
954 case BGP_ATTR_NEXT_HOP:
955 case BGP_ATTR_MULTI_EXIT_DISC:
956 case BGP_ATTR_LOCAL_PREF:
957 case BGP_ATTR_COMMUNITIES:
958 case BGP_ATTR_ORIGINATOR_ID:
959 case BGP_ATTR_CLUSTER_LIST:
960 case BGP_ATTR_MP_REACH_NLRI:
961 case BGP_ATTR_MP_UNREACH_NLRI:
962 case BGP_ATTR_EXT_COMMUNITIES:
963 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
964 notify_datap, length);
965 return BGP_ATTR_PARSE_ERROR;
966 }
967
968 /* Partial optional attributes that are malformed should not cause
969 * the whole session to be reset. Instead treat it as a withdrawal
970 * of the routes, if possible.
971 */
972 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
973 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
974 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
975 return BGP_ATTR_PARSE_WITHDRAW;
976
977 /* default to reset */
978 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
b881c707
PJ		 979}
980
afcb7679
DO		 981/* Find out what is wrong with the path attribute flag bits and log the error.
982 "Flag bits" here stand for Optional, Transitive and Partial, but not for
983 Extended Length. Checking O/T/P bits at once implies, that the attribute
984 being diagnosed is defined by RFC as either a "well-known" or an "optional,
985 non-transitive" attribute. */
986static void
d62a17ae 987bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
d7c0a89a
QY		 988 uint8_t desired_flags /* how RFC says it must be */
989)
d62a17ae 990{
d7c0a89a
QY		 991 uint8_t seen = 0, i;
992 uint8_t real_flags = args->flags;
993 const uint8_t attr_code = args->type;
d62a17ae 994
995 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
996 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
997 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
998 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
999 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
af4c2728 1000 flog_err(
14454c9f
DS		 1001 BGP_ERR_ATTR_FLAG,
1002 "%s attribute must%s be flagged as \"%s\"",
1003 lookup_msg(attr_str, attr_code, NULL),
1004 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1005 ? ""
1006 : " not",
1007 attr_flag_str[i].str);
d62a17ae 1008 seen = 1;
1009 }
1010 if (!seen) {
1011 zlog_debug(
1012 "Strange, %s called for attr %s, but no problem found with flags"
1013 " (real flags 0x%x, desired 0x%x)",
1014 __func__, lookup_msg(attr_str, attr_code, NULL),
1015 real_flags, desired_flags);
1016 }
afcb7679
DO		 1017}
1018
3ecab4c8
PJ		 1019/* Required flags for attributes. EXTLEN will be masked off when testing,
1020 * as will PARTIAL for optional+transitive attributes.
1021 */
d7c0a89a
QY		 1022const uint8_t attr_flags_values[] = {
1023 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1024 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1025 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1026 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1027 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1028 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1029 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1030 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1031 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1032 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1033 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1034 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1035 [BGP_ATTR_EXT_COMMUNITIES] =
1036 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1037 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1038 [BGP_ATTR_AS4_AGGREGATOR] =
1039 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1040 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1041 [BGP_ATTR_LARGE_COMMUNITIES] =
1042 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1043 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
3ecab4c8 1044};
099111ef 1045static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
3ecab4c8 1046
d62a17ae 1047static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1048{
d7c0a89a
QY		 1049 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1050 const uint8_t flags = args->flags;
1051 const uint8_t attr_code = args->type;
d62a17ae 1052
1053 /* there may be attributes we don't know about */
1054 if (attr_code > attr_flags_values_max)
1055 return 0;
1056 if (attr_flags_values[attr_code] == 0)
1057 return 0;
1058
1059 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1060 * to
1061 * 1."
1062 */
1063 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1064 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
af4c2728 1065 flog_err(
14454c9f 1066 BGP_ERR_ATTR_FLAG,
d62a17ae 1067 "%s well-known attributes must have transitive flag set (%x)",
1068 lookup_msg(attr_str, attr_code, NULL), flags);
1069 return 1;
1070 }
1071
1072 /* "For well-known attributes and for optional non-transitive
1073 * attributes,
1074 * the Partial bit MUST be set to 0."
1075 */
1076 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1077 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
af4c2728 1078 flog_err(BGP_ERR_ATTR_FLAG,
14454c9f
DS		 1079 "%s well-known attribute "
1080 "must NOT have the partial flag set (%x)",
1081 lookup_msg(attr_str, attr_code, NULL), flags);
d62a17ae 1082 return 1;
1083 }
1084 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1085 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
af4c2728 1086 flog_err(BGP_ERR_ATTR_FLAG,
14454c9f
DS		 1087 "%s optional + transitive attribute "
1088 "must NOT have the partial flag set (%x)",
1089 lookup_msg(attr_str, attr_code, NULL), flags);
d62a17ae 1090 return 1;
1091 }
1092 }
1093
1094 /* Optional transitive attributes may go through speakers that don't
1095 * reocgnise them and set the Partial bit.
1096 */
1097 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1098 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1099 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1100
1101 if ((flags & ~mask) == attr_flags_values[attr_code])
1102 return 0;
1103
1104 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1105 return 1;
3ecab4c8
PJ		 1106}
1107
718e3744 1108/* Get origin attribute of the update message. */
d62a17ae 1109static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1110{
1111 struct peer *const peer = args->peer;
1112 struct attr *const attr = args->attr;
1113 const bgp_size_t length = args->length;
1114
1115 /* If any recognized attribute has Attribute Length that conflicts
1116 with the expected length (based on the attribute type code), then
1117 the Error Subcode is set to Attribute Length Error. The Data
1118 field contains the erroneous attribute (type, length and
1119 value). */
1120 if (length != 1) {
af4c2728 1121 flog_err(BGP_ERR_ATTR_LEN,
14454c9f 1122 "Origin attribute length is not one %d", length);
d62a17ae 1123 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1124 args->total);
1125 }
1126
1127 /* Fetch origin attribute. */
1128 attr->origin = stream_getc(BGP_INPUT(peer));
1129
1130 /* If the ORIGIN attribute has an undefined value, then the Error
1131 Subcode is set to Invalid Origin Attribute. The Data field
1132 contains the unrecognized attribute (type, length and value). */
1133 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1134 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
af4c2728 1135 flog_err(BGP_ERR_ATTR_ORIGIN,
14454c9f 1136 "Origin attribute value is invalid %d", attr->origin);
d62a17ae 1137 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1138 args->total);
1139 }
1140
1141 /* Set oring attribute flag. */
1142 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1143
1144 return 0;
718e3744 1145}
ab005298
PJ		 1146
1147/* Parse AS path information. This function is wrapper of
1148 aspath_parse. */
d62a17ae 1149static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1150{
1151 struct attr *const attr = args->attr;
1152 struct peer *const peer = args->peer;
1153 const bgp_size_t length = args->length;
1154
1155 /*
1156 * peer with AS4 => will get 4Byte ASnums
1157 * otherwise, will get 16 Bit
1158 */
424ab01d 1159 attr->aspath = aspath_parse(peer->curr, length,
d62a17ae 1160 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1161
1162 /* In case of IBGP, length will be zero. */
1163 if (!attr->aspath) {
af4c2728 1164 flog_err(BGP_ERR_ATTR_MAL_AS_PATH,
14454c9f
DS		 1165 "Malformed AS path from %s, length is %d", peer->host,
1166 length);
d62a17ae 1167 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1168 0);
1169 }
0b2aa3a0 1170
d62a17ae 1171 /* Set aspath attribute flag. */
1172 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1173
1174 return BGP_ATTR_PARSE_PROCEED;
1175}
1176
1177static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1178 struct attr *const attr)
1179{
1180 /* These checks were part of bgp_attr_aspath, but with
1181 * as4 we should to check aspath things when
1182 * aspath synthesizing with as4_path has already taken place.
1183 * Otherwise we check ASPATH and use the synthesized thing, and that is
1184 * not right.
1185 * So do the checks later, i.e. here
1186 */
d62a17ae 1187 struct aspath *aspath;
1188
1189 /* Confederation sanity check. */
1190 if ((peer->sort == BGP_PEER_CONFED
1191 && !aspath_left_confed_check(attr->aspath))
1192 || (peer->sort == BGP_PEER_EBGP
1193 && aspath_confed_check(attr->aspath))) {
af4c2728 1194 flog_err(BGP_ERR_ATTR_MAL_AS_PATH, "Malformed AS path from %s",
14454c9f 1195 peer->host);
d62a17ae 1196 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1197 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1198 return BGP_ATTR_PARSE_ERROR;
1199 }
cddb8112 1200
d62a17ae 1201 /* First AS check for EBGP. */
47cbc09b 1202 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
d62a17ae 1203 if (peer->sort == BGP_PEER_EBGP
1204 && !aspath_firstas_check(attr->aspath, peer->as)) {
af4c2728 1205 flog_err(BGP_ERR_ATTR_FIRST_AS,
14454c9f
DS		 1206 "%s incorrect first AS (must be %u)",
1207 peer->host, peer->as);
d62a17ae 1208 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1209 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1210 return BGP_ATTR_PARSE_ERROR;
1211 }
1212 }
0b2aa3a0 1213
d62a17ae 1214 /* local-as prepend */
1215 if (peer->change_local_as
1216 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1217 aspath = aspath_dup(attr->aspath);
1218 aspath = aspath_add_seq(aspath, peer->change_local_as);
1219 aspath_unintern(&attr->aspath);
1220 attr->aspath = aspath_intern(aspath);
1221 }
0b2aa3a0 1222
d62a17ae 1223 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1224}
1225
ab005298
PJ		 1226/* Parse AS4 path information. This function is another wrapper of
1227 aspath_parse. */
d62a17ae 1228static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1229 struct aspath **as4_path)
ab005298 1230{
d62a17ae 1231 struct peer *const peer = args->peer;
1232 struct attr *const attr = args->attr;
1233 const bgp_size_t length = args->length;
ab005298 1234
424ab01d 1235 *as4_path = aspath_parse(peer->curr, length, 1);
b881c707 1236
d62a17ae 1237 /* In case of IBGP, length will be zero. */
1238 if (!*as4_path) {
af4c2728 1239 flog_err(BGP_ERR_ATTR_MAL_AS_PATH,
14454c9f
DS		 1240 "Malformed AS4 path from %s, length is %d",
1241 peer->host, length);
d62a17ae 1242 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1243 0);
1244 }
ab005298 1245
d62a17ae 1246 /* Set aspath attribute flag. */
1247 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1248
1249 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1250}
1251
718e3744 1252/* Nexthop attribute. */
d62a17ae 1253static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1254{
1255 struct peer *const peer = args->peer;
1256 struct attr *const attr = args->attr;
1257 const bgp_size_t length = args->length;
1258
1259 in_addr_t nexthop_h, nexthop_n;
1260
1261 /* Check nexthop attribute length. */
1262 if (length != 4) {
af4c2728 1263 flog_err(BGP_ERR_ATTR_LEN,
14454c9f 1264 "Nexthop attribute length isn't four [%d]", length);
d62a17ae 1265
1266 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1267 args->total);
1268 }
1269
1270 /* According to section 6.3 of RFC4271, syntactically incorrect NEXT_HOP
1271 attribute must result in a NOTIFICATION message (this is implemented
1272 below).
