]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_open.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #531 from qlyoung/fix-stack-ref
[mirror_frr.git] / bgpd / bgp_open.c
CommitLineData
718e3744 1/* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
3
4This file is part of GNU Zebra.
5
6GNU Zebra is free software; you can redistribute it and/or modify it
7under the terms of the GNU General Public License as published by the
8Free Software Foundation; either version 2, or (at your option) any
9later version.
10
11GNU Zebra is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Zebra; see the file COPYING. If not, write to the Free
18Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
1902111-1307, USA. */
20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "stream.h"
26#include "thread.h"
27#include "log.h"
28#include "command.h"
6d58272b 29#include "memory.h"
3f9c7369 30#include "queue.h"
039f3a34 31#include "filter.h"
718e3744 32
856ca177 33#include "lib/json.h"
718e3744 34#include "bgpd/bgpd.h"
35#include "bgpd/bgp_attr.h"
36#include "bgpd/bgp_debug.h"
37#include "bgpd/bgp_fsm.h"
38#include "bgpd/bgp_packet.h"
39#include "bgpd/bgp_open.h"
0b2aa3a0 40#include "bgpd/bgp_aspath.h"
538621f2 41#include "bgpd/bgp_vty.h"
4a1ab8e4 42#include "bgpd/bgp_memory.h"
538621f2 43
718e3744 44/* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
45 negotiate remote peer supports extentions or not. But if
46 remote-peer doesn't supports negotiation process itself. We would
47 like to do manual configuration.
48
49 So there is many configurable point. First of all we want set each
50 peer whether we send capability negotiation to the peer or not.
51 Next, if we send capability to the peer we want to set my capabilty
52 inforation at each peer. */
53
54void
856ca177 55bgp_capability_vty_out (struct vty *vty, struct peer *peer, u_char use_json, json_object *json_neigh)
718e3744 56{
5228ad27 57 char *pnt;
58 char *end;
6d58272b
PJ		 59 struct capability_mp_data mpc;
60 struct capability_header *hdr;
856ca177
MS		 61 json_object *json_cap = NULL;
62
63 if (use_json)
64 json_cap = json_object_new_object();
718e3744 65
66 pnt = peer->notify.data;
67 end = pnt + peer->notify.length;
6d58272b 68
718e3744 69 while (pnt < end)
70 {
6d58272b 71 if (pnt + sizeof (struct capability_mp_data) + 2 > end)
718e3744 72 return;
6d58272b
PJ		 73
74 hdr = (struct capability_header *)pnt;
75 if (pnt + hdr->length + 2 > end)
718e3744 76 return;
77
6d58272b
PJ		 78 memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
79
80 if (hdr->code == CAPABILITY_CODE_MP)
718e3744 81 {
9cabb64b 82 afi_t afi;
83 safi_t safi;
84
85 bgp_map_afi_safi_iana2int (ntohs(mpc.afi), mpc.safi, &afi, &safi);
856ca177
MS		 86 if (use_json)
87 {
9cabb64b 88 switch (afi)
856ca177
MS		 89 {
90 case AFI_IP:
91 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv4");
92 break;
93 case AFI_IP6:
94 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv6");
95 break;
3d6c0dfa
PG		 96 case AFI_L2VPN:
97 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "L2VPN");
98 break;
856ca177
MS		 99 default:
100 json_object_int_add(json_cap, "capabilityErrorMultiProtocolAfiUnknown", ntohs (mpc.afi));
101 break;
102 }
9cabb64b 103 switch (safi)
856ca177
MS		 104 {
105 case SAFI_UNICAST:
106 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "unicast");
107 break;
108 case SAFI_MULTICAST:
109 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "multicast");
110 break;
cd1964ff
DS		 111 case SAFI_LABELED_UNICAST:
112 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "labeled-unicast");
113 break;
9cabb64b 114 case SAFI_MPLS_VPN:
856ca177
MS		 115 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "MPLS-labeled VPN");
116 break;
587ff0fd
LB		 117 case SAFI_ENCAP:
118 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "encap");
119 break;
3d6c0dfa
PG		 120 case SAFI_EVPN:
121 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "EVPN");
122 break;
856ca177
MS		 123 default:
124 json_object_int_add(json_cap, "capabilityErrorMultiProtocolSafiUnknown", mpc.safi);
125 break;
126 }
127 }
128 else
129 {
130 vty_out (vty, " Capability error for: Multi protocol ");
9cabb64b 131 switch (afi)
856ca177
MS		 132 {
133 case AFI_IP:
134 vty_out (vty, "AFI IPv4, ");
135 break;
136 case AFI_IP6:
137 vty_out (vty, "AFI IPv6, ");
138 break;
3d6c0dfa
PG		 139 case AFI_L2VPN:
140 vty_out (vty, "AFI L2VPN, ");
141 break;
856ca177
MS		 142 default:
143 vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
144 break;
145 }
9cabb64b 146 switch (safi)
856ca177
MS		 147 {
148 case SAFI_UNICAST:
149 vty_out (vty, "SAFI Unicast");
150 break;
151 case SAFI_MULTICAST:
152 vty_out (vty, "SAFI Multicast");
153 break;
cd1964ff
DS		 154 case SAFI_LABELED_UNICAST:
155 vty_out (vty, "SAFI Labeled-unicast");
156 break;
9cabb64b 157 case SAFI_MPLS_VPN:
856ca177
MS		 158 vty_out (vty, "SAFI MPLS-labeled VPN");
159 break;
587ff0fd
LB		 160 case SAFI_ENCAP:
161 vty_out (vty, "SAFI ENCAP");
162 break;
3d6c0dfa
PG		 163 case SAFI_EVPN:
164 vty_out (vty, "SAFI EVPN");
165 break;
856ca177
MS		 166 default:
167 vty_out (vty, "SAFI Unknown %d ", mpc.safi);
168 break;
169 }
170 vty_out (vty, "%s", VTY_NEWLINE);
171 }
172 }
6d58272b 173 else if (hdr->code >= 128)
856ca177
MS		 174 {
175 if (use_json)
176 json_object_int_add(json_cap, "capabilityErrorVendorSpecificCapabilityCode", hdr->code);
177 else
178 vty_out (vty, " Capability error: vendor specific capability code %d",
179 hdr->code);
180 }
718e3744 181 else
856ca177
MS		 182 {
183 if (use_json)
184 json_object_int_add(json_cap, "capabilityErrorUnknownCapabilityCode", hdr->code);
185 else
186 vty_out (vty, " Capability error: unknown capability code %d",
187 hdr->code);
188 }
6d58272b 189 pnt += hdr->length + 2;
718e3744 190 }
856ca177
MS		 191 if (use_json)
192 json_object_object_add(json_neigh, "capabilityErrors", json_cap);
718e3744 193}
194
6d58272b
PJ		 195static void
196bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
718e3744 197{
6d58272b
PJ		 198 mpc->afi = stream_getw (s);
199 mpc->reserved = stream_getc (s);
200 mpc->safi = stream_getc (s);
201}
718e3744 202
6d58272b
PJ		 203/* Set negotiated capability value. */
204static int
205bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
206{
207 struct capability_mp_data mpc;
208 struct stream *s = BGP_INPUT (peer);
b58ed1f8
DS		 209 afi_t afi;
210 safi_t safi;
211
14051b36
DS		 212 /* Verify length is 4 */
213 if (hdr->length != 4)
214 {
215 zlog_warn("MP Cap: Received invalid length %d, non-multiple of 4",
216 hdr->length);
217 return -1;
218 }
219
6d58272b
PJ		 220 bgp_capability_mp_data (s, &mpc);
221
167d390a 222 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 223 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
224 peer->host, mpc.afi, mpc.safi);
225
9cabb64b 226 /* Convert AFI, SAFI to internal values, check. */
b58ed1f8 227 if (bgp_map_afi_safi_iana2int (mpc.afi, mpc.safi, &afi, &safi))
6d58272b
PJ		 228 return -1;
229
230 /* Now safi remapped, and afi/safi are valid array indices */
b58ed1f8 231 peer->afc_recv[afi][safi] = 1;
6d58272b 232
b58ed1f8
DS		 233 if (peer->afc[afi][safi])
234 peer->afc_nego[afi][safi] = 1;
6d58272b
PJ		 235 else
236 return -1;
718e3744 237
238 return 0;
239}
240
94f2b392 241static void
b58ed1f8 242bgp_capability_orf_not_support (struct peer *peer, iana_afi_t afi, safi_t safi,
718e3744 243 u_char type, u_char mode)
244{
16286195 245 if (bgp_debug_neighbor_events(peer))
8325cd7f 246 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
718e3744 247 peer->host, afi, safi, type, mode);
248}
249
8f5abac1 250static const struct message orf_type_str[] =
6d58272b
PJ		 251{
252 { ORF_TYPE_PREFIX, "Prefixlist" },
253 { ORF_TYPE_PREFIX_OLD, "Prefixlist (old)" },
254};
837d16cc 255static const int orf_type_str_max = array_size(orf_type_str);
6d58272b 256
8f5abac1 257static const struct message orf_mode_str[] =
6d58272b
PJ		 258{
259 { ORF_MODE_RECEIVE, "Receive" },
260 { ORF_MODE_SEND, "Send" },
261 { ORF_MODE_BOTH, "Both" },
262};
837d16cc 263static const int orf_mode_str_max = array_size(orf_mode_str);
6d58272b 264
94f2b392 265static int
6d58272b 266bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
718e3744 267{
6d58272b
PJ		 268 struct stream *s = BGP_INPUT (peer);
269 struct capability_orf_entry entry;
b58ed1f8 270 iana_afi_t pkt_afi;
6d58272b 271 afi_t afi;
9cabb64b 272 safi_t pkt_safi, safi;
718e3744 273 u_char type;
274 u_char mode;
275 u_int16_t sm_cap = 0; /* capability send-mode receive */
276 u_int16_t rm_cap = 0; /* capability receive-mode receive */
277 int i;
278
6d58272b
PJ		 279 /* ORF Entry header */
280 bgp_capability_mp_data (s, &entry.mpc);
281 entry.num = stream_getc (s);
9cabb64b 282 pkt_afi = entry.mpc.afi;
283 pkt_safi = entry.mpc.safi;
6d58272b 284
16286195 285 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 286 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
287 peer->host, entry.mpc.afi, entry.mpc.safi);
718e3744 288
9cabb64b 289 /* Convert AFI, SAFI to internal values, check. */
290 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
6d58272b
PJ		 291 {
292 zlog_info ("%s Addr-family %d/%d not supported."
293 " Ignoring the ORF capability",
9cabb64b 294 peer->host, pkt_afi, pkt_safi);
6d58272b
PJ		 295 return 0;
296 }
297
b58ed1f8 298 entry.mpc.afi = pkt_afi;
9cabb64b 299 entry.mpc.safi = safi;
300
6d58272b 301 /* validate number field */
e978e1de 302 if (CAPABILITY_CODE_ORF_LEN + (entry.num * 2) > hdr->length)
718e3744 303 {
6d58272b
PJ		 304 zlog_info ("%s ORF Capability entry length error,"
305 " Cap length %u, num %u",
306 peer->host, hdr->length, entry.num);
09825025 307 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 308 return -1;
309 }
310
6d58272b 311 for (i = 0 ; i < entry.num ; i++)
718e3744 312 {
6d58272b
PJ		 313 type = stream_getc(s);
314 mode = stream_getc(s);
315
718e3744 316 /* ORF Mode error check */
6d58272b
PJ		 317 switch (mode)
318 {
319 case ORF_MODE_BOTH:
320 case ORF_MODE_SEND:
321 case ORF_MODE_RECEIVE:
322 break;
323 default:
9cabb64b 324 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b 325 continue;
718e3744 326 }
6d58272b
PJ		 327 /* ORF Type and afi/safi error checks */
328 /* capcode versus type */
329 switch (hdr->code)
330 {
331 case CAPABILITY_CODE_ORF:
332 switch (type)
333 {
334 case ORF_TYPE_PREFIX:
335 break;
336 default:
9cabb64b 337 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 338 continue;
339 }
340 break;
341 case CAPABILITY_CODE_ORF_OLD:
342 switch (type)
343 {
344 case ORF_TYPE_PREFIX_OLD:
345 break;
346 default:
9cabb64b 347 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 348 continue;
349 }
350 break;
351 default:
9cabb64b 352 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 353 continue;
354 }
355
356 /* AFI vs SAFI */
357 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
358 || (afi == AFI_IP && safi == SAFI_MULTICAST)
359 || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
360 {
9cabb64b 361 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 362 continue;
363 }
364
16286195 365 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 366 zlog_debug ("%s OPEN has %s ORF capability"
367 " as %s for afi/safi: %d/%d",
368 peer->host, LOOKUP (orf_type_str, type),
369 LOOKUP (orf_mode_str, mode),
9cabb64b 370 pkt_afi, pkt_safi);
718e3744 371
6d58272b 372 if (hdr->code == CAPABILITY_CODE_ORF)
718e3744 373 {
6d58272b
PJ		 374 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
375 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
718e3744 376 }
6d58272b 377 else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
718e3744 378 {
6d58272b
PJ		 379 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
380 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
718e3744 381 }
382 else
383 {
9cabb64b 384 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
718e3744 385 continue;
386 }
387
388 switch (mode)
389 {
390 case ORF_MODE_BOTH:
391 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
392 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
393 break;
394 case ORF_MODE_SEND:
395 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
396 break;
397 case ORF_MODE_RECEIVE:
398 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
399 break;
400 }
401 }
402 return 0;
403}
404
6d58272b
PJ		 405static int
406bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
407{
408 struct stream *s = BGP_INPUT (peer);
409 u_int16_t restart_flag_time;
6d58272b
PJ		 410 size_t end = stream_get_getp (s) + caphdr->length;
411
14051b36
DS		 412 /* Verify length is a multiple of 4 */
413 if ((caphdr->length-2) % 4)
414 {
415 zlog_warn("Restart Cap: Received invalid length %d, non-multiple of 4",
416 caphdr->length);
417 return -1;
418 }
419
6d58272b
PJ		 420 SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
421 restart_flag_time = stream_getw(s);
422 if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
4b52acf9
PJ		 423 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
424
6d58272b
PJ		 425 UNSET_FLAG (restart_flag_time, 0xF000);
426 peer->v_gr_restart = restart_flag_time;
718e3744 427
16286195 428 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 429 {
430 zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
431 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
4b52acf9
PJ		 432 peer->host,
433 CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " "
434 : " not ",
6d58272b
PJ		 435 peer->v_gr_restart);
436 }
718e3744 437
21cc7694 438 while (stream_get_getp (s) + 4 <= end)
6d58272b 439 {
9cabb64b 440 afi_t afi;
441 safi_t safi;
b58ed1f8 442 iana_afi_t pkt_afi = stream_getw (s);
9cabb64b 443 safi_t pkt_safi = stream_getc (s);
6d58272b
PJ		 444 u_char flag = stream_getc (s);
445
9cabb64b 446 /* Convert AFI, SAFI to internal values, check. */
447 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
6d58272b 448 {
16286195 449 if (bgp_debug_neighbor_events(peer))
6d58272b 450 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
14051b36 451 " Ignore the Graceful Restart capability for this AFI/SAFI",
9cabb64b 452 peer->host, pkt_afi, pkt_safi);
6d58272b
PJ		 453 }
454 else if (!peer->afc[afi][safi])
455 {
16286195 456 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 457 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
458 " Ignore the Graceful Restart capability",
9cabb64b 459 peer->host, pkt_afi, pkt_safi);
6d58272b
PJ		 460 }
461 else
462 {
16286195 463 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 464 zlog_debug ("%s Address family %s is%spreserved", peer->host,
465 afi_safi_print (afi, safi),
466 CHECK_FLAG (peer->af_cap[afi][safi],
467 PEER_CAP_RESTART_AF_PRESERVE_RCV)
468 ? " " : " not ");
469
470 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
471 if (CHECK_FLAG (flag, RESTART_F_BIT))
472 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
473
474 }
475 }
476 return 0;
477}
718e3744 478
14051b36 479/* Unlike other capability parsing routines, this one returns 0 on error */
0b2aa3a0
PJ		 480static as_t
481bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
482{
5861739f
PJ		 483 SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
484
485 if (hdr->length != CAPABILITY_CODE_AS4_LEN)
486 {
487 zlog_err ("%s AS4 capability has incorrect data length %d",
488 peer->host, hdr->length);
489 return 0;
490 }
491
0b2aa3a0
PJ		 492 as_t as4 = stream_getl (BGP_INPUT(peer));
493
494 if (BGP_DEBUG (as4, AS4))
495 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
496 peer->host, as4);
0b2aa3a0
PJ		 497 return as4;
498}
499
a82478b9
DS		 500static int
501bgp_capability_addpath (struct peer *peer, struct capability_header *hdr)
502{
503 struct stream *s = BGP_INPUT (peer);
504 size_t end = stream_get_getp (s) + hdr->length;
505
506 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_RCV);
507
14051b36
DS		 508 /* Verify length is a multiple of 4 */
509 if (hdr->length % 4)
510 {
511 zlog_warn("Add Path: Received invalid length %d, non-multiple of 4",
512 hdr->length);
513 return -1;
514 }
515
a82478b9
DS		 516 while (stream_get_getp (s) + 4 <= end)
517 {
9cabb64b 518 afi_t afi;
519 safi_t safi;
b58ed1f8 520 iana_afi_t pkt_afi = stream_getw (s);
9cabb64b 521 safi_t pkt_safi = stream_getc (s);
a82478b9
DS		 522 u_char send_receive = stream_getc (s);
523
167d390a 524 if (bgp_debug_neighbor_events(peer))
a82478b9 525 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
9cabb64b 526 peer->host, pkt_afi, pkt_safi,
a82478b9
DS		 527 (send_receive & BGP_ADDPATH_RX) ? ", receive" : "",
528 (send_receive & BGP_ADDPATH_TX) ? ", transmit" : "");
529
9cabb64b 530 /* Convert AFI, SAFI to internal values, check. */
531 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
823b8f7c
DS		 532 {
533 if (bgp_debug_neighbor_events(peer))
534 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
535 " Ignore the Addpath Attribute for this AFI/SAFI",
9cabb64b 536 peer->host, pkt_afi, pkt_safi);
823b8f7c
DS		 537 continue;
538 }
539 else if (!peer->afc[afi][safi])
540 {
541 if (bgp_debug_neighbor_events(peer))
542 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
543 " Ignore the AddPath capability for this AFI/SAFI",
9cabb64b 544 peer->host, pkt_afi, pkt_safi);
823b8f7c
DS		 545 continue;
546 }
a82478b9
DS		 547
548 if (send_receive & BGP_ADDPATH_RX)
549 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_RCV);
550
551 if (send_receive & BGP_ADDPATH_TX)
552 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_RCV);
553 }
554
555 return 0;
556}
557
8a92a8a0
DS		 558static int
559bgp_capability_enhe (struct peer *peer, struct capability_header *hdr)
560{
561 struct stream *s = BGP_INPUT (peer);
562 size_t end = stream_get_getp (s) + hdr->length;
563
14051b36
DS		 564 /* Verify length is a multiple of 4 */
565 if (hdr->length % 6)
566 {
567 zlog_warn("Extended NH: Received invalid length %d, non-multiple of 6",
568 hdr->length);
569 return -1;
570 }
571
8a92a8a0
DS		 572 while (stream_get_getp (s) + 6 <= end)
573 {
b58ed1f8
DS		 574 iana_afi_t pkt_afi = stream_getw (s);
575 afi_t afi;
9cabb64b 576 safi_t safi, pkt_safi = stream_getw (s);
b58ed1f8
DS		 577 iana_afi_t pkt_nh_afi = stream_getw (s);
578 afi_t nh_afi;
8a92a8a0
DS		 579
580 if (bgp_debug_neighbor_events(peer))
a656dafa 581 zlog_debug ("%s Received with afi/safi/next-hop afi: %u/%u/%u",
9cabb64b 582 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
8a92a8a0 583
9cabb64b 584 /* Convert AFI, SAFI to internal values, check. */
585 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
8a92a8a0 586 {
a656dafa 587 if (bgp_debug_neighbor_events(peer))
588 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
589 " Ignore the ENHE Attribute for this AFI/SAFI",
9cabb64b 590 peer->host, pkt_afi, pkt_safi);
a656dafa 591 continue;
8a92a8a0
DS		 592 }
593
a656dafa 594 /* RFC 5549 specifies use of this capability only for IPv4 AFI, with
595 * the Nexthop AFI being IPv6. A future spec may introduce other
596 * possibilities, so we ignore other values with a log. Also, only
343e90c3 597 * SAFI_UNICAST and SAFI_LABELED_UNICAST are currently supported (and expected).
a656dafa 598 */
9cabb64b 599 nh_afi = afi_iana2int (pkt_nh_afi);
600
343e90c3 601 if (afi != AFI_IP || nh_afi != AFI_IP6 || !(safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
a656dafa 602 {
603 zlog_warn ("%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
604 "in Extended Next-hop capability, ignoring",
9cabb64b 605 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
a656dafa 606 continue;
607 }
8a92a8a0
DS		 608
609 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
610
611 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
612 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
613 }
614
615 SET_FLAG (peer->cap, PEER_CAP_ENHE_RCV);
616
617 return 0;
618}
619
04b6bdc0
DW		 620static int
621bgp_capability_hostname (struct peer *peer, struct capability_header *hdr)
622{
623 struct stream *s = BGP_INPUT (peer);
624 char str[BGP_MAX_HOSTNAME+1];
625 size_t end = stream_get_getp (s) + hdr->length;
626 u_char len;
627
628 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
629
630 len = stream_getc(s);
631 if (stream_get_getp(s) + len > end)
632 {
633 zlog_warn("%s: Received malformed hostname capability from peer %s",
634 __FUNCTION__, peer->host);
635 return -1;
636 }
637
638 if (len > BGP_MAX_HOSTNAME)
639 {
640 stream_get(str, s, BGP_MAX_HOSTNAME);
641 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
642 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
643 }
644 else if (len)
645 stream_get(str, s, len);
646
647 if (len)
648 {
649 str[len] = '\0';
650
651 if (peer->hostname != NULL)
f9e9e073 652 {
4a1ab8e4 653 XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
f9e9e073
DW		 654 peer->hostname = NULL;
655 }
04b6bdc0
DW		 656
657 if (peer->domainname != NULL)
9e08021c 658 {
4a1ab8e4 659 XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
9e08021c
DW		 660 peer->domainname = NULL;
661 }
04b6bdc0 662
4a1ab8e4 663 peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
04b6bdc0
DW		 664 }
665
666 if (stream_get_getp(s) +1 > end)
667 {
668 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
669 __FUNCTION__, peer->host);
670 return -1;
671 }
672
673 len = stream_getc(s);
674 if (stream_get_getp(s) + len > end)
675 {
676 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
677 __FUNCTION__, peer->host);
678 return -1;
679 }
680
681 if (len > BGP_MAX_HOSTNAME)
682 {
683 stream_get(str, s, BGP_MAX_HOSTNAME);
684 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
685 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
686 }
687 else if (len)
688 stream_get(str, s, len);
689
690 if (len)
691 {
692 str[len] = '\0';
4a1ab8e4 693 peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
04b6bdc0
DW		 694 }
695
696 if (bgp_debug_neighbor_events(peer))
697 {
698 zlog_debug("%s received hostname %s, domainname %s",
699 peer->host, peer->hostname, peer->domainname);
700 }
701
702 return 0;
703}
704
6410e93a 705 static const struct message capcode_str[] =
6d58272b 706{
6d58272b
PJ		 707 { CAPABILITY_CODE_MP, "MultiProtocol Extensions" },
708 { CAPABILITY_CODE_REFRESH, "Route Refresh" },
709 { CAPABILITY_CODE_ORF, "Cooperative Route Filtering" },
710 { CAPABILITY_CODE_RESTART, "Graceful Restart" },
711 { CAPABILITY_CODE_AS4, "4-octet AS number" },
89eeecb8 712 { CAPABILITY_CODE_ADDPATH, "AddPath" },
6d58272b 713 { CAPABILITY_CODE_DYNAMIC, "Dynamic" },
8a92a8a0 714 { CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding" },
89eeecb8 715 { CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)" },
6d58272b
PJ		 716 { CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)" },
717 { CAPABILITY_CODE_ORF_OLD, "ORF (Old)" },
04b6bdc0 718 { CAPABILITY_CODE_FQDN, "FQDN" },
6d58272b 719};
837d16cc 720static const int capcode_str_max = array_size(capcode_str);
6d58272b
PJ		 721
722/* Minimum sizes for length field of each cap (so not inc. the header) */
fc52f953 723static const size_t cap_minsizes[] =
6d58272b 724{
e978e1de 725 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
6d58272b 726 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
e978e1de 727 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
f5bb8cfa 728 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
6d58272b 729 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
a82478b9 730 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
6d58272b 731 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
89eeecb8 732 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
8a92a8a0 733 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
6d58272b 734 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
e978e1de 735 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
04b6bdc0 736 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
6d58272b
PJ		 737};
738
695ef95f
PJ		 739/* value the capability must be a multiple of.
740 * 0-data capabilities won't be checked against this.
741 * Other capabilities whose data doesn't fall on convenient boundaries for this
742 * table should be set to 1.
743 */
744static const size_t cap_modsizes[] =
745{
746 [CAPABILITY_CODE_MP] = 4,
747 [CAPABILITY_CODE_REFRESH] = 1,
748 [CAPABILITY_CODE_ORF] = 1,
749 [CAPABILITY_CODE_RESTART] = 1,
750 [CAPABILITY_CODE_AS4] = 4,
934a4c59 751 [CAPABILITY_CODE_ADDPATH] = 4,
695ef95f 752 [CAPABILITY_CODE_DYNAMIC] = 1,
934a4c59
DS		 753 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
754 [CAPABILITY_CODE_ENHE] = 6,
695ef95f
PJ		 755 [CAPABILITY_CODE_REFRESH_OLD] = 1,
756 [CAPABILITY_CODE_ORF_OLD] = 1,
934a4c59 757 [CAPABILITY_CODE_FQDN] = 1,
695ef95f
PJ		 758};
759
3b381c32
AS		 760/**
761 * Parse given capability.
6d58272b 762 * XXX: This is reading into a stream, but not using stream API
3b381c32
AS		 763 *
764 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
765 * capabilities were encountered.
6d58272b
PJ		 766 */
767static int
3b381c32
AS		 768bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
769 u_char **error)
6d58272b
PJ		 770{
771 int ret;
772 struct stream *s = BGP_INPUT (peer);
773 size_t end = stream_get_getp (s) + length;
774
775 assert (STREAM_READABLE (s) >= length);
776
777 while (stream_get_getp (s) < end)
778 {
779 size_t start;
780 u_char *sp = stream_pnt (s);
781 struct capability_header caphdr;
14051b36
DS		 782
783 ret = 0;
718e3744 784 /* We need at least capability code and capability length. */
6d58272b 785 if (stream_get_getp(s) + 2 > end)
718e3744 786 {
6d58272b 787 zlog_info ("%s Capability length error (< header)", peer->host);
09825025 788 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 789 return -1;
790 }
6d58272b
PJ		 791
792 caphdr.code = stream_getc (s);
793 caphdr.length = stream_getc (s);
794 start = stream_get_getp (s);
795
796 /* Capability length check sanity check. */
797 if (start + caphdr.length > end)
718e3744 798 {
6d58272b 799 zlog_info ("%s Capability length error (< length)", peer->host);
09825025 800 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 801 return -1;
802 }
6d58272b 803
16286195 804 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 805 zlog_debug ("%s OPEN has %s capability (%u), length %u",
806 peer->host,
807 LOOKUP (capcode_str, caphdr.code),
808 caphdr.code, caphdr.length);
809
810 /* Length sanity check, type-specific, for known capabilities */
811 switch (caphdr.code)
812 {
813 case CAPABILITY_CODE_MP:
814 case CAPABILITY_CODE_REFRESH:
815 case CAPABILITY_CODE_REFRESH_OLD:
816 case CAPABILITY_CODE_ORF:
817 case CAPABILITY_CODE_ORF_OLD:
818 case CAPABILITY_CODE_RESTART:
0b2aa3a0 819 case CAPABILITY_CODE_AS4:
a82478b9 820 case CAPABILITY_CODE_ADDPATH:
6d58272b 821 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 822 case CAPABILITY_CODE_DYNAMIC_OLD:
8a92a8a0 823 case CAPABILITY_CODE_ENHE:
04b6bdc0 824 case CAPABILITY_CODE_FQDN:
6d58272b
PJ		 825 /* Check length. */
826 if (caphdr.length < cap_minsizes[caphdr.code])
827 {
828 zlog_info ("%s %s Capability length error: got %u,"
829 " expected at least %u",
830 peer->host,
831 LOOKUP (capcode_str, caphdr.code),
fc52f953
SH		 832 caphdr.length,
833 (unsigned) cap_minsizes[caphdr.code]);
09825025 834 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
6d58272b
PJ		 835 return -1;
836 }
695ef95f
PJ		 837 if (caphdr.length
838 && caphdr.length % cap_modsizes[caphdr.code] != 0)
839 {
840 zlog_info ("%s %s Capability length error: got %u,"
841 " expected a multiple of %u",
842 peer->host,
843 LOOKUP (capcode_str, caphdr.code),
844 caphdr.length,
845 (unsigned) cap_modsizes[caphdr.code]);
846 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
92c92c45 847 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
695ef95f
PJ		 848 return -1;
849 }
6d58272b
PJ		 850 /* we deliberately ignore unknown codes, see below */
851 default:
852 break;
853 }
854
855 switch (caphdr.code)
856 {
857 case CAPABILITY_CODE_MP:
858 {
3b381c32
AS		 859 *mp_capability = 1;
860
6d58272b
PJ		 861 /* Ignore capability when override-capability is set. */
862 if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
863 {
864 /* Set negotiated value. */
865 ret = bgp_capability_mp (peer, &caphdr);
866
867 /* Unsupported Capability. */
868 if (ret < 0)
869 {
870 /* Store return data. */
871 memcpy (*error, sp, caphdr.length + 2);
872 *error += caphdr.length + 2;
873 }
14051b36 874 ret = 0; /* Don't return error for this */
6d58272b
PJ		 875 }
876 }
877 break;
878 case CAPABILITY_CODE_REFRESH:
879 case CAPABILITY_CODE_REFRESH_OLD:
880 {
881 /* BGP refresh capability */
882 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
883 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
884 else
885 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
886 }
887 break;
888 case CAPABILITY_CODE_ORF:
889 case CAPABILITY_CODE_ORF_OLD:
14051b36 890 ret = bgp_capability_orf_entry (peer, &caphdr);
6d58272b
PJ		 891 break;
892 case CAPABILITY_CODE_RESTART:
14051b36 893 ret = bgp_capability_restart (peer, &caphdr);
6d58272b
PJ		 894 break;
895 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 896 case CAPABILITY_CODE_DYNAMIC_OLD:
6d58272b
PJ		 897 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
898 break;
0b2aa3a0
PJ		 899 case CAPABILITY_CODE_AS4:
900 /* Already handled as a special-case parsing of the capabilities
901 * at the beginning of OPEN processing. So we care not a jot
902 * for the value really, only error case.
903 */
904 if (!bgp_capability_as4 (peer, &caphdr))
14051b36 905 ret = -1;
0b2aa3a0 906 break;
a82478b9 907 case CAPABILITY_CODE_ADDPATH:
14051b36 908 ret = bgp_capability_addpath (peer, &caphdr);
a82478b9 909 break;
8a92a8a0 910 case CAPABILITY_CODE_ENHE:
14051b36 911 ret = bgp_capability_enhe (peer, &caphdr);
8a92a8a0 912 break;
04b6bdc0
DW		 913 case CAPABILITY_CODE_FQDN:
914 ret = bgp_capability_hostname (peer, &caphdr);
915 break;
6d58272b
PJ		 916 default:
917 if (caphdr.code > 128)
918 {
919 /* We don't send Notification for unknown vendor specific
920 capabilities. It seems reasonable for now... */
921 zlog_warn ("%s Vendor specific capability %d",
922 peer->host, caphdr.code);
923 }
924 else
925 {
926 zlog_warn ("%s unrecognized capability code: %d - ignored",
927 peer->host, caphdr.code);
928 memcpy (*error, sp, caphdr.length + 2);
929 *error += caphdr.length + 2;
930 }
931 }
14051b36
DS		 932
933 if (ret < 0)
934 {
09825025 935 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
14051b36
DS		 936 return -1;
937 }
6d58272b
PJ		 938 if (stream_get_getp(s) != (start + caphdr.length))
939 {
940 if (stream_get_getp(s) > (start + caphdr.length))
941 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
942 peer->host, LOOKUP (capcode_str, caphdr.code),
943 caphdr.length);
944 stream_set_getp (s, start + caphdr.length);
945 }
718e3744 946 }
947 return 0;
948}
949
94f2b392 950static int
6d58272b 951bgp_auth_parse (struct peer *peer, size_t length)
718e3744 952{
953 bgp_notify_send (peer,
954 BGP_NOTIFY_OPEN_ERR,
955 BGP_NOTIFY_OPEN_AUTH_FAILURE);
956 return -1;
957}
958
94f2b392 959static int
718e3744 960strict_capability_same (struct peer *peer)
961{
962 int i, j;
963
964 for (i = AFI_IP; i < AFI_MAX; i++)
965 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
966 if (peer->afc[i][j] != peer->afc_nego[i][j])
967 return 0;
968 return 1;
969}
970
0b2aa3a0
PJ		 971/* peek into option, stores ASN to *as4 if the AS4 capability was found.
972 * Returns 0 if no as4 found, as4cap value otherwise.
973 */
974as_t
975peek_for_as4_capability (struct peer *peer, u_char length)
976{
977 struct stream *s = BGP_INPUT (peer);
978 size_t orig_getp = stream_get_getp (s);
979 size_t end = orig_getp + length;
980 as_t as4 = 0;
981
0b2aa3a0
PJ		 982 if (BGP_DEBUG (as4, AS4))
983 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
984 " peeking for as4",
985 peer->host, length);
986 /* the error cases we DONT handle, we ONLY try to read as4 out of
987 * correctly formatted options.
988 */
989 while (stream_get_getp(s) < end)
990 {
991 u_char opt_type;
992 u_char opt_length;
993
994 /* Check the length. */
995 if (stream_get_getp (s) + 2 > end)
996 goto end;
997
998 /* Fetch option type and length. */
999 opt_type = stream_getc (s);
1000 opt_length = stream_getc (s);
1001
1002 /* Option length check. */
1003 if (stream_get_getp (s) + opt_length > end)
1004 goto end;
1005
1006 if (opt_type == BGP_OPEN_OPT_CAP)
1007 {
1008 unsigned long capd_start = stream_get_getp (s);
1009 unsigned long capd_end = capd_start + opt_length;
1010
1011 assert (capd_end <= end);
1012
1013 while (stream_get_getp (s) < capd_end)
1014 {
1015 struct capability_header hdr;
1016
1017 if (stream_get_getp (s) + 2 > capd_end)
1018 goto end;
1019
1020 hdr.code = stream_getc (s);
1021 hdr.length = stream_getc (s);
1022
1023 if ((stream_get_getp(s) + hdr.length) > capd_end)
1024 goto end;
1025
1026 if (hdr.code == CAPABILITY_CODE_AS4)
1027 {
0b2aa3a0
PJ		 1028 if (BGP_DEBUG (as4, AS4))
1029 zlog_info ("[AS4] found AS4 capability, about to parse");
1030 as4 = bgp_capability_as4 (peer, &hdr);
1031
1032 goto end;
1033 }
1034 stream_forward_getp (s, hdr.length);
1035 }
1036 }
1037 }
1038
1039end:
1040 stream_set_getp (s, orig_getp);
1041 return as4;
1042}
1043
3b381c32
AS		 1044/**
1045 * Parse open option.
1046 *
1047 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1048 */
718e3744 1049int
3b381c32 1050bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
718e3744 1051{
18f1dc06 1052 int ret = 0;
718e3744 1053 u_char *error;
1054 u_char error_data[BGP_MAX_PACKET_SIZE];
6d58272b
PJ		 1055 struct stream *s = BGP_INPUT(peer);
1056 size_t end = stream_get_getp (s) + length;
718e3744 1057
718e3744 1058 error = error_data;
1059
16286195 1060 if (bgp_debug_neighbor_events(peer))
8325cd7f 1061 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
718e3744 1062 peer->host, length);
1063
6d58272b 1064 while (stream_get_getp(s) < end)
718e3744 1065 {
6d58272b
PJ		 1066 u_char opt_type;
1067 u_char opt_length;
1068
1069 /* Must have at least an OPEN option header */
1070 if (STREAM_READABLE(s) < 2)
718e3744 1071 {
1072 zlog_info ("%s Option length error", peer->host);
09825025 1073 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1074 return -1;
1075 }
1076
1077 /* Fetch option type and length. */
6d58272b
PJ		 1078 opt_type = stream_getc (s);
1079 opt_length = stream_getc (s);
718e3744 1080
1081 /* Option length check. */
6d58272b 1082 if (STREAM_READABLE (s) < opt_length)
718e3744 1083 {
1084 zlog_info ("%s Option length error", peer->host);
09825025 1085 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1086 return -1;
1087 }
1088
16286195 1089 if (bgp_debug_neighbor_events(peer))
8325cd7f 1090 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
718e3744 1091 peer->host, opt_type,
1092 opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
1093 opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
1094 opt_length);
1095
1096 switch (opt_type)
1097 {
1098 case BGP_OPEN_OPT_AUTH:
6d58272b 1099 ret = bgp_auth_parse (peer, opt_length);
718e3744 1100 break;
1101 case BGP_OPEN_OPT_CAP:
3b381c32 1102 ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
718e3744 1103 break;
1104 default:
1105 bgp_notify_send (peer,
1106 BGP_NOTIFY_OPEN_ERR,
1107 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1108 ret = -1;
1109 break;
1110 }
1111
1112 /* Parse error. To accumulate all unsupported capability codes,
1113 bgp_capability_parse does not return -1 when encounter
1114 unsupported capability code. To detect that, please check
1115 error and erro_data pointer, like below. */
1116 if (ret < 0)
1117 return -1;
718e3744 1118 }
1119
1120 /* All OPEN option is parsed. Check capability when strict compare
1121 flag is enabled.*/
1122 if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
1123 {
1124 /* If Unsupported Capability exists. */
1125 if (error != error_data)
1126 {
1127 bgp_notify_send_with_data (peer,
1128 BGP_NOTIFY_OPEN_ERR,
1129 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1130 error_data, error - error_data);
1131 return -1;
1132 }
1133
1134 /* Check local capability does not negotiated with remote
1135 peer. */
1136 if (! strict_capability_same (peer))
1137 {
1138 bgp_notify_send (peer,
1139 BGP_NOTIFY_OPEN_ERR,
1140 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1141 return -1;
1142 }
1143 }
1144
3b381c32 1145 /* Check there are no common AFI/SAFIs and send Unsupported Capability
718e3744 1146 error. */
3b381c32
AS		 1147 if (*mp_capability &&
1148 ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
718e3744 1149 {
1150 if (! peer->afc_nego[AFI_IP][SAFI_UNICAST]
1151 && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
cd1964ff 1152 && ! peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
718e3744 1153 && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
587ff0fd 1154 && ! peer->afc_nego[AFI_IP][SAFI_ENCAP]
718e3744 1155 && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
945c8fe9 1156 && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
cd1964ff 1157 && ! peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
587ff0fd 1158 && ! peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
3d6c0dfa
PG		 1159 && ! peer->afc_nego[AFI_IP6][SAFI_ENCAP]
1160 && ! peer->afc_nego[AFI_L2VPN][SAFI_EVPN])
718e3744 1161 {
16286195 1162 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
3b381c32
AS		 1163 "overlap with received MP capabilities",
1164 peer->host);
718e3744 1165
1166 if (error != error_data)
718e3744 1167 bgp_notify_send_with_data (peer,
1168 BGP_NOTIFY_OPEN_ERR,
1169 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1170 error_data, error - error_data);
1171 else
1172 bgp_notify_send (peer,
1173 BGP_NOTIFY_OPEN_ERR,
1174 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1175 return -1;
1176 }
1177 }
1178 return 0;
1179}
1180
94f2b392 1181static void
718e3744 1182bgp_open_capability_orf (struct stream *s, struct peer *peer,
1183 afi_t afi, safi_t safi, u_char code)
1184{
1185 u_char cap_len;
1186 u_char orf_len;
1187 unsigned long capp;
1188 unsigned long orfp;
1189 unsigned long numberp;
1190 int number_of_orfs = 0;
b58ed1f8 1191 iana_afi_t pkt_afi;
9cabb64b 1192 safi_t pkt_safi;
718e3744 1193
9cabb64b 1194 /* Convert AFI, SAFI to values for packet. */
1195 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
718e3744 1196
1197 stream_putc (s, BGP_OPEN_OPT_CAP);
9985f83c 1198 capp = stream_get_endp (s); /* Set Capability Len Pointer */
718e3744 1199 stream_putc (s, 0); /* Capability Length */
1200 stream_putc (s, code); /* Capability Code */
9985f83c 1201 orfp = stream_get_endp (s); /* Set ORF Len Pointer */
718e3744 1202 stream_putc (s, 0); /* ORF Length */
9cabb64b 1203 stream_putw (s, pkt_afi);
718e3744 1204 stream_putc (s, 0);
9cabb64b 1205 stream_putc (s, pkt_safi);
9985f83c 1206 numberp = stream_get_endp (s); /* Set Number Pointer */
718e3744 1207 stream_putc (s, 0); /* Number of ORFs */
1208
1209 /* Address Prefix ORF */
1210 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1211 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1212 {
1213 stream_putc (s, (code == CAPABILITY_CODE_ORF ?
1214 ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
1215
1216 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1217 && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1218 {
1219 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1220 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1221 stream_putc (s, ORF_MODE_BOTH);
1222 }
1223 else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
1224 {
1225 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1226 stream_putc (s, ORF_MODE_SEND);
1227 }
1228 else
1229 {
1230 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1231 stream_putc (s, ORF_MODE_RECEIVE);
1232 }
1233 number_of_orfs++;
1234 }
1235
1236 /* Total Number of ORFs. */
1237 stream_putc_at (s, numberp, number_of_orfs);
1238
1239 /* Total ORF Len. */
9985f83c 1240 orf_len = stream_get_endp (s) - orfp - 1;
718e3744 1241 stream_putc_at (s, orfp, orf_len);
1242
1243 /* Total Capability Len. */
9985f83c 1244 cap_len = stream_get_endp (s) - capp - 1;
718e3744 1245 stream_putc_at (s, capp, cap_len);
1246}
1247
1248/* Fill in capability open option to the packet. */
1249void
1250bgp_open_capability (struct stream *s, struct peer *peer)
1251{
1252 u_char len;
fe7d2a48 1253 unsigned long cp, capp, rcapp;
b58ed1f8 1254 iana_afi_t pkt_afi;
718e3744 1255 afi_t afi;
9cabb64b 1256 safi_t safi, pkt_safi;
0b2aa3a0 1257 as_t local_as;
fe7d2a48 1258 u_int32_t restart_time;
a82478b9 1259 u_char afi_safi_count = 0;
04b6bdc0 1260 struct utsname names;
adbac85e 1261 int adv_addpath_tx = 0;
718e3744 1262
1263 /* Remember current pointer for Opt Parm Len. */
9985f83c 1264 cp = stream_get_endp (s);
718e3744 1265
1266 /* Opt Parm Len. */
1267 stream_putc (s, 0);
1268
1269 /* Do not send capability. */
1270 if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1271 || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
1272 return;
1273
9cabb64b 1274 /* MP capability for configured AFI, SAFI */
1275 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1276 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1277 {
1278 if (peer->afc[afi][safi])
1279 {
1280 /* Convert AFI, SAFI to values for packet. */
1281 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1282
1283 peer->afc_adv[afi][safi] = 1;
1284 stream_putc (s, BGP_OPEN_OPT_CAP);
1285 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1286 stream_putc (s, CAPABILITY_CODE_MP);
1287 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1288 stream_putw (s, pkt_afi);
1289 stream_putc (s, 0);
1290 stream_putc (s, pkt_safi);
343e90c3
DW		 1291
1292 /* Extended nexthop capability - currently supporting RFC-5549 for
1293 * Link-Local peering only
1294 */
1295 if (CHECK_FLAG (peer->flags, PEER_FLAG_CAPABILITY_ENHE) &&
1296 peer->su.sa.sa_family == AF_INET6 &&
1297 IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr) &&
1298 afi == AFI_IP &&
1299 (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
1300 {
1301 /* RFC 5549 Extended Next Hop Encoding */
1302 SET_FLAG (peer->cap, PEER_CAP_ENHE_ADV);
1303 stream_putc (s, BGP_OPEN_OPT_CAP);
1304 stream_putc (s, CAPABILITY_CODE_ENHE_LEN + 2);
1305 stream_putc (s, CAPABILITY_CODE_ENHE);
1306 stream_putc (s, CAPABILITY_CODE_ENHE_LEN);
1307
1308 SET_FLAG (peer->af_cap[AFI_IP][safi], PEER_CAP_ENHE_AF_ADV);
1309 stream_putw (s, pkt_afi);
1310 stream_putw (s, pkt_safi);
1311 stream_putw (s, afi_int2iana(AFI_IP6));
1312
1313 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV))
1314 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
1315 }
9cabb64b 1316 }
1317 }
1318
718e3744 1319 /* Route refresh. */
c9502438 1320 SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
1321 stream_putc (s, BGP_OPEN_OPT_CAP);
1322 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1323 stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
1324 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1325 stream_putc (s, BGP_OPEN_OPT_CAP);
1326 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1327 stream_putc (s, CAPABILITY_CODE_REFRESH);
1328 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
718e3744 1329
0b2aa3a0
PJ		 1330 /* AS4 */
1331 SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
1332 stream_putc (s, BGP_OPEN_OPT_CAP);
1333 stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
1334 stream_putc (s, CAPABILITY_CODE_AS4);
1335 stream_putc (s, CAPABILITY_CODE_AS4_LEN);
1336 if ( peer->change_local_as )
1337 local_as = peer->change_local_as;
1338 else
1339 local_as = peer->local_as;
1340 stream_putl (s, local_as );
1341
adbac85e 1342 /* AddPath */
a82478b9
DS		 1343 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1344 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1345 if (peer->afc[afi][safi])
adbac85e
DW		 1346 {
1347 afi_safi_count++;
1348
1349 /* Only advertise addpath TX if a feature that will use it is
1350 * configured */
06370dac
DW		 1351 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_ALL_PATHS) ||
1352 CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
adbac85e
DW		 1353 adv_addpath_tx = 1;
1354 }
a82478b9
DS		 1355
1356 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_ADV);
1357 stream_putc (s, BGP_OPEN_OPT_CAP);
1358 stream_putc (s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1359 stream_putc (s, CAPABILITY_CODE_ADDPATH);
1360 stream_putc (s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1361
1362 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1363 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1364 if (peer->afc[afi][safi])
1365 {
9cabb64b 1366 /* Convert AFI, SAFI to values for packet. */
1367 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1368
1369 stream_putw (s, pkt_afi);
1370 stream_putc (s, pkt_safi);
adbac85e
DW		 1371
1372 if (adv_addpath_tx)
1373 {
1374 stream_putc (s, BGP_ADDPATH_RX|BGP_ADDPATH_TX);
1375 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1376 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1377 }
1378 else
1379 {
1380 stream_putc (s, BGP_ADDPATH_RX);
1381 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1382 UNSET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1383 }
a82478b9
DS		 1384 }
1385
718e3744 1386 /* ORF capability. */
1387 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1388 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1389 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1390 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1391 {
1392 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
1393 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
1394 }
1395
1396 /* Dynamic capability. */
1397 if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
1398 {
1399 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
1400 stream_putc (s, BGP_OPEN_OPT_CAP);
1401 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
89eeecb8
DS		 1402 stream_putc (s, CAPABILITY_CODE_DYNAMIC_OLD);
1403 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1404 stream_putc (s, BGP_OPEN_OPT_CAP);
1405 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
718e3744 1406 stream_putc (s, CAPABILITY_CODE_DYNAMIC);
1407 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1408 }
1409
04b6bdc0
DW		 1410 /* Hostname capability */
1411 uname(&names);
1412 if (names.nodename[0] != '\0')
1413 {
1414 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1415 stream_putc (s, BGP_OPEN_OPT_CAP);
1416 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1417 stream_putc(s, 0); /* dummy len for now */
1418 stream_putc (s, CAPABILITY_CODE_FQDN);
1419 capp = stream_get_endp(s);
1420 stream_putc(s, 0); /* dummy len for now */
1421 len = strlen(names.nodename);
1422 if (len > BGP_MAX_HOSTNAME)
1423 len = BGP_MAX_HOSTNAME;
1424
1425 stream_putc(s, len);
1426 stream_put(s, names.nodename, len);
60060acc 1427#ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
04b6bdc0
DW		 1428 if ((names.domainname[0] != '\0') &&
1429 (strcmp(names.domainname, "(none)") != 0))
1430 {
1431 len = strlen(names.domainname);
1432 if (len > BGP_MAX_HOSTNAME)
1433 len = BGP_MAX_HOSTNAME;
1434
1435 stream_putc(s, len);
1436 stream_put(s, names.domainname, len);
1437 }
1438 else
1439#endif
1440 {
1441 stream_putc(s, 0); /* 0 length */
1442 }
1443
1444 /* Set the lengths straight */
1445 len = stream_get_endp(s) - rcapp - 1;
1446 stream_putc_at(s, rcapp, len);
1447 len = stream_get_endp(s) - capp - 1;
1448 stream_putc_at(s, capp, len);
1449
1450 if (bgp_debug_neighbor_events(peer))
60060acc 1451#ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
04b6bdc0
DW		 1452 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1453 peer->host, names.nodename, names.domainname);
60060acc
RW		 1454#else
1455 zlog_debug("%s Sending hostname cap with hn = %s", peer->host,
1456 names.nodename);
1457#endif
04b6bdc0
DW		 1458 }
1459
fe7d2a48
DS		 1460 /* Sending base graceful-restart capability irrespective of the config */
1461 SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
1462 stream_putc (s, BGP_OPEN_OPT_CAP);
1463 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1464 stream_putc (s, 0); /* Capability Length */
1465 stream_putc (s, CAPABILITY_CODE_RESTART);
1466 rcapp = stream_get_endp (s); /* Set Restart Capability Len Pointer */
1467 stream_putc (s, 0);
1468 restart_time = peer->bgp->restart_time;
1469 if (peer->bgp->t_startup)
1470 {
1471 SET_FLAG (restart_time, RESTART_R_BIT);
1472 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
1473 }
1474 stream_putw (s, restart_time);
1475
1476 /* Send address-family specific graceful-restart capability only when GR config
1477 is present */
538621f2 1478 if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
1479 {
fe7d2a48
DS		 1480 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1481 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1482 if (peer->afc[afi][safi])
1483 {
9cabb64b 1484 /* Convert AFI, SAFI to values for packet. */
1485 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1486 stream_putw (s, pkt_afi);
1487 stream_putc (s, pkt_safi);
6a9a3cde
JC		 1488 if (bgp_flag_check(peer->bgp, BGP_FLAG_GR_PRESERVE_FWD))
1489 stream_putc (s, RESTART_F_BIT);
1490 else
1491 stream_putc (s, 0);
fe7d2a48
DS		 1492 }
1493 }
1494
1495 /* Total Graceful restart capability Len. */
1496 len = stream_get_endp (s) - rcapp - 1;
1497 stream_putc_at (s, rcapp, len);
1498
1499 /* Total Capability Len. */
1500 len = stream_get_endp (s) - capp - 1;
1501 stream_putc_at (s, capp, len);
538621f2 1502
718e3744 1503 /* Total Opt Parm Len. */
9985f83c 1504 len = stream_get_endp (s) - cp - 1;
718e3744 1505 stream_putc_at (s, cp, len);
1506}
FRRouting mirror