]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_open.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
lib: migrate to new memory-type handling
[mirror_frr.git] / bgpd / bgp_open.c
CommitLineData
718e3744 1/* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
3
4This file is part of GNU Zebra.
5
6GNU Zebra is free software; you can redistribute it and/or modify it
7under the terms of the GNU General Public License as published by the
8Free Software Foundation; either version 2, or (at your option) any
9later version.
10
11GNU Zebra is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Zebra; see the file COPYING. If not, write to the Free
18Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
1902111-1307, USA. */
20
21#include <zebra.h>
22
23#include "linklist.h"
24#include "prefix.h"
25#include "stream.h"
26#include "thread.h"
27#include "log.h"
28#include "command.h"
6d58272b 29#include "memory.h"
3f9c7369 30#include "queue.h"
039f3a34 31#include "filter.h"
718e3744 32
856ca177 33#include "lib/json.h"
718e3744 34#include "bgpd/bgpd.h"
35#include "bgpd/bgp_attr.h"
36#include "bgpd/bgp_debug.h"
37#include "bgpd/bgp_fsm.h"
38#include "bgpd/bgp_packet.h"
39#include "bgpd/bgp_open.h"
0b2aa3a0 40#include "bgpd/bgp_aspath.h"
538621f2 41#include "bgpd/bgp_vty.h"
42
718e3744 43/* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
44 negotiate remote peer supports extentions or not. But if
45 remote-peer doesn't supports negotiation process itself. We would
46 like to do manual configuration.
47
48 So there is many configurable point. First of all we want set each
49 peer whether we send capability negotiation to the peer or not.
50 Next, if we send capability to the peer we want to set my capabilty
51 inforation at each peer. */
52
53void
856ca177 54bgp_capability_vty_out (struct vty *vty, struct peer *peer, u_char use_json, json_object *json_neigh)
718e3744 55{
5228ad27 56 char *pnt;
57 char *end;
6d58272b
PJ		 58 struct capability_mp_data mpc;
59 struct capability_header *hdr;
856ca177
MS		 60 json_object *json_cap = NULL;
61
62 if (use_json)
63 json_cap = json_object_new_object();
718e3744 64
65 pnt = peer->notify.data;
66 end = pnt + peer->notify.length;
6d58272b 67
718e3744 68 while (pnt < end)
69 {
6d58272b 70 if (pnt + sizeof (struct capability_mp_data) + 2 > end)
718e3744 71 return;
6d58272b
PJ		 72
73 hdr = (struct capability_header *)pnt;
74 if (pnt + hdr->length + 2 > end)
718e3744 75 return;
76
6d58272b
PJ		 77 memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
78
79 if (hdr->code == CAPABILITY_CODE_MP)
718e3744 80 {
856ca177
MS		 81 if (use_json)
82 {
83 switch (ntohs (mpc.afi))
84 {
85 case AFI_IP:
86 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv4");
87 break;
88 case AFI_IP6:
89 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv6");
90 break;
91 default:
92 json_object_int_add(json_cap, "capabilityErrorMultiProtocolAfiUnknown", ntohs (mpc.afi));
93 break;
94 }
95 switch (mpc.safi)
96 {
97 case SAFI_UNICAST:
98 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "unicast");
99 break;
100 case SAFI_MULTICAST:
101 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "multicast");
102 break;
103 case SAFI_MPLS_LABELED_VPN:
104 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "MPLS-labeled VPN");
105 break;
587ff0fd
LB		 106 case SAFI_ENCAP:
107 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "encap");
108 break;
856ca177
MS		 109 default:
110 json_object_int_add(json_cap, "capabilityErrorMultiProtocolSafiUnknown", mpc.safi);
111 break;
112 }
113 }
114 else
115 {
116 vty_out (vty, " Capability error for: Multi protocol ");
117 switch (ntohs (mpc.afi))
118 {
119 case AFI_IP:
120 vty_out (vty, "AFI IPv4, ");
121 break;
122 case AFI_IP6:
123 vty_out (vty, "AFI IPv6, ");
124 break;
125 default:
126 vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
127 break;
128 }
129 switch (mpc.safi)
130 {
131 case SAFI_UNICAST:
132 vty_out (vty, "SAFI Unicast");
133 break;
134 case SAFI_MULTICAST:
135 vty_out (vty, "SAFI Multicast");
136 break;
587ff0fd 137 case SAFI_MPLS_LABELED_VPN:
856ca177
MS		 138 vty_out (vty, "SAFI MPLS-labeled VPN");
139 break;
587ff0fd
LB		 140 case SAFI_ENCAP:
141 vty_out (vty, "SAFI ENCAP");
142 break;
856ca177
MS		 143 default:
144 vty_out (vty, "SAFI Unknown %d ", mpc.safi);
145 break;
146 }
147 vty_out (vty, "%s", VTY_NEWLINE);
148 }
149 }
6d58272b 150 else if (hdr->code >= 128)
856ca177
MS		 151 {
152 if (use_json)
153 json_object_int_add(json_cap, "capabilityErrorVendorSpecificCapabilityCode", hdr->code);
154 else
155 vty_out (vty, " Capability error: vendor specific capability code %d",
156 hdr->code);
157 }
718e3744 158 else
856ca177
MS		 159 {
160 if (use_json)
161 json_object_int_add(json_cap, "capabilityErrorUnknownCapabilityCode", hdr->code);
162 else
163 vty_out (vty, " Capability error: unknown capability code %d",
164 hdr->code);
165 }
6d58272b 166 pnt += hdr->length + 2;
718e3744 167 }
856ca177
MS		 168 if (use_json)
169 json_object_object_add(json_neigh, "capabilityErrors", json_cap);
718e3744 170}
171
6d58272b
PJ		 172static void
173bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
718e3744 174{
6d58272b
PJ		 175 mpc->afi = stream_getw (s);
176 mpc->reserved = stream_getc (s);
177 mpc->safi = stream_getc (s);
178}
718e3744 179
6d58272b
PJ		 180int
181bgp_afi_safi_valid_indices (afi_t afi, safi_t *safi)
182{
6d58272b 183 switch (afi)
718e3744 184 {
e978e1de
DS		 185 case AFI_IP:
186 case AFI_IP6:
187 switch (*safi)
188 {
189 /* BGP MPLS-labeled VPN SAFI isn't contigious with others, remap */
190 case SAFI_MPLS_LABELED_VPN:
191 *safi = SAFI_MPLS_VPN;
192 case SAFI_UNICAST:
193 case SAFI_MULTICAST:
194 case SAFI_MPLS_VPN:
587ff0fd 195 case SAFI_ENCAP:
e978e1de
DS		 196 return 1;
197 }
198 break;
32ac65d9
LB		 199 case AFI_ETHER:
200 default:
201 break;
718e3744 202 }
e978e1de 203
6d58272b 204 zlog_debug ("unknown afi/safi (%u/%u)", afi, *safi);