1273 At the same time, semantically incorrect NEXT_HOP is more likely to
1274 be just
1275 logged locally (this is implemented somewhere else). The UPDATE
1276 message
1277 gets ignored in any of these cases. */
424ab01d 1278 nexthop_n = stream_get_ipv4(peer->curr);
d62a17ae 1279 nexthop_h = ntohl(nexthop_n);
1280 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1281 || IPV4_CLASS_DE(nexthop_h))
1282 && !BGP_DEBUG(
1283 allow_martians,
1284 ALLOW_MARTIANS)) /* loopbacks may be used in testing */
1285 {
1286 char buf[INET_ADDRSTRLEN];
1287 inet_ntop(AF_INET, &nexthop_n, buf, INET_ADDRSTRLEN);
af4c2728 1288 flog_err(BGP_ERR_ATTR_MARTIAN_NH, "Martian nexthop %s", buf);
d62a17ae 1289 return bgp_attr_malformed(
1290 args, BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP, args->total);
1291 }
1292
1293 attr->nexthop.s_addr = nexthop_n;
1294 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1295
1296 return BGP_ATTR_PARSE_PROCEED;
718e3744 1297}
1298
1299/* MED atrribute. */
d62a17ae 1300static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
718e3744 1301{
d62a17ae 1302 struct peer *const peer = args->peer;
1303 struct attr *const attr = args->attr;
1304 const bgp_size_t length = args->length;
b881c707 1305
d62a17ae 1306 /* Length check. */
1307 if (length != 4) {
af4c2728 1308 flog_err(BGP_ERR_ATTR_LEN,
14454c9f 1309 "MED attribute length isn't four [%d]", length);
718e3744 1310
d62a17ae 1311 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1312 args->total);
1313 }
1314
424ab01d 1315 attr->med = stream_getl(peer->curr);
718e3744 1316
d62a17ae 1317 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
718e3744 1318
d62a17ae 1319 return BGP_ATTR_PARSE_PROCEED;
718e3744 1320}
1321
1322/* Local preference attribute. */
b881c707 1323static bgp_attr_parse_ret_t
d62a17ae 1324bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1325{
1326 struct peer *const peer = args->peer;
1327 struct attr *const attr = args->attr;
1328 const bgp_size_t length = args->length;
1329
1330 /* Length check. */
1331 if (length != 4) {
af4c2728 1332 flog_err(BGP_ERR_ATTR_LEN,
14454c9f 1333 "LOCAL_PREF attribute length isn't 4 [%u]", length);
d62a17ae 1334 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1335 args->total);
1336 }
1337
1338 /* If it is contained in an UPDATE message that is received from an
1339 external peer, then this attribute MUST be ignored by the
1340 receiving speaker. */
1341 if (peer->sort == BGP_PEER_EBGP) {
424ab01d 1342 stream_forward_getp(peer->curr, length);
d62a17ae 1343 return BGP_ATTR_PARSE_PROCEED;
1344 }
1345
424ab01d 1346 attr->local_pref = stream_getl(peer->curr);
d62a17ae 1347
7f323236 1348 /* Set the local-pref flag. */
d62a17ae 1349 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1350
1351 return BGP_ATTR_PARSE_PROCEED;
718e3744 1352}
1353
1354/* Atomic aggregate. */
d62a17ae 1355static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
718e3744 1356{
d62a17ae 1357 struct attr *const attr = args->attr;
1358 const bgp_size_t length = args->length;
1359
1360 /* Length check. */
1361 if (length != 0) {
af4c2728 1362 flog_err(BGP_ERR_ATTR_LEN,
14454c9f
DS		 1363 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1364 length);
d62a17ae 1365 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1366 args->total);
1367 }
718e3744 1368
d62a17ae 1369 /* Set atomic aggregate flag. */
1370 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
718e3744 1371
d62a17ae 1372 return BGP_ATTR_PARSE_PROCEED;
718e3744 1373}
1374
1375/* Aggregator attribute */
d62a17ae 1376static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1377{
1378 struct peer *const peer = args->peer;
1379 struct attr *const attr = args->attr;
1380 const bgp_size_t length = args->length;
1381
1382 int wantedlen = 6;
1383
1384 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1385 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1386 wantedlen = 8;
1387
1388 if (length != wantedlen) {
af4c2728 1389 flog_err(BGP_ERR_ATTR_LEN,
14454c9f
DS		 1390 "AGGREGATOR attribute length isn't %u [%u]",
1391 wantedlen, length);
d62a17ae 1392 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1393 args->total);
1394 }
1395
1396 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
424ab01d 1397 attr->aggregator_as = stream_getl(peer->curr);
d62a17ae 1398 else
424ab01d
QY		 1399 attr->aggregator_as = stream_getw(peer->curr);
1400 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1401
1402 /* Set atomic aggregate flag. */
1403 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1404
1405 return BGP_ATTR_PARSE_PROCEED;
718e3744 1406}
1407
0b2aa3a0 1408/* New Aggregator attribute */
b881c707 1409static bgp_attr_parse_ret_t
d62a17ae 1410bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1411 as_t *as4_aggregator_as,
1412 struct in_addr *as4_aggregator_addr)
1413{
1414 struct peer *const peer = args->peer;
1415 struct attr *const attr = args->attr;
1416 const bgp_size_t length = args->length;
1417
1418 if (length != 8) {
af4c2728 1419 flog_err(BGP_ERR_ATTR_LEN,
14454c9f 1420 "New Aggregator length is not 8 [%d]", length);
d62a17ae 1421 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1422 0);
1423 }
1424
424ab01d
QY		 1425 *as4_aggregator_as = stream_getl(peer->curr);
1426 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1427
1428 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1429
1430 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1431}
1432
1433/* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1434 */
b881c707 1435static bgp_attr_parse_ret_t
d62a17ae 1436bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1437 struct aspath *as4_path, as_t as4_aggregator,
1438 struct in_addr *as4_aggregator_addr)
1439{
1440 int ignore_as4_path = 0;
1441 struct aspath *newpath;
1442
1443 if (!attr->aspath) {
1444 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1445 * have
1446 * checked that all well-known, mandatory attributes were
1447 * present.
1448 *
1449 * Can only be a problem with peer itself - hard error
1450 */
1451 return BGP_ATTR_PARSE_ERROR;
1452 }
1453
1454 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1455 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1456 * if given.
1457 * It is worth a warning though, because the peer really
1458 * should not send them
1459 */
1460 if (BGP_DEBUG(as4, AS4)) {
1461 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1462 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1463 "AS4 capable peer, yet it sent");
1464
1465 if (attr->flag
1466 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1467 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1468 peer->host,
1469 "AS4 capable peer, yet it sent");
1470 }
1471
1472 return BGP_ATTR_PARSE_PROCEED;
1473 }
1474
1475 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1476 * because that may override AS4_PATH
1477 */
1478 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1479 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1480 /* received both.
1481 * if the as_number in aggregator is not AS_TRANS,
1482 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1483 * and the Aggregator shall be taken as
1484 * info on the aggregating node, and the AS_PATH
1485 * shall be taken as the AS_PATH
1486 * otherwise
1487 * the Aggregator shall be ignored and the
1488 * AS4_AGGREGATOR shall be taken as the
1489 * Aggregating node and the AS_PATH is to be
1490 * constructed "as in all other cases"
1491 */
1492 if (attr->aggregator_as != BGP_AS_TRANS) {
1493 /* ignore */
1494 if (BGP_DEBUG(as4, AS4))
1495 zlog_debug(
1496 "[AS4] %s BGP not AS4 capable peer"
1497 " send AGGREGATOR != AS_TRANS and"
1498 " AS4_AGGREGATOR, so ignore"
1499 " AS4_AGGREGATOR and AS4_PATH",
1500 peer->host);
1501 ignore_as4_path = 1;
1502 } else {
1503 /* "New_aggregator shall be taken as aggregator"
1504 */
1505 attr->aggregator_as = as4_aggregator;
1506 attr->aggregator_addr.s_addr =
1507 as4_aggregator_addr->s_addr;
1508 }
1509 } else {
1510 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1511 * That is bogus - but reading the conditions
1512 * we have to handle AS4_AGGREGATOR as if it were
1513 * AGGREGATOR in that case
1514 */
1515 if (BGP_DEBUG(as4, AS4))
1516 zlog_debug(
1517 "[AS4] %s BGP not AS4 capable peer send"
1518 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1519 " it as if AGGREGATOR with AS_TRANS had been there",
1520 peer->host);
1521 attr->aggregator_as = as4_aggregator;
1522 /* sweep it under the carpet and simulate a "good"
1523 * AGGREGATOR */
1524 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1525 }
1526 }
1527
1528 /* need to reconcile NEW_AS_PATH and AS_PATH */
1529 if (!ignore_as4_path
1530 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1531 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
e8a3a0a0 1532 if (!newpath)
1533 return BGP_ATTR_PARSE_ERROR;
1534
d62a17ae 1535 aspath_unintern(&attr->aspath);
1536 attr->aspath = aspath_intern(newpath);
1537 }
1538 return BGP_ATTR_PARSE_PROCEED;
0b2aa3a0
PJ		 1539}
1540
718e3744 1541/* Community attribute. */
b881c707 1542static bgp_attr_parse_ret_t
d62a17ae 1543bgp_attr_community(struct bgp_attr_parser_args *args)
1544{
1545 struct peer *const peer = args->peer;
1546 struct attr *const attr = args->attr;
1547 const bgp_size_t length = args->length;
1548
1549 if (length == 0) {
1550 attr->community = NULL;
1551 return BGP_ATTR_PARSE_PROCEED;
1552 }
1553
1554 attr->community =
d7c0a89a 1555 community_parse((uint32_t *)stream_pnt(peer->curr), length);
d62a17ae 1556
1557 /* XXX: fix community_parse to use stream API and remove this */
424ab01d 1558 stream_forward_getp(peer->curr, length);
d62a17ae 1559
1560 if (!attr->community)
1561 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1562 args->total);
1563
1564 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1565
1566 return BGP_ATTR_PARSE_PROCEED;
718e3744 1567}
1568
1569/* Originator ID attribute. */
b881c707 1570static bgp_attr_parse_ret_t
d62a17ae 1571bgp_attr_originator_id(struct bgp_attr_parser_args *args)
718e3744 1572{
d62a17ae 1573 struct peer *const peer = args->peer;
1574 struct attr *const attr = args->attr;
1575 const bgp_size_t length = args->length;
718e3744 1576
d62a17ae 1577 /* Length check. */
1578 if (length != 4) {
af4c2728 1579 flog_err(BGP_ERR_ATTR_LEN, "Bad originator ID length %d",
14454c9f 1580 length);
718e3744 1581
d62a17ae 1582 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1583 args->total);
1584 }
1585
424ab01d 1586 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
718e3744 1587
d62a17ae 1588 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
718e3744 1589
d62a17ae 1590 return BGP_ATTR_PARSE_PROCEED;
718e3744 1591}
1592
1593/* Cluster list attribute. */
b881c707 1594static bgp_attr_parse_ret_t
d62a17ae 1595bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
718e3744 1596{
d62a17ae 1597 struct peer *const peer = args->peer;
1598 struct attr *const attr = args->attr;
1599 const bgp_size_t length = args->length;
1600
1601 /* Check length. */
1602 if (length % 4) {
af4c2728 1603 flog_err(BGP_ERR_ATTR_LEN, "Bad cluster list length %d",
14454c9f 1604 length);
718e3744 1605
d62a17ae 1606 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1607 args->total);
1608 }
1609
1610 attr->cluster =
424ab01d 1611 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
718e3744 1612
d62a17ae 1613 /* XXX: Fix cluster_parse to use stream API and then remove this */
424ab01d 1614 stream_forward_getp(peer->curr, length);
718e3744 1615
d62a17ae 1616 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
718e3744 1617
d62a17ae 1618 return BGP_ATTR_PARSE_PROCEED;
718e3744 1619}
1620
1621/* Multiprotocol reachability information parse. */
d62a17ae 1622int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1623 struct bgp_nlri *mp_update)
1624{
1625 iana_afi_t pkt_afi;
1626 afi_t afi;
5c525538
RW		 1627 iana_safi_t pkt_safi;
1628 safi_t safi;
d62a17ae 1629 bgp_size_t nlri_len;
1630 size_t start;
1631 struct stream *s;
1632 struct peer *const peer = args->peer;
1633 struct attr *const attr = args->attr;
1634 const bgp_size_t length = args->length;
1635
1636 /* Set end of packet. */
1637 s = BGP_INPUT(peer);
1638 start = stream_get_getp(s);
1639
1640/* safe to read statically sized header? */
6e4ab12f 1641#define BGP_MP_REACH_MIN_SIZE 5
03292809 1642#define LEN_LEFT (length - (stream_get_getp(s) - start))
d62a17ae 1643 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1644 zlog_info("%s: %s sent invalid length, %lu", __func__,
1645 peer->host, (unsigned long)length);
1646 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1647 }
1648
1649 /* Load AFI, SAFI. */
1650 pkt_afi = stream_getw(s);
1651 pkt_safi = stream_getc(s);
1652
1653 /* Convert AFI, SAFI to internal values, check. */
1654 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1655 /* Log if AFI or SAFI is unrecognized. This is not an error
1656 * unless
1657 * the attribute is otherwise malformed.
