]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_attr.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5686 from qlyoung/fix-bgp-fqdn-capability-leak
[mirror_frr.git] / bgpd / bgp_attr.c
1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "memory.h"
26 #include "vector.h"
27 #include "stream.h"
28 #include "log.h"
29 #include "hash.h"
30 #include "jhash.h"
31 #include "queue.h"
32 #include "table.h"
33 #include "filter.h"
34 #include "command.h"
35
36 #include "bgpd/bgpd.h"
37 #include "bgpd/bgp_attr.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_community.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_errors.h"
43 #include "bgpd/bgp_label.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_ecommunity.h"
46 #include "bgpd/bgp_lcommunity.h"
47 #include "bgpd/bgp_updgrp.h"
48 #include "bgpd/bgp_encap_types.h"
49 #if ENABLE_BGP_VNC
50 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
51 #include "bgp_encap_types.h"
52 #include "bgp_vnc_types.h"
53 #endif
54 #include "bgp_evpn.h"
55 #include "bgp_flowspec_private.h"
56 #include "bgp_mac.h"
57
58 /* Attribute strings for logging. */
59 static const struct message attr_str[] = {
60 {BGP_ATTR_ORIGIN, "ORIGIN"},
61 {BGP_ATTR_AS_PATH, "AS_PATH"},
62 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
63 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
64 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
65 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
66 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
67 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
68 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
69 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
70 {BGP_ATTR_DPA, "DPA"},
71 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
72 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
73 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
74 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
75 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
76 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
77 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
78 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
79 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
80 {BGP_ATTR_ENCAP, "ENCAP"},
81 #if ENABLE_BGP_VNC_ATTR
82 {BGP_ATTR_VNC, "VNC"},
83 #endif
84 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
85 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
86 {0}};
87
88 static const struct message attr_flag_str[] = {
89 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
90 {BGP_ATTR_FLAG_TRANS, "Transitive"},
91 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
92 /* bgp_attr_flags_diagnose() relies on this bit being last in
93 this list */
94 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
95 {0}};
96
97 static struct hash *cluster_hash;
98
99 static void *cluster_hash_alloc(void *p)
100 {
101 const struct cluster_list *val = (const struct cluster_list *)p;
102 struct cluster_list *cluster;
103
104 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
105 cluster->length = val->length;
106
107 if (cluster->length) {
108 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
109 memcpy(cluster->list, val->list, val->length);
110 } else
111 cluster->list = NULL;
112
113 cluster->refcnt = 0;
114
115 return cluster;
116 }
117
118 /* Cluster list related functions. */
119 static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
120 {
121 struct cluster_list tmp;
122 struct cluster_list *cluster;
123
124 tmp.length = length;
125 tmp.list = pnt;
126
127 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
128 cluster->refcnt++;
129 return cluster;
130 }
131
132 int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
133 {
134 int i;
135
136 for (i = 0; i < cluster->length / 4; i++)
137 if (cluster->list[i].s_addr == originator.s_addr)
138 return 1;
139 return 0;
140 }
141
142 static unsigned int cluster_hash_key_make(const void *p)
143 {
144 const struct cluster_list *cluster = p;
145
146 return jhash(cluster->list, cluster->length, 0);
147 }
148
149 static bool cluster_hash_cmp(const void *p1, const void *p2)
150 {
151 const struct cluster_list *cluster1 = p1;
152 const struct cluster_list *cluster2 = p2;