e978e1de 205
6d58272b
PJ		 206 return 0;
207}
208
209/* Set negotiated capability value. */
210static int
211bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
212{
213 struct capability_mp_data mpc;
214 struct stream *s = BGP_INPUT (peer);
215
14051b36
DS		 216 /* Verify length is 4 */
217 if (hdr->length != 4)
218 {
219 zlog_warn("MP Cap: Received invalid length %d, non-multiple of 4",
220 hdr->length);
221 return -1;
222 }
223
6d58272b
PJ		 224 bgp_capability_mp_data (s, &mpc);
225
167d390a 226 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 227 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
228 peer->host, mpc.afi, mpc.safi);
229
230 if (!bgp_afi_safi_valid_indices (mpc.afi, &mpc.safi))
231 return -1;
232
233 /* Now safi remapped, and afi/safi are valid array indices */
234 peer->afc_recv[mpc.afi][mpc.safi] = 1;
235
236 if (peer->afc[mpc.afi][mpc.safi])
e08286bc 237 peer->afc_nego[mpc.afi][mpc.safi] = 1;
6d58272b
PJ		 238 else
239 return -1;
718e3744 240
241 return 0;
242}
243
94f2b392 244static void
718e3744 245bgp_capability_orf_not_support (struct peer *peer, afi_t afi, safi_t safi,
246 u_char type, u_char mode)
247{
16286195 248 if (bgp_debug_neighbor_events(peer))
8325cd7f 249 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
718e3744 250 peer->host, afi, safi, type, mode);
251}
252
8f5abac1 253static const struct message orf_type_str[] =
6d58272b
PJ		 254{
255 { ORF_TYPE_PREFIX, "Prefixlist" },
256 { ORF_TYPE_PREFIX_OLD, "Prefixlist (old)" },
257};
837d16cc 258static const int orf_type_str_max = array_size(orf_type_str);
6d58272b 259
8f5abac1 260static const struct message orf_mode_str[] =
6d58272b
PJ		 261{
262 { ORF_MODE_RECEIVE, "Receive" },
263 { ORF_MODE_SEND, "Send" },
264 { ORF_MODE_BOTH, "Both" },
265};
837d16cc 266static const int orf_mode_str_max = array_size(orf_mode_str);
6d58272b 267
94f2b392 268static int
6d58272b 269bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
718e3744 270{
6d58272b
PJ		 271 struct stream *s = BGP_INPUT (peer);
272 struct capability_orf_entry entry;
273 afi_t afi;
274 safi_t safi;
718e3744 275 u_char type;
276 u_char mode;
277 u_int16_t sm_cap = 0; /* capability send-mode receive */
278 u_int16_t rm_cap = 0; /* capability receive-mode receive */
279 int i;
280
6d58272b
PJ		 281 /* ORF Entry header */
282 bgp_capability_mp_data (s, &entry.mpc);
283 entry.num = stream_getc (s);
284 afi = entry.mpc.afi;
285 safi = entry.mpc.safi;
286
16286195 287 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 288 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
289 peer->host, entry.mpc.afi, entry.mpc.safi);
718e3744 290
291 /* Check AFI and SAFI. */
6d58272b
PJ		 292 if (!bgp_afi_safi_valid_indices (entry.mpc.afi, &safi))
293 {
294 zlog_info ("%s Addr-family %d/%d not supported."
295 " Ignoring the ORF capability",
296 peer->host, entry.mpc.afi, entry.mpc.safi);
297 return 0;
298 }
299
300 /* validate number field */
e978e1de 301 if (CAPABILITY_CODE_ORF_LEN + (entry.num * 2) > hdr->length)
718e3744 302 {
6d58272b
PJ		 303 zlog_info ("%s ORF Capability entry length error,"
304 " Cap length %u, num %u",
305 peer->host, hdr->length, entry.num);
09825025 306 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 307 return -1;
308 }
309
6d58272b 310 for (i = 0 ; i < entry.num ; i++)
718e3744 311 {
6d58272b
PJ		 312 type = stream_getc(s);
313 mode = stream_getc(s);
314
718e3744 315 /* ORF Mode error check */
6d58272b
PJ		 316 switch (mode)
317 {
318 case ORF_MODE_BOTH:
319 case ORF_MODE_SEND:
320 case ORF_MODE_RECEIVE:
321 break;
322 default:
323 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
324 continue;
718e3744 325 }
6d58272b
PJ		 326 /* ORF Type and afi/safi error checks */
327 /* capcode versus type */
328 switch (hdr->code)
329 {
330 case CAPABILITY_CODE_ORF:
331 switch (type)
332 {
333 case ORF_TYPE_PREFIX:
334 break;
335 default:
336 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
337 continue;
338 }
339 break;
340 case CAPABILITY_CODE_ORF_OLD:
341 switch (type)
342 {
343 case ORF_TYPE_PREFIX_OLD:
344 break;
345 default:
346 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
347 continue;
348 }
349 break;
350 default:
351 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
352 continue;
353 }
354
355 /* AFI vs SAFI */
356 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
357 || (afi == AFI_IP && safi == SAFI_MULTICAST)
358 || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
359 {
360 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
361 continue;
362 }
363
16286195 364 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 365 zlog_debug ("%s OPEN has %s ORF capability"
366 " as %s for afi/safi: %d/%d",
367 peer->host, LOOKUP (orf_type_str, type),
368 LOOKUP (orf_mode_str, mode),
369 entry.mpc.afi, safi);
718e3744 370
6d58272b 371 if (hdr->code == CAPABILITY_CODE_ORF)
718e3744 372 {
6d58272b
PJ		 373 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
374 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
718e3744 375 }
6d58272b 376 else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
718e3744 377 {
6d58272b
PJ		 378 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
379 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
718e3744 380 }
381 else
382 {
383 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
384 continue;
385 }
386
387 switch (mode)
388 {
389 case ORF_MODE_BOTH:
390 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
391 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
392 break;
393 case ORF_MODE_SEND:
394 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
395 break;
396 case ORF_MODE_RECEIVE:
397 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
398 break;
399 }
400 }
401 return 0;
402}
403
6d58272b
PJ		 404static int
405bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
406{
407 struct stream *s = BGP_INPUT (peer);
408 u_int16_t restart_flag_time;
6d58272b
PJ		 409 size_t end = stream_get_getp (s) + caphdr->length;
410
14051b36
DS		 411 /* Verify length is a multiple of 4 */
412 if ((caphdr->length-2) % 4)
413 {
414 zlog_warn("Restart Cap: Received invalid length %d, non-multiple of 4",
415 caphdr->length);
416 return -1;
417 }
418
6d58272b
PJ		 419 SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
420 restart_flag_time = stream_getw(s);
421 if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
4b52acf9
PJ		 422 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
423
6d58272b
PJ		 424 UNSET_FLAG (restart_flag_time, 0xF000);
425 peer->v_gr_restart = restart_flag_time;
718e3744 426
16286195 427 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 428 {
429 zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
430 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
4b52acf9
PJ		 431 peer->host,
432 CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " "
433 : " not ",
6d58272b
PJ		 434 peer->v_gr_restart);
435 }
718e3744 436
21cc7694 437 while (stream_get_getp (s) + 4 <= end)
6d58272b
PJ		 438 {
439 afi_t afi = stream_getw (s);
440 safi_t safi = stream_getc (s);
441 u_char flag = stream_getc (s);
442
443 if (!bgp_afi_safi_valid_indices (afi, &safi))
444 {
16286195 445 if (bgp_debug_neighbor_events(peer))
6d58272b 446 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
14051b36 447 " Ignore the Graceful Restart capability for this AFI/SAFI",
6d58272b
PJ		 448 peer->host, afi, safi);
449 }
450 else if (!peer->afc[afi][safi])
451 {
16286195 452 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 453 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
454 " Ignore the Graceful Restart capability",
455 peer->host, afi, safi);
456 }
457 else
458 {
16286195 459 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 460 zlog_debug ("%s Address family %s is%spreserved", peer->host,
461 afi_safi_print (afi, safi),
462 CHECK_FLAG (peer->af_cap[afi][safi],
463 PEER_CAP_RESTART_AF_PRESERVE_RCV)
464 ? " " : " not ");
465
466 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
467 if (CHECK_FLAG (flag, RESTART_F_BIT))
468 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
469
470 }
471 }
472 return 0;
473}
718e3744 474
14051b36 475/* Unlike other capability parsing routines, this one returns 0 on error */
0b2aa3a0
PJ		 476static as_t
477bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
478{
5861739f
PJ		 479 SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
480
481 if (hdr->length != CAPABILITY_CODE_AS4_LEN)
482 {
483 zlog_err ("%s AS4 capability has incorrect data length %d",
484 peer->host, hdr->length);
485 return 0;
486 }
487
0b2aa3a0
PJ		 488 as_t as4 = stream_getl (BGP_INPUT(peer));
489
490 if (BGP_DEBUG (as4, AS4))
491 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
492 peer->host, as4);
0b2aa3a0
PJ		 493 return as4;
494}
495
a82478b9
DS		 496static int
497bgp_capability_addpath (struct peer *peer, struct capability_header *hdr)
498{
499 struct stream *s = BGP_INPUT (peer);
500 size_t end = stream_get_getp (s) + hdr->length;
501
502 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_RCV);
503
14051b36
DS		 504 /* Verify length is a multiple of 4 */
505 if (hdr->length % 4)
506 {
507 zlog_warn("Add Path: Received invalid length %d, non-multiple of 4",
508 hdr->length);
509 return -1;
510 }
511
a82478b9
DS		 512 while (stream_get_getp (s) + 4 <= end)
513 {
514 afi_t afi = stream_getw (s);
515 safi_t safi = stream_getc (s);
516 u_char send_receive = stream_getc (s);
517
167d390a 518 if (bgp_debug_neighbor_events(peer))
a82478b9
DS		 519 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
520 peer->host, afi, safi,
521 (send_receive & BGP_ADDPATH_RX) ? ", receive" : "",
522 (send_receive & BGP_ADDPATH_TX) ? ", transmit" : "");
523
524 if (!bgp_afi_safi_valid_indices (afi, &safi))
823b8f7c
DS		 525 {
526 if (bgp_debug_neighbor_events(peer))
527 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
528 " Ignore the Addpath Attribute for this AFI/SAFI",
529 peer->host, afi, safi);
530 continue;
531 }
532 else if (!peer->afc[afi][safi])
533 {
534 if (bgp_debug_neighbor_events(peer))
535 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
536 " Ignore the AddPath capability for this AFI/SAFI",
537 peer->host, afi, safi);
538 continue;
539 }
a82478b9
DS		 540
541 if (send_receive & BGP_ADDPATH_RX)
542 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_RCV);
543
544 if (send_receive & BGP_ADDPATH_TX)
545 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_RCV);
546 }
547
548 return 0;
549}
550
8a92a8a0
DS		 551static int
552bgp_capability_enhe (struct peer *peer, struct capability_header *hdr)
553{
554 struct stream *s = BGP_INPUT (peer);
555 size_t end = stream_get_getp (s) + hdr->length;
556
14051b36
DS		 557 /* Verify length is a multiple of 4 */
558 if (hdr->length % 6)
559 {
560 zlog_warn("Extended NH: Received invalid length %d, non-multiple of 6",
561 hdr->length);
562 return -1;
563 }
564
8a92a8a0
DS		 565 while (stream_get_getp (s) + 6 <= end)
566 {
567 afi_t afi = stream_getw (s);
568 safi_t safi = stream_getw (s);
569 afi_t nh_afi = stream_getw (s);
570
571 if (bgp_debug_neighbor_events(peer))
a656dafa 572 zlog_debug ("%s Received with afi/safi/next-hop afi: %u/%u/%u",
8a92a8a0
DS		 573 peer->host, afi, safi, nh_afi);
574
575 if (!bgp_afi_safi_valid_indices (afi, &safi))
8a92a8a0 576 {
a656dafa 577 if (bgp_debug_neighbor_events(peer))
578 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
579 " Ignore the ENHE Attribute for this AFI/SAFI",
580 peer->host, afi, safi);
581 continue;
8a92a8a0
DS		 582 }
583
a656dafa 584 /* RFC 5549 specifies use of this capability only for IPv4 AFI, with
585 * the Nexthop AFI being IPv6. A future spec may introduce other
586 * possibilities, so we ignore other values with a log. Also, only
587 * Unicast SAFI is currently supported (and expected).
588 */
589 if (afi != AFI_IP || safi != SAFI_UNICAST || nh_afi != AFI_IP6)
590 {
591 zlog_warn ("%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
592 "in Extended Next-hop capability, ignoring",
593 peer->host, afi, safi, nh_afi);
594 continue;
595 }
8a92a8a0
DS		 596
597 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
598
599 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
600 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
601 }
602
603 SET_FLAG (peer->cap, PEER_CAP_ENHE_RCV);
604
605 return 0;
606}
607
04b6bdc0
DW		 608static int
609bgp_capability_hostname (struct peer *peer, struct capability_header *hdr)
610{
611 struct stream *s = BGP_INPUT (peer);
612 char str[BGP_MAX_HOSTNAME+1];
613 size_t end = stream_get_getp (s) + hdr->length;
614 u_char len;
615
616 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
617
618 len = stream_getc(s);
619 if (stream_get_getp(s) + len > end)
620 {
621 zlog_warn("%s: Received malformed hostname capability from peer %s",
622 __FUNCTION__, peer->host);
623 return -1;
624 }
625
626 if (len > BGP_MAX_HOSTNAME)
627 {
628 stream_get(str, s, BGP_MAX_HOSTNAME);
629 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
630 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
631 }
632 else if (len)
633 stream_get(str, s, len);
634
635 if (len)
636 {
637 str[len] = '\0';
638
639 if (peer->hostname != NULL)
f9e9e073
DW		 640 {
641 XFREE(MTYPE_HOST, peer->hostname);
642 peer->hostname = NULL;
643 }
04b6bdc0
DW		 644
645 if (peer->domainname != NULL)
9e08021c
DW		 646 {
647 XFREE(MTYPE_HOST, peer->domainname);
648 peer->domainname = NULL;
649 }
04b6bdc0
DW		 650
651 peer->hostname = XSTRDUP(MTYPE_HOST, str);
652 }
653
654 if (stream_get_getp(s) +1 > end)
655 {
656 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
657 __FUNCTION__, peer->host);
658 return -1;
659 }
660
661 len = stream_getc(s);
662 if (stream_get_getp(s) + len > end)
663 {
664 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
665 __FUNCTION__, peer->host);
666 return -1;
667 }
668
669 if (len > BGP_MAX_HOSTNAME)
670 {
671 stream_get(str, s, BGP_MAX_HOSTNAME);
672 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
673 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
674 }
675 else if (len)
676 stream_get(str, s, len);
677
678 if (len)
679 {
680 str[len] = '\0';
681 peer->domainname = XSTRDUP(MTYPE_HOST, str);
682 }
683
684 if (bgp_debug_neighbor_events(peer))
685 {
686 zlog_debug("%s received hostname %s, domainname %s",
687 peer->host, peer->hostname, peer->domainname);
688 }
689
690 return 0;
691}
692
6410e93a 693 static const struct message capcode_str[] =
6d58272b 694{
6d58272b
PJ		 695 { CAPABILITY_CODE_MP, "MultiProtocol Extensions" },
696 { CAPABILITY_CODE_REFRESH, "Route Refresh" },
697 { CAPABILITY_CODE_ORF, "Cooperative Route Filtering" },
698 { CAPABILITY_CODE_RESTART, "Graceful Restart" },
699 { CAPABILITY_CODE_AS4, "4-octet AS number" },
89eeecb8 700 { CAPABILITY_CODE_ADDPATH, "AddPath" },
6d58272b 701 { CAPABILITY_CODE_DYNAMIC, "Dynamic" },
8a92a8a0 702 { CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding" },
89eeecb8 703 { CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)" },
6d58272b
PJ		 704 { CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)" },
705 { CAPABILITY_CODE_ORF_OLD, "ORF (Old)" },
04b6bdc0 706 { CAPABILITY_CODE_FQDN, "FQDN" },
6d58272b 707};
837d16cc 708static const int capcode_str_max = array_size(capcode_str);
6d58272b
PJ		 709
710/* Minimum sizes for length field of each cap (so not inc. the header) */
fc52f953 711static const size_t cap_minsizes[] =
6d58272b 712{
e978e1de 713 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
6d58272b 714 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
e978e1de 715 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
f5bb8cfa 716 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
6d58272b 717 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
a82478b9 718 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
6d58272b 719 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
89eeecb8 720 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
8a92a8a0 721 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
6d58272b 722 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
e978e1de 723 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
04b6bdc0 724 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
6d58272b
PJ		 725};
726
695ef95f
PJ		 727/* value the capability must be a multiple of.
728 * 0-data capabilities won't be checked against this.
729 * Other capabilities whose data doesn't fall on convenient boundaries for this
730 * table should be set to 1.
731 */
732static const size_t cap_modsizes[] =
733{
734 [CAPABILITY_CODE_MP] = 4,
735 [CAPABILITY_CODE_REFRESH] = 1,
736 [CAPABILITY_CODE_ORF] = 1,
737 [CAPABILITY_CODE_RESTART] = 1,
738 [CAPABILITY_CODE_AS4] = 4,
934a4c59 739 [CAPABILITY_CODE_ADDPATH] = 4,
695ef95f 740 [CAPABILITY_CODE_DYNAMIC] = 1,
934a4c59
DS		 741 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
742 [CAPABILITY_CODE_ENHE] = 6,
695ef95f
PJ		 743 [CAPABILITY_CODE_REFRESH_OLD] = 1,
744 [CAPABILITY_CODE_ORF_OLD] = 1,
934a4c59 745 [CAPABILITY_CODE_FQDN] = 1,
695ef95f
PJ		 746};
747
3b381c32
AS		 748/**
749 * Parse given capability.
6d58272b 750 * XXX: This is reading into a stream, but not using stream API
3b381c32
AS		 751 *
752 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
753 * capabilities were encountered.
6d58272b
PJ		 754 */
755static int
3b381c32
AS		 756bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
757 u_char **error)
6d58272b
PJ		 758{
759 int ret;
760 struct stream *s = BGP_INPUT (peer);
761 size_t end = stream_get_getp (s) + length;
762
763 assert (STREAM_READABLE (s) >= length);
764
765 while (stream_get_getp (s) < end)
766 {
767 size_t start;
768 u_char *sp = stream_pnt (s);
769 struct capability_header caphdr;
14051b36
DS		 770
771 ret = 0;
718e3744 772 /* We need at least capability code and capability length. */
6d58272b 773 if (stream_get_getp(s) + 2 > end)
718e3744 774 {
6d58272b 775 zlog_info ("%s Capability length error (< header)", peer->host);
09825025 776 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 777 return -1;
778 }
6d58272b
PJ		 779
780 caphdr.code = stream_getc (s);
781 caphdr.length = stream_getc (s);
782 start = stream_get_getp (s);
783
784 /* Capability length check sanity check. */
785 if (start + caphdr.length > end)
718e3744 786 {
6d58272b 787 zlog_info ("%s Capability length error (< length)", peer->host);
09825025 788 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 789 return -1;
790 }
6d58272b 791
16286195 792 if (bgp_debug_neighbor_events(peer))
6d58272b
PJ		 793 zlog_debug ("%s OPEN has %s capability (%u), length %u",
794 peer->host,
795 LOOKUP (capcode_str, caphdr.code),
796 caphdr.code, caphdr.length);
797
798 /* Length sanity check, type-specific, for known capabilities */
799 switch (caphdr.code)
800 {
801 case CAPABILITY_CODE_MP:
802 case CAPABILITY_CODE_REFRESH:
803 case CAPABILITY_CODE_REFRESH_OLD:
804 case CAPABILITY_CODE_ORF:
805 case CAPABILITY_CODE_ORF_OLD:
806 case CAPABILITY_CODE_RESTART:
0b2aa3a0 807 case CAPABILITY_CODE_AS4:
a82478b9 808 case CAPABILITY_CODE_ADDPATH:
6d58272b 809 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 810 case CAPABILITY_CODE_DYNAMIC_OLD:
8a92a8a0 811 case CAPABILITY_CODE_ENHE:
04b6bdc0 812 case CAPABILITY_CODE_FQDN:
6d58272b
PJ		 813 /* Check length. */
814 if (caphdr.length < cap_minsizes[caphdr.code])
815 {
816 zlog_info ("%s %s Capability length error: got %u,"
817 " expected at least %u",
818 peer->host,
819 LOOKUP (capcode_str, caphdr.code),
fc52f953
SH		 820 caphdr.length,
821 (unsigned) cap_minsizes[caphdr.code]);
09825025 822 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
6d58272b
PJ		 823 return -1;
824 }
695ef95f
PJ		 825 if (caphdr.length
826 && caphdr.length % cap_modsizes[caphdr.code] != 0)
827 {
828 zlog_info ("%s %s Capability length error: got %u,"
829 " expected a multiple of %u",
830 peer->host,
831 LOOKUP (capcode_str, caphdr.code),
832 caphdr.length,
833 (unsigned) cap_modsizes[caphdr.code]);
834 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
92c92c45 835 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
695ef95f
PJ		 836 return -1;
837 }
6d58272b
PJ		 838 /* we deliberately ignore unknown codes, see below */
839 default:
840 break;
841 }
842
843 switch (caphdr.code)
844 {
845 case CAPABILITY_CODE_MP:
846 {
3b381c32
AS		 847 *mp_capability = 1;
848
6d58272b
PJ		 849 /* Ignore capability when override-capability is set. */
850 if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
851 {
852 /* Set negotiated value. */
853 ret = bgp_capability_mp (peer, &caphdr);
854
855 /* Unsupported Capability. */
856 if (ret < 0)
857 {
858 /* Store return data. */
859 memcpy (*error, sp, caphdr.length + 2);
860 *error += caphdr.length + 2;
861 }
14051b36 862 ret = 0; /* Don't return error for this */
6d58272b
PJ		 863 }
864 }
865 break;
866 case CAPABILITY_CODE_REFRESH:
867 case CAPABILITY_CODE_REFRESH_OLD:
868 {
869 /* BGP refresh capability */
870 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
871 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
872 else
873 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
874 }
875 break;
876 case CAPABILITY_CODE_ORF:
877 case CAPABILITY_CODE_ORF_OLD:
14051b36 878 ret = bgp_capability_orf_entry (peer, &caphdr);
6d58272b
PJ		 879 break;
880 case CAPABILITY_CODE_RESTART:
14051b36 881 ret = bgp_capability_restart (peer, &caphdr);
6d58272b
PJ		 882 break;
883 case CAPABILITY_CODE_DYNAMIC:
89eeecb8 884 case CAPABILITY_CODE_DYNAMIC_OLD:
6d58272b
PJ		 885 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
886 break;
0b2aa3a0
PJ		 887 case CAPABILITY_CODE_AS4:
888 /* Already handled as a special-case parsing of the capabilities
889 * at the beginning of OPEN processing. So we care not a jot
890 * for the value really, only error case.
891 */
892 if (!bgp_capability_as4 (peer, &caphdr))
14051b36 893 ret = -1;
0b2aa3a0 894 break;
a82478b9 895 case CAPABILITY_CODE_ADDPATH:
14051b36 896 ret = bgp_capability_addpath (peer, &caphdr);
a82478b9 897 break;
8a92a8a0 898 case CAPABILITY_CODE_ENHE:
14051b36 899 ret = bgp_capability_enhe (peer, &caphdr);
8a92a8a0 900 break;
04b6bdc0
DW		 901 case CAPABILITY_CODE_FQDN:
902 ret = bgp_capability_hostname (peer, &caphdr);
903 break;
6d58272b
PJ		 904 default:
905 if (caphdr.code > 128)
906 {
907 /* We don't send Notification for unknown vendor specific
908 capabilities. It seems reasonable for now... */
909 zlog_warn ("%s Vendor specific capability %d",
910 peer->host, caphdr.code);
911 }
912 else
913 {
914 zlog_warn ("%s unrecognized capability code: %d - ignored",
915 peer->host, caphdr.code);
916 memcpy (*error, sp, caphdr.length + 2);
917 *error += caphdr.length + 2;
918 }
919 }
14051b36
DS		 920
921 if (ret < 0)
922 {
09825025 923 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
14051b36
DS		 924 return -1;
925 }
6d58272b
PJ		 926 if (stream_get_getp(s) != (start + caphdr.length))
927 {
928 if (stream_get_getp(s) > (start + caphdr.length))
929 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
930 peer->host, LOOKUP (capcode_str, caphdr.code),
931 caphdr.length);
932 stream_set_getp (s, start + caphdr.length);
933 }
718e3744 934 }
935 return 0;
936}
937
94f2b392 938static int
6d58272b 939bgp_auth_parse (struct peer *peer, size_t length)
718e3744 940{
941 bgp_notify_send (peer,
942 BGP_NOTIFY_OPEN_ERR,
943 BGP_NOTIFY_OPEN_AUTH_FAILURE);
944 return -1;
945}
946
94f2b392 947static int
718e3744 948strict_capability_same (struct peer *peer)
949{
950 int i, j;
951
952 for (i = AFI_IP; i < AFI_MAX; i++)
953 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
954 if (peer->afc[i][j] != peer->afc_nego[i][j])
955 return 0;
956 return 1;
957}
958
0b2aa3a0
PJ		 959/* peek into option, stores ASN to *as4 if the AS4 capability was found.
960 * Returns 0 if no as4 found, as4cap value otherwise.
961 */
962as_t
963peek_for_as4_capability (struct peer *peer, u_char length)
964{
965 struct stream *s = BGP_INPUT (peer);
966 size_t orig_getp = stream_get_getp (s);
967 size_t end = orig_getp + length;
968 as_t as4 = 0;
969
0b2aa3a0
PJ		 970 if (BGP_DEBUG (as4, AS4))
971 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
972 " peeking for as4",
973 peer->host, length);
974 /* the error cases we DONT handle, we ONLY try to read as4 out of
975 * correctly formatted options.
976 */
977 while (stream_get_getp(s) < end)
978 {
979 u_char opt_type;
980 u_char opt_length;
981
982 /* Check the length. */
983 if (stream_get_getp (s) + 2 > end)
984 goto end;
985
986 /* Fetch option type and length. */
987 opt_type = stream_getc (s);
988 opt_length = stream_getc (s);
989
990 /* Option length check. */
991 if (stream_get_getp (s) + opt_length > end)
992 goto end;
993
994 if (opt_type == BGP_OPEN_OPT_CAP)
995 {
996 unsigned long capd_start = stream_get_getp (s);
997 unsigned long capd_end = capd_start + opt_length;
998
999 assert (capd_end <= end);
1000
1001 while (stream_get_getp (s) < capd_end)
1002 {
1003 struct capability_header hdr;
1004
1005 if (stream_get_getp (s) + 2 > capd_end)
1006 goto end;
1007
1008 hdr.code = stream_getc (s);
1009 hdr.length = stream_getc (s);
1010
1011 if ((stream_get_getp(s) + hdr.length) > capd_end)
1012 goto end;
1013
1014 if (hdr.code == CAPABILITY_CODE_AS4)
1015 {
0b2aa3a0
PJ		 1016 if (BGP_DEBUG (as4, AS4))
1017 zlog_info ("[AS4] found AS4 capability, about to parse");
1018 as4 = bgp_capability_as4 (peer, &hdr);
1019
1020 goto end;
1021 }
1022 stream_forward_getp (s, hdr.length);
1023 }
1024 }
1025 }
1026
1027end:
1028 stream_set_getp (s, orig_getp);
1029 return as4;
1030}
1031
3b381c32
AS		 1032/**
1033 * Parse open option.
1034 *
1035 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1036 */
718e3744 1037int
3b381c32 1038bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
718e3744 1039{
18f1dc06 1040 int ret = 0;
718e3744 1041 u_char *error;
1042 u_char error_data[BGP_MAX_PACKET_SIZE];
6d58272b
PJ		 1043 struct stream *s = BGP_INPUT(peer);
1044 size_t end = stream_get_getp (s) + length;
718e3744 1045
718e3744 1046 error = error_data;
1047
16286195 1048 if (bgp_debug_neighbor_events(peer))
8325cd7f 1049 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
718e3744 1050 peer->host, length);
1051
6d58272b 1052 while (stream_get_getp(s) < end)
718e3744 1053 {
6d58272b
PJ		 1054 u_char opt_type;
1055 u_char opt_length;
1056
1057 /* Must have at least an OPEN option header */
1058 if (STREAM_READABLE(s) < 2)
718e3744 1059 {
1060 zlog_info ("%s Option length error", peer->host);
09825025 1061 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1062 return -1;
1063 }
1064
1065 /* Fetch option type and length. */
6d58272b
PJ		 1066 opt_type = stream_getc (s);
1067 opt_length = stream_getc (s);
718e3744 1068
1069 /* Option length check. */
6d58272b 1070 if (STREAM_READABLE (s) < opt_length)
718e3744 1071 {
1072 zlog_info ("%s Option length error", peer->host);
09825025 1073 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
718e3744 1074 return -1;
1075 }
1076
16286195 1077 if (bgp_debug_neighbor_events(peer))
8325cd7f 1078 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
718e3744 1079 peer->host, opt_type,
1080 opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
1081 opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
1082 opt_length);
1083
1084 switch (opt_type)
1085 {
1086 case BGP_OPEN_OPT_AUTH:
6d58272b 1087 ret = bgp_auth_parse (peer, opt_length);
718e3744 1088 break;
1089 case BGP_OPEN_OPT_CAP:
3b381c32 1090 ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
718e3744 1091 break;
1092 default:
1093 bgp_notify_send (peer,
1094 BGP_NOTIFY_OPEN_ERR,
1095 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1096 ret = -1;
1097 break;
1098 }
1099
1100 /* Parse error. To accumulate all unsupported capability codes,
1101 bgp_capability_parse does not return -1 when encounter
1102 unsupported capability code. To detect that, please check
1103 error and erro_data pointer, like below. */
1104 if (ret < 0)
1105 return -1;
718e3744 1106 }
1107
1108 /* All OPEN option is parsed. Check capability when strict compare
1109 flag is enabled.*/
1110 if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
1111 {
1112 /* If Unsupported Capability exists. */
1113 if (error != error_data)
1114 {
1115 bgp_notify_send_with_data (peer,
1116 BGP_NOTIFY_OPEN_ERR,
1117 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1118 error_data, error - error_data);
1119 return -1;
1120 }
1121
1122 /* Check local capability does not negotiated with remote
1123 peer. */
1124 if (! strict_capability_same (peer))
1125 {
1126 bgp_notify_send (peer,
1127 BGP_NOTIFY_OPEN_ERR,
1128 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1129 return -1;
1130 }
1131 }
1132
3b381c32 1133 /* Check there are no common AFI/SAFIs and send Unsupported Capability
718e3744 1134 error. */
3b381c32
AS		 1135 if (*mp_capability &&
1136 ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
718e3744 1137 {
1138 if (! peer->afc_nego[AFI_IP][SAFI_UNICAST]
1139 && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1140 && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
587ff0fd 1141 && ! peer->afc_nego[AFI_IP][SAFI_ENCAP]
718e3744 1142 && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
945c8fe9 1143 && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
587ff0fd
LB		 1144 && ! peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1145 && ! peer->afc_nego[AFI_IP6][SAFI_ENCAP])
718e3744 1146 {
16286195 1147 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
3b381c32
AS		 1148 "overlap with received MP capabilities",
1149 peer->host);
718e3744 1150
1151 if (error != error_data)
718e3744 1152 bgp_notify_send_with_data (peer,
1153 BGP_NOTIFY_OPEN_ERR,
1154 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1155 error_data, error - error_data);
1156 else
1157 bgp_notify_send (peer,
1158 BGP_NOTIFY_OPEN_ERR,
1159 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1160 return -1;
1161 }
1162 }
1163 return 0;
1164}
1165
94f2b392 1166static void
718e3744 1167bgp_open_capability_orf (struct stream *s, struct peer *peer,
1168 afi_t afi, safi_t safi, u_char code)
1169{
1170 u_char cap_len;
1171 u_char orf_len;
1172 unsigned long capp;
1173 unsigned long orfp;
1174 unsigned long numberp;
1175 int number_of_orfs = 0;
1176
1177 if (safi == SAFI_MPLS_VPN)
42e6d745 1178 safi = SAFI_MPLS_LABELED_VPN;
718e3744 1179
1180 stream_putc (s, BGP_OPEN_OPT_CAP);
9985f83c 1181 capp = stream_get_endp (s); /* Set Capability Len Pointer */
718e3744 1182 stream_putc (s, 0); /* Capability Length */
1183 stream_putc (s, code); /* Capability Code */
9985f83c 1184 orfp = stream_get_endp (s); /* Set ORF Len Pointer */
718e3744 1185 stream_putc (s, 0); /* ORF Length */
1186 stream_putw (s, afi);
1187 stream_putc (s, 0);
1188 stream_putc (s, safi);
9985f83c 1189 numberp = stream_get_endp (s); /* Set Number Pointer */
718e3744 1190 stream_putc (s, 0); /* Number of ORFs */
1191
1192 /* Address Prefix ORF */
1193 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1194 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1195 {
1196 stream_putc (s, (code == CAPABILITY_CODE_ORF ?
1197 ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
1198
1199 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1200 && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1201 {
1202 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1203 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1204 stream_putc (s, ORF_MODE_BOTH);
1205 }
1206 else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
1207 {
1208 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1209 stream_putc (s, ORF_MODE_SEND);
1210 }
1211 else
1212 {
1213 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1214 stream_putc (s, ORF_MODE_RECEIVE);
1215 }
1216 number_of_orfs++;
1217 }
1218
1219 /* Total Number of ORFs. */
1220 stream_putc_at (s, numberp, number_of_orfs);
1221
1222 /* Total ORF Len. */
9985f83c 1223 orf_len = stream_get_endp (s) - orfp - 1;
718e3744 1224 stream_putc_at (s, orfp, orf_len);
1225
1226 /* Total Capability Len. */
9985f83c 1227 cap_len = stream_get_endp (s) - capp - 1;
718e3744 1228 stream_putc_at (s, capp, cap_len);
1229}
1230
1231/* Fill in capability open option to the packet. */
1232void
1233bgp_open_capability (struct stream *s, struct peer *peer)
1234{
1235 u_char len;
fe7d2a48 1236 unsigned long cp, capp, rcapp;
718e3744 1237 afi_t afi;
1238 safi_t safi;
0b2aa3a0 1239 as_t local_as;
fe7d2a48 1240 u_int32_t restart_time;
a82478b9 1241 u_char afi_safi_count = 0;
04b6bdc0 1242 struct utsname names;
adbac85e 1243 int adv_addpath_tx = 0;
718e3744 1244
1245 /* Remember current pointer for Opt Parm Len. */
9985f83c 1246 cp = stream_get_endp (s);
718e3744 1247
1248 /* Opt Parm Len. */
1249 stream_putc (s, 0);
1250
1251 /* Do not send capability. */
1252 if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1253 || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
1254 return;
1255
718e3744 1256 /* IPv4 unicast. */
1257 if (peer->afc[AFI_IP][SAFI_UNICAST])
1258 {
1259 peer->afc_adv[AFI_IP][SAFI_UNICAST] = 1;
1260 stream_putc (s, BGP_OPEN_OPT_CAP);
1261 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1262 stream_putc (s, CAPABILITY_CODE_MP);
1263 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1264 stream_putw (s, AFI_IP);
1265 stream_putc (s, 0);
1266 stream_putc (s, SAFI_UNICAST);
1267 }
1268 /* IPv4 multicast. */
1269 if (peer->afc[AFI_IP][SAFI_MULTICAST])
1270 {
1271 peer->afc_adv[AFI_IP][SAFI_MULTICAST] = 1;
1272 stream_putc (s, BGP_OPEN_OPT_CAP);
1273 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1274 stream_putc (s, CAPABILITY_CODE_MP);
1275 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1276 stream_putw (s, AFI_IP);
1277 stream_putc (s, 0);
1278 stream_putc (s, SAFI_MULTICAST);
1279 }
1280 /* IPv4 VPN */
1281 if (peer->afc[AFI_IP][SAFI_MPLS_VPN])
1282 {
1283 peer->afc_adv[AFI_IP][SAFI_MPLS_VPN] = 1;
1284 stream_putc (s, BGP_OPEN_OPT_CAP);
1285 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1286 stream_putc (s, CAPABILITY_CODE_MP);
1287 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1288 stream_putw (s, AFI_IP);
1289 stream_putc (s, 0);
42e6d745 1290 stream_putc (s, SAFI_MPLS_LABELED_VPN);
718e3744 1291 }
587ff0fd
LB		 1292 /* ENCAP */
1293 if (peer->afc[AFI_IP][SAFI_ENCAP])
1294 {
1295 peer->afc_adv[AFI_IP][SAFI_ENCAP] = 1;
1296 stream_putc (s, BGP_OPEN_OPT_CAP);
1297 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1298 stream_putc (s, CAPABILITY_CODE_MP);
1299 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1300 stream_putw (s, AFI_IP);
1301 stream_putc (s, 0);
1302 stream_putc (s, SAFI_ENCAP);
1303 }
718e3744 1304#ifdef HAVE_IPV6
8a92a8a0
DS		 1305 /* Currently supporting RFC-5549 for Link-Local peering only */
1306 if (CHECK_FLAG (peer->flags, PEER_FLAG_CAPABILITY_ENHE) &&
1307 peer->su.sa.sa_family == AF_INET6 &&
1308 IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr))
1309 {
1310 /* RFC 5549 Extended Next Hop Encoding */
1311 SET_FLAG (peer->cap, PEER_CAP_ENHE_ADV);
1312 stream_putc (s, BGP_OPEN_OPT_CAP);
1313 stream_putc (s, CAPABILITY_CODE_ENHE_LEN + 2);
1314 stream_putc (s, CAPABILITY_CODE_ENHE);
1315 stream_putc (s, CAPABILITY_CODE_ENHE_LEN);
1316 /* Currently supporting for SAFI_UNICAST only */
1317 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_ADV);
1318 stream_putw (s, AFI_IP);
1319 stream_putw (s, SAFI_UNICAST);
1320 stream_putw (s, AFI_IP6);
1321
1322 if (CHECK_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_RCV))
1323 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_NEGO);
1324 }
718e3744 1325 /* IPv6 unicast. */
1326 if (peer->afc[AFI_IP6][SAFI_UNICAST])
1327 {
1328 peer->afc_adv[AFI_IP6][SAFI_UNICAST] = 1;
1329 stream_putc (s, BGP_OPEN_OPT_CAP);
1330 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1331 stream_putc (s, CAPABILITY_CODE_MP);
1332 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1333 stream_putw (s, AFI_IP6);
1334 stream_putc (s, 0);
1335 stream_putc (s, SAFI_UNICAST);
1336 }
1337 /* IPv6 multicast. */
1338 if (peer->afc[AFI_IP6][SAFI_MULTICAST])
1339 {
1340 peer->afc_adv[AFI_IP6][SAFI_MULTICAST] = 1;
1341 stream_putc (s, BGP_OPEN_OPT_CAP);
1342 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1343 stream_putc (s, CAPABILITY_CODE_MP);
1344 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1345 stream_putw (s, AFI_IP6);
1346 stream_putc (s, 0);
1347 stream_putc (s, SAFI_MULTICAST);
1348 }
945c8fe9
LB		 1349 /* IPv6 VPN. */
1350 if (peer->afc[AFI_IP6][SAFI_MPLS_VPN])
1351 {
1352 peer->afc_adv[AFI_IP6][SAFI_MPLS_VPN] = 1;
1353 stream_putc (s, BGP_OPEN_OPT_CAP);
1354 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1355 stream_putc (s, CAPABILITY_CODE_MP);
1356 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1357 stream_putw (s, AFI_IP6);
1358 stream_putc (s, 0);
1359 stream_putc (s, SAFI_MPLS_LABELED_VPN);
1360 }
587ff0fd
LB		 1361 /* IPv6 ENCAP. */
1362 if (peer->afc[AFI_IP6][SAFI_ENCAP])
1363 {
1364 peer->afc_adv[AFI_IP6][SAFI_ENCAP] = 1;
1365 stream_putc (s, BGP_OPEN_OPT_CAP);
1366 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1367 stream_putc (s, CAPABILITY_CODE_MP);
1368 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1369 stream_putw (s, AFI_IP6);
1370 stream_putc (s, 0);
1371 stream_putc (s, SAFI_ENCAP);
1372 }
718e3744 1373#endif /* HAVE_IPV6 */
1374
1375 /* Route refresh. */
c9502438 1376 SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
1377 stream_putc (s, BGP_OPEN_OPT_CAP);
1378 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1379 stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
1380 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1381 stream_putc (s, BGP_OPEN_OPT_CAP);
1382 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1383 stream_putc (s, CAPABILITY_CODE_REFRESH);
1384 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
718e3744 1385
0b2aa3a0
PJ		 1386 /* AS4 */
1387 SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
1388 stream_putc (s, BGP_OPEN_OPT_CAP);
1389 stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
1390 stream_putc (s, CAPABILITY_CODE_AS4);
1391 stream_putc (s, CAPABILITY_CODE_AS4_LEN);
1392 if ( peer->change_local_as )
1393 local_as = peer->change_local_as;
1394 else
1395 local_as = peer->local_as;
1396 stream_putl (s, local_as );
1397
adbac85e 1398 /* AddPath */
a82478b9
DS		 1399 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1400 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1401 if (peer->afc[afi][safi])
adbac85e
DW		 1402 {
1403 afi_safi_count++;
1404
1405 /* Only advertise addpath TX if a feature that will use it is
1406 * configured */
06370dac
DW		 1407 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_ALL_PATHS) ||
1408 CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
adbac85e
DW		 1409 adv_addpath_tx = 1;
1410 }
a82478b9
DS		 1411
1412 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_ADV);
1413 stream_putc (s, BGP_OPEN_OPT_CAP);
1414 stream_putc (s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1415 stream_putc (s, CAPABILITY_CODE_ADDPATH);
1416 stream_putc (s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1417
1418 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1419 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1420 if (peer->afc[afi][safi])
1421 {
1422 stream_putw (s, afi);
1423 stream_putc (s, safi);
adbac85e
DW		 1424
1425 if (adv_addpath_tx)
1426 {
1427 stream_putc (s, BGP_ADDPATH_RX|BGP_ADDPATH_TX);
1428 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1429 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1430 }
1431 else
1432 {
1433 stream_putc (s, BGP_ADDPATH_RX);
1434 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1435 UNSET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1436 }
a82478b9
DS		 1437 }
1438
718e3744 1439 /* ORF capability. */
1440 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1441 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1442 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1443 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1444 {
1445 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
1446 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
1447 }
1448
1449 /* Dynamic capability. */
1450 if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
1451 {
1452 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
1453 stream_putc (s, BGP_OPEN_OPT_CAP);
1454 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
89eeecb8
DS		 1455 stream_putc (s, CAPABILITY_CODE_DYNAMIC_OLD);
1456 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1457 stream_putc (s, BGP_OPEN_OPT_CAP);
1458 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
718e3744 1459 stream_putc (s, CAPABILITY_CODE_DYNAMIC);
1460 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1461 }
1462
04b6bdc0
DW		 1463 /* Hostname capability */
1464 uname(&names);
1465 if (names.nodename[0] != '\0')
1466 {
1467 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1468 stream_putc (s, BGP_OPEN_OPT_CAP);
1469 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1470 stream_putc(s, 0); /* dummy len for now */
1471 stream_putc (s, CAPABILITY_CODE_FQDN);
1472 capp = stream_get_endp(s);
1473 stream_putc(s, 0); /* dummy len for now */
1474 len = strlen(names.nodename);
1475 if (len > BGP_MAX_HOSTNAME)
1476 len = BGP_MAX_HOSTNAME;
1477
1478 stream_putc(s, len);
1479 stream_put(s, names.nodename, len);
60060acc 1480#ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
04b6bdc0
DW		 1481 if ((names.domainname[0] != '\0') &&
1482 (strcmp(names.domainname, "(none)") != 0))
1483 {
1484 len = strlen(names.domainname);
1485 if (len > BGP_MAX_HOSTNAME)
1486 len = BGP_MAX_HOSTNAME;
1487
1488 stream_putc(s, len);
1489 stream_put(s, names.domainname, len);
1490 }
1491 else
1492#endif
1493 {
1494 stream_putc(s, 0); /* 0 length */
1495 }
1496
1497 /* Set the lengths straight */
1498 len = stream_get_endp(s) - rcapp - 1;
1499 stream_putc_at(s, rcapp, len);
1500 len = stream_get_endp(s) - capp - 1;
1501 stream_putc_at(s, capp, len);
1502
1503 if (bgp_debug_neighbor_events(peer))
60060acc 1504#ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
04b6bdc0
DW		 1505 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1506 peer->host, names.nodename, names.domainname);
60060acc
RW		 1507#else
1508 zlog_debug("%s Sending hostname cap with hn = %s", peer->host,
1509 names.nodename);
1510#endif
04b6bdc0
DW		 1511 }
1512
fe7d2a48
DS		 1513 /* Sending base graceful-restart capability irrespective of the config */
1514 SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
1515 stream_putc (s, BGP_OPEN_OPT_CAP);
1516 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1517 stream_putc (s, 0); /* Capability Length */
1518 stream_putc (s, CAPABILITY_CODE_RESTART);
1519 rcapp = stream_get_endp (s); /* Set Restart Capability Len Pointer */
1520 stream_putc (s, 0);
1521 restart_time = peer->bgp->restart_time;
1522 if (peer->bgp->t_startup)
1523 {
1524 SET_FLAG (restart_time, RESTART_R_BIT);
1525 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
1526 }
1527 stream_putw (s, restart_time);
1528
1529 /* Send address-family specific graceful-restart capability only when GR config
1530 is present */
538621f2 1531 if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
1532 {
fe7d2a48
DS		 1533 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1534 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1535 if (peer->afc[afi][safi])
1536 {
1537 stream_putw (s, afi);
1538 stream_putc (s, safi);
1539 stream_putc (s, 0); //Forwarding is not retained as of now.
1540 }
1541 }
1542
1543 /* Total Graceful restart capability Len. */
1544 len = stream_get_endp (s) - rcapp - 1;
1545 stream_putc_at (s, rcapp, len);
1546
1547 /* Total Capability Len. */
1548 len = stream_get_endp (s) - capp - 1;
1549 stream_putc_at (s, capp, len);
538621f2 1550
718e3744 1551 /* Total Opt Parm Len. */
9985f83c 1552 len = stream_get_endp (s) - cp - 1;
718e3744 1553 stream_putc_at (s, cp, len);
1554}
FRRouting mirror