1658 */
1659 if (bgp_debug_update(peer, NULL, NULL, 0))
1660 zlog_debug(
1661 "%s: MP_REACH received AFI %u or SAFI %u is unrecognized",
1662 peer->host, pkt_afi, pkt_safi);
1663 return BGP_ATTR_PARSE_ERROR;
1664 }
1665
1666 /* Get nexthop length. */
1667 attr->mp_nexthop_len = stream_getc(s);
1668
1669 if (LEN_LEFT < attr->mp_nexthop_len) {
1670 zlog_info(
1671 "%s: %s, MP nexthop length, %u, goes past end of attribute",
1672 __func__, peer->host, attr->mp_nexthop_len);
1673 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1674 }
1675
1676 /* Nexthop length check. */
1677 switch (attr->mp_nexthop_len) {
7c40bf39 1678 case 0:
1679 if (safi != SAFI_FLOWSPEC) {
1680 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1681 __func__, peer->host, attr->mp_nexthop_len);
1682 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1683 }
1684 break;
b6453163
LB		 1685 case BGP_ATTR_NHLEN_VPNV4:
1686 stream_getl(s); /* RD high */
1687 stream_getl(s); /* RD low */
996c9314
LB		 1688 /*
1689 * NOTE: intentional fall through
1690 * - for consistency in rx processing
1691 *
1692 * The following comment is to signal GCC this intention
1693 * and supress the warning
1694 */
1695 /* FALLTHRU */
d62a17ae 1696 case BGP_ATTR_NHLEN_IPV4:
1697 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1698 /* Probably needed for RFC 2283 */
1699 if (attr->nexthop.s_addr == 0)
1700 memcpy(&attr->nexthop.s_addr,
1701 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1702 break;
d62a17ae 1703 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1704 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1705 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1706 stream_getl(s); /* RD high */
1707 stream_getl(s); /* RD low */
1708 }
1709 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
77e62f2b 1710 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global))
1711 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1712 break;
1713 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1714 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1715 if (attr->mp_nexthop_len
1716 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1717 stream_getl(s); /* RD high */
1718 stream_getl(s); /* RD low */
1719 }
1720 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
77e62f2b 1721 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global))
1722 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1723 if (attr->mp_nexthop_len
1724 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1725 stream_getl(s); /* RD high */
1726 stream_getl(s); /* RD low */
1727 }
1728 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1729 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1730 char buf1[INET6_ADDRSTRLEN];
1731 char buf2[INET6_ADDRSTRLEN];
1732
1733 if (bgp_debug_update(peer, NULL, NULL, 1))
1734 zlog_debug(
1735 "%s rcvd nexthops %s, %s -- ignoring non-LL value",
1736 peer->host,
1737 inet_ntop(AF_INET6,
1738 &attr->mp_nexthop_global,
1739 buf1, INET6_ADDRSTRLEN),
1740 inet_ntop(AF_INET6,
1741 &attr->mp_nexthop_local, buf2,
1742 INET6_ADDRSTRLEN));
1743
1744 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1745 }
77e62f2b 1746 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
d62a17ae 1747 break;
1748 default:
1749 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1750 __func__, peer->host, attr->mp_nexthop_len);
1751 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1752 }
1753
1754 if (!LEN_LEFT) {
1755 zlog_info("%s: (%s) Failed to read SNPA and NLRI(s)", __func__,
1756 peer->host);
1757 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1758 }
1759
718e3744 1760 {
d7c0a89a 1761 uint8_t val;
d62a17ae 1762 if ((val = stream_getc(s)))
ade6974d
QY		 1763 flog_warn(
1764 BGP_WARN_DEFUNCT_SNPA_LEN,
1765 "%s sent non-zero value, %u, for defunct SNPA-length field",
1766 peer->host, val);
d62a17ae 1767 }
1768
1769 /* must have nrli_len, what is left of the attribute */
1770 nlri_len = LEN_LEFT;
9b9df989 1771 if (nlri_len > STREAM_READABLE(s)) {
d62a17ae 1772 zlog_info("%s: (%s) Failed to read NLRI", __func__, peer->host);
1773 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1774 }
1775
9b9df989
DS		 1776 if (!nlri_len) {
1777 zlog_info("%s: (%s) No Reachability, Treating as a EOR marker",
1778 __func__, peer->host);
1779
1780 mp_update->afi = afi;
1781 mp_update->safi = safi;
1782 return BGP_ATTR_PARSE_EOR;
1783 }
1784
d62a17ae 1785 mp_update->afi = afi;
1786 mp_update->safi = safi;
1787 mp_update->nlri = stream_pnt(s);
1788 mp_update->length = nlri_len;
1789
1790 stream_forward_getp(s, nlri_len);
1791
1792 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1793
1794 return BGP_ATTR_PARSE_PROCEED;
03292809 1795#undef LEN_LEFT
718e3744 1796}
1797
1798/* Multiprotocol unreachable parse */
d62a17ae 1799int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1800 struct bgp_nlri *mp_withdraw)
1801{
1802 struct stream *s;
1803 iana_afi_t pkt_afi;
1804 afi_t afi;
5c525538
RW		 1805 iana_safi_t pkt_safi;
1806 safi_t safi;
d7c0a89a 1807 uint16_t withdraw_len;
d62a17ae 1808 struct peer *const peer = args->peer;
1809 struct attr *const attr = args->attr;
1810 const bgp_size_t length = args->length;
9cabb64b 1811
424ab01d 1812 s = peer->curr;
9cabb64b 1813
d62a17ae 1814#define BGP_MP_UNREACH_MIN_SIZE 3
1815 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1816 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1817
1818 pkt_afi = stream_getw(s);
1819 pkt_safi = stream_getc(s);
1820
1821 /* Convert AFI, SAFI to internal values, check. */
1822 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1823 /* Log if AFI or SAFI is unrecognized. This is not an error
1824 * unless
1825 * the attribute is otherwise malformed.
1826 */
1827 if (bgp_debug_update(peer, NULL, NULL, 0))
1828 zlog_debug(
1829 "%s: MP_UNREACH received AFI %u or SAFI %u is unrecognized",
1830 peer->host, pkt_afi, pkt_safi);
1831 return BGP_ATTR_PARSE_ERROR;
1832 }
718e3744 1833
d62a17ae 1834 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
718e3744 1835
d62a17ae 1836 mp_withdraw->afi = afi;
1837 mp_withdraw->safi = safi;
1838 mp_withdraw->nlri = stream_pnt(s);
1839 mp_withdraw->length = withdraw_len;
718e3744 1840
d62a17ae 1841 stream_forward_getp(s, withdraw_len);
37da8fa9 1842
d62a17ae 1843 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1844
1845 return BGP_ATTR_PARSE_PROCEED;
718e3744 1846}
1847
57d187bc
JS		 1848/* Large Community attribute. */
1849static bgp_attr_parse_ret_t
d62a17ae 1850bgp_attr_large_community(struct bgp_attr_parser_args *args)
1851{
1852 struct peer *const peer = args->peer;
1853 struct attr *const attr = args->attr;
1854 const bgp_size_t length = args->length;
1855
1856 /*
1857 * Large community follows new attribute format.
1858 */
1859 if (length == 0) {
1860 attr->lcommunity = NULL;
1861 /* Empty extcomm doesn't seem to be invalid per se */
1862 return BGP_ATTR_PARSE_PROCEED;
1863 }
57d187bc 1864
d62a17ae 1865 attr->lcommunity =
d7c0a89a 1866 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1867 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1868 stream_forward_getp(peer->curr, length);
57d187bc 1869
d62a17ae 1870 if (!attr->lcommunity)
1871 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1872 args->total);
57d187bc 1873
d62a17ae 1874 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
57d187bc 1875
d62a17ae 1876 return BGP_ATTR_PARSE_PROCEED;
57d187bc
JS		 1877}
1878
718e3744 1879/* Extended Community attribute. */
b881c707 1880static bgp_attr_parse_ret_t
d62a17ae 1881bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1882{
1883 struct peer *const peer = args->peer;
1884 struct attr *const attr = args->attr;
1885 const bgp_size_t length = args->length;
d7c0a89a 1886 uint8_t sticky = 0;
d62a17ae 1887
1888 if (length == 0) {
1889 attr->ecommunity = NULL;
1890 /* Empty extcomm doesn't seem to be invalid per se */
1891 return BGP_ATTR_PARSE_PROCEED;
1892 }
1893
1894 attr->ecommunity =
d7c0a89a 1895 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
d62a17ae 1896 /* XXX: fix ecommunity_parse to use stream API */
424ab01d 1897 stream_forward_getp(peer->curr, length);
d62a17ae 1898
1899 if (!attr->ecommunity)
1900 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1901 args->total);
1902
1903 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1904
1905 /* Extract MAC mobility sequence number, if any. */
1906 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1907 attr->sticky = sticky;
1908
ead40654
MK		 1909 /* Check if this is a Gateway MAC-IP advertisement */
1910 attr->default_gw = bgp_attr_default_gw(attr);
1911
68e33151
CS		 1912 /* Handle scenario where router flag ecommunity is not
1913 * set but default gw ext community is present.
1914 * Use default gateway, set and propogate R-bit.