153
154 return (cluster1->length == cluster2->length
155 && (cluster1->list == cluster2->list
156 || memcmp(cluster1->list, cluster2->list, cluster1->length)
157 == 0));
158 }
159
160 static void cluster_free(struct cluster_list *cluster)
161 {
162 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
163 XFREE(MTYPE_CLUSTER, cluster);
164 }
165
166 static struct cluster_list *cluster_intern(struct cluster_list *cluster)
167 {
168 struct cluster_list *find;
169
170 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
171 find->refcnt++;
172
173 return find;
174 }
175
176 void cluster_unintern(struct cluster_list *cluster)
177 {
178 if (cluster->refcnt)
179 cluster->refcnt--;
180
181 if (cluster->refcnt == 0) {
182 hash_release(cluster_hash, cluster);
183 cluster_free(cluster);
184 }
185 }
186
187 static void cluster_init(void)
188 {
189 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
190 "BGP Cluster");
191 }
192
193 static void cluster_finish(void)
194 {
195 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
196 hash_free(cluster_hash);
197 cluster_hash = NULL;
198 }
199
200 static struct hash *encap_hash = NULL;
201 #if ENABLE_BGP_VNC
202 static struct hash *vnc_hash = NULL;
203 #endif
204
205 struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
206 {
207 struct bgp_attr_encap_subtlv *new;
208 struct bgp_attr_encap_subtlv *tail;
209 struct bgp_attr_encap_subtlv *p;
210
211 for (p = orig, tail = new = NULL; p; p = p->next) {
212 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
213 if (tail) {
214 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
215 tail = tail->next;
216 } else {
217 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
218 }
219 assert(tail);
220 memcpy(tail, p, size);
221 tail->next = NULL;
222 }
223
224 return new;
225 }
226
227 static void encap_free(struct bgp_attr_encap_subtlv *p)
228 {
229 struct bgp_attr_encap_subtlv *next;
230 while (p) {
231 next = p->next;
232 p->next = NULL;
233 XFREE(MTYPE_ENCAP_TLV, p);
234 p = next;
235 }
236 }
237
238 void bgp_attr_flush_encap(struct attr *attr)
239 {
240 if (!attr)
241 return;
242
243 if (attr->encap_subtlvs) {
244 encap_free(attr->encap_subtlvs);
245 attr->encap_subtlvs = NULL;
246 }
247 #if ENABLE_BGP_VNC
248 if (attr->vnc_subtlvs) {
249 encap_free(attr->vnc_subtlvs);
250 attr->vnc_subtlvs = NULL;
251 }
252 #endif
253 }
254
255 /*
256 * Compare encap sub-tlv chains
257 *
258 * 1 = equivalent
259 * 0 = not equivalent
260 *
261 * This algorithm could be made faster if needed
262 */
263 static int encap_same(const struct bgp_attr_encap_subtlv *h1,
264 const struct bgp_attr_encap_subtlv *h2)
265 {
266 const struct bgp_attr_encap_subtlv *p;
267 const struct bgp_attr_encap_subtlv *q;
268
269 if (h1 == h2)
270 return 1;
271 if (h1 == NULL || h2 == NULL)
272 return 0;
273
274 for (p = h1; p; p = p->next) {
275 for (q = h2; q; q = q->next) {
276 if ((p->type == q->type) && (p->length == q->length)
277 && !memcmp(p->value, q->value, p->length)) {
278
279 break;
280 }
281 }
282 if (!q)
283 return 0;
284 }
285
286 for (p = h2; p; p = p->next) {
287 for (q = h1; q; q = q->next) {
288 if ((p->type == q->type) && (p->length == q->length)
289 && !memcmp(p->value, q->value, p->length)) {
290
291 break;
292 }
293 }
294 if (!q)
295 return 0;
296 }
297
298 return 1;
299 }
300
301 static void *encap_hash_alloc(void *p)
302 {
303 /* Encap structure is already allocated. */
304 return p;
305 }
306
307 typedef enum {
308 ENCAP_SUBTLV_TYPE,
309 #if ENABLE_BGP_VNC
310 VNC_SUBTLV_TYPE
311 #endif
312 } encap_subtlv_type;
313
314 static struct bgp_attr_encap_subtlv *
315 encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
316 {
317 struct bgp_attr_encap_subtlv *find;
318 struct hash *hash = encap_hash;
319 #if ENABLE_BGP_VNC
320 if (type == VNC_SUBTLV_TYPE)
321 hash = vnc_hash;
322 #endif
323
324 find = hash_get(hash, encap, encap_hash_alloc);
325 if (find != encap)
326 encap_free(encap);
327 find->refcnt++;
328
329 return find;
330 }
331
332 static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
333 encap_subtlv_type type)
334 {
335 struct bgp_attr_encap_subtlv *encap = *encapp;
336 if (encap->refcnt)
337 encap->refcnt--;
338
339 if (encap->refcnt == 0) {
340 struct hash *hash = encap_hash;
