]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_open.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'cmaster-next' of ssh://stash.cumulusnetworks.com:7999/quag/quagga into...
[mirror_frr.git] / bgpd / bgp_open.c
CommitLineData
718e3744 1/* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
3
4This file is part of GNU Zebra.
5
6GNU Zebra is free software; you can redistribute it and/or modify it
7under the terms of the GNU General Public License as published by the
8Free Software Foundation; either version 2, or (at your option) any
9later version.
10
11GNU Zebra is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Zebra; see the file COPYING. If not, write to the Free
18Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
1902111-1307, USA. */
20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "stream.h"
26#include "thread.h"
27#include "log.h"
28#include "command.h"
6d58272b 29#include "memory.h"
3f9c7369 30#include "queue.h"
718e3744 31
856ca177 32#include "lib/json.h"
718e3744 33#include "bgpd/bgpd.h"
34#include "bgpd/bgp_attr.h"
35#include "bgpd/bgp_debug.h"
36#include "bgpd/bgp_fsm.h"
37#include "bgpd/bgp_packet.h"
38#include "bgpd/bgp_open.h"
0b2aa3a0 39#include "bgpd/bgp_aspath.h"
538621f2 40#include "bgpd/bgp_vty.h"
41
718e3744 42/* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
43 negotiate remote peer supports extentions or not. But if
44 remote-peer doesn't supports negotiation process itself. We would
45 like to do manual configuration.
46
47 So there is many configurable point. First of all we want set each
48 peer whether we send capability negotiation to the peer or not.
49 Next, if we send capability to the peer we want to set my capabilty
50 inforation at each peer. */
51
52void
856ca177 53bgp_capability_vty_out (struct vty *vty, struct peer *peer, u_char use_json, json_object *json_neigh)
718e3744 54{
5228ad27 55 char *pnt;
56 char *end;
6d58272b
PJ		 57 struct capability_mp_data mpc;
58 struct capability_header *hdr;
856ca177
MS		 59 json_object *json_cap = NULL;
60
61 if (use_json)
62 json_cap = json_object_new_object();
718e3744 63
64 pnt = peer->notify.data;
65 end = pnt + peer->notify.length;
6d58272b 66
718e3744 67 while (pnt < end)
68 {
6d58272b 69 if (pnt + sizeof (struct capability_mp_data) + 2 > end)
718e3744 70 return;
6d58272b
PJ		 71
72 hdr = (struct capability_header *)pnt;
73 if (pnt + hdr->length + 2 > end)
718e3744 74 return;
75
6d58272b
PJ		 76 memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
77
78 if (hdr->code == CAPABILITY_CODE_MP)
718e3744 79 {
856ca177
MS		 80 if (use_json)
81 {
82 switch (ntohs (mpc.afi))
83 {
84 case AFI_IP:
85 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv4");
86 break;
87 case AFI_IP6:
88 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv6");
89 break;
90 default:
91 json_object_int_add(json_cap, "capabilityErrorMultiProtocolAfiUnknown", ntohs (mpc.afi));
92 break;
93 }
94 switch (mpc.safi)
95 {
96 case SAFI_UNICAST:
97 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "unicast");
98 break;
99 case SAFI_MULTICAST:
100 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "multicast");
101 break;
102 case SAFI_MPLS_LABELED_VPN:
103 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "MPLS-labeled VPN");
104 break;
105 default:
106 json_object_int_add(json_cap, "capabilityErrorMultiProtocolSafiUnknown", mpc.safi);
107 break;
108 }
109 }
110 else
111 {
112 vty_out (vty, " Capability error for: Multi protocol ");
113 switch (ntohs (mpc.afi))
114 {
115 case AFI_IP:
116 vty_out (vty, "AFI IPv4, ");
117 break;
118 case AFI_IP6:
119 vty_out (vty, "AFI IPv6, ");
120 break;
121 default:
122 vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
123 break;
124 }
125 switch (mpc.safi)
126 {
127 case SAFI_UNICAST:
128 vty_out (vty, "SAFI Unicast");
129 break;
130 case SAFI_MULTICAST:
131 vty_out (vty, "SAFI Multicast");
132 break;
133 case SAFI_MPLS_LABELED_VPN:
134 vty_out (vty, "SAFI MPLS-labeled VPN");
135 break;
136 default:
137 vty_out (vty, "SAFI Unknown %d ", mpc.safi);
138 break;
139 }
140 vty_out (vty, "%s", VTY_NEWLINE);
141 }
142 }
6d58272b 143 else if (hdr->code >= 128)
856ca177
MS		 144 {
145 if (use_json)
146 json_object_int_add(json_cap, "capabilityErrorVendorSpecificCapabilityCode", hdr->code);
147 else
148 vty_out (vty, " Capability error: vendor specific capability code %d",
149 hdr->code);
150 }
718e3744 151 else
856ca177
MS		 152 {
153 if (use_json)
154 json_object_int_add(json_cap, "capabilityErrorUnknownCapabilityCode", hdr->code);
155 else
156 vty_out (vty, " Capability error: unknown capability code %d",
157 hdr->code);
158 }
6d58272b 159 pnt += hdr->length + 2;
718e3744 160 }
856ca177
MS		 161 if (use_json)
162 json_object_object_add(json_neigh, "capabilityErrors", json_cap);
718e3744 163}
164
6d58272b
PJ		 165static void
166bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
718e3744 167{
6d58272b
PJ		 168 mpc->afi = stream_getw (s);
169 mpc->reserved = stream_getc (s);
170 mpc->safi = stream_getc (s);
171}
718e3744 172
6d58272b
PJ		 173int
174bgp_afi_safi_valid_indices (afi_t afi, safi_t *safi)
175{
6d58272b 176 switch (afi)
718e3744 177 {
6d58272b
PJ		 178 case AFI_IP:
179#ifdef HAVE_IPV6
180 case AFI_IP6:
181#endif
182 switch (*safi)
183 {
42e6d745
DO		 184 /* BGP MPLS-labeled VPN SAFI isn't contigious with others, remap */
185 case SAFI_MPLS_LABELED_VPN:
6d58272b
PJ		 186 *safi = SAFI_MPLS_VPN;
187 case SAFI_UNICAST:
188 case SAFI_MULTICAST:
189 case SAFI_MPLS_VPN:
190 return 1;
191 }
718e3744 192 }
6d58272b
PJ		 193 zlog_debug ("unknown afi/safi (%u/%u)", afi, *safi);
194
195 return 0;
196}
197
198/* Set negotiated capability value. */
199static int
200bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
201{
202 struct capability_mp_data mpc;