1915 */
1916 if (attr->default_gw)
1917 attr->router_flag = 1;
1918
1919 /* Check EVPN Neighbor advertisement flags, R-bit */
1920 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1921
bc59a672
MK		 1922 /* Extract the Rmac, if any */
1923 bgp_attr_rmac(attr, &attr->rmac);
1924
d62a17ae 1925 return BGP_ATTR_PARSE_PROCEED;
718e3744 1926}
1927
f4c89855 1928/* Parse Tunnel Encap attribute in an UPDATE */
d62a17ae 1929static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
1930 bgp_size_t length, /* IN: attr's length field */
1931 struct attr *attr, /* IN: caller already allocated */
d7c0a89a
QY		 1932 uint8_t flag, /* IN: attr's flags field */
1933 uint8_t *startp)
d62a17ae 1934{
1935 bgp_size_t total;
d62a17ae 1936 uint16_t tunneltype = 0;
1937
1938 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
1939
1940 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
1941 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
1942 zlog_info(
1943 "Tunnel Encap attribute flag isn't optional and transitive %d",
1944 flag);
1945 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1946 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
1947 startp, total);
1948 return -1;
1949 }
1950
1951 if (BGP_ATTR_ENCAP == type) {
1952 /* read outer TLV type and length */
1953 uint16_t tlv_length;
1954
1955 if (length < 4) {
1956 zlog_info(
1957 "Tunnel Encap attribute not long enough to contain outer T,L");
1958 bgp_notify_send_with_data(
1959 peer, BGP_NOTIFY_UPDATE_ERR,
1960 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1961 return -1;
1962 }
1963 tunneltype = stream_getw(BGP_INPUT(peer));
1964 tlv_length = stream_getw(BGP_INPUT(peer));
1965 length -= 4;
1966
1967 if (tlv_length != length) {
1968 zlog_info("%s: tlv_length(%d) != length(%d)", __func__,
1969 tlv_length, length);
1970 }
1971 }
1972
1973 while (length >= 4) {
1974 uint16_t subtype = 0;
1975 uint16_t sublength = 0;
1976 struct bgp_attr_encap_subtlv *tlv;
1977
1978 if (BGP_ATTR_ENCAP == type) {
1979 subtype = stream_getc(BGP_INPUT(peer));
1980 sublength = stream_getc(BGP_INPUT(peer));
1981 length -= 2;
65efcfce 1982#if ENABLE_BGP_VNC
d62a17ae 1983 } else {
1984 subtype = stream_getw(BGP_INPUT(peer));
1985 sublength = stream_getw(BGP_INPUT(peer));
1986 length -= 4;
65efcfce 1987#endif
d62a17ae 1988 }
1989
1990 if (sublength > length) {
1991 zlog_info(
1992 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
1993 sublength, length);
1994 bgp_notify_send_with_data(
1995 peer, BGP_NOTIFY_UPDATE_ERR,
1996 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1997 return -1;
1998 }
1999
2000 /* alloc and copy sub-tlv */
2001 /* TBD make sure these are freed when attributes are released */
2002 tlv = XCALLOC(MTYPE_ENCAP_TLV,
996c9314 2003 sizeof(struct bgp_attr_encap_subtlv) + sublength);
d62a17ae 2004 tlv->type = subtype;
2005 tlv->length = sublength;
424ab01d 2006 stream_get(tlv->value, peer->curr, sublength);
d62a17ae 2007 length -= sublength;
2008
2009 /* attach tlv to encap chain */
2010 if (BGP_ATTR_ENCAP == type) {
e4002056 2011 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 2012 for (stlv_last = attr->encap_subtlvs;
2013 stlv_last && stlv_last->next;
2014 stlv_last = stlv_last->next)
2015 ;
2016 if (stlv_last) {
2017 stlv_last->next = tlv;
2018 } else {
2019 attr->encap_subtlvs = tlv;
2020 }
65efcfce 2021#if ENABLE_BGP_VNC
d62a17ae 2022 } else {
e4002056 2023 struct bgp_attr_encap_subtlv *stlv_last;
d62a17ae 2024 for (stlv_last = attr->vnc_subtlvs;
2025 stlv_last && stlv_last->next;
2026 stlv_last = stlv_last->next)
2027 ;
2028 if (stlv_last) {
2029 stlv_last->next = tlv;
2030 } else {
2031 attr->vnc_subtlvs = tlv;
2032 }
aadc0905 2033#endif
d62a17ae 2034 }
d62a17ae 2035 }
f4c89855 2036
d62a17ae 2037 if (BGP_ATTR_ENCAP == type) {
2038 attr->encap_tunneltype = tunneltype;
2039 }
f4c89855 2040
d62a17ae 2041 if (length) {
2042 /* spurious leftover data */
2043 zlog_info(
2044 "Tunnel Encap attribute length is bad: %d leftover octets",
2045 length);
2046 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2047 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2048 startp, total);
2049 return -1;
2050 }
f4c89855 2051
d62a17ae 2052 return 0;
f4c89855
LB		 2053}
2054
30adbd4e
DS		 2055/*
2056 * Read an individual SID value returning how much data we have read
2057 * Returns 0 if there was an error that needs to be passed up the stack
c5a543b4 2058 */
30adbd4e
DS		 2059static bgp_attr_parse_ret_t bgp_attr_psid_sub(int32_t type,
2060 int32_t length,
2061 struct bgp_attr_parser_args *args,
2062 struct bgp_nlri *mp_update)
d62a17ae 2063{
2064 struct peer *const peer = args->peer;
2065 struct attr *const attr = args->attr;
d7c0a89a 2066 uint32_t label_index;
d62a17ae 2067 struct in6_addr ipv6_sid;
d7c0a89a
QY		 2068 uint32_t srgb_base;
2069 uint32_t srgb_range;
d62a17ae 2070 int srgb_count;
2071
d62a17ae 2072 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2073 if (length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
af4c2728 2074 flog_err(
14454c9f
DS		 2075 BGP_ERR_ATTR_LEN,
2076 "Prefix SID label index length is %d instead of %d",
2077 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
30adbd4e
DS		 2078 return bgp_attr_malformed(args,
2079 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2080 args->total);
d62a17ae 2081 }
2082
2083 /* Ignore flags and reserved */
424ab01d
QY		 2084 stream_getc(peer->curr);
2085 stream_getw(peer->curr);
d62a17ae 2086
2087 /* Fetch the label index and see if it is valid. */
424ab01d 2088 label_index = stream_getl(peer->curr);
d62a17ae 2089 if (label_index == BGP_INVALID_LABEL_INDEX)
30adbd4e
DS		 2090 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2091 args->total);
d62a17ae 2092
2093 /* Store label index; subsequently, we'll check on
2094 * address-family */
2095 attr->label_index = label_index;
2096
2097 /*
2098 * Ignore the Label index attribute unless received for
2099 * labeled-unicast
2100 * SAFI.
2101 */
2102 if (!mp_update->length
2103 || mp_update->safi != SAFI_LABELED_UNICAST)
2104 attr->label_index = BGP_INVALID_LABEL_INDEX;
2105 }
2106
2107 /* Placeholder code for the IPv6 SID type */
2108 else if (type == BGP_PREFIX_SID_IPV6) {
2109 if (length != BGP_PREFIX_SID_IPV6_LENGTH) {
af4c2728 2110 flog_err(BGP_ERR_ATTR_LEN,
14454c9f
DS		 2111 "Prefix SID IPv6 length is %d instead of %d",
2112 length, BGP_PREFIX_SID_IPV6_LENGTH);
30adbd4e
DS		 2113 return bgp_attr_malformed(args,
2114 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2115 args->total);
d62a17ae 2116 }
2117
2118 /* Ignore reserved */
424ab01d
QY		 2119 stream_getc(peer->curr);
2120 stream_getw(peer->curr);
d62a17ae 2121
424ab01d 2122 stream_get(&ipv6_sid, peer->curr, 16);
d62a17ae 2123 }
2124
2125 /* Placeholder code for the Originator SRGB type */
2126 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2127 /* Ignore flags */
424ab01d 2128 stream_getw(peer->curr);
d62a17ae 2129
2130 length -= 2;
2131
2132 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
af4c2728 2133 flog_err(
14454c9f 2134 BGP_ERR_ATTR_LEN,
d62a17ae 2135 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2136 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2137 return bgp_attr_malformed(
2138 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2139 args->total);
2140 }
2141
2142 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2143
2144 for (int i = 0; i < srgb_count; i++) {
424ab01d
QY		 2145 stream_get(&srgb_base, peer->curr, 3);
2146 stream_get(&srgb_range, peer->curr, 3);
d62a17ae 2147 }
2148 }
2149
2150 return BGP_ATTR_PARSE_PROCEED;
6cf48acc
VV		 2151}
2152
30adbd4e
DS		 2153/* Prefix SID attribute
2154 * draft-ietf-idr-bgp-prefix-sid-05
2155 */
2156bgp_attr_parse_ret_t
2157bgp_attr_prefix_sid(int32_t tlength, struct bgp_attr_parser_args *args,
2158 struct bgp_nlri *mp_update)
2159{
2160 struct peer *const peer = args->peer;
2161 struct attr *const attr = args->attr;
2162 bgp_attr_parse_ret_t ret;
2163
2164 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2165
2166 while (tlength) {
2167 int32_t type, length;
2168
2169 type = stream_getc(peer->curr);
2170 length = stream_getw(peer->curr);
2171
2172 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2173
2174 if (ret != BGP_ATTR_PARSE_PROCEED)
2175 return ret;
2176 /*
2177 * Subtract length + the T and the L
2178 * since length is the Vector portion
2179 */
2180 tlength -= length + 3;
2181
2182 if (tlength < 0) {
af4c2728 2183 flog_err(
14454c9f
DS		 2184 BGP_ERR_ATTR_LEN,
2185 "Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2186 length);
30adbd4e
DS		 2187 return bgp_attr_malformed(args,
2188 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2189 args->total);
2190 }
2191 }
2192
2193 return BGP_ATTR_PARSE_PROCEED;
2194}
2195
7fd077aa 2196/* PMSI tunnel attribute (RFC 6514)
2197 * Basic validation checks done here.
2198 */
2199static bgp_attr_parse_ret_t
2200bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2201{
2202 struct peer *const peer = args->peer;
2203 struct attr *const attr = args->attr;
2204 const bgp_size_t length = args->length;
d7c0a89a 2205 uint8_t tnl_type;
7fd077aa 2206
2207 /* Verify that the receiver is expecting "ingress replication" as we
2208 * can only support that.
2209 */
2210 if (length < 2) {
af4c2728 2211 flog_err(BGP_ERR_ATTR_LEN,
14454c9f 2212 "Bad PMSI tunnel attribute length %d", length);
7fd077aa 2213 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2214 args->total);
2215 }
2216 stream_getc(peer->curr); /* Flags */
2217 tnl_type = stream_getc(peer->curr);
2218 if (tnl_type > PMSI_TNLTYPE_MAX) {
af4c2728 2219 flog_err(BGP_ERR_ATTR_PMSI_TYPE,
14454c9f 2220 "Invalid PMSI tunnel attribute type %d", tnl_type);
7fd077aa 2221 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2222 args->total);
2223 }
2224 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2225 if (length != 9) {
af4c2728 2226 flog_err(BGP_ERR_ATTR_PMSI_LEN,
14454c9f
DS		 2227 "Bad PMSI tunnel attribute length %d for IR",
2228 length);
052ea98b 2229 return bgp_attr_malformed(
2230 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2231 args->total);
7fd077aa 2232 }
2233 }
2234
2235 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2236 attr->pmsi_tnl_type = tnl_type;
2237
2238 /* Forward read pointer of input stream. */
2239 stream_forward_getp(peer->curr, length - 2);
2240
2241 return BGP_ATTR_PARSE_PROCEED;
2242}
2243
718e3744 2244/* BGP unknown attribute treatment. */
d62a17ae 2245static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2246{
2247 bgp_size_t total = args->total;
2248 struct transit *transit;
2249 struct peer *const peer = args->peer;
2250 struct attr *const attr = args->attr;
d7c0a89a
QY		 2251 uint8_t *const startp = args->startp;
2252 const uint8_t type = args->type;
2253 const uint8_t flag = args->flags;
d62a17ae 2254 const bgp_size_t length = args->length;
2255
2256 if (bgp_debug_update(peer, NULL, NULL, 1))
2257 zlog_debug(
2258 "%s Unknown attribute is received (type %d, length %d)",
2259 peer->host, type, length);
2260
2261 /* Forward read pointer of input stream. */
424ab01d 2262 stream_forward_getp(peer->curr, length);
d62a17ae 2263
2264 /* If any of the mandatory well-known attributes are not recognized,
2265 then the Error Subcode is set to Unrecognized Well-known
2266 Attribute. The Data field contains the unrecognized attribute
2267 (type, length and value). */
2268 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2269 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2270 args->total);
2271 }
2272
2273 /* Unrecognized non-transitive optional attributes must be quietly
2274 ignored and not passed along to other BGP peers. */
2275 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2276 return BGP_ATTR_PARSE_PROCEED;
2277
2278 /* If a path with recognized transitive optional attribute is
2279 accepted and passed along to other BGP peers and the Partial bit
2280 in the Attribute Flags octet is set to 1 by some previous AS, it
2281 is not set back to 0 by the current AS. */
2282 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2283
2284 /* Store transitive attribute to the end of attr->transit. */
2285 if (!attr->transit)
2286 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2287
2288 transit = attr->transit;
2289
2290 if (transit->val)
2291 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2292 transit->length + total);
2293 else
2294 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2295
2296 memcpy(transit->val + transit->length, startp, total);
2297 transit->length += total;
2298
2299 return BGP_ATTR_PARSE_PROCEED;
718e3744 2300}
2301
bb7bef14 2302/* Well-known attribute check. */
d62a17ae 2303static int bgp_attr_check(struct peer *peer, struct attr *attr)
2304{
d7c0a89a 2305 uint8_t type = 0;
d62a17ae 2306
2307 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2308 * empty UPDATE. */
2309 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2310 return BGP_ATTR_PARSE_PROCEED;
2311
2312 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2313 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2314 are present, it should. Check for any other attribute being present
2315 instead.