341 #if ENABLE_BGP_VNC
342 if (type == VNC_SUBTLV_TYPE)
343 hash = vnc_hash;
344 #endif
345 hash_release(hash, encap);
346 encap_free(encap);
347 *encapp = NULL;
348 }
349 }
350
351 static unsigned int encap_hash_key_make(const void *p)
352 {
353 const struct bgp_attr_encap_subtlv *encap = p;
354
355 return jhash(encap->value, encap->length, 0);
356 }
357
358 static bool encap_hash_cmp(const void *p1, const void *p2)
359 {
360 return encap_same((const struct bgp_attr_encap_subtlv *)p1,
361 (const struct bgp_attr_encap_subtlv *)p2);
362 }
363
364 static void encap_init(void)
365 {
366 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
367 "BGP Encap Hash");
368 #if ENABLE_BGP_VNC
369 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
370 "BGP VNC Hash");
371 #endif
372 }
373
374 static void encap_finish(void)
375 {
376 hash_clean(encap_hash, (void (*)(void *))encap_free);
377 hash_free(encap_hash);
378 encap_hash = NULL;
379 #if ENABLE_BGP_VNC
380 hash_clean(vnc_hash, (void (*)(void *))encap_free);
381 hash_free(vnc_hash);
382 vnc_hash = NULL;
383 #endif
384 }
385
386 static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
387 {
388 if (!a1 && a2)
389 return false;
390 if (!a2 && a1)
391 return false;
392 if (!a1 && !a2)
393 return true;
394 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
395 sizeof(struct bgp_route_evpn));
396 }
397
398 /* Unknown transit attribute. */
399 static struct hash *transit_hash;
400
401 static void transit_free(struct transit *transit)
402 {
403 XFREE(MTYPE_TRANSIT_VAL, transit->val);
404 XFREE(MTYPE_TRANSIT, transit);
405 }
406
407 static void *transit_hash_alloc(void *p)
408 {
409 /* Transit structure is already allocated. */
410 return p;
411 }
412
413 static struct transit *transit_intern(struct transit *transit)
414 {
415 struct transit *find;
416
417 find = hash_get(transit_hash, transit, transit_hash_alloc);
418 if (find != transit)
419 transit_free(transit);
420 find->refcnt++;
421
422 return find;
423 }
424
425 static void transit_unintern(struct transit **transit)
426 {
427 if ((*transit)->refcnt)
428 (*transit)->refcnt--;
429
430 if ((*transit)->refcnt == 0) {
431 hash_release(transit_hash, *transit);
432 transit_free(*transit);
433 *transit = NULL;
434 }
435 }
436
437 static unsigned int transit_hash_key_make(const void *p)
438 {
439 const struct transit *transit = p;
440
441 return jhash(transit->val, transit->length, 0);
442 }
443
444 static bool transit_hash_cmp(const void *p1, const void *p2)
445 {
446 const struct transit *transit1 = p1;
447 const struct transit *transit2 = p2;
448
449 return (transit1->length == transit2->length
450 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
451 }
452
453 static void transit_init(void)
454 {
455 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
456 "BGP Transit Hash");
457 }
458
459 static void transit_finish(void)
460 {
461 hash_clean(transit_hash, (void (*)(void *))transit_free);
462 hash_free(transit_hash);
463 transit_hash = NULL;
464 }
465
466 /* Attribute hash routines. */
467 static struct hash *attrhash;
468
469 unsigned long int attr_count(void)
470 {
471 return attrhash->count;
472 }
473
474 unsigned long int attr_unknown_count(void)
475 {
476 return transit_hash->count;
477 }
478
479 unsigned int attrhash_key_make(const void *p)
480 {
481 const struct attr *attr = (struct attr *)p;
482 uint32_t key = 0;
483 #define MIX(val) key = jhash_1word(val, key)
484 #define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
485
486 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
487 MIX3(attr->local_pref, attr->aggregator_as,
488 attr->aggregator_addr.s_addr);
489 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
490 attr->originator_id.s_addr);
491 MIX3(attr->tag, attr->label, attr->label_index);
492
493 if (attr->aspath)
494 MIX(aspath_key_make(attr->aspath));
495 if (attr->community)
496 MIX(community_hash_make(attr->community));
497
498 if (attr->lcommunity)
499 MIX(lcommunity_hash_make(attr->lcommunity));
500 if (attr->ecommunity)
501 MIX(ecommunity_hash_make(attr->ecommunity));
502 if (attr->cluster)
503 MIX(cluster_hash_key_make(attr->cluster));
504 if (attr->transit)
505 MIX(transit_hash_key_make(attr->transit));
506 if (attr->encap_subtlvs)
507 MIX(encap_hash_key_make(attr->encap_subtlvs));
508 #if ENABLE_BGP_VNC
509 if (attr->vnc_subtlvs)
510 MIX(encap_hash_key_make(attr->vnc_subtlvs));
511 #endif
512 MIX(attr->mp_nexthop_len);
513 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
514 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
515 MIX3(attr->nh_ifindex, attr->nh_lla_ifindex, attr->distance);
516 MIX(attr->rmap_table_id);
517
518 return key;
519 }
520
521 bool attrhash_cmp(const void *p1, const void *p2)
522 {
523 const struct attr *attr1 = p1;
524 const struct attr *attr2 = p2;
525
526 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
527 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
528 && attr1->aspath == attr2->aspath
529 && attr1->community == attr2->community && attr1->med == attr2->med
530 && attr1->local_pref == attr2->local_pref
531 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
532 if (attr1->aggregator_as == attr2->aggregator_as
533 && attr1->aggregator_addr.s_addr
534 == attr2->aggregator_addr.s_addr
535 && attr1->weight == attr2->weight
536 && attr1->tag == attr2->tag
537 && attr1->label_index == attr2->label_index
538 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
539 && attr1->ecommunity == attr2->ecommunity
540 && attr1->lcommunity == attr2->lcommunity
541 && attr1->cluster == attr2->cluster
542 && attr1->transit == attr2->transit
543 && attr1->rmap_table_id == attr2->rmap_table_id
544 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
545 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
546 #if ENABLE_BGP_VNC
547 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
548 #endif
549 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
550 &attr2->mp_nexthop_global)
551 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
552 &attr2->mp_nexthop_local)
553 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
554 &attr2->mp_nexthop_global_in)
555 && IPV4_ADDR_SAME(&attr1->originator_id,
556 &attr2->originator_id)
557 && overlay_index_same(attr1, attr2)
558 && attr1->nh_ifindex == attr2->nh_ifindex
559 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex
560 && attr1->distance == attr2->distance)
561 return true;
562 }
563
564 return false;
565 }
566
567 static void attrhash_init(void)
568 {
569 attrhash =
570 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
571 }
572
573 /*
574 * special for hash_clean below
575 */
576 static void attr_vfree(void *attr)
577 {
578 XFREE(MTYPE_ATTR, attr);
579 }
580
581 static void attrhash_finish(void)
582 {
583 hash_clean(attrhash, attr_vfree);
584 hash_free(attrhash);
585 attrhash = NULL;
586 }
587
588 static void attr_show_all_iterator(struct hash_bucket *bucket, struct vty *vty)
589 {
590 struct attr *attr = bucket->data;
591
592 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
593 inet_ntoa(attr->nexthop));
594 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
595 attr->flag, attr->med, attr->local_pref, attr->origin,
596 attr->weight, attr->label);
597 }
598
599 void attr_show_all(struct vty *vty)
600 {
601 hash_iterate(attrhash, (void (*)(struct hash_bucket *,
602 void *))attr_show_all_iterator,
603 vty);
604 }
605
606 static void *bgp_attr_hash_alloc(void *p)
607 {
608 struct attr *val = (struct attr *)p;
609 struct attr *attr;
610
611 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
612 *attr = *val;
613 if (val->encap_subtlvs) {
614 val->encap_subtlvs = NULL;
615 }
616 #if ENABLE_BGP_VNC
617 if (val->vnc_subtlvs) {
618 val->vnc_subtlvs = NULL;
619 }
620 #endif
621 attr->refcnt = 0;
622 return attr;
623 }
624
625 /* Internet argument attribute. */
626 struct attr *bgp_attr_intern(struct attr *attr)
627 {
628 struct attr *find;
629
630 /* Intern referenced strucutre. */
631 if (attr->aspath) {
632 if (!attr->aspath->refcnt)
633 attr->aspath = aspath_intern(attr->aspath);
634 else
635 attr->aspath->refcnt++;
636 }
637 if (attr->community) {
638 if (!attr->community->refcnt)
639 attr->community = community_intern(attr->community);
640 else
641 attr->community->refcnt++;
642 }
643
644 if (attr->ecommunity) {
645 if (!attr->ecommunity->refcnt)
646 attr->ecommunity = ecommunity_intern(attr->ecommunity);
647 else
648 attr->ecommunity->refcnt++;
649