]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_open.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
*: add indent control files
[mirror_frr.git] / bgpd / bgp_open.c
CommitLineData
718e3744 1/* BGP open message handling
896014f4
DL		 2 * Copyright (C) 1998, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
718e3744 20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "stream.h"
26#include "thread.h"
27#include "log.h"
28#include "command.h"
6d58272b 29#include "memory.h"
3f9c7369 30#include "queue.h"
039f3a34 31#include "filter.h"
718e3744 32
856ca177 33#include "lib/json.h"
718e3744 34#include "bgpd/bgpd.h"
35#include "bgpd/bgp_attr.h"
36#include "bgpd/bgp_debug.h"
37#include "bgpd/bgp_fsm.h"
38#include "bgpd/bgp_packet.h"
39#include "bgpd/bgp_open.h"
0b2aa3a0 40#include "bgpd/bgp_aspath.h"
538621f2 41#include "bgpd/bgp_vty.h"
4a1ab8e4 42#include "bgpd/bgp_memory.h"
538621f2 43
718e3744 44/* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
45 negotiate remote peer supports extentions or not. But if
46 remote-peer doesn't supports negotiation process itself. We would
47 like to do manual configuration.
48
49 So there is many configurable point. First of all we want set each
50 peer whether we send capability negotiation to the peer or not.
51 Next, if we send capability to the peer we want to set my capabilty
52 inforation at each peer. */
53
54void
856ca177 55bgp_capability_vty_out (struct vty *vty, struct peer *peer, u_char use_json, json_object *json_neigh)
718e3744 56{
5228ad27 57 char *pnt;
58 char *end;
6d58272b
PJ		 59 struct capability_mp_data mpc;
60 struct capability_header *hdr;
856ca177
MS		 61 json_object *json_cap = NULL;
62
63 if (use_json)
64 json_cap = json_object_new_object();
718e3744 65
66 pnt = peer->notify.data;
67 end = pnt + peer->notify.length;
6d58272b 68
718e3744 69 while (pnt < end)
70 {
6d58272b 71 if (pnt + sizeof (struct capability_mp_data) + 2 > end)
718e3744 72 return;
6d58272b
PJ		 73
74 hdr = (struct capability_header *)pnt;
75 if (pnt + hdr->length + 2 > end)
718e3744 76 return;
77
6d58272b
PJ		 78 memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
79
80 if (hdr->code == CAPABILITY_CODE_MP)
718e3744 81 {
9cabb64b 82 afi_t afi;
83 safi_t safi;
84
85 bgp_map_afi_safi_iana2int (ntohs(mpc.afi), mpc.safi, &afi, &safi);
856ca177
MS		 86 if (use_json)
87 {
9cabb64b 88 switch (afi)
856ca177
MS		 89 {
90 case AFI_IP:
91 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv4");
92 break;
93 case AFI_IP6:
94 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv6");
95 break;
3d6c0dfa
PG		 96 case AFI_L2VPN:
97 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "L2VPN");
98 break;
856ca177
MS		 99 default:
100 json_object_int_add(json_cap, "capabilityErrorMultiProtocolAfiUnknown", ntohs (mpc.afi));
101 break;
102 }
9cabb64b 103 switch (safi)
856ca177
MS		 104 {
105 case SAFI_UNICAST:
106 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "unicast");
107 break;
108 case SAFI_MULTICAST:
109 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "multicast");
110 break;
cd1964ff
DS		 111 case SAFI_LABELED_UNICAST:
112 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "labeled-unicast");
113 break;
9cabb64b 114 case SAFI_MPLS_VPN:
856ca177
MS		 115 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "MPLS-labeled VPN");
116 break;
587ff0fd
LB		 117 case SAFI_ENCAP:
118 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "encap");
119 break;
3d6c0dfa
PG		 120 case SAFI_EVPN:
121 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "EVPN");
122 break;
856ca177
MS		 123 default:
124 json_object_int_add(json_cap, "capabilityErrorMultiProtocolSafiUnknown", mpc.safi);
125 break;
126 }
127 }
128 else
129 {
130 vty_out (vty, " Capability error for: Multi protocol ");
9cabb64b 131 switch (afi)
856ca177
MS		 132 {
133 case AFI_IP:
134 vty_out (vty, "AFI IPv4, ");
135 break;
136 case AFI_IP6:
137 vty_out (vty, "AFI IPv6, ");
138 break;
3d6c0dfa
PG		 139 case AFI_L2VPN:
140 vty_out (vty, "AFI L2VPN, ");
141 break;
856ca177
MS		 142 default:
143 vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
144 break;
145 }
9cabb64b 146 switch (safi)
856ca177
MS		 147 {
148 case SAFI_UNICAST:
149 vty_out (vty, "SAFI Unicast");
150 break;
151 case SAFI_MULTICAST:
152 vty_out (vty, "SAFI Multicast");
153 break;
cd1964ff
DS		 154 case SAFI_LABELED_UNICAST:
155 vty_out (vty, "SAFI Labeled-unicast");
156 break;
9cabb64b 157 case SAFI_MPLS_VPN:
856ca177
MS		 158 vty_out (vty, "SAFI MPLS-labeled VPN");
159 break;
587ff0fd
LB		 160 case SAFI_ENCAP:
161 vty_out (vty, "SAFI ENCAP");
162 break;
3d6c0dfa
PG		 163 case SAFI_EVPN:
164 vty_out (vty, "SAFI EVPN");
165 break;
856ca177
MS		 166 default:
167 vty_out (vty, "SAFI Unknown %d ", mpc.safi);
168 break;
169 }
6d3c2ed4 170 vty_out (vty, "\n");
856ca177
MS		 171 }
172 }
6d58272b 173 else if (hdr->code >= 128)
856ca177
MS		 174 {
175 if (use_json)
176 json_object_int_add(json_cap, "capabilityErrorVendorSpecificCapabilityCode", hdr->code);
177 else
178 vty_out (vty, " Capability error: vendor specific capability code %d",
179 hdr->code);
180 }
718e3744 181 else
856ca177
MS		 182 {
183 if (use_json)
184 json_object_int_add(json_cap, "capabilityErrorUnknownCapabilityCode", hdr->code);
185 else
186 vty_out (vty, " Capability error: unknown capability code %d",
187 hdr->code);
188 }
6d58272b 189 pnt += hdr->length + 2;
718e3744 190 }
856ca177
MS		 191 if (use_json)
192 json_object_object_add(json_neigh, "capabilityErrors", json_cap);
718e3744 193}
194
6d58272b
PJ		 195static void
196bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
718e3744 197{
6d58272b
PJ		 198 mpc->afi = stream_getw (s);
199 mpc->reserved = stream_getc (s);
200 mpc->safi = stream_getc (s);
201}
718e3744 202
6d58272b
PJ		 203/* Set negotiated capability value. */
204static int
205bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
206{
207 struct capability_mp_data mpc;
208 struct stream *s = BGP_INPUT (peer);
b58ed1f8
DS		 209 afi_t afi;
210 safi_t safi;
211
14051b36
DS		 212 /* Verify length is 4 */
213 if (hdr->length != 4)
214 {
215 zlog_warn("MP Cap: Received invalid length %d, non-multiple of 4",
216 hdr->length);
217 return -1;
218 }
219
6d58272b
PJ		 220 bgp_capability_mp_data (s, &mpc);
221
167d390a 222 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 223 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
224 peer->host, mpc.afi, mpc.safi);
225
9cabb64b 226 /* Convert AFI, SAFI to internal values, check. */
b58ed1f8 227 if (bgp_map_afi_safi_iana2int (mpc.afi, mpc.safi, &afi, &safi))
6d58272b
PJ		 228 return -1;
229
230 /* Now safi remapped, and afi/safi are valid array indices */
b58ed1f8 231 peer->afc_recv[afi][safi] = 1;
6d58272b 232
b58ed1f8
DS		 233 if (peer->afc[afi][safi])
234 peer->afc_nego[afi][safi] = 1;
6d58272b
PJ		 235 else
236 return -1;
718e3744 237
238 return 0;
239}
240
94f2b392 241static void
b58ed1f8 242bgp_capability_orf_not_support (struct peer *peer, iana_afi_t afi, safi_t safi,
718e3744 243 u_char type, u_char mode)
244{
16286195 245 if (bgp_debug_neighbor_events(peer))
8325cd7f 246 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
718e3744 247 peer->host, afi, safi, type, mode);
248}
249
8f5abac1 250static const struct message orf_type_str[] =
6d58272b
PJ		 251{
252 { ORF_TYPE_PREFIX, "Prefixlist" },
253 { ORF_TYPE_PREFIX_OLD, "Prefixlist (old)" },
56b40679 254 { 0 }
6d58272b 255};
6d58272b 256
8f5abac1 257static const struct message orf_mode_str[] =
6d58272b
PJ		 258{
259 { ORF_MODE_RECEIVE, "Receive" },
260 { ORF_MODE_SEND, "Send" },
261 { ORF_MODE_BOTH, "Both" },
56b40679 262 { 0 }
6d58272b 263};
6d58272b 264
94f2b392 265static int
6d58272b 266bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
718e3744 267{
6d58272b 268 struct stream *s = BGP_INPUT (peer);
000fe2ca
QY		 269 struct capability_mp_data mpc;
270 u_char num;
b58ed1f8 271 iana_afi_t pkt_afi;
6d58272b 272 afi_t afi;
9cabb64b 273 safi_t pkt_safi, safi;
718e3744 274 u_char type;
275 u_char mode;
276 u_int16_t sm_cap = 0; /* capability send-mode receive */
277 u_int16_t rm_cap = 0; /* capability receive-mode receive */
278 int i;
279
6d58272b 280 /* ORF Entry header */
000fe2ca
QY		 281 bgp_capability_mp_data (s, &mpc);
282 num = stream_getc (s);
283 pkt_afi = mpc.afi;
284 pkt_safi = mpc.safi;
6d58272b 285
16286195 286 if (bgp_debug_neighbor_events(peer))
6d58272b 287 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
000fe2ca 288 peer->host, mpc.afi, mpc.safi);
718e3744 289
9cabb64b 290 /* Convert AFI, SAFI to internal values, check. */
291 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
6d58272b
PJ		 292 {
293 zlog_info ("%s Addr-family %d/%d not supported."
294 " Ignoring the ORF capability",
9cabb64b 295 peer->host, pkt_afi, pkt_safi);
6d58272b
PJ		 296 return 0;
297 }
298
000fe2ca
QY		 299 mpc.afi = pkt_afi;
300 mpc.safi = safi;
9cabb64b 301
6d58272b 302 /* validate number field */
000fe2ca 303 if (CAPABILITY_CODE_ORF_LEN + (num * 2) > hdr->length)
718e3744 304 {
6d58272b
PJ		 305 zlog_info ("%s ORF Capability entry length error,"
306 " Cap length %u, num %u",
000fe2ca 307 peer->host, hdr->length, num);
09825025 308 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 309 return -1;
310 }
311
000fe2ca 312 for (i = 0 ; i < num ; i++)
718e3744 313 {
6d58272b
PJ		 314 type = stream_getc(s);
315 mode = stream_getc(s);
316
718e3744 317 /* ORF Mode error check */
6d58272b
PJ		 318 switch (mode)
319 {
320 case ORF_MODE_BOTH:
321 case ORF_MODE_SEND:
322 case ORF_MODE_RECEIVE:
323 break;
324 default:
9cabb64b 325 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b 326 continue;
718e3744 327 }
6d58272b
PJ		 328 /* ORF Type and afi/safi error checks */
329 /* capcode versus type */
330 switch (hdr->code)
331 {
332 case CAPABILITY_CODE_ORF:
333 switch (type)
334 {
335 case ORF_TYPE_PREFIX:
336 break;
337 default:
9cabb64b 338 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 339 continue;
340 }
341 break;
342 case CAPABILITY_CODE_ORF_OLD:
343 switch (type)
344 {
345 case ORF_TYPE_PREFIX_OLD:
346 break;
347 default:
9cabb64b 348 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 349 continue;
350 }
351 break;
352 default:
9cabb64b 353 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 354 continue;
355 }
356
357 /* AFI vs SAFI */
358 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
359 || (afi == AFI_IP && safi == SAFI_MULTICAST)
360 || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
361 {
9cabb64b 362 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
6d58272b
PJ		 363 continue;
364 }
365
16286195 366 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 367 zlog_debug ("%s OPEN has %s ORF capability"
368 " as %s for afi/safi: %d/%d",
56b40679
QY		 369 peer->host, lookup_msg(orf_type_str, type, NULL),
370 lookup_msg(orf_mode_str, mode, NULL),
9cabb64b 371 pkt_afi, pkt_safi);
718e3744 372
6d58272b 373 if (hdr->code == CAPABILITY_CODE_ORF)
718e3744 374 {
6d58272b
PJ		 375 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
376 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
718e3744 377 }
6d58272b 378 else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
718e3744 379 {
6d58272b
PJ		 380 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
381 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
718e3744 382 }
383 else
384 {
9cabb64b 385 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
718e3744 386 continue;
387 }
388
389 switch (mode)
390 {
391 case ORF_MODE_BOTH:
392 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
393 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
394 break;
395 case ORF_MODE_SEND:
396 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
397 break;
398 case ORF_MODE_RECEIVE:
399 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
400 break;
401 }
402 }
403 return 0;
404}
405
6d58272b
PJ		 406static int
407bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
408{
409 struct stream *s = BGP_INPUT (peer);
410 u_int16_t restart_flag_time;
6d58272b
PJ		 411 size_t end = stream_get_getp (s) + caphdr->length;
412
14051b36
DS		 413 /* Verify length is a multiple of 4 */
414 if ((caphdr->length-2) % 4)
415 {
416 zlog_warn("Restart Cap: Received invalid length %d, non-multiple of 4",
417 caphdr->length);
418 return -1;
419 }
420
6d58272b
PJ		 421 SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
422 restart_flag_time = stream_getw(s);
423 if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
4b52acf9
PJ		 424 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
425
6d58272b
PJ		 426 UNSET_FLAG (restart_flag_time, 0xF000);
427 peer->v_gr_restart = restart_flag_time;
718e3744 428
16286195 429 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 430 {
431 zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
432 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
4b52acf9
PJ		 433 peer->host,
434 CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " "
435 : " not ",
6d58272b
PJ		 436 peer->v_gr_restart);
437 }
718e3744 438
21cc7694 439 while (stream_get_getp (s) + 4 <= end)
6d58272b 440 {
9cabb64b 441 afi_t afi;
442 safi_t safi;
b58ed1f8 443 iana_afi_t pkt_afi = stream_getw (s);
9cabb64b 444 safi_t pkt_safi = stream_getc (s);
6d58272b
PJ		 445 u_char flag = stream_getc (s);
446
9cabb64b 447 /* Convert AFI, SAFI to internal values, check. */
448 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
6d58272b 449 {
16286195 450 if (bgp_debug_neighbor_events(peer))
6d58272b 451 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
14051b36 452 " Ignore the Graceful Restart capability for this AFI/SAFI",
9cabb64b 453 peer->host, pkt_afi, pkt_safi);
6d58272b
PJ		 454 }
455 else if (!peer->afc[afi][safi])
456 {
16286195 457 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 458 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
459 " Ignore the Graceful Restart capability",
9cabb64b 460 peer->host, pkt_afi, pkt_safi);
6d58272b
PJ		 461 }
462 else
463 {
16286195 464 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 465 zlog_debug ("%s Address family %s is%spreserved", peer->host,
466 afi_safi_print (afi, safi),
467 CHECK_FLAG (peer->af_cap[afi][safi],
468 PEER_CAP_RESTART_AF_PRESERVE_RCV)
469 ? " " : " not ");
470
471 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
472 if (CHECK_FLAG (flag, RESTART_F_BIT))
473 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
474
475 }
476 }
477 return 0;
478}
718e3744 479
14051b36 480/* Unlike other capability parsing routines, this one returns 0 on error */
0b2aa3a0
PJ		 481static as_t
482bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
483{
5861739f
PJ		 484 SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
485
486 if (hdr->length != CAPABILITY_CODE_AS4_LEN)
487 {
488 zlog_err ("%s AS4 capability has incorrect data length %d",
489 peer->host, hdr->length);
490 return 0;
491 }
492
0b2aa3a0
PJ		 493 as_t as4 = stream_getl (BGP_INPUT(peer));
494
495 if (BGP_DEBUG (as4, AS4))
496 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
497 peer->host, as4);
0b2aa3a0
PJ		 498 return as4;
499}
500
a82478b9
DS		 501static int
502bgp_capability_addpath (struct peer *peer, struct capability_header *hdr)
503{
504 struct stream *s = BGP_INPUT (peer);
505 size_t end = stream_get_getp (s) + hdr->length;
506
507 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_RCV);
508
14051b36
DS		 509 /* Verify length is a multiple of 4 */
510 if (hdr->length % 4)
511 {
512 zlog_warn("Add Path: Received invalid length %d, non-multiple of 4",
513 hdr->length);
514 return -1;
515 }
516
a82478b9
DS		 517 while (stream_get_getp (s) + 4 <= end)
518 {
9cabb64b 519 afi_t afi;
520 safi_t safi;
b58ed1f8 521 iana_afi_t pkt_afi = stream_getw (s);
9cabb64b 522 safi_t pkt_safi = stream_getc (s);
a82478b9
DS		 523 u_char send_receive = stream_getc (s);
524
167d390a 525 if (bgp_debug_neighbor_events(peer))
a82478b9 526 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
9cabb64b 527 peer->host, pkt_afi, pkt_safi,
a82478b9
DS		 528 (send_receive & BGP_ADDPATH_RX) ? ", receive" : "",
529 (send_receive & BGP_ADDPATH_TX) ? ", transmit" : "");
530
9cabb64b 531 /* Convert AFI, SAFI to internal values, check. */
532 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
823b8f7c
DS		 533 {
534 if (bgp_debug_neighbor_events(peer))
535 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
536 " Ignore the Addpath Attribute for this AFI/SAFI",
9cabb64b 537 peer->host, pkt_afi, pkt_safi);
823b8f7c
DS		 538 continue;
539 }
540 else if (!peer->afc[afi][safi])
541 {
542 if (bgp_debug_neighbor_events(peer))
543 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
544 " Ignore the AddPath capability for this AFI/SAFI",
9cabb64b 545 peer->host, pkt_afi, pkt_safi);
823b8f7c
DS		 546 continue;
547 }
a82478b9
DS		 548
549 if (send_receive & BGP_ADDPATH_RX)
550 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_RCV);
551
552 if (send_receive & BGP_ADDPATH_TX)
553 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_RCV);
554 }
555
556 return 0;
557}
558
8a92a8a0
DS		 559static int
560bgp_capability_enhe (struct peer *peer, struct capability_header *hdr)
561{
562 struct stream *s = BGP_INPUT (peer);
563 size_t end = stream_get_getp (s) + hdr->length;
564
14051b36
DS		 565 /* Verify length is a multiple of 4 */
566 if (hdr->length % 6)
567 {
568 zlog_warn("Extended NH: Received invalid length %d, non-multiple of 6",
569 hdr->length);
570 return -1;
571 }
572
8a92a8a0
DS		 573 while (stream_get_getp (s) + 6 <= end)
574 {
b58ed1f8
DS		 575 iana_afi_t pkt_afi = stream_getw (s);
576 afi_t afi;
9cabb64b 577 safi_t safi, pkt_safi = stream_getw (s);
b58ed1f8
DS		 578 iana_afi_t pkt_nh_afi = stream_getw (s);
579 afi_t nh_afi;
8a92a8a0
DS		 580
581 if (bgp_debug_neighbor_events(peer))
a656dafa 582 zlog_debug ("%s Received with afi/safi/next-hop afi: %u/%u/%u",
9cabb64b 583 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
8a92a8a0 584
9cabb64b 585 /* Convert AFI, SAFI to internal values, check. */
586 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
8a92a8a0 587 {
a656dafa 588 if (bgp_debug_neighbor_events(peer))
589 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
590 " Ignore the ENHE Attribute for this AFI/SAFI",
9cabb64b 591 peer->host, pkt_afi, pkt_safi);
a656dafa 592 continue;
8a92a8a0
DS		 593 }
594
a656dafa 595 /* RFC 5549 specifies use of this capability only for IPv4 AFI, with
596 * the Nexthop AFI being IPv6. A future spec may introduce other
597 * possibilities, so we ignore other values with a log. Also, only
343e90c3 598 * SAFI_UNICAST and SAFI_LABELED_UNICAST are currently supported (and expected).
a656dafa 599 */
9cabb64b 600 nh_afi = afi_iana2int (pkt_nh_afi);
601
343e90c3 602 if (afi != AFI_IP || nh_afi != AFI_IP6 || !(safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
a656dafa 603 {
604 zlog_warn ("%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
605 "in Extended Next-hop capability, ignoring",
9cabb64b 606 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
a656dafa 607 continue;
608 }
8a92a8a0
DS		 609
610 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
611
612 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
613 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
614 }
615
616 SET_FLAG (peer->cap, PEER_CAP_ENHE_RCV);
617
618 return 0;
619}
620
04b6bdc0
DW		 621static int
622bgp_capability_hostname (struct peer *peer, struct capability_header *hdr)
623{
624 struct stream *s = BGP_INPUT (peer);
625 char str[BGP_MAX_HOSTNAME+1];
626 size_t end = stream_get_getp (s) + hdr->length;
627 u_char len;
628
629 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
630
631 len = stream_getc(s);
632 if (stream_get_getp(s) + len > end)
633 {
634 zlog_warn("%s: Received malformed hostname capability from peer %s",
635 __FUNCTION__, peer->host);
636 return -1;
637 }
638
639 if (len > BGP_MAX_HOSTNAME)
640 {
641 stream_get(str, s, BGP_MAX_HOSTNAME);
642 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
643 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
644 }
645 else if (len)
646 stream_get(str, s, len);
647
648 if (len)
649 {
650 str[len] = '\0';
651
652 if (peer->hostname != NULL)
f9e9e073 653 {
4a1ab8e4 654 XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
f9e9e073
DW		 655 peer->hostname = NULL;
656 }
04b6bdc0
DW		 657
658 if (peer->domainname != NULL)
9e08021c 659 {
4a1ab8e4 660 XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
9e08021c
DW		 661 peer->domainname = NULL;
662 }
04b6bdc0 663
4a1ab8e4 664 peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
04b6bdc0
DW		 665 }
666
667 if (stream_get_getp(s) +1 > end)
668 {
669 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
670 __FUNCTION__, peer->host);
671 return -1;
672 }
673
674 len = stream_getc(s);
675 if (stream_get_getp(s) + len > end)
676 {
677 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
678 __FUNCTION__, peer->host);
679 return -1;
680 }
681
682 if (len > BGP_MAX_HOSTNAME)
683 {
684 stream_get(str, s, BGP_MAX_HOSTNAME);
685 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
686 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
687 }
688 else if (len)
689 stream_get(str, s, len);
690
691 if (len)
692 {
693 str[len] = '\0';
4a1ab8e4 694 peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
04b6bdc0
DW		 695 }
696
697 if (bgp_debug_neighbor_events(peer))
698 {
699 zlog_debug("%s received hostname %s, domainname %s",
700 peer->host, peer->hostname, peer->domainname);
701 }
702
703 return 0;
704}
705
6410e93a 706 static const struct message capcode_str[] =
6d58272b 707{
6d58272b
PJ		 708 { CAPABILITY_CODE_MP, "MultiProtocol Extensions" },
709 { CAPABILITY_CODE_REFRESH, "Route Refresh" },
710 { CAPABILITY_CODE_ORF, "Cooperative Route Filtering" },
711 { CAPABILITY_CODE_RESTART, "Graceful Restart" },
712 { CAPABILITY_CODE_AS4, "4-octet AS number" },
89eeecb8 713 { CAPABILITY_CODE_ADDPATH, "AddPath" },
6d58272b 714 { CAPABILITY_CODE_DYNAMIC, "Dynamic" },
8a92a8a0 715 { CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding" },
89eeecb8 716 { CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)" },
6d58272b
PJ		 717 { CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)" },
718 { CAPABILITY_CODE_ORF_OLD, "ORF (Old)" },
56b40679
QY		 719 { CAPABILITY_CODE_FQDN, "FQDN" },
720 { 0 }
6d58272b 721};
6d58272b
PJ		 722
723/* Minimum sizes for length field of each cap (so not inc. the header) */
fc52f953 724static const size_t cap_minsizes[] =
6d58272b 725{
e978e1de 726 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
6d58272b 727 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
e978e1de 728 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
f5bb8cfa 729 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
6d58272b 730 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
a82478b9 731 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
6d58272b 732 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
89eeecb8 733 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
8a92a8a0 734 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
6d58272b 735 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
e978e1de 736 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
04b6bdc0 737 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
6d58272b
PJ		 738};
739
695ef95f
PJ		 740/* value the capability must be a multiple of.
741 * 0-data capabilities won't be checked against this.
742 * Other capabilities whose data doesn't fall on convenient boundaries for this
743 * table should be set to 1.
744 */
745static const size_t cap_modsizes[] =
746{
747 [CAPABILITY_CODE_MP] = 4,
748 [CAPABILITY_CODE_REFRESH] = 1,
749 [CAPABILITY_CODE_ORF] = 1,
750 [CAPABILITY_CODE_RESTART] = 1,
751 [CAPABILITY_CODE_AS4] = 4,
934a4c59 752 [CAPABILITY_CODE_ADDPATH] = 4,
695ef95f 753 [CAPABILITY_CODE_DYNAMIC] = 1,
934a4c59
DS		 754 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
755 [CAPABILITY_CODE_ENHE] = 6,
695ef95f
PJ		 756 [CAPABILITY_CODE_REFRESH_OLD] = 1,
757 [CAPABILITY_CODE_ORF_OLD] = 1,
934a4c59 758 [CAPABILITY_CODE_FQDN] = 1,
695ef95f
PJ		 759};
760
3b381c32
AS		 761/**
762 * Parse given capability.
6d58272b 763 * XXX: This is reading into a stream, but not using stream API
3b381c32
AS		 764 *
765 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
766 * capabilities were encountered.
6d58272b
PJ		 767 */
768static int
3b381c32
AS		 769bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
770 u_char **error)
6d58272b
PJ		 771{
772 int ret;
773 struct stream *s = BGP_INPUT (peer);
774 size_t end = stream_get_getp (s) + length;
775
776 assert (STREAM_READABLE (s) >= length);
777
778 while (stream_get_getp (s) < end)
779 {
780 size_t start;
781 u_char *sp = stream_pnt (s);
782 struct capability_header caphdr;
14051b36
DS		 783
784 ret = 0;
718e3744 785 /* We need at least capability code and capability length. */
6d58272b 786 if (stream_get_getp(s) + 2 > end)
718e3744 787 {
6d58272b 788 zlog_info ("%s Capability length error (< header)", peer->host);
09825025 789 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 790 return -1;
791 }
6d58272b
PJ		 792
793 caphdr.code = stream_getc (s);
794 caphdr.length = stream_getc (s);
795 start = stream_get_getp (s);
796
797 /* Capability length check sanity check. */
798 if (start + caphdr.length > end)
718e3744 799 {
6d58272b 800 zlog_info ("%s Capability length error (< length)", peer->host);
09825025 801 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 802 return -1;
803 }
6d58272b 804
16286195 805 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 806 zlog_debug ("%s OPEN has %s capability (%u), length %u",
807 peer->host,
56b40679 808 lookup_msg(capcode_str, caphdr.code, NULL),
6d58272b
PJ		 809 caphdr.code, caphdr.length);
810
811 /* Length sanity check, type-specific, for known capabilities */
812 switch (caphdr.code)
813 {
814 case CAPABILITY_CODE_MP:
815 case CAPABILITY_CODE_REFRESH:
816 case CAPABILITY_CODE_REFRESH_OLD:
817 case CAPABILITY_CODE_ORF:
818 case CAPABILITY_CODE_ORF_OLD:
819 case CAPABILITY_CODE_RESTART:
0b2aa3a0 820 case CAPABILITY_CODE_AS4:
a82478b9 821 case CAPABILITY_CODE_ADDPATH:
6d58272b 822 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 823 case CAPABILITY_CODE_DYNAMIC_OLD:
8a92a8a0 824 case CAPABILITY_CODE_ENHE:
04b6bdc0 825 case CAPABILITY_CODE_FQDN:
6d58272b
PJ		 826 /* Check length. */
827 if (caphdr.length < cap_minsizes[caphdr.code])
828 {
829 zlog_info ("%s %s Capability length error: got %u,"
830 " expected at least %u",
831 peer->host,
56b40679 832 lookup_msg(capcode_str, caphdr.code, NULL),
fc52f953
SH		 833 caphdr.length,
834 (unsigned) cap_minsizes[caphdr.code]);
09825025 835 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
6d58272b
PJ		 836 return -1;
837 }
695ef95f
PJ		 838 if (caphdr.length
839 && caphdr.length % cap_modsizes[caphdr.code] != 0)
840 {
841 zlog_info ("%s %s Capability length error: got %u,"
842 " expected a multiple of %u",
843 peer->host,
56b40679 844 lookup_msg(capcode_str, caphdr.code, NULL),
695ef95f
PJ		 845 caphdr.length,
846 (unsigned) cap_modsizes[caphdr.code]);
847 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
92c92c45 848 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
695ef95f
PJ		 849 return -1;
850 }
6d58272b
PJ		 851 /* we deliberately ignore unknown codes, see below */
852 default:
853 break;
854 }
855
856 switch (caphdr.code)
857 {
858 case CAPABILITY_CODE_MP:
859 {
3b381c32
AS		 860 *mp_capability = 1;
861
6d58272b
PJ		 862 /* Ignore capability when override-capability is set. */
863 if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
864 {
865 /* Set negotiated value. */
866 ret = bgp_capability_mp (peer, &caphdr);
867
868 /* Unsupported Capability. */
869 if (ret < 0)
870 {
871 /* Store return data. */
872 memcpy (*error, sp, caphdr.length + 2);
873 *error += caphdr.length + 2;
874 }
14051b36 875 ret = 0; /* Don't return error for this */
6d58272b
PJ		 876 }
877 }
878 break;
879 case CAPABILITY_CODE_REFRESH:
880 case CAPABILITY_CODE_REFRESH_OLD:
881 {
882 /* BGP refresh capability */
883 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
884 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
885 else
886 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
887 }
888 break;
889 case CAPABILITY_CODE_ORF:
890 case CAPABILITY_CODE_ORF_OLD:
14051b36 891 ret = bgp_capability_orf_entry (peer, &caphdr);
6d58272b
PJ		 892 break;
893 case CAPABILITY_CODE_RESTART:
14051b36 894 ret = bgp_capability_restart (peer, &caphdr);
6d58272b
PJ		 895 break;
896 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 897 case CAPABILITY_CODE_DYNAMIC_OLD:
6d58272b
PJ		 898 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
899 break;
0b2aa3a0
PJ		 900 case CAPABILITY_CODE_AS4:
901 /* Already handled as a special-case parsing of the capabilities
902 * at the beginning of OPEN processing. So we care not a jot
903 * for the value really, only error case.
904 */
905 if (!bgp_capability_as4 (peer, &caphdr))
14051b36 906 ret = -1;
0b2aa3a0 907 break;
a82478b9 908 case CAPABILITY_CODE_ADDPATH:
14051b36 909 ret = bgp_capability_addpath (peer, &caphdr);
a82478b9 910 break;
8a92a8a0 911 case CAPABILITY_CODE_ENHE:
14051b36 912 ret = bgp_capability_enhe (peer, &caphdr);
8a92a8a0 913 break;
04b6bdc0
DW		 914 case CAPABILITY_CODE_FQDN:
915 ret = bgp_capability_hostname (peer, &caphdr);
916 break;
6d58272b
PJ		 917 default:
918 if (caphdr.code > 128)
919 {
920 /* We don't send Notification for unknown vendor specific
921 capabilities. It seems reasonable for now... */
922 zlog_warn ("%s Vendor specific capability %d",
923 peer->host, caphdr.code);
924 }
925 else
926 {
927 zlog_warn ("%s unrecognized capability code: %d - ignored",
928 peer->host, caphdr.code);
929 memcpy (*error, sp, caphdr.length + 2);
930 *error += caphdr.length + 2;
931 }
932 }
14051b36
DS		 933
934 if (ret < 0)
935 {
09825025 936 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
14051b36
DS		 937 return -1;
938 }
6d58272b
PJ		 939 if (stream_get_getp(s) != (start + caphdr.length))
940 {
941 if (stream_get_getp(s) > (start + caphdr.length))
942 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
56b40679 943 peer->host, lookup_msg(capcode_str, caphdr.code, NULL),
6d58272b
PJ		 944 caphdr.length);
945 stream_set_getp (s, start + caphdr.length);
946 }
718e3744 947 }
948 return 0;
949}
950
94f2b392 951static int
6d58272b 952bgp_auth_parse (struct peer *peer, size_t length)
718e3744 953{
954 bgp_notify_send (peer,
955 BGP_NOTIFY_OPEN_ERR,
956 BGP_NOTIFY_OPEN_AUTH_FAILURE);
957 return -1;
958}
959
94f2b392 960static int
718e3744 961strict_capability_same (struct peer *peer)
962{
963 int i, j;
964
965 for (i = AFI_IP; i < AFI_MAX; i++)
966 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
967 if (peer->afc[i][j] != peer->afc_nego[i][j])
968 return 0;
969 return 1;
970}
971
0b2aa3a0
PJ		 972/* peek into option, stores ASN to *as4 if the AS4 capability was found.
973 * Returns 0 if no as4 found, as4cap value otherwise.
974 */
975as_t
976peek_for_as4_capability (struct peer *peer, u_char length)
977{
978 struct stream *s = BGP_INPUT (peer);
979 size_t orig_getp = stream_get_getp (s);
980 size_t end = orig_getp + length;
981 as_t as4 = 0;
982
0b2aa3a0
PJ		 983 if (BGP_DEBUG (as4, AS4))
984 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
985 " peeking for as4",
986 peer->host, length);
987 /* the error cases we DONT handle, we ONLY try to read as4 out of
988 * correctly formatted options.
989 */
990 while (stream_get_getp(s) < end)
991 {
992 u_char opt_type;
993 u_char opt_length;
994
995 /* Check the length. */
996 if (stream_get_getp (s) + 2 > end)
997 goto end;
998
999 /* Fetch option type and length. */
1000 opt_type = stream_getc (s);
1001 opt_length = stream_getc (s);
1002
1003 /* Option length check. */
1004 if (stream_get_getp (s) + opt_length > end)
1005 goto end;
1006
1007 if (opt_type == BGP_OPEN_OPT_CAP)
1008 {
1009 unsigned long capd_start = stream_get_getp (s);
1010 unsigned long capd_end = capd_start + opt_length;
1011
1012 assert (capd_end <= end);
1013
1014 while (stream_get_getp (s) < capd_end)
1015 {
1016 struct capability_header hdr;
1017
1018 if (stream_get_getp (s) + 2 > capd_end)
1019 goto end;
1020
1021 hdr.code = stream_getc (s);
1022 hdr.length = stream_getc (s);
1023
1024 if ((stream_get_getp(s) + hdr.length) > capd_end)
1025 goto end;
1026
1027 if (hdr.code == CAPABILITY_CODE_AS4)
1028 {
0b2aa3a0
PJ		 1029 if (BGP_DEBUG (as4, AS4))
1030 zlog_info ("[AS4] found AS4 capability, about to parse");
1031 as4 = bgp_capability_as4 (peer, &hdr);
1032
1033 goto end;
1034 }
1035 stream_forward_getp (s, hdr.length);
1036 }
1037 }
1038 }
1039
1040end:
1041 stream_set_getp (s, orig_getp);
1042 return as4;
1043}
1044
3b381c32
AS		 1045/**
1046 * Parse open option.
1047 *
1048 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1049 */
718e3744 1050int
3b381c32 1051bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
718e3744 1052{
18f1dc06 1053 int ret = 0;
718e3744 1054 u_char *error;
1055 u_char error_data[BGP_MAX_PACKET_SIZE];
6d58272b
PJ		 1056 struct stream *s = BGP_INPUT(peer);
1057 size_t end = stream_get_getp (s) + length;
718e3744 1058
718e3744 1059 error = error_data;
1060
16286195 1061 if (bgp_debug_neighbor_events(peer))
8325cd7f 1062 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
718e3744 1063 peer->host, length);
1064
6d58272b 1065 while (stream_get_getp(s) < end)
718e3744 1066 {
6d58272b
PJ		 1067 u_char opt_type;
1068 u_char opt_length;
1069
1070 /* Must have at least an OPEN option header */
1071 if (STREAM_READABLE(s) < 2)
718e3744 1072 {
1073 zlog_info ("%s Option length error", peer->host);
09825025 1074 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1075 return -1;
1076 }
1077
1078 /* Fetch option type and length. */
6d58272b
PJ		 1079 opt_type = stream_getc (s);
1080 opt_length = stream_getc (s);
718e3744 1081
1082 /* Option length check. */
6d58272b 1083 if (STREAM_READABLE (s) < opt_length)
718e3744 1084 {
1085 zlog_info ("%s Option length error", peer->host);
09825025 1086 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1087 return -1;
1088 }
1089
16286195 1090 if (bgp_debug_neighbor_events(peer))
8325cd7f 1091 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
718e3744 1092 peer->host, opt_type,
1093 opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
1094 opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
1095 opt_length);
1096
1097 switch (opt_type)
1098 {
1099 case BGP_OPEN_OPT_AUTH:
6d58272b 1100 ret = bgp_auth_parse (peer, opt_length);
718e3744 1101 break;
1102 case BGP_OPEN_OPT_CAP:
3b381c32 1103 ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
718e3744 1104 break;
1105 default:
1106 bgp_notify_send (peer,
1107 BGP_NOTIFY_OPEN_ERR,
1108 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1109 ret = -1;
1110 break;
1111 }
1112
1113 /* Parse error. To accumulate all unsupported capability codes,
1114 bgp_capability_parse does not return -1 when encounter
1115 unsupported capability code. To detect that, please check
1116 error and erro_data pointer, like below. */
1117 if (ret < 0)
1118 return -1;
718e3744 1119 }
1120
1121 /* All OPEN option is parsed. Check capability when strict compare
1122 flag is enabled.*/
1123 if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
1124 {
1125 /* If Unsupported Capability exists. */
1126 if (error != error_data)
1127 {
1128 bgp_notify_send_with_data (peer,
1129 BGP_NOTIFY_OPEN_ERR,
1130 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1131 error_data, error - error_data);
1132 return -1;
1133 }
1134
1135 /* Check local capability does not negotiated with remote
1136 peer. */
1137 if (! strict_capability_same (peer))
1138 {
1139 bgp_notify_send (peer,
1140 BGP_NOTIFY_OPEN_ERR,
1141 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1142 return -1;
1143 }
1144 }
1145
3b381c32 1146 /* Check there are no common AFI/SAFIs and send Unsupported Capability
718e3744 1147 error. */
3b381c32
AS		 1148 if (*mp_capability &&
1149 ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
718e3744 1150 {
1151 if (! peer->afc_nego[AFI_IP][SAFI_UNICAST]
1152 && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
cd1964ff 1153 && ! peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
718e3744 1154 && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
587ff0fd 1155 && ! peer->afc_nego[AFI_IP][SAFI_ENCAP]
718e3744 1156 && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
945c8fe9 1157 && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
cd1964ff 1158 && ! peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
587ff0fd 1159 && ! peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
3d6c0dfa
PG		 1160 && ! peer->afc_nego[AFI_IP6][SAFI_ENCAP]
1161 && ! peer->afc_nego[AFI_L2VPN][SAFI_EVPN])
718e3744 1162 {
16286195 1163 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
3b381c32
AS		 1164 "overlap with received MP capabilities",
1165 peer->host);
718e3744 1166
1167 if (error != error_data)
718e3744 1168 bgp_notify_send_with_data (peer,
1169 BGP_NOTIFY_OPEN_ERR,
1170 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1171 error_data, error - error_data);
1172 else
1173 bgp_notify_send (peer,
1174 BGP_NOTIFY_OPEN_ERR,
1175 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1176 return -1;
1177 }
1178 }
1179 return 0;
1180}
1181
94f2b392 1182static void
718e3744 1183bgp_open_capability_orf (struct stream *s, struct peer *peer,
1184 afi_t afi, safi_t safi, u_char code)
1185{
1186 u_char cap_len;
1187 u_char orf_len;
1188 unsigned long capp;
1189 unsigned long orfp;
1190 unsigned long numberp;
1191 int number_of_orfs = 0;
b58ed1f8 1192 iana_afi_t pkt_afi;
9cabb64b 1193 safi_t pkt_safi;
718e3744 1194
9cabb64b 1195 /* Convert AFI, SAFI to values for packet. */
1196 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
718e3744 1197
1198 stream_putc (s, BGP_OPEN_OPT_CAP);
9985f83c 1199 capp = stream_get_endp (s); /* Set Capability Len Pointer */
718e3744 1200 stream_putc (s, 0); /* Capability Length */
1201 stream_putc (s, code); /* Capability Code */
9985f83c 1202 orfp = stream_get_endp (s); /* Set ORF Len Pointer */
718e3744 1203 stream_putc (s, 0); /* ORF Length */
9cabb64b 1204 stream_putw (s, pkt_afi);
718e3744 1205 stream_putc (s, 0);
9cabb64b 1206 stream_putc (s, pkt_safi);
9985f83c 1207 numberp = stream_get_endp (s); /* Set Number Pointer */
718e3744 1208 stream_putc (s, 0); /* Number of ORFs */
1209
1210 /* Address Prefix ORF */
1211 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1212 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1213 {
1214 stream_putc (s, (code == CAPABILITY_CODE_ORF ?
1215 ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
1216
1217 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1218 && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1219 {
1220 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1221 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1222 stream_putc (s, ORF_MODE_BOTH);
1223 }
1224 else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
1225 {
1226 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1227 stream_putc (s, ORF_MODE_SEND);
1228 }
1229 else
1230 {
1231 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1232 stream_putc (s, ORF_MODE_RECEIVE);
1233 }
1234 number_of_orfs++;
1235 }
1236
1237 /* Total Number of ORFs. */
1238 stream_putc_at (s, numberp, number_of_orfs);
1239
1240 /* Total ORF Len. */
9985f83c 1241 orf_len = stream_get_endp (s) - orfp - 1;
718e3744 1242 stream_putc_at (s, orfp, orf_len);
1243
1244 /* Total Capability Len. */
9985f83c 1245 cap_len = stream_get_endp (s) - capp - 1;
718e3744 1246 stream_putc_at (s, capp, cap_len);
1247}
1248
1249/* Fill in capability open option to the packet. */
1250void
1251bgp_open_capability (struct stream *s, struct peer *peer)
1252{
1253 u_char len;
fe7d2a48 1254 unsigned long cp, capp, rcapp;
b58ed1f8 1255 iana_afi_t pkt_afi;
718e3744 1256 afi_t afi;
9cabb64b 1257 safi_t safi, pkt_safi;
0b2aa3a0 1258 as_t local_as;
fe7d2a48 1259 u_int32_t restart_time;
a82478b9 1260 u_char afi_safi_count = 0;
04b6bdc0 1261 struct utsname names;
adbac85e 1262 int adv_addpath_tx = 0;
718e3744 1263
1264 /* Remember current pointer for Opt Parm Len. */
9985f83c 1265 cp = stream_get_endp (s);
718e3744 1266
1267 /* Opt Parm Len. */
1268 stream_putc (s, 0);
1269
1270 /* Do not send capability. */
1271 if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1272 || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
1273 return;
1274
9cabb64b 1275 /* MP capability for configured AFI, SAFI */
1276 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1277 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1278 {
1279 if (peer->afc[afi][safi])
1280 {
1281 /* Convert AFI, SAFI to values for packet. */
1282 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1283
1284 peer->afc_adv[afi][safi] = 1;
1285 stream_putc (s, BGP_OPEN_OPT_CAP);
1286 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1287 stream_putc (s, CAPABILITY_CODE_MP);
1288 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1289 stream_putw (s, pkt_afi);
1290 stream_putc (s, 0);
1291 stream_putc (s, pkt_safi);
343e90c3
DW		 1292
1293 /* Extended nexthop capability - currently supporting RFC-5549 for
1294 * Link-Local peering only
1295 */
1296 if (CHECK_FLAG (peer->flags, PEER_FLAG_CAPABILITY_ENHE) &&
1297 peer->su.sa.sa_family == AF_INET6 &&
1298 IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr) &&
1299 afi == AFI_IP &&
1300 (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
1301 {
1302 /* RFC 5549 Extended Next Hop Encoding */
1303 SET_FLAG (peer->cap, PEER_CAP_ENHE_ADV);
1304 stream_putc (s, BGP_OPEN_OPT_CAP);
1305 stream_putc (s, CAPABILITY_CODE_ENHE_LEN + 2);
1306 stream_putc (s, CAPABILITY_CODE_ENHE);
1307 stream_putc (s, CAPABILITY_CODE_ENHE_LEN);
1308
1309 SET_FLAG (peer->af_cap[AFI_IP][safi], PEER_CAP_ENHE_AF_ADV);
1310 stream_putw (s, pkt_afi);
1311 stream_putw (s, pkt_safi);
1312 stream_putw (s, afi_int2iana(AFI_IP6));
1313
1314 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV))
1315 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
1316 }
9cabb64b 1317 }
1318 }
1319
718e3744 1320 /* Route refresh. */
c9502438 1321 SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
1322 stream_putc (s, BGP_OPEN_OPT_CAP);
1323 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1324 stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
1325 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1326 stream_putc (s, BGP_OPEN_OPT_CAP);
1327 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1328 stream_putc (s, CAPABILITY_CODE_REFRESH);
1329 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
718e3744 1330
0b2aa3a0
PJ		 1331 /* AS4 */
1332 SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
1333 stream_putc (s, BGP_OPEN_OPT_CAP);
1334 stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
1335 stream_putc (s, CAPABILITY_CODE_AS4);
1336 stream_putc (s, CAPABILITY_CODE_AS4_LEN);
1337 if ( peer->change_local_as )
1338 local_as = peer->change_local_as;
1339 else
1340 local_as = peer->local_as;
1341 stream_putl (s, local_as );
1342
adbac85e 1343 /* AddPath */
a82478b9
DS		 1344 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1345 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1346 if (peer->afc[afi][safi])
adbac85e
DW		 1347 {
1348 afi_safi_count++;
1349
1350 /* Only advertise addpath TX if a feature that will use it is
1351 * configured */
06370dac
DW		 1352 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_ALL_PATHS) ||
1353 CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
adbac85e
DW		 1354 adv_addpath_tx = 1;
1355 }
a82478b9
DS		 1356
1357 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_ADV);
1358 stream_putc (s, BGP_OPEN_OPT_CAP);
1359 stream_putc (s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1360 stream_putc (s, CAPABILITY_CODE_ADDPATH);
1361 stream_putc (s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1362
1363 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1364 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1365 if (peer->afc[afi][safi])
1366 {
9cabb64b 1367 /* Convert AFI, SAFI to values for packet. */
1368 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1369
1370 stream_putw (s, pkt_afi);
1371 stream_putc (s, pkt_safi);
adbac85e
DW		 1372
1373 if (adv_addpath_tx)
1374 {
1375 stream_putc (s, BGP_ADDPATH_RX|BGP_ADDPATH_TX);
1376 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1377 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1378 }
1379 else
1380 {
1381 stream_putc (s, BGP_ADDPATH_RX);
1382 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1383 UNSET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1384 }
a82478b9
DS		 1385 }
1386
718e3744 1387 /* ORF capability. */
1388 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1389 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1390 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1391 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1392 {
1393 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
1394 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
1395 }
1396
1397 /* Dynamic capability. */
1398 if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
1399 {
1400 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
1401 stream_putc (s, BGP_OPEN_OPT_CAP);
1402 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
89eeecb8
DS		 1403 stream_putc (s, CAPABILITY_CODE_DYNAMIC_OLD);
1404 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1405 stream_putc (s, BGP_OPEN_OPT_CAP);
1406 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
718e3744 1407 stream_putc (s, CAPABILITY_CODE_DYNAMIC);
1408 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1409 }
1410
04b6bdc0
DW		 1411 /* Hostname capability */
1412 uname(&names);
1413 if (names.nodename[0] != '\0')
1414 {
1415 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1416 stream_putc (s, BGP_OPEN_OPT_CAP);
1417 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1418 stream_putc(s, 0); /* dummy len for now */
1419 stream_putc (s, CAPABILITY_CODE_FQDN);
1420 capp = stream_get_endp(s);
1421 stream_putc(s, 0); /* dummy len for now */
1422 len = strlen(names.nodename);
1423 if (len > BGP_MAX_HOSTNAME)
1424 len = BGP_MAX_HOSTNAME;
1425
1426 stream_putc(s, len);
1427 stream_put(s, names.nodename, len);
60060acc 1428#ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
04b6bdc0
DW		 1429 if ((names.domainname[0] != '\0') &&
1430 (strcmp(names.domainname, "(none)") != 0))
1431 {
1432 len = strlen(names.domainname);
1433 if (len > BGP_MAX_HOSTNAME)
1434 len = BGP_MAX_HOSTNAME;
1435
1436 stream_putc(s, len);
1437 stream_put(s, names.domainname, len);
1438 }
1439 else
1440#endif
1441 {
1442 stream_putc(s, 0); /* 0 length */
1443 }
1444
1445 /* Set the lengths straight */
1446 len = stream_get_endp(s) - rcapp - 1;
1447 stream_putc_at(s, rcapp, len);
1448 len = stream_get_endp(s) - capp - 1;
1449 stream_putc_at(s, capp, len);
1450
1451 if (bgp_debug_neighbor_events(peer))
60060acc 1452#ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
04b6bdc0
DW		 1453 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1454 peer->host, names.nodename, names.domainname);
60060acc
RW		 1455#else
1456 zlog_debug("%s Sending hostname cap with hn = %s", peer->host,
1457 names.nodename);
1458#endif
04b6bdc0
DW		 1459 }
1460
fe7d2a48
DS		 1461 /* Sending base graceful-restart capability irrespective of the config */
1462 SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
1463 stream_putc (s, BGP_OPEN_OPT_CAP);
1464 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1465 stream_putc (s, 0); /* Capability Length */
1466 stream_putc (s, CAPABILITY_CODE_RESTART);
1467 rcapp = stream_get_endp (s); /* Set Restart Capability Len Pointer */
1468 stream_putc (s, 0);
1469 restart_time = peer->bgp->restart_time;
1470 if (peer->bgp->t_startup)
1471 {
1472 SET_FLAG (restart_time, RESTART_R_BIT);
1473 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
1474 }
1475 stream_putw (s, restart_time);
1476
1477 /* Send address-family specific graceful-restart capability only when GR config
1478 is present */
538621f2 1479 if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
1480 {
fe7d2a48
DS		 1481 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1482 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1483 if (peer->afc[afi][safi])
1484 {
9cabb64b 1485 /* Convert AFI, SAFI to values for packet. */
1486 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1487 stream_putw (s, pkt_afi);
1488 stream_putc (s, pkt_safi);
6a9a3cde
JC		 1489 if (bgp_flag_check(peer->bgp, BGP_FLAG_GR_PRESERVE_FWD))
1490 stream_putc (s, RESTART_F_BIT);
1491 else
1492 stream_putc (s, 0);
fe7d2a48
DS		 1493 }
1494 }
1495
1496 /* Total Graceful restart capability Len. */
1497 len = stream_get_endp (s) - rcapp - 1;
1498 stream_putc_at (s, rcapp, len);
1499
1500 /* Total Capability Len. */
1501 len = stream_get_endp (s) - capp - 1;
1502 stream_putc_at (s, capp, len);
538621f2 1503
718e3744 1504 /* Total Opt Parm Len. */
9985f83c 1505 len = stream_get_endp (s) - cp - 1;
718e3744 1506 stream_putc_at (s, cp, len);
1507}
FRRouting mirror