2316 */
404c82d5
PG		 2317 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2318 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
d62a17ae 2319 return BGP_ATTR_PARSE_PROCEED;
2320
2321 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2322 type = BGP_ATTR_ORIGIN;
2323
2324 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2325 type = BGP_ATTR_AS_PATH;
2326
2327 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2328 * and
2329 * NLRI is empty. We can't easily check NLRI empty here though.
2330 */
2331 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2332 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2333 type = BGP_ATTR_NEXT_HOP;
2334
2335 if (peer->sort == BGP_PEER_IBGP
2336 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2337 type = BGP_ATTR_LOCAL_PREF;
2338
2339 if (type) {
559aaa30
DS		 2340 flog_warn(BGP_WARN_MISSING_ATTRIBUTE,
2341 "%s Missing well-known attribute %s.", peer->host,
d62a17ae 2342 lookup_msg(attr_str, type, NULL));
2343 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2344 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2345 1);
2346 return BGP_ATTR_PARSE_ERROR;
2347 }
2348 return BGP_ATTR_PARSE_PROCEED;
bb7bef14
PJ		 2349}
2350
718e3744 2351/* Read attribute of update packet. This function is called from
8b366b9c 2352 bgp_update_receive() in bgp_packet.c. */
d62a17ae 2353bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2354 bgp_size_t size, struct bgp_nlri *mp_update,
2355 struct bgp_nlri *mp_withdraw)
2356{
f7813c7c 2357 bgp_attr_parse_ret_t ret;
d7c0a89a
QY		 2358 uint8_t flag = 0;
2359 uint8_t type = 0;
d62a17ae 2360 bgp_size_t length;
d7c0a89a
QY		 2361 uint8_t *startp, *endp;
2362 uint8_t *attr_endp;
2363 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
d62a17ae 2364 /* we need the as4_path only until we have synthesized the as_path with
2365 * it */
2366 /* same goes for as4_aggregator */
2367 struct aspath *as4_path = NULL;
2368 as_t as4_aggregator = 0;
2369 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2370
2371 /* Initialize bitmap. */
2372 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2373
2374 /* End pointer of BGP attribute. */
2375 endp = BGP_INPUT_PNT(peer) + size;
2376
2377 /* Get attributes to the end of attribute length. */
2378 while (BGP_INPUT_PNT(peer) < endp) {
2379 /* Check remaining length check.*/
2380 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2381 /* XXX warning: long int format, int arg (arg 5) */
ade6974d
QY		 2382 flog_warn(
2383 BGP_WARN_ATTRIBUTE_TOO_SMALL,
2384 "%s: error BGP attribute length %lu is smaller than min len",
2385 peer->host,
2386 (unsigned long)(endp
2387 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2388
2389 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2390 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2391 return BGP_ATTR_PARSE_ERROR;
2392 }
718e3744 2393
d62a17ae 2394 /* Fetch attribute flag and type. */
2395 startp = BGP_INPUT_PNT(peer);
2396 /* "The lower-order four bits of the Attribute Flags octet are
2397 unused. They MUST be zero when sent and MUST be ignored when
2398 received." */
2399 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2400 type = stream_getc(BGP_INPUT(peer));
2401
2402 /* Check whether Extended-Length applies and is in bounds */
2403 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2404 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
ade6974d
QY		 2405 flog_warn(
2406 BGP_WARN_EXT_ATTRIBUTE_TOO_SMALL,
2407 "%s: Extended length set, but just %lu bytes of attr header",
2408 peer->host,
2409 (unsigned long)(endp
2410 - stream_pnt(BGP_INPUT(peer))));
d62a17ae 2411
2412 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2413 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2414 return BGP_ATTR_PARSE_ERROR;
2415 }
718e3744 2416
d62a17ae 2417 /* Check extended attribue length bit. */
2418 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2419 length = stream_getw(BGP_INPUT(peer));
2420 else
2421 length = stream_getc(BGP_INPUT(peer));
718e3744 2422
d62a17ae 2423 /* If any attribute appears more than once in the UPDATE
2424 message, then the Error Subcode is set to Malformed Attribute
2425 List. */
718e3744 2426
d62a17ae 2427 if (CHECK_BITMAP(seen, type)) {
ade6974d
QY		 2428 flog_warn(
2429 BGP_WARN_ATTRIBUTE_REPEATED,
2430 "%s: error BGP attribute type %d appears twice in a message",
2431 peer->host, type);
718e3744 2432
d62a17ae 2433 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2434 BGP_NOTIFY_UPDATE_MAL_ATTR);
2435 return BGP_ATTR_PARSE_ERROR;
2436 }
2437
2438 /* Set type to bitmap to check duplicate attribute. `type' is
2439 unsigned char so it never overflow bitmap range. */
2440
2441 SET_BITMAP(seen, type);
2442
2443 /* Overflow check. */
2444 attr_endp = BGP_INPUT_PNT(peer) + length;
2445
2446 if (attr_endp > endp) {
ade6974d
QY		 2447 flog_warn(
2448 BGP_WARN_ATTRIBUTE_TOO_LARGE,
2449 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2450 peer->host, type, length, size, attr_endp,
2451 endp);
dacffad4
QY		 2452 /*
2453 * RFC 4271 6.3
2454 * If any recognized attribute has an Attribute
2455 * Length that conflicts with the expected length
2456 * (based on the attribute type code), then the
2457 * Error Subcode MUST be set to Attribute Length
2458 * Error. The Data field MUST contain the erroneous
2459 * attribute (type, length, and value).
2460 * ----------
2461 * We do not currently have a good way to determine the
2462 * length of the attribute independent of the length
2463 * received in the message. Instead we send the
2464 * minimum between the amount of data we have and the
2465 * amount specified by the attribute length field.
2466 *
2467 * Instead of directly passing in the packet buffer and
2468 * offset we use the stream_get* functions to read into
2469 * a stack buffer, since they perform bounds checking
2470 * and we are working with untrusted data.
2471 */
2472 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2473 memset(ndata, 0x00, sizeof(ndata));
2474 size_t lfl =
2475 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2476 /* Rewind to end of flag field */
2477 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2478 /* Type */
2479 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2480 /* Length */
2481 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2482 /* Value */
2483 size_t atl = attr_endp - startp;
2484 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2485 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2486
d62a17ae 2487 bgp_notify_send_with_data(
2488 peer, BGP_NOTIFY_UPDATE_ERR,
dacffad4
QY		 2489 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2490 ndl + lfl + 1);
2491
d62a17ae 2492 return BGP_ATTR_PARSE_ERROR;
2493 }
2494
2495 struct bgp_attr_parser_args attr_args = {
2496 .peer = peer,
2497 .length = length,
2498 .attr = attr,
2499 .type = type,
2500 .flags = flag,
2501 .startp = startp,
2502 .total = attr_endp - startp,
2503 };
2504
2505
2506 /* If any recognized attribute has Attribute Flags that conflict
2507 with the Attribute Type Code, then the Error Subcode is set
2508 to
2509 Attribute Flags Error. The Data field contains the erroneous
2510 attribute (type, length and value). */
2511 if (bgp_attr_flag_invalid(&attr_args)) {
d62a17ae 2512 ret = bgp_attr_malformed(
2513 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2514 attr_args.total);
2515 if (ret == BGP_ATTR_PARSE_PROCEED)
2516 continue;
2517 return ret;
2518 }
2519
2520 /* OK check attribute and store it's value. */
2521 switch (type) {
2522 case BGP_ATTR_ORIGIN:
2523 ret = bgp_attr_origin(&attr_args);
2524 break;
2525 case BGP_ATTR_AS_PATH:
2526 ret = bgp_attr_aspath(&attr_args);
2527 break;
2528 case BGP_ATTR_AS4_PATH:
2529 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2530 break;
2531 case BGP_ATTR_NEXT_HOP:
2532 ret = bgp_attr_nexthop(&attr_args);
2533 break;
2534 case BGP_ATTR_MULTI_EXIT_DISC:
2535 ret = bgp_attr_med(&attr_args);
2536 break;
2537 case BGP_ATTR_LOCAL_PREF:
2538 ret = bgp_attr_local_pref(&attr_args);
2539 break;
2540 case BGP_ATTR_ATOMIC_AGGREGATE:
2541 ret = bgp_attr_atomic(&attr_args);
2542 break;
2543 case BGP_ATTR_AGGREGATOR:
2544 ret = bgp_attr_aggregator(&attr_args);
2545 break;
2546 case BGP_ATTR_AS4_AGGREGATOR:
2547 ret = bgp_attr_as4_aggregator(&attr_args,
2548 &as4_aggregator,
2549 &as4_aggregator_addr);
2550 break;
2551 case BGP_ATTR_COMMUNITIES:
2552 ret = bgp_attr_community(&attr_args);
2553 break;
2554 case BGP_ATTR_LARGE_COMMUNITIES:
2555 ret = bgp_attr_large_community(&attr_args);
2556 break;
2557 case BGP_ATTR_ORIGINATOR_ID:
2558 ret = bgp_attr_originator_id(&attr_args);
2559 break;
2560 case BGP_ATTR_CLUSTER_LIST:
2561 ret = bgp_attr_cluster_list(&attr_args);
2562 break;
2563 case BGP_ATTR_MP_REACH_NLRI:
2564 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2565 break;
2566 case BGP_ATTR_MP_UNREACH_NLRI:
2567 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2568 break;
2569 case BGP_ATTR_EXT_COMMUNITIES:
2570 ret = bgp_attr_ext_communities(&attr_args);
2571 break;
65efcfce 2572#if ENABLE_BGP_VNC
d62a17ae 2573 case BGP_ATTR_VNC:
65efcfce 2574#endif
d62a17ae 2575 case BGP_ATTR_ENCAP:
2576 ret = bgp_attr_encap(type, peer, length, attr, flag,
2577 startp);
2578 break;
2579 case BGP_ATTR_PREFIX_SID:
30adbd4e
DS		 2580 ret = bgp_attr_prefix_sid(length,
2581 &attr_args, mp_update);
d62a17ae 2582 break;
7fd077aa 2583 case BGP_ATTR_PMSI_TUNNEL:
2584 ret = bgp_attr_pmsi_tunnel(&attr_args);
2585 break;
d62a17ae 2586 default:
2587 ret = bgp_attr_unknown(&attr_args);
2588 break;
2589 }
2590
2591 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2592 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2593 BGP_NOTIFY_UPDATE_MAL_ATTR);
2594 ret = BGP_ATTR_PARSE_ERROR;
2595 }
2596
9b9df989
DS		 2597 if (ret == BGP_ATTR_PARSE_EOR) {
2598 if (as4_path)
2599 aspath_unintern(&as4_path);
2600 return ret;
2601 }
2602
d62a17ae 2603 /* If hard error occured immediately return to the caller. */
2604 if (ret == BGP_ATTR_PARSE_ERROR) {
559aaa30
DS		 2605 flog_warn(BGP_WARN_ATTRIBUTE_PARSE_ERROR,
2606 "%s: Attribute %s, parse error", peer->host,
d62a17ae 2607 lookup_msg(attr_str, type, NULL));
2608 if (as4_path)
2609 aspath_unintern(&as4_path);
2610 return ret;
2611 }
2612 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2613
ade6974d
QY		 2614 flog_warn(
2615 BGP_WARN_ATTRIBUTE_PARSE_WITHDRAW,
d62a17ae 2616 "%s: Attribute %s, parse error - treating as withdrawal",
2617 peer->host, lookup_msg(attr_str, type, NULL));
2618 if (as4_path)
2619 aspath_unintern(&as4_path);
2620 return ret;
2621 }
2622
2623 /* Check the fetched length. */
2624 if (BGP_INPUT_PNT(peer) != attr_endp) {
559aaa30
DS		 2625 flog_warn(BGP_WARN_ATTRIBUTE_FETCH_ERROR,
2626 "%s: BGP attribute %s, fetch error",
d62a17ae 2627 peer->host, lookup_msg(attr_str, type, NULL));
2628 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2629 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2630 if (as4_path)
2631 aspath_unintern(&as4_path);
2632 return BGP_ATTR_PARSE_ERROR;
2633 }
718e3744 2634 }
d62a17ae 2635
2636 /* Check final read pointer is same as end pointer. */
2637 if (BGP_INPUT_PNT(peer) != endp) {
559aaa30
DS		 2638 flog_warn(BGP_WARN_ATTRIBUTES_MISMATCH,
2639 "%s: BGP attribute %s, length mismatch", peer->host,
d62a17ae 2640 lookup_msg(attr_str, type, NULL));
2641 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2642 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2643 if (as4_path)
2644 aspath_unintern(&as4_path);
2645 return BGP_ATTR_PARSE_ERROR;
2646 }
2647
2648 /* Check all mandatory well-known attributes are present */
f7813c7c
A		 2649 if ((ret = bgp_attr_check(peer, attr)) < 0) {
2650 if (as4_path)
2651 aspath_unintern(&as4_path);
2652 return ret;
d62a17ae 2653 }
2654
2655 /*
2656 * At this place we can see whether we got AS4_PATH and/or
2657 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2658 * We can not do this before we've read all attributes because
2659 * the as4 handling does not say whether AS4_PATH has to be sent
2660 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2661 * in relationship to AGGREGATOR.
2662 * So, to be defensive, we are not relying on any order and read
2663 * all attributes first, including these 32bit ones, and now,
2664 * afterwards, we look what and if something is to be done for as4.
2665 *
2666 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2667 * MP_UNREACH_NLRI.
2668 */
2669 /* actually... this doesn't ever return failure currently, but
2670 * better safe than sorry */
2671 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2672 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2673 &as4_aggregator_addr)) {
2674 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2675 BGP_NOTIFY_UPDATE_MAL_ATTR);
2676 if (as4_path)
2677 aspath_unintern(&as4_path);
2678 return BGP_ATTR_PARSE_ERROR;
2679 }
2680
2681 /* At this stage, we have done all fiddling with as4, and the
2682 * resulting info is in attr->aggregator resp. attr->aspath
2683 * so we can chuck as4_aggregator and as4_path alltogether in
2684 * order to save memory
2685 */
2686 if (as4_path) {
2687 aspath_unintern(&as4_path); /* unintern - it is in the hash */
2688 /* The flag that we got this is still there, but that does not
2689 * do any trouble
2690 */
2691 }
2692 /*
2693 * The "rest" of the code does nothing with as4_aggregator.
2694 * there is no memory attached specifically which is not part
2695 * of the attr.
2696 * so ignoring just means do nothing.
2697 */
2698 /*
2699 * Finally do the checks on the aspath we did not do yet
2700 * because we waited for a potentially synthesized aspath.
2701 */
2702 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2703 ret = bgp_attr_aspath_check(peer, attr);
2704 if (ret != BGP_ATTR_PARSE_PROCEED)
2705 return ret;
2706 }
2707 /* Finally intern unknown attribute. */
2708 if (attr->transit)
2709 attr->transit = transit_intern(attr->transit);
2710 if (attr->encap_subtlvs)
2711 attr->encap_subtlvs =
2712 encap_intern(attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
bede7744 2713#if ENABLE_BGP_VNC
d62a17ae 2714 if (attr->vnc_subtlvs)
2715 attr->vnc_subtlvs =
2716 encap_intern(attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
bede7744 2717#endif
718e3744 2718
d62a17ae 2719 return BGP_ATTR_PARSE_PROCEED;
2720}
2721
2722size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2723 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2724 struct attr *attr)
2725{
2726 size_t sizep;
2727 iana_afi_t pkt_afi;
5c525538 2728 iana_safi_t pkt_safi;
d62a17ae 2729 afi_t nh_afi;
2730
2731 /* Set extended bit always to encode the attribute length as 2 bytes */
2732 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2733 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2734 sizep = stream_get_endp(s);
2735 stream_putw(s, 0); /* Marker: Attribute length. */
2736
2737
2738 /* Convert AFI, SAFI to values for packet. */
2739 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2740
2741 stream_putw(s, pkt_afi); /* AFI */
2742 stream_putc(s, pkt_safi); /* SAFI */
2743
2744 /* Nexthop AFI */
ce78a6fb 2745 if (afi == AFI_IP
2746 && (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
d62a17ae 2747 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
d62a17ae 2748 else
2749 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2750
2751 /* Nexthop */
2752 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2753 switch (nh_afi) {
2754 case AFI_IP:
2755 switch (safi) {
2756 case SAFI_UNICAST:
2757 case SAFI_MULTICAST:
2758 case SAFI_LABELED_UNICAST:
2759 stream_putc(s, 4);
2760 stream_put_ipv4(s, attr->nexthop.s_addr);
2761 break;
2762 case SAFI_MPLS_VPN:
2763 stream_putc(s, 12);
2764 stream_putl(s, 0); /* RD = 0, per RFC */
2765 stream_putl(s, 0);
2766 stream_put(s, &attr->mp_nexthop_global_in, 4);
2767 break;
2768 case SAFI_ENCAP:
2769 case SAFI_EVPN:
2770 stream_putc(s, 4);
2771 stream_put(s, &attr->mp_nexthop_global_in, 4);
2772 break;
7c40bf39 2773 case SAFI_FLOWSPEC:
2774 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 2775 default:
2776 break;
2777 }
2778 break;
2779 case AFI_IP6:
2780 switch (safi) {
2781 case SAFI_UNICAST:
2782 case SAFI_MULTICAST:
2783 case SAFI_LABELED_UNICAST:
2784 case SAFI_EVPN: {
2785 if (attr->mp_nexthop_len
2786 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2787 stream_putc(s,
2788 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
2789 stream_put(s, &attr->mp_nexthop_global,
2790 IPV6_MAX_BYTELEN);
2791 stream_put(s, &attr->mp_nexthop_local,
2792 IPV6_MAX_BYTELEN);
2793 } else {
2794 stream_putc(s, IPV6_MAX_BYTELEN);
2795 stream_put(s, &attr->mp_nexthop_global,
2796 IPV6_MAX_BYTELEN);
2797 }
2798 } break;
2799 case SAFI_MPLS_VPN: {
2800 if (attr->mp_nexthop_len
2801 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
2802 stream_putc(s, 24);
2803 stream_putl(s, 0); /* RD = 0, per RFC */
2804 stream_putl(s, 0);
2805 stream_put(s, &attr->mp_nexthop_global,
2806 IPV6_MAX_BYTELEN);
2807 } else if (attr->mp_nexthop_len
2808 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2809 stream_putc(s, 48);
2810 stream_putl(s, 0); /* RD = 0, per RFC */
2811 stream_putl(s, 0);
2812 stream_put(s, &attr->mp_nexthop_global,
2813 IPV6_MAX_BYTELEN);
2814 stream_putl(s, 0); /* RD = 0, per RFC */
2815 stream_putl(s, 0);
2816 stream_put(s, &attr->mp_nexthop_local,
2817 IPV6_MAX_BYTELEN);
2818 }
2819 } break;
2820 case SAFI_ENCAP:
2821 stream_putc(s, IPV6_MAX_BYTELEN);
2822 stream_put(s, &attr->mp_nexthop_global,
2823 IPV6_MAX_BYTELEN);
2824 break;
7c40bf39 2825 case SAFI_FLOWSPEC:
2826 stream_putc(s, 0); /* no nexthop for flowspec */
d62a17ae 2827 default:
2828 break;
2829 }
2830 break;
8c71e481 2831 default:
a83da8e1 2832 if (safi != SAFI_FLOWSPEC)
af4c2728 2833 flog_err(
14454c9f
DS		 2834 BGP_ERR_ATTR_NH_SEND_LEN,
2835 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
2836 peer->host, afi, safi, attr->mp_nexthop_len);
d62a17ae 2837 break;
2838 }
2839
2840 /* SNPA */
2841 stream_putc(s, 0);
2842 return sizep;
2843}
2844
2845void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
2846 struct prefix *p, struct prefix_rd *prd,
d7c0a89a
QY		 2847 mpls_label_t *label, uint32_t num_labels,
2848 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 2849 struct attr *attr)
d62a17ae 2850{
2851 if (safi == SAFI_MPLS_VPN) {
2852 if (addpath_encode)
2853 stream_putl(s, addpath_tx_id);
2854 /* Label, RD, Prefix write. */
2855 stream_putc(s, p->prefixlen + 88);
2856 stream_put(s, label, BGP_LABEL_BYTES);
2857 stream_put(s, prd->val, 8);
2858 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
2859 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
2860 /* EVPN prefix - contents depend on type */
996c9314
LB		 2861 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
2862 addpath_encode, addpath_tx_id);
d62a17ae 2863 } else if (safi == SAFI_LABELED_UNICAST) {
2864 /* Prefix write with label. */
2865 stream_put_labeled_prefix(s, p, label);
7c40bf39 2866 } else if (safi == SAFI_FLOWSPEC) {
2867 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
2868 stream_putc(s, PSIZE (p->prefixlen)+2);
2869 else
2870 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
2871 stream_putc(s, 2);/* Filter type */
2872 stream_putc(s, p->prefixlen);/* Prefix length */
2873 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
d62a17ae 2874 } else
2875 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
2876}
2877
2878size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
2879{
2880 int size = PSIZE(p->prefixlen);
2881 if (safi == SAFI_MPLS_VPN)
2882 size += 88;
2883 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
2884 size += 232; // TODO: Maximum possible for type-2, type-3 and
2885 // type-5
2886 return size;
8c71e481
PM		 2887}
2888
f4c89855 2889/*
65efcfce 2890 * Encodes the tunnel encapsulation attribute,
d62a17ae 2891 * and with ENABLE_BGP_VNC the VNC attribute which uses
65efcfce 2892 * almost the same TLV format
f4c89855 2893 */
d62a17ae 2894static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
2895 struct stream *s, struct attr *attr,
2896 uint8_t attrtype)
2897{
2898 unsigned int attrlenfield = 0;
2899 unsigned int attrhdrlen = 0;
2900 struct bgp_attr_encap_subtlv *subtlvs;
2901 struct bgp_attr_encap_subtlv *st;
2902 const char *attrname;
2903
9d303b37
DL		 2904 if (!attr || (attrtype == BGP_ATTR_ENCAP
2905 && (!attr->encap_tunneltype
2906 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
d62a17ae 2907 return;
2908
2909 switch (attrtype) {
f4c89855 2910 case BGP_ATTR_ENCAP:
d62a17ae 2911 attrname = "Tunnel Encap";
2912 subtlvs = attr->encap_subtlvs;
2913 if (subtlvs == NULL) /* nothing to do */
2914 return;
2915 /*
2916 * The tunnel encap attr has an "outer" tlv.
2917 * T = tunneltype,
2918 * L = total length of subtlvs,
2919 * V = concatenated subtlvs.
2920 */
2921 attrlenfield = 2 + 2; /* T + L */
2922 attrhdrlen = 1 + 1; /* subTLV T + L */
2923 break;
f4c89855 2924
65efcfce
LB		 2925#if ENABLE_BGP_VNC
2926 case BGP_ATTR_VNC:
d62a17ae 2927 attrname = "VNC";
2928 subtlvs = attr->vnc_subtlvs;
2929 if (subtlvs == NULL) /* nothing to do */
2930 return;
2931 attrlenfield = 0; /* no outer T + L */
2932 attrhdrlen = 2 + 2; /* subTLV T + L */
2933 break;
65efcfce
LB		 2934#endif
2935
f4c89855 2936 default:
d62a17ae 2937 assert(0);
2938 }
2939
2940 /* compute attr length */
2941 for (st = subtlvs; st; st = st->next) {
2942 attrlenfield += (attrhdrlen + st->length);
2943 }
2944
2945 if (attrlenfield > 0xffff) {
2946 zlog_info("%s attribute is too long (length=%d), can't send it",
2947 attrname, attrlenfield);
2948 return;
2949 }
2950
2951 if (attrlenfield > 0xff) {
2952 /* 2-octet length field */
996c9314
LB		 2953 stream_putc(s,
2954 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
2955 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 2956 stream_putc(s, attrtype);
2957 stream_putw(s, attrlenfield & 0xffff);
2958 } else {
2959 /* 1-octet length field */
2960 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
2961 stream_putc(s, attrtype);
2962 stream_putc(s, attrlenfield & 0xff);
2963 }
2964
2965 if (attrtype == BGP_ATTR_ENCAP) {
2966 /* write outer T+L */
2967 stream_putw(s, attr->encap_tunneltype);
2968 stream_putw(s, attrlenfield - 4);
2969 }
2970
2971 /* write each sub-tlv */
2972 for (st = subtlvs; st; st = st->next) {
2973 if (attrtype == BGP_ATTR_ENCAP) {
2974 stream_putc(s, st->type);
2975 stream_putc(s, st->length);
65efcfce 2976#if ENABLE_BGP_VNC
d62a17ae 2977 } else {
2978 stream_putw(s, st->type);
2979 stream_putw(s, st->length);
65efcfce 2980#endif
d62a17ae 2981 }
2982 stream_put(s, st->value, st->length);
2983 }
f4c89855 2984}
f4c89855 2985
d62a17ae 2986void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
8c71e481 2987{
d62a17ae 2988 /* Set MP attribute length. Don't count the (2) bytes used to encode
2989 the attr length */
2990 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
8c71e481
PM		 2991}
2992
718e3744 2993/* Make attribute packet. */
d62a17ae 2994bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
2995 struct stream *s, struct attr *attr,
2996 struct bpacket_attr_vec_arr *vecarr,
2997 struct prefix *p, afi_t afi, safi_t safi,
2998 struct peer *from, struct prefix_rd *prd,
d7c0a89a
QY		 2999 mpls_label_t *label, uint32_t num_labels,
3000 int addpath_encode, uint32_t addpath_tx_id)
d62a17ae 3001{
3002 size_t cp;
3003 size_t aspath_sizep;
3004 struct aspath *aspath;
3005 int send_as4_path = 0;
3006 int send_as4_aggregator = 0;
3007 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
3008
3009 if (!bgp)
3010 bgp = peer->bgp;
3011
3012 /* Remember current pointer. */
3013 cp = stream_get_endp(s);
3014
3015 if (p
3016 && !((afi == AFI_IP && safi == SAFI_UNICAST)
3017 && !peer_cap_enhe(peer, afi, safi))) {
3018 size_t mpattrlen_pos = 0;
3019
3020 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
3021 vecarr, attr);
996c9314
LB		 3022 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3023 num_labels, addpath_encode,
3024 addpath_tx_id, attr);
d62a17ae 3025 bgp_packet_mpattr_end(s, mpattrlen_pos);
718e3744 3026 }
d62a17ae 3027
3028 /* Origin attribute. */
3029 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3030 stream_putc(s, BGP_ATTR_ORIGIN);
3031 stream_putc(s, 1);
3032 stream_putc(s, attr->origin);
3033
3034 /* AS path attribute. */
3035
3036 /* If remote-peer is EBGP */
3037 if (peer->sort == BGP_PEER_EBGP
3038 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3039 PEER_FLAG_AS_PATH_UNCHANGED)
3040 || attr->aspath->segments == NULL)
3041 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3042 PEER_FLAG_RSERVER_CLIENT))) {
3043 aspath = aspath_dup(attr->aspath);
3044
3045 /* Even though we may not be configured for confederations we
3046 * may have
3047 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3048 aspath = aspath_delete_confed_seq(aspath);
3049
3050 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3051 /* Stuff our path CONFED_ID on the front */
3052 aspath = aspath_add_seq(aspath, bgp->confed_id);
3053 } else {
3054 if (peer->change_local_as) {
3055 /* If replace-as is specified, we only use the
3056 change_local_as when
3057 advertising routes. */
3058 if (!CHECK_FLAG(
3059 peer->flags,
3060 PEER_FLAG_LOCAL_AS_REPLACE_AS)) {
3061 aspath = aspath_add_seq(aspath,
3062 peer->local_as);
3063 }
3064 aspath = aspath_add_seq(aspath,
3065 peer->change_local_as);
3066 } else {
3067 aspath = aspath_add_seq(aspath, peer->local_as);
3068 }
3069 }
3070 } else if (peer->sort == BGP_PEER_CONFED) {
3071 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3072 * thing */
3073 aspath = aspath_dup(attr->aspath);
3074 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3075 } else
3076 aspath = attr->aspath;
3077
3078 /* If peer is not AS4 capable, then:
3079 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3080 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3081 * segment
3082 * types are in it (i.e. exclude them if they are there)
3083 * AND do this only if there is at least one asnum > 65535 in the
3084 * path!
3085 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3086 * change
3087 * all ASnums > 65535 to BGP_AS_TRANS
3088 */
3089
3090 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3091 stream_putc(s, BGP_ATTR_AS_PATH);
3092 aspath_sizep = stream_get_endp(s);
3093 stream_putw(s, 0);
3094 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3095
3096 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3097 * in the path
3098 */
3099 if (!use32bit && aspath_has_as4(aspath))
3100 send_as4_path =
3101 1; /* we'll do this later, at the correct place */
3102
3103 /* Nexthop attribute. */
3104 if (afi == AFI_IP && safi == SAFI_UNICAST
3105 && !peer_cap_enhe(peer, afi, safi)) {
3106 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3107 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3108 stream_putc(s, BGP_ATTR_NEXT_HOP);
3109 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3110 attr);
3111 stream_putc(s, 4);
3112 stream_put_ipv4(s, attr->nexthop.s_addr);
3113 } else if (peer_cap_enhe(from, afi, safi)) {
3114 /*
3115 * Likely this is the case when an IPv4 prefix was
3116 * received with
3117 * Extended Next-hop capability and now being advertised
3118 * to
3119 * non-ENHE peers.
3120 * Setting the mandatory (ipv4) next-hop attribute here
3121 * to enable
3122 * implicit next-hop self with correct (ipv4 address
3123 * family).
3124 */
3125 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3126 stream_putc(s, BGP_ATTR_NEXT_HOP);
3127 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3128 NULL);
3129 stream_putc(s, 4);
3130 stream_put_ipv4(s, 0);
3131 }
718e3744 3132 }
d62a17ae 3133
3134 /* MED attribute. */
3135 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3136 || bgp->maxmed_active) {
3137 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3138 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3139 stream_putc(s, 4);
3140 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3141 : attr->med));
3142 }
3143
3144 /* Local preference. */
3145 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3146 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3147 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3148 stream_putc(s, 4);
3149 stream_putl(s, attr->local_pref);
3150 }
3151
3152 /* Atomic aggregate. */
3153 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3154 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3155 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3156 stream_putc(s, 0);
3157 }
3158
3159 /* Aggregator. */
3160 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3161 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3162 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3163 stream_putc(s, BGP_ATTR_AGGREGATOR);
3164
3165 if (use32bit) {
3166 /* AS4 capable peer */
3167 stream_putc(s, 8);
3168 stream_putl(s, attr->aggregator_as);
3169 } else {
3170 /* 2-byte AS peer */
3171 stream_putc(s, 6);
3172
3173 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3174 * used? */
3175 if (attr->aggregator_as > 65535) {
3176 stream_putw(s, BGP_AS_TRANS);
3177
3178 /* we have to send AS4_AGGREGATOR, too.
3179 * we'll do that later in order to send
3180 * attributes in ascending
3181 * order.
3182 */
3183 send_as4_aggregator = 1;
3184 } else
d7c0a89a 3185 stream_putw(s, (uint16_t)attr->aggregator_as);
d62a17ae 3186 }
3187 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3188 }
3189
3190 /* Community attribute. */
3191 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3192 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3193 if (attr->community->size * 4 > 255) {
996c9314
LB		 3194 stream_putc(s,
3195 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3196 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3197 stream_putc(s, BGP_ATTR_COMMUNITIES);
3198 stream_putw(s, attr->community->size * 4);
3199 } else {
996c9314
LB		 3200 stream_putc(s,
3201 BGP_ATTR_FLAG_OPTIONAL
3202 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3203 stream_putc(s, BGP_ATTR_COMMUNITIES);
3204 stream_putc(s, attr->community->size * 4);
4372df71 3205 }
d62a17ae 3206 stream_put(s, attr->community->val, attr->community->size * 4);
3207 }
3208
3209 /*
3210 * Large Community attribute.
3211 */
3212 if (CHECK_FLAG(peer->af_flags[afi][safi],
3213 PEER_FLAG_SEND_LARGE_COMMUNITY)
3214 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
79dab4b7 3215 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3216 stream_putc(s,
3217 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3218 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3219 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3220 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3221 } else {
996c9314
LB		 3222 stream_putc(s,
3223 BGP_ATTR_FLAG_OPTIONAL
3224 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3225 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3226 stream_putc(s, lcom_length(attr->lcommunity));
4372df71 3227 }
d62a17ae 3228 stream_put(s, attr->lcommunity->val,
79dab4b7 3229 lcom_length(attr->lcommunity));
d62a17ae 3230 }
4372df71 3231
d62a17ae 3232 /* Route Reflector. */
3233 if (peer->sort == BGP_PEER_IBGP && from
3234 && from->sort == BGP_PEER_IBGP) {
3235 /* Originator ID. */
3236 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3237 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3238 stream_putc(s, 4);
3239
3240 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3241 stream_put_in_addr(s, &attr->originator_id);
3242 else
3243 stream_put_in_addr(s, &from->remote_id);
3244
3245 /* Cluster list. */
3246 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3247 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3248
3249 if (attr->cluster) {
3250 stream_putc(s, attr->cluster->length + 4);
3251 /* If this peer configuration's parent BGP has
3252 * cluster_id. */
3253 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3254 stream_put_in_addr(s, &bgp->cluster_id);
3255 else
3256 stream_put_in_addr(s, &bgp->router_id);
3257 stream_put(s, attr->cluster->list,
3258 attr->cluster->length);
3259 } else {
3260 stream_putc(s, 4);
3261 /* If this peer configuration's parent BGP has
3262 * cluster_id. */
3263 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3264 stream_put_in_addr(s, &bgp->cluster_id);
3265 else
3266 stream_put_in_addr(s, &bgp->router_id);
3267 }
3268 }
4372df71 3269
d62a17ae 3270 /* Extended Communities attribute. */
3271 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3272 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3273 if (peer->sort == BGP_PEER_IBGP
3274 || peer->sort == BGP_PEER_CONFED) {
3275 if (attr->ecommunity->size * 8 > 255) {
996c9314
LB		 3276 stream_putc(s,
3277 BGP_ATTR_FLAG_OPTIONAL
3278 | BGP_ATTR_FLAG_TRANS
3279 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3280 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3281 stream_putw(s, attr->ecommunity->size * 8);
3282 } else {
996c9314
LB		 3283 stream_putc(s,
3284 BGP_ATTR_FLAG_OPTIONAL
3285 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3286 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3287 stream_putc(s, attr->ecommunity->size * 8);
3288 }
3289 stream_put(s, attr->ecommunity->val,
3290 attr->ecommunity->size * 8);
3291 } else {
d7c0a89a 3292 uint8_t *pnt;
d62a17ae 3293 int tbit;
3294 int ecom_tr_size = 0;
3295 int i;
3296
3297 for (i = 0; i < attr->ecommunity->size; i++) {
3298 pnt = attr->ecommunity->val + (i * 8);
3299 tbit = *pnt;
3300
3301 if (CHECK_FLAG(tbit,
3302 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3303 continue;
3304
3305 ecom_tr_size++;
3306 }
3307
3308 if (ecom_tr_size) {
3309 if (ecom_tr_size * 8 > 255) {
3310 stream_putc(
3311 s,
3312 BGP_ATTR_FLAG_OPTIONAL
3313 | BGP_ATTR_FLAG_TRANS
3314 | BGP_ATTR_FLAG_EXTLEN);
3315 stream_putc(s,
3316 BGP_ATTR_EXT_COMMUNITIES);
3317 stream_putw(s, ecom_tr_size * 8);
3318 } else {
3319 stream_putc(
3320 s,
3321 BGP_ATTR_FLAG_OPTIONAL
3322 | BGP_ATTR_FLAG_TRANS);
3323 stream_putc(s,
3324 BGP_ATTR_EXT_COMMUNITIES);
3325 stream_putc(s, ecom_tr_size * 8);
3326 }
3327
3328 for (i = 0; i < attr->ecommunity->size; i++) {
3329 pnt = attr->ecommunity->val + (i * 8);
3330 tbit = *pnt;
3331
3332 if (CHECK_FLAG(
3333 tbit,
3334 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3335 continue;
3336
3337 stream_put(s, pnt, 8);
3338 }
3339 }
3340 }
3341 }
4372df71 3342
d62a17ae 3343 /* Label index attribute. */
3344 if (safi == SAFI_LABELED_UNICAST) {
3345 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
d7c0a89a 3346 uint32_t label_index;
d62a17ae 3347
3348 label_index = attr->label_index;
3349
3350 if (label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3351 stream_putc(s,
3352 BGP_ATTR_FLAG_OPTIONAL
3353 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3354 stream_putc(s, BGP_ATTR_PREFIX_SID);
3355 stream_putc(s, 10);
3356 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3357 stream_putw(s,
3358 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3359 stream_putc(s, 0); // reserved
3360 stream_putw(s, 0); // flags
3361 stream_putl(s, label_index);
3362 }
4372df71 3363 }
d62a17ae 3364 }
3365
3366 if (send_as4_path) {
3367 /* If the peer is NOT As4 capable, AND */
3368 /* there are ASnums > 65535 in path THEN
3369 * give out AS4_PATH */
3370
3371 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3372 * path segments!
3373 * Hm, I wonder... confederation things *should* only be at
3374 * the beginning of an aspath, right? Then we should use
3375 * aspath_delete_confed_seq for this, because it is already
3376 * there! (JK)
3377 * Folks, talk to me: what is reasonable here!?
3378 */
3379 aspath = aspath_delete_confed_seq(aspath);
3380
996c9314
LB		 3381 stream_putc(s,
3382 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3383 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3384 stream_putc(s, BGP_ATTR_AS4_PATH);
3385 aspath_sizep = stream_get_endp(s);
3386 stream_putw(s, 0);
3387 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3388 }
3389
3390 if (aspath != attr->aspath)
3391 aspath_free(aspath);
3392
3393 if (send_as4_aggregator) {
3394 /* send AS4_AGGREGATOR, at this place */
3395 /* this section of code moved here in order to ensure the
3396 * correct
3397 * *ascending* order of attributes
3398 */
3399 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3400 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3401 stream_putc(s, 8);
3402 stream_putl(s, attr->aggregator_as);
3403 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3404 }
3405
3406 if (((afi == AFI_IP || afi == AFI_IP6)
3407 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3408 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3409 /* Tunnel Encap attribute */
3410 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
65efcfce
LB		 3411
3412#if ENABLE_BGP_VNC
d62a17ae 3413 /* VNC attribute */
3414 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
65efcfce 3415#endif
d62a17ae 3416 }
587ff0fd 3417
a21bd7a3
DW		 3418 /* PMSI Tunnel */
3419 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3420 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3421 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3422 stream_putc(s, 9); // Length
3423 stream_putc(s, 0); // Flags
7fd077aa 3424 stream_putc(s, PMSI_TNLTYPE_INGR_REPL); // IR (6)
996c9314
LB		 3425 stream_put(s, &(attr->label),
3426 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
30d85a30
LB		 3427 stream_put_ipv4(s, attr->nexthop.s_addr);
3428 // Unicast tunnel endpoint IP address
a21bd7a3
DW		 3429 }
3430
d62a17ae 3431 /* Unknown transit attribute. */
3432 if (attr->transit)
3433 stream_put(s, attr->transit->val, attr->transit->length);
718e3744 3434
d62a17ae 3435 /* Return total size of attribute. */
3436 return stream_get_endp(s) - cp;
718e3744 3437}
3438
d62a17ae 3439size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
718e3744 3440{
d62a17ae 3441 unsigned long attrlen_pnt;
3442 iana_afi_t pkt_afi;
5c525538 3443 iana_safi_t pkt_safi;
718e3744 3444
d62a17ae 3445 /* Set extended bit always to encode the attribute length as 2 bytes */
3446 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3447 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
718e3744 3448
d62a17ae 3449 attrlen_pnt = stream_get_endp(s);
3450 stream_putw(s, 0); /* Length of this attribute. */
718e3744 3451
d62a17ae 3452 /* Convert AFI, SAFI to values for packet. */
3453 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
9cabb64b 3454
d62a17ae 3455 stream_putw(s, pkt_afi);
3456 stream_putc(s, pkt_safi);
9cabb64b 3457
d62a17ae 3458 return attrlen_pnt;
8c71e481 3459}
718e3744 3460
d62a17ae 3461void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3462 safi_t safi, struct prefix_rd *prd,
d7c0a89a
QY		 3463 mpls_label_t *label, uint32_t num_labels,
3464 int addpath_encode, uint32_t addpath_tx_id,
b57ba6d2 3465 struct attr *attr)
8c71e481 3466{
d7c0a89a 3467 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
cd1964ff 3468
b57ba6d2 3469 if (safi == SAFI_LABELED_UNICAST) {
d62a17ae 3470 label = (mpls_label_t *)wlabel;
b57ba6d2
MK		 3471 num_labels = 1;
3472 }
cd1964ff 3473
996c9314 3474 return bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
d62a17ae 3475 addpath_encode, addpath_tx_id, attr);
8c71e481 3476}
718e3744 3477
d62a17ae 3478void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
8c71e481 3479{
d62a17ae 3480 bgp_packet_mpattr_end(s, attrlen_pnt);
718e3744 3481}
3482
3483/* Initialization of attribute. */
d62a17ae 3484void bgp_attr_init(void)
718e3744 3485{
d62a17ae 3486 aspath_init();
3487 attrhash_init();
3488 community_init();
3489 ecommunity_init();
3490 lcommunity_init();
3491 cluster_init();
3492 transit_init();
3493 encap_init();
718e3744 3494}
3495
d62a17ae 3496void bgp_attr_finish(void)
228da428 3497{
d62a17ae 3498 aspath_finish();
3499 attrhash_finish();
3500 community_finish();
3501 ecommunity_finish();
3502 lcommunity_finish();
3503 cluster_finish();
3504 transit_finish();
3505 encap_finish();
228da428
CC		 3506}
3507
718e3744 3508/* Make attribute packet. */
d62a17ae 3509void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3510 struct prefix *prefix)
3511{
3512 unsigned long cp;
3513 unsigned long len;
3514 size_t aspath_lenp;
3515 struct aspath *aspath;
3516 int addpath_encode = 0;
d7c0a89a 3517 uint32_t addpath_tx_id = 0;
d62a17ae 3518
3519 /* Remember current pointer. */
3520 cp = stream_get_endp(s);
3521
3522 /* Place holder of length. */
3523 stream_putw(s, 0);
3524
3525 /* Origin attribute. */
3526 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3527 stream_putc(s, BGP_ATTR_ORIGIN);
3528 stream_putc(s, 1);
3529 stream_putc(s, attr->origin);
3530
3531 aspath = attr->aspath;
3532
3533 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3534 stream_putc(s, BGP_ATTR_AS_PATH);
3535 aspath_lenp = stream_get_endp(s);
3536 stream_putw(s, 0);
3537
3538 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3539
3540 /* Nexthop attribute. */
3541 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3542 if (prefix != NULL && prefix->family != AF_INET6) {
3543 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3544 stream_putc(s, BGP_ATTR_NEXT_HOP);
3545 stream_putc(s, 4);
3546 stream_put_ipv4(s, attr->nexthop.s_addr);
718e3744 3547 }
d62a17ae 3548
3549 /* MED attribute. */
3550 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3551 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3552 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3553 stream_putc(s, 4);
3554 stream_putl(s, attr->med);
3555 }
3556
3557 /* Local preference. */
3558 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3559 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3560 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3561 stream_putc(s, 4);
3562 stream_putl(s, attr->local_pref);
3563 }
3564
3565 /* Atomic aggregate. */
3566 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3567 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3568 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3569 stream_putc(s, 0);
3570 }
3571
3572 /* Aggregator. */
3573 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3574 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3575 stream_putc(s, BGP_ATTR_AGGREGATOR);
3576 stream_putc(s, 8);
3577 stream_putl(s, attr->aggregator_as);
3578 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3579 }
3580
3581 /* Community attribute. */
3582 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3583 if (attr->community->size * 4 > 255) {
996c9314
LB		 3584 stream_putc(s,
3585 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3586 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3587 stream_putc(s, BGP_ATTR_COMMUNITIES);
3588 stream_putw(s, attr->community->size * 4);
3589 } else {
996c9314
LB		 3590 stream_putc(s,
3591 BGP_ATTR_FLAG_OPTIONAL
3592 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3593 stream_putc(s, BGP_ATTR_COMMUNITIES);
3594 stream_putc(s, attr->community->size * 4);
3595 }
3596 stream_put(s, attr->community->val, attr->community->size * 4);
3597 }
3598
3599 /* Large Community attribute. */
3600 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
79dab4b7 3601 if (lcom_length(attr->lcommunity) > 255) {
996c9314
LB		 3602 stream_putc(s,
3603 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3604 | BGP_ATTR_FLAG_EXTLEN);
d62a17ae 3605 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3606 stream_putw(s, lcom_length(attr->lcommunity));
d62a17ae 3607 } else {
996c9314
LB		 3608 stream_putc(s,
3609 BGP_ATTR_FLAG_OPTIONAL
3610 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3611 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
79dab4b7 3612 stream_putc(s, lcom_length(attr->lcommunity));
d62a17ae 3613 }
3614
996c9314
LB		 3615 stream_put(s, attr->lcommunity->val,
3616 lcom_length(attr->lcommunity));
d62a17ae 3617 }
3618
3619 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3620 if (prefix != NULL && prefix->family == AF_INET6
3621 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3622 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3623 int sizep;
3624
3625 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3626 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3627 sizep = stream_get_endp(s);
3628
3629 /* MP header */
3630 stream_putc(s, 0); /* Marker: Attribute length. */
3631 stream_putw(s, AFI_IP6); /* AFI */
3632 stream_putc(s, SAFI_UNICAST); /* SAFI */
3633
3634 /* Next hop */
3635 stream_putc(s, attr->mp_nexthop_len);
3636 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3637 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3638 stream_put(s, &attr->mp_nexthop_local,
3639 IPV6_MAX_BYTELEN);
3640
3641 /* SNPA */
3642 stream_putc(s, 0);
3643
3644 /* Prefix */
3645 stream_put_prefix_addpath(s, prefix, addpath_encode,
3646 addpath_tx_id);
3647
3648 /* Set MP attribute length. */
3649 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3650 }
3651
3652 /* Prefix SID */
3653 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3654 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
996c9314
LB		 3655 stream_putc(s,
3656 BGP_ATTR_FLAG_OPTIONAL
3657 | BGP_ATTR_FLAG_TRANS);
d62a17ae 3658 stream_putc(s, BGP_ATTR_PREFIX_SID);
3659 stream_putc(s, 10);
3660 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3661 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3662 stream_putc(s, 0); // reserved
3663 stream_putw(s, 0); // flags
3664 stream_putl(s, attr->label_index);
3665 }
3666 }
3667
3668 /* Return total size of attribute. */
3669 len = stream_get_endp(s) - cp - 2;
3670 stream_putw_at(s, cp, len);
718e3744 3671}
FRRouting mirror