203 struct stream *s = BGP_INPUT (peer);
204
14051b36
DS		 205 /* Verify length is 4 */
206 if (hdr->length != 4)
207 {
208 zlog_warn("MP Cap: Received invalid length %d, non-multiple of 4",
209 hdr->length);
210 return -1;
211 }
212
6d58272b
PJ		 213 bgp_capability_mp_data (s, &mpc);
214
167d390a 215 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 216 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
217 peer->host, mpc.afi, mpc.safi);
218
219 if (!bgp_afi_safi_valid_indices (mpc.afi, &mpc.safi))
220 return -1;
221
222 /* Now safi remapped, and afi/safi are valid array indices */
223 peer->afc_recv[mpc.afi][mpc.safi] = 1;
224
225 if (peer->afc[mpc.afi][mpc.safi])
e08286bc 226 peer->afc_nego[mpc.afi][mpc.safi] = 1;
6d58272b
PJ		 227 else
228 return -1;
718e3744 229
230 return 0;
231}
232
94f2b392 233static void
718e3744 234bgp_capability_orf_not_support (struct peer *peer, afi_t afi, safi_t safi,
235 u_char type, u_char mode)
236{
16286195 237 if (bgp_debug_neighbor_events(peer))
8325cd7f 238 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
718e3744 239 peer->host, afi, safi, type, mode);
240}
241
8f5abac1 242static const struct message orf_type_str[] =
6d58272b
PJ		 243{
244 { ORF_TYPE_PREFIX, "Prefixlist" },
245 { ORF_TYPE_PREFIX_OLD, "Prefixlist (old)" },
246};
837d16cc 247static const int orf_type_str_max = array_size(orf_type_str);
6d58272b 248
8f5abac1 249static const struct message orf_mode_str[] =
6d58272b
PJ		 250{
251 { ORF_MODE_RECEIVE, "Receive" },
252 { ORF_MODE_SEND, "Send" },
253 { ORF_MODE_BOTH, "Both" },
254};
837d16cc 255static const int orf_mode_str_max = array_size(orf_mode_str);
6d58272b 256
94f2b392 257static int
6d58272b 258bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
718e3744 259{
6d58272b
PJ		 260 struct stream *s = BGP_INPUT (peer);
261 struct capability_orf_entry entry;
262 afi_t afi;
263 safi_t safi;
718e3744 264 u_char type;
265 u_char mode;
266 u_int16_t sm_cap = 0; /* capability send-mode receive */
267 u_int16_t rm_cap = 0; /* capability receive-mode receive */
268 int i;
269
6d58272b
PJ		 270 /* ORF Entry header */
271 bgp_capability_mp_data (s, &entry.mpc);
272 entry.num = stream_getc (s);
273 afi = entry.mpc.afi;
274 safi = entry.mpc.safi;
275
16286195 276 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 277 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
278 peer->host, entry.mpc.afi, entry.mpc.safi);
718e3744 279
280 /* Check AFI and SAFI. */
6d58272b
PJ		 281 if (!bgp_afi_safi_valid_indices (entry.mpc.afi, &safi))
282 {
283 zlog_info ("%s Addr-family %d/%d not supported."
284 " Ignoring the ORF capability",
285 peer->host, entry.mpc.afi, entry.mpc.safi);
286 return 0;
287 }
288
289 /* validate number field */
5e728e92 290 if (sizeof (struct capability_orf_entry) + (entry.num * 2) > hdr->length)
718e3744 291 {
6d58272b
PJ		 292 zlog_info ("%s ORF Capability entry length error,"
293 " Cap length %u, num %u",
294 peer->host, hdr->length, entry.num);
09825025 295 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 296 return -1;
297 }
298
6d58272b 299 for (i = 0 ; i < entry.num ; i++)
718e3744 300 {
6d58272b
PJ		 301 type = stream_getc(s);
302 mode = stream_getc(s);
303
718e3744 304 /* ORF Mode error check */
6d58272b
PJ		 305 switch (mode)
306 {
307 case ORF_MODE_BOTH:
308 case ORF_MODE_SEND:
309 case ORF_MODE_RECEIVE:
310 break;
311 default:
312 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
313 continue;
718e3744 314 }
6d58272b
PJ		 315 /* ORF Type and afi/safi error checks */
316 /* capcode versus type */
317 switch (hdr->code)
318 {
319 case CAPABILITY_CODE_ORF:
320 switch (type)
321 {
322 case ORF_TYPE_PREFIX:
323 break;
324 default:
325 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
326 continue;
327 }
328 break;
329 case CAPABILITY_CODE_ORF_OLD:
330 switch (type)
331 {
332 case ORF_TYPE_PREFIX_OLD:
333 break;
334 default:
335 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
336 continue;
337 }
338 break;
339 default:
340 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
341 continue;
342 }
343
344 /* AFI vs SAFI */
345 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
346 || (afi == AFI_IP && safi == SAFI_MULTICAST)
347 || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
348 {
349 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
350 continue;
351 }
352
16286195 353 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 354 zlog_debug ("%s OPEN has %s ORF capability"
355 " as %s for afi/safi: %d/%d",
356 peer->host, LOOKUP (orf_type_str, type),
357 LOOKUP (orf_mode_str, mode),
358 entry.mpc.afi, safi);
718e3744 359
6d58272b 360 if (hdr->code == CAPABILITY_CODE_ORF)
718e3744 361 {
6d58272b
PJ		 362 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
363 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
718e3744 364 }
6d58272b 365 else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
718e3744 366 {
6d58272b
PJ		 367 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
368 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
718e3744 369 }
370 else
371 {
372 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
373 continue;
374 }
375
376 switch (mode)
377 {
378 case ORF_MODE_BOTH:
379 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
380 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
381 break;
382 case ORF_MODE_SEND:
383 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
384 break;
385 case ORF_MODE_RECEIVE:
386 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
387 break;
388 }
389 }
390 return 0;
391}
392
6d58272b
PJ		 393static int
394bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
395{
396 struct stream *s = BGP_INPUT (peer);
397 u_int16_t restart_flag_time;
6d58272b
PJ		 398 size_t end = stream_get_getp (s) + caphdr->length;
399
14051b36
DS		 400 /* Verify length is a multiple of 4 */
401 if ((caphdr->length-2) % 4)
402 {
403 zlog_warn("Restart Cap: Received invalid length %d, non-multiple of 4",
404 caphdr->length);
405 return -1;
406 }
407
6d58272b
PJ		 408 SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
409 restart_flag_time = stream_getw(s);
410 if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
4b52acf9
PJ		 411 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
412
6d58272b
PJ		 413 UNSET_FLAG (restart_flag_time, 0xF000);
414 peer->v_gr_restart = restart_flag_time;
718e3744 415
16286195 416 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 417 {
418 zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
419 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
4b52acf9
PJ		 420 peer->host,
421 CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " "
422 : " not ",
6d58272b
PJ		 423 peer->v_gr_restart);
424 }
718e3744 425
21cc7694 426 while (stream_get_getp (s) + 4 <= end)
6d58272b
PJ		 427 {
428 afi_t afi = stream_getw (s);
429 safi_t safi = stream_getc (s);
430 u_char flag = stream_getc (s);
431
432 if (!bgp_afi_safi_valid_indices (afi, &safi))
433 {
16286195 434 if (bgp_debug_neighbor_events(peer))
6d58272b 435 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
14051b36 436 " Ignore the Graceful Restart capability for this AFI/SAFI",
6d58272b
PJ		 437 peer->host, afi, safi);
438 }
439 else if (!peer->afc[afi][safi])
440 {
16286195 441 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 442 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
443 " Ignore the Graceful Restart capability",
444 peer->host, afi, safi);
445 }
446 else
447 {
16286195 448 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 449 zlog_debug ("%s Address family %s is%spreserved", peer->host,
450 afi_safi_print (afi, safi),
451 CHECK_FLAG (peer->af_cap[afi][safi],
452 PEER_CAP_RESTART_AF_PRESERVE_RCV)
453 ? " " : " not ");
454
455 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
456 if (CHECK_FLAG (flag, RESTART_F_BIT))
457 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
458
459 }
460 }
461 return 0;
462}
718e3744 463
14051b36 464/* Unlike other capability parsing routines, this one returns 0 on error */
0b2aa3a0
PJ		 465static as_t
466bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
467{
5861739f
PJ		 468 SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
469
470 if (hdr->length != CAPABILITY_CODE_AS4_LEN)
471 {
472 zlog_err ("%s AS4 capability has incorrect data length %d",
473 peer->host, hdr->length);
474 return 0;
475 }
476
0b2aa3a0
PJ		 477 as_t as4 = stream_getl (BGP_INPUT(peer));
478
479 if (BGP_DEBUG (as4, AS4))
480 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
481 peer->host, as4);
0b2aa3a0
PJ		 482 return as4;
483}
484
a82478b9
DS		 485static int
486bgp_capability_addpath (struct peer *peer, struct capability_header *hdr)
487{
488 struct stream *s = BGP_INPUT (peer);
489 size_t end = stream_get_getp (s) + hdr->length;
490
491 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_RCV);
492
14051b36
DS		 493 /* Verify length is a multiple of 4 */
494 if (hdr->length % 4)
495 {
496 zlog_warn("Add Path: Received invalid length %d, non-multiple of 4",
497 hdr->length);
498 return -1;
499 }
500
a82478b9
DS		 501 while (stream_get_getp (s) + 4 <= end)
502 {
503 afi_t afi = stream_getw (s);
504 safi_t safi = stream_getc (s);
505 u_char send_receive = stream_getc (s);
506
167d390a 507 if (bgp_debug_neighbor_events(peer))
a82478b9
DS		 508 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
509 peer->host, afi, safi,
510 (send_receive & BGP_ADDPATH_RX) ? ", receive" : "",
511 (send_receive & BGP_ADDPATH_TX) ? ", transmit" : "");
512
513 if (!bgp_afi_safi_valid_indices (afi, &safi))
823b8f7c
DS		 514 {
515 if (bgp_debug_neighbor_events(peer))
516 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
517 " Ignore the Addpath Attribute for this AFI/SAFI",
518 peer->host, afi, safi);
519 continue;
520 }
521 else if (!peer->afc[afi][safi])
522 {
523 if (bgp_debug_neighbor_events(peer))
524 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
525 " Ignore the AddPath capability for this AFI/SAFI",
526 peer->host, afi, safi);
527 continue;
528 }
a82478b9
DS		 529
530 if (send_receive & BGP_ADDPATH_RX)
531 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_RCV);
532
533 if (send_receive & BGP_ADDPATH_TX)
534 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_RCV);
535 }
536
537 return 0;
538}
539
8a92a8a0
DS		 540static int
541bgp_capability_enhe (struct peer *peer, struct capability_header *hdr)
542{
543 struct stream *s = BGP_INPUT (peer);
544 size_t end = stream_get_getp (s) + hdr->length;
545
14051b36
DS		 546 /* Verify length is a multiple of 4 */
547 if (hdr->length % 6)
548 {
549 zlog_warn("Extended NH: Received invalid length %d, non-multiple of 6",
550 hdr->length);
551 return -1;
552 }
553
8a92a8a0
DS		 554 while (stream_get_getp (s) + 6 <= end)
555 {
556 afi_t afi = stream_getw (s);
557 safi_t safi = stream_getw (s);
558 afi_t nh_afi = stream_getw (s);
559
560 if (bgp_debug_neighbor_events(peer))
a656dafa 561 zlog_debug ("%s Received with afi/safi/next-hop afi: %u/%u/%u",
8a92a8a0
DS		 562 peer->host, afi, safi, nh_afi);
563
564 if (!bgp_afi_safi_valid_indices (afi, &safi))
8a92a8a0 565 {
a656dafa 566 if (bgp_debug_neighbor_events(peer))
567 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
568 " Ignore the ENHE Attribute for this AFI/SAFI",
569 peer->host, afi, safi);
570 continue;
8a92a8a0
DS		 571 }
572
a656dafa 573 /* RFC 5549 specifies use of this capability only for IPv4 AFI, with
574 * the Nexthop AFI being IPv6. A future spec may introduce other
575 * possibilities, so we ignore other values with a log. Also, only
576 * Unicast SAFI is currently supported (and expected).
577 */
578 if (afi != AFI_IP || safi != SAFI_UNICAST || nh_afi != AFI_IP6)
579 {
580 zlog_warn ("%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
581 "in Extended Next-hop capability, ignoring",
582 peer->host, afi, safi, nh_afi);
583 continue;
584 }
8a92a8a0
DS		 585
586 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
587
588 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
589 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
590 }
591
592 SET_FLAG (peer->cap, PEER_CAP_ENHE_RCV);
593
594 return 0;
595}
596
04b6bdc0
DW		 597static int
598bgp_capability_hostname (struct peer *peer, struct capability_header *hdr)
599{
600 struct stream *s = BGP_INPUT (peer);
601 char str[BGP_MAX_HOSTNAME+1];
602 size_t end = stream_get_getp (s) + hdr->length;
603 u_char len;
604
605 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
606
607 len = stream_getc(s);
608 if (stream_get_getp(s) + len > end)
609 {
610 zlog_warn("%s: Received malformed hostname capability from peer %s",
611 __FUNCTION__, peer->host);
612 return -1;
613 }
614
615 if (len > BGP_MAX_HOSTNAME)
616 {
617 stream_get(str, s, BGP_MAX_HOSTNAME);
618 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
619 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
620 }
621 else if (len)
622 stream_get(str, s, len);
623
624 if (len)
625 {
626 str[len] = '\0';
627
628 if (peer->hostname != NULL)
f9e9e073
DW		 629 {
630 XFREE(MTYPE_HOST, peer->hostname);
631 peer->hostname = NULL;
632 }
04b6bdc0
DW		 633
634 if (peer->domainname != NULL)
9e08021c
DW		 635 {
636 XFREE(MTYPE_HOST, peer->domainname);
637 peer->domainname = NULL;
638 }
04b6bdc0
DW		 639
640 peer->hostname = XSTRDUP(MTYPE_HOST, str);
641 }
642
643 if (stream_get_getp(s) +1 > end)
644 {
645 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
646 __FUNCTION__, peer->host);
647 return -1;
648 }
649
650 len = stream_getc(s);
651 if (stream_get_getp(s) + len > end)
652 {
653 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
654 __FUNCTION__, peer->host);
655 return -1;
656 }
657
658 if (len > BGP_MAX_HOSTNAME)
659 {
660 stream_get(str, s, BGP_MAX_HOSTNAME);
661 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
662 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
663 }
664 else if (len)
665 stream_get(str, s, len);
666
667 if (len)
668 {
669 str[len] = '\0';
670 peer->domainname = XSTRDUP(MTYPE_HOST, str);
671 }
672
673 if (bgp_debug_neighbor_events(peer))
674 {
675 zlog_debug("%s received hostname %s, domainname %s",
676 peer->host, peer->hostname, peer->domainname);
677 }
678
679 return 0;
680}
681
6410e93a 682 static const struct message capcode_str[] =
6d58272b 683{
6d58272b
PJ		 684 { CAPABILITY_CODE_MP, "MultiProtocol Extensions" },
685 { CAPABILITY_CODE_REFRESH, "Route Refresh" },
686 { CAPABILITY_CODE_ORF, "Cooperative Route Filtering" },
687 { CAPABILITY_CODE_RESTART, "Graceful Restart" },
688 { CAPABILITY_CODE_AS4, "4-octet AS number" },
89eeecb8 689 { CAPABILITY_CODE_ADDPATH, "AddPath" },
6d58272b 690 { CAPABILITY_CODE_DYNAMIC, "Dynamic" },
8a92a8a0 691 { CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding" },
89eeecb8 692 { CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)" },
6d58272b
PJ		 693 { CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)" },
694 { CAPABILITY_CODE_ORF_OLD, "ORF (Old)" },
04b6bdc0 695 { CAPABILITY_CODE_FQDN, "FQDN" },
6d58272b 696};
837d16cc 697static const int capcode_str_max = array_size(capcode_str);
6d58272b
PJ		 698
699/* Minimum sizes for length field of each cap (so not inc. the header) */
fc52f953 700static const size_t cap_minsizes[] =
6d58272b
PJ		 701{
702 [CAPABILITY_CODE_MP] = sizeof (struct capability_mp_data),
703 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
704 [CAPABILITY_CODE_ORF] = sizeof (struct capability_orf_entry),
370b64a2 705 [CAPABILITY_CODE_RESTART] = sizeof (struct capability_gr),
6d58272b 706 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
a82478b9 707 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
6d58272b 708 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
89eeecb8 709 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
8a92a8a0 710 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
6d58272b
PJ		 711 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
712 [CAPABILITY_CODE_ORF_OLD] = sizeof (struct capability_orf_entry),
04b6bdc0 713 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
6d58272b
PJ		 714};
715
3b381c32
AS		 716/**
717 * Parse given capability.
6d58272b 718 * XXX: This is reading into a stream, but not using stream API
3b381c32
AS		 719 *
720 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
721 * capabilities were encountered.
6d58272b
PJ		 722 */
723static int
3b381c32
AS		 724bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
725 u_char **error)
6d58272b
PJ		 726{
727 int ret;
728 struct stream *s = BGP_INPUT (peer);
729 size_t end = stream_get_getp (s) + length;
730
731 assert (STREAM_READABLE (s) >= length);
732
733 while (stream_get_getp (s) < end)
734 {
735 size_t start;
736 u_char *sp = stream_pnt (s);
737 struct capability_header caphdr;
14051b36
DS		 738
739 ret = 0;
718e3744 740 /* We need at least capability code and capability length. */
6d58272b 741 if (stream_get_getp(s) + 2 > end)
718e3744 742 {
6d58272b 743 zlog_info ("%s Capability length error (< header)", peer->host);
09825025 744 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 745 return -1;
746 }
6d58272b
PJ		 747
748 caphdr.code = stream_getc (s);
749 caphdr.length = stream_getc (s);
750 start = stream_get_getp (s);
751
752 /* Capability length check sanity check. */
753 if (start + caphdr.length > end)
718e3744 754 {
6d58272b 755 zlog_info ("%s Capability length error (< length)", peer->host);
09825025 756 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 757 return -1;
758 }
6d58272b 759
16286195 760 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 761 zlog_debug ("%s OPEN has %s capability (%u), length %u",
762 peer->host,
763 LOOKUP (capcode_str, caphdr.code),
764 caphdr.code, caphdr.length);
765
766 /* Length sanity check, type-specific, for known capabilities */
767 switch (caphdr.code)
768 {
769 case CAPABILITY_CODE_MP:
770 case CAPABILITY_CODE_REFRESH:
771 case CAPABILITY_CODE_REFRESH_OLD:
772 case CAPABILITY_CODE_ORF:
773 case CAPABILITY_CODE_ORF_OLD:
774 case CAPABILITY_CODE_RESTART:
0b2aa3a0 775 case CAPABILITY_CODE_AS4:
a82478b9 776 case CAPABILITY_CODE_ADDPATH:
6d58272b 777 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 778 case CAPABILITY_CODE_DYNAMIC_OLD:
8a92a8a0 779 case CAPABILITY_CODE_ENHE:
04b6bdc0 780 case CAPABILITY_CODE_FQDN:
6d58272b
PJ		 781 /* Check length. */
782 if (caphdr.length < cap_minsizes[caphdr.code])
783 {
784 zlog_info ("%s %s Capability length error: got %u,"
785 " expected at least %u",
786 peer->host,
787 LOOKUP (capcode_str, caphdr.code),
fc52f953
SH		 788 caphdr.length,
789 (unsigned) cap_minsizes[caphdr.code]);
09825025 790 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
6d58272b
PJ		 791 return -1;
792 }
793 /* we deliberately ignore unknown codes, see below */
794 default:
795 break;
796 }
797
798 switch (caphdr.code)
799 {
800 case CAPABILITY_CODE_MP:
801 {
3b381c32
AS		 802 *mp_capability = 1;
803
6d58272b
PJ		 804 /* Ignore capability when override-capability is set. */
805 if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
806 {
807 /* Set negotiated value. */
808 ret = bgp_capability_mp (peer, &caphdr);
809
810 /* Unsupported Capability. */
811 if (ret < 0)
812 {
813 /* Store return data. */
814 memcpy (*error, sp, caphdr.length + 2);
815 *error += caphdr.length + 2;
816 }
14051b36 817 ret = 0; /* Don't return error for this */
6d58272b
PJ		 818 }
819 }
820 break;
821 case CAPABILITY_CODE_REFRESH:
822 case CAPABILITY_CODE_REFRESH_OLD:
823 {
824 /* BGP refresh capability */
825 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
826 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
827 else
828 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
829 }
830 break;
831 case CAPABILITY_CODE_ORF:
832 case CAPABILITY_CODE_ORF_OLD:
14051b36 833 ret = bgp_capability_orf_entry (peer, &caphdr);
6d58272b
PJ		 834 break;
835 case CAPABILITY_CODE_RESTART:
14051b36 836 ret = bgp_capability_restart (peer, &caphdr);
6d58272b
PJ		 837 break;
838 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 839 case CAPABILITY_CODE_DYNAMIC_OLD:
6d58272b
PJ		 840 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
841 break;
0b2aa3a0
PJ		 842 case CAPABILITY_CODE_AS4:
843 /* Already handled as a special-case parsing of the capabilities
844 * at the beginning of OPEN processing. So we care not a jot
845 * for the value really, only error case.
846 */
847 if (!bgp_capability_as4 (peer, &caphdr))
14051b36 848 ret = -1;
0b2aa3a0 849 break;
a82478b9 850 case CAPABILITY_CODE_ADDPATH:
14051b36 851 ret = bgp_capability_addpath (peer, &caphdr);
a82478b9 852 break;
8a92a8a0 853 case CAPABILITY_CODE_ENHE:
14051b36 854 ret = bgp_capability_enhe (peer, &caphdr);
8a92a8a0 855 break;
04b6bdc0
DW		 856 case CAPABILITY_CODE_FQDN:
857 ret = bgp_capability_hostname (peer, &caphdr);
858 break;
6d58272b
PJ		 859 default:
860 if (caphdr.code > 128)
861 {
862 /* We don't send Notification for unknown vendor specific
863 capabilities. It seems reasonable for now... */
864 zlog_warn ("%s Vendor specific capability %d",
865 peer->host, caphdr.code);
866 }
867 else
868 {
869 zlog_warn ("%s unrecognized capability code: %d - ignored",
870 peer->host, caphdr.code);
871 memcpy (*error, sp, caphdr.length + 2);
872 *error += caphdr.length + 2;
873 }
874 }
14051b36
DS		 875
876 if (ret < 0)
877 {
09825025 878 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
14051b36
DS		 879 return -1;
880 }
6d58272b
PJ		 881 if (stream_get_getp(s) != (start + caphdr.length))
882 {
883 if (stream_get_getp(s) > (start + caphdr.length))
884 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
885 peer->host, LOOKUP (capcode_str, caphdr.code),
886 caphdr.length);
887 stream_set_getp (s, start + caphdr.length);
888 }
718e3744 889 }
890 return 0;
891}
892
94f2b392 893static int
6d58272b 894bgp_auth_parse (struct peer *peer, size_t length)
718e3744 895{
896 bgp_notify_send (peer,
897 BGP_NOTIFY_OPEN_ERR,
898 BGP_NOTIFY_OPEN_AUTH_FAILURE);
899 return -1;
900}
901
94f2b392 902static int
718e3744 903strict_capability_same (struct peer *peer)
904{
905 int i, j;
906
907 for (i = AFI_IP; i < AFI_MAX; i++)
908 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
909 if (peer->afc[i][j] != peer->afc_nego[i][j])
910 return 0;
911 return 1;
912}
913
0b2aa3a0
PJ		 914/* peek into option, stores ASN to *as4 if the AS4 capability was found.
915 * Returns 0 if no as4 found, as4cap value otherwise.
916 */
917as_t
918peek_for_as4_capability (struct peer *peer, u_char length)
919{
920 struct stream *s = BGP_INPUT (peer);
921 size_t orig_getp = stream_get_getp (s);
922 size_t end = orig_getp + length;
923 as_t as4 = 0;
924
0b2aa3a0
PJ		 925 if (BGP_DEBUG (as4, AS4))
926 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
927 " peeking for as4",
928 peer->host, length);
929 /* the error cases we DONT handle, we ONLY try to read as4 out of
930 * correctly formatted options.
931 */
932 while (stream_get_getp(s) < end)
933 {
934 u_char opt_type;
935 u_char opt_length;
936
937 /* Check the length. */
938 if (stream_get_getp (s) + 2 > end)
939 goto end;
940
941 /* Fetch option type and length. */
942 opt_type = stream_getc (s);
943 opt_length = stream_getc (s);
944
945 /* Option length check. */
946 if (stream_get_getp (s) + opt_length > end)
947 goto end;
948
949 if (opt_type == BGP_OPEN_OPT_CAP)
950 {
951 unsigned long capd_start = stream_get_getp (s);
952 unsigned long capd_end = capd_start + opt_length;
953
954 assert (capd_end <= end);
955
956 while (stream_get_getp (s) < capd_end)
957 {
958 struct capability_header hdr;
959
960 if (stream_get_getp (s) + 2 > capd_end)
961 goto end;
962
963 hdr.code = stream_getc (s);
964 hdr.length = stream_getc (s);
965
966 if ((stream_get_getp(s) + hdr.length) > capd_end)
967 goto end;
968
969 if (hdr.code == CAPABILITY_CODE_AS4)
970 {
0b2aa3a0
PJ		 971 if (BGP_DEBUG (as4, AS4))
972 zlog_info ("[AS4] found AS4 capability, about to parse");
973 as4 = bgp_capability_as4 (peer, &hdr);
974
975 goto end;
976 }
977 stream_forward_getp (s, hdr.length);
978 }
979 }
980 }
981
982end:
983 stream_set_getp (s, orig_getp);
984 return as4;
985}
986
3b381c32
AS		 987/**
988 * Parse open option.
989 *
990 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
991 */
718e3744 992int
3b381c32 993bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
718e3744 994{
18f1dc06 995 int ret = 0;
718e3744 996 u_char *error;
997 u_char error_data[BGP_MAX_PACKET_SIZE];
6d58272b
PJ		 998 struct stream *s = BGP_INPUT(peer);
999 size_t end = stream_get_getp (s) + length;
718e3744 1000
718e3744 1001 error = error_data;
1002
16286195 1003 if (bgp_debug_neighbor_events(peer))
8325cd7f 1004 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
718e3744 1005 peer->host, length);
1006
6d58272b 1007 while (stream_get_getp(s) < end)
718e3744 1008 {
6d58272b
PJ		 1009 u_char opt_type;
1010 u_char opt_length;
1011
1012 /* Must have at least an OPEN option header */
1013 if (STREAM_READABLE(s) < 2)
718e3744 1014 {
1015 zlog_info ("%s Option length error", peer->host);
09825025 1016 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1017 return -1;
1018 }
1019
1020 /* Fetch option type and length. */
6d58272b
PJ		 1021 opt_type = stream_getc (s);
1022 opt_length = stream_getc (s);
718e3744 1023
1024 /* Option length check. */
6d58272b 1025 if (STREAM_READABLE (s) < opt_length)
718e3744 1026 {
1027 zlog_info ("%s Option length error", peer->host);
09825025 1028 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1029 return -1;
1030 }
1031
16286195 1032 if (bgp_debug_neighbor_events(peer))
8325cd7f 1033 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
718e3744 1034 peer->host, opt_type,
1035 opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
1036 opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
1037 opt_length);
1038
1039 switch (opt_type)
1040 {
1041 case BGP_OPEN_OPT_AUTH:
6d58272b 1042 ret = bgp_auth_parse (peer, opt_length);
718e3744 1043 break;
1044 case BGP_OPEN_OPT_CAP:
3b381c32 1045 ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
718e3744 1046 break;
1047 default:
1048 bgp_notify_send (peer,
1049 BGP_NOTIFY_OPEN_ERR,
1050 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1051 ret = -1;
1052 break;
1053 }
1054
1055 /* Parse error. To accumulate all unsupported capability codes,
1056 bgp_capability_parse does not return -1 when encounter
1057 unsupported capability code. To detect that, please check
1058 error and erro_data pointer, like below. */
1059 if (ret < 0)
1060 return -1;
718e3744 1061 }
1062
1063 /* All OPEN option is parsed. Check capability when strict compare
1064 flag is enabled.*/
1065 if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
1066 {
1067 /* If Unsupported Capability exists. */
1068 if (error != error_data)
1069 {
1070 bgp_notify_send_with_data (peer,
1071 BGP_NOTIFY_OPEN_ERR,
1072 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1073 error_data, error - error_data);
1074 return -1;
1075 }
1076
1077 /* Check local capability does not negotiated with remote
1078 peer. */
1079 if (! strict_capability_same (peer))
1080 {
1081 bgp_notify_send (peer,
1082 BGP_NOTIFY_OPEN_ERR,
1083 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1084 return -1;
1085 }
1086 }
1087
3b381c32 1088 /* Check there are no common AFI/SAFIs and send Unsupported Capability
718e3744 1089 error. */
3b381c32
AS		 1090 if (*mp_capability &&
1091 ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
718e3744 1092 {
1093 if (! peer->afc_nego[AFI_IP][SAFI_UNICAST]
1094 && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1095 && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1096 && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1097 && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST])
1098 {
16286195 1099 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
3b381c32
AS		 1100 "overlap with received MP capabilities",
1101 peer->host);
718e3744 1102
1103 if (error != error_data)
718e3744 1104 bgp_notify_send_with_data (peer,
1105 BGP_NOTIFY_OPEN_ERR,
1106 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1107 error_data, error - error_data);
1108 else
1109 bgp_notify_send (peer,
1110 BGP_NOTIFY_OPEN_ERR,
1111 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1112 return -1;
1113 }
1114 }
1115 return 0;
1116}
1117
94f2b392 1118static void
718e3744 1119bgp_open_capability_orf (struct stream *s, struct peer *peer,
1120 afi_t afi, safi_t safi, u_char code)
1121{
1122 u_char cap_len;
1123 u_char orf_len;
1124 unsigned long capp;
1125 unsigned long orfp;
1126 unsigned long numberp;
1127 int number_of_orfs = 0;
1128
1129 if (safi == SAFI_MPLS_VPN)
42e6d745 1130 safi = SAFI_MPLS_LABELED_VPN;
718e3744 1131
1132 stream_putc (s, BGP_OPEN_OPT_CAP);
9985f83c 1133 capp = stream_get_endp (s); /* Set Capability Len Pointer */
718e3744 1134 stream_putc (s, 0); /* Capability Length */
1135 stream_putc (s, code); /* Capability Code */
9985f83c 1136 orfp = stream_get_endp (s); /* Set ORF Len Pointer */
718e3744 1137 stream_putc (s, 0); /* ORF Length */
1138 stream_putw (s, afi);
1139 stream_putc (s, 0);
1140 stream_putc (s, safi);
9985f83c 1141 numberp = stream_get_endp (s); /* Set Number Pointer */
718e3744 1142 stream_putc (s, 0); /* Number of ORFs */
1143
1144 /* Address Prefix ORF */
1145 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1146 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1147 {
1148 stream_putc (s, (code == CAPABILITY_CODE_ORF ?
1149 ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
1150
1151 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1152 && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1153 {
1154 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1155 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1156 stream_putc (s, ORF_MODE_BOTH);
1157 }
1158 else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
1159 {
1160 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1161 stream_putc (s, ORF_MODE_SEND);
1162 }
1163 else
1164 {
1165 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1166 stream_putc (s, ORF_MODE_RECEIVE);
1167 }
1168 number_of_orfs++;
1169 }
1170
1171 /* Total Number of ORFs. */
1172 stream_putc_at (s, numberp, number_of_orfs);
1173
1174 /* Total ORF Len. */
9985f83c 1175 orf_len = stream_get_endp (s) - orfp - 1;
718e3744 1176 stream_putc_at (s, orfp, orf_len);
1177
1178 /* Total Capability Len. */
9985f83c 1179 cap_len = stream_get_endp (s) - capp - 1;
718e3744 1180 stream_putc_at (s, capp, cap_len);
1181}
1182
1183/* Fill in capability open option to the packet. */
1184void
1185bgp_open_capability (struct stream *s, struct peer *peer)
1186{
1187 u_char len;
fe7d2a48 1188 unsigned long cp, capp, rcapp;
718e3744 1189 afi_t afi;
1190 safi_t safi;
0b2aa3a0 1191 as_t local_as;
fe7d2a48 1192 u_int32_t restart_time;
a82478b9 1193 u_char afi_safi_count = 0;
04b6bdc0 1194 struct utsname names;
adbac85e 1195 int adv_addpath_tx = 0;
718e3744 1196
1197 /* Remember current pointer for Opt Parm Len. */
9985f83c 1198 cp = stream_get_endp (s);
718e3744 1199
1200 /* Opt Parm Len. */
1201 stream_putc (s, 0);
1202
1203 /* Do not send capability. */
1204 if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1205 || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
1206 return;
1207
718e3744 1208 /* IPv4 unicast. */
1209 if (peer->afc[AFI_IP][SAFI_UNICAST])
1210 {
1211 peer->afc_adv[AFI_IP][SAFI_UNICAST] = 1;
1212 stream_putc (s, BGP_OPEN_OPT_CAP);
1213 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1214 stream_putc (s, CAPABILITY_CODE_MP);
1215 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1216 stream_putw (s, AFI_IP);
1217 stream_putc (s, 0);
1218 stream_putc (s, SAFI_UNICAST);
1219 }
1220 /* IPv4 multicast. */
1221 if (peer->afc[AFI_IP][SAFI_MULTICAST])
1222 {
1223 peer->afc_adv[AFI_IP][SAFI_MULTICAST] = 1;
1224 stream_putc (s, BGP_OPEN_OPT_CAP);
1225 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1226 stream_putc (s, CAPABILITY_CODE_MP);
1227 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1228 stream_putw (s, AFI_IP);
1229 stream_putc (s, 0);
1230 stream_putc (s, SAFI_MULTICAST);
1231 }
1232 /* IPv4 VPN */
1233 if (peer->afc[AFI_IP][SAFI_MPLS_VPN])
1234 {
1235 peer->afc_adv[AFI_IP][SAFI_MPLS_VPN] = 1;
1236 stream_putc (s, BGP_OPEN_OPT_CAP);
1237 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1238 stream_putc (s, CAPABILITY_CODE_MP);
1239 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1240 stream_putw (s, AFI_IP);
1241 stream_putc (s, 0);
42e6d745 1242 stream_putc (s, SAFI_MPLS_LABELED_VPN);
718e3744 1243 }
1244#ifdef HAVE_IPV6
8a92a8a0
DS		 1245 /* Currently supporting RFC-5549 for Link-Local peering only */
1246 if (CHECK_FLAG (peer->flags, PEER_FLAG_CAPABILITY_ENHE) &&
1247 peer->su.sa.sa_family == AF_INET6 &&
1248 IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr))
1249 {
1250 /* RFC 5549 Extended Next Hop Encoding */
1251 SET_FLAG (peer->cap, PEER_CAP_ENHE_ADV);
1252 stream_putc (s, BGP_OPEN_OPT_CAP);
1253 stream_putc (s, CAPABILITY_CODE_ENHE_LEN + 2);
1254 stream_putc (s, CAPABILITY_CODE_ENHE);
1255 stream_putc (s, CAPABILITY_CODE_ENHE_LEN);
1256 /* Currently supporting for SAFI_UNICAST only */
1257 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_ADV);
1258 stream_putw (s, AFI_IP);
1259 stream_putw (s, SAFI_UNICAST);
1260 stream_putw (s, AFI_IP6);
1261
1262 if (CHECK_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_RCV))
1263 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_NEGO);
1264 }
718e3744 1265 /* IPv6 unicast. */
1266 if (peer->afc[AFI_IP6][SAFI_UNICAST])
1267 {
1268 peer->afc_adv[AFI_IP6][SAFI_UNICAST] = 1;
1269 stream_putc (s, BGP_OPEN_OPT_CAP);
1270 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1271 stream_putc (s, CAPABILITY_CODE_MP);
1272 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1273 stream_putw (s, AFI_IP6);
1274 stream_putc (s, 0);
1275 stream_putc (s, SAFI_UNICAST);
1276 }
1277 /* IPv6 multicast. */
1278 if (peer->afc[AFI_IP6][SAFI_MULTICAST])
1279 {
1280 peer->afc_adv[AFI_IP6][SAFI_MULTICAST] = 1;
1281 stream_putc (s, BGP_OPEN_OPT_CAP);
1282 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1283 stream_putc (s, CAPABILITY_CODE_MP);
1284 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1285 stream_putw (s, AFI_IP6);
1286 stream_putc (s, 0);
1287 stream_putc (s, SAFI_MULTICAST);
1288 }
1289#endif /* HAVE_IPV6 */
1290
1291 /* Route refresh. */
c9502438 1292 SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
1293 stream_putc (s, BGP_OPEN_OPT_CAP);
1294 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1295 stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
1296 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1297 stream_putc (s, BGP_OPEN_OPT_CAP);
1298 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1299 stream_putc (s, CAPABILITY_CODE_REFRESH);
1300 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
718e3744 1301
0b2aa3a0
PJ		 1302 /* AS4 */
1303 SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
1304 stream_putc (s, BGP_OPEN_OPT_CAP);
1305 stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
1306 stream_putc (s, CAPABILITY_CODE_AS4);
1307 stream_putc (s, CAPABILITY_CODE_AS4_LEN);
1308 if ( peer->change_local_as )
1309 local_as = peer->change_local_as;
1310 else
1311 local_as = peer->local_as;
1312 stream_putl (s, local_as );
1313
adbac85e 1314 /* AddPath */
a82478b9
DS		 1315 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1316 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1317 if (peer->afc[afi][safi])
adbac85e
DW		 1318 {
1319 afi_safi_count++;
1320
1321 /* Only advertise addpath TX if a feature that will use it is
1322 * configured */
06370dac
DW		 1323 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_ALL_PATHS) ||
1324 CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
adbac85e
DW		 1325 adv_addpath_tx = 1;
1326 }
a82478b9
DS		 1327
1328 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_ADV);
1329 stream_putc (s, BGP_OPEN_OPT_CAP);
1330 stream_putc (s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1331 stream_putc (s, CAPABILITY_CODE_ADDPATH);
1332 stream_putc (s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1333
1334 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1335 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1336 if (peer->afc[afi][safi])
1337 {
1338 stream_putw (s, afi);
1339 stream_putc (s, safi);
adbac85e
DW		 1340
1341 if (adv_addpath_tx)
1342 {
1343 stream_putc (s, BGP_ADDPATH_RX|BGP_ADDPATH_TX);
1344 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1345 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1346 }
1347 else
1348 {
1349 stream_putc (s, BGP_ADDPATH_RX);
1350 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1351 UNSET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1352 }
a82478b9
DS		 1353 }
1354
718e3744 1355 /* ORF capability. */
1356 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1357 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1358 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1359 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1360 {
1361 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
1362 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
1363 }
1364
1365 /* Dynamic capability. */
1366 if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
1367 {
1368 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
1369 stream_putc (s, BGP_OPEN_OPT_CAP);
1370 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
89eeecb8
DS		 1371 stream_putc (s, CAPABILITY_CODE_DYNAMIC_OLD);
1372 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1373 stream_putc (s, BGP_OPEN_OPT_CAP);
1374 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
718e3744 1375 stream_putc (s, CAPABILITY_CODE_DYNAMIC);
1376 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1377 }
1378
04b6bdc0
DW		 1379 /* Hostname capability */
1380 uname(&names);
1381 if (names.nodename[0] != '\0')
1382 {
1383 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1384 stream_putc (s, BGP_OPEN_OPT_CAP);
1385 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1386 stream_putc(s, 0); /* dummy len for now */
1387 stream_putc (s, CAPABILITY_CODE_FQDN);
1388 capp = stream_get_endp(s);
1389 stream_putc(s, 0); /* dummy len for now */
1390 len = strlen(names.nodename);
1391 if (len > BGP_MAX_HOSTNAME)
1392 len = BGP_MAX_HOSTNAME;
1393
1394 stream_putc(s, len);
1395 stream_put(s, names.nodename, len);
1396#ifdef _GNU_SOURCE
1397 if ((names.domainname[0] != '\0') &&
1398 (strcmp(names.domainname, "(none)") != 0))
1399 {
1400 len = strlen(names.domainname);
1401 if (len > BGP_MAX_HOSTNAME)
1402 len = BGP_MAX_HOSTNAME;
1403
1404 stream_putc(s, len);
1405 stream_put(s, names.domainname, len);
1406 }
1407 else
1408#endif
1409 {
1410 stream_putc(s, 0); /* 0 length */
1411 }
1412
1413 /* Set the lengths straight */
1414 len = stream_get_endp(s) - rcapp - 1;
1415 stream_putc_at(s, rcapp, len);
1416 len = stream_get_endp(s) - capp - 1;
1417 stream_putc_at(s, capp, len);
1418
1419 if (bgp_debug_neighbor_events(peer))
1420 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1421 peer->host, names.nodename, names.domainname);
1422 }
1423
fe7d2a48
DS		 1424 /* Sending base graceful-restart capability irrespective of the config */
1425 SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
1426 stream_putc (s, BGP_OPEN_OPT_CAP);
1427 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1428 stream_putc (s, 0); /* Capability Length */
1429 stream_putc (s, CAPABILITY_CODE_RESTART);
1430 rcapp = stream_get_endp (s); /* Set Restart Capability Len Pointer */
1431 stream_putc (s, 0);
1432 restart_time = peer->bgp->restart_time;
1433 if (peer->bgp->t_startup)
1434 {
1435 SET_FLAG (restart_time, RESTART_R_BIT);
1436 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
1437 }
1438 stream_putw (s, restart_time);
1439
1440 /* Send address-family specific graceful-restart capability only when GR config
1441 is present */
538621f2 1442 if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
1443 {
fe7d2a48
DS		 1444 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1445 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1446 if (peer->afc[afi][safi])
1447 {
1448 stream_putw (s, afi);
1449 stream_putc (s, safi);
1450 stream_putc (s, 0); //Forwarding is not retained as of now.
1451 }
1452 }
1453
1454 /* Total Graceful restart capability Len. */
1455 len = stream_get_endp (s) - rcapp - 1;
1456 stream_putc_at (s, rcapp, len);
1457
1458 /* Total Capability Len. */
1459 len = stream_get_endp (s) - capp - 1;
1460 stream_putc_at (s, capp, len);
538621f2 1461
718e3744 1462 /* Total Opt Parm Len. */
9985f83c 1463 len = stream_get_endp (s) - cp - 1;
718e3744 1464 stream_putc_at (s, cp, len);
1465}
FRRouting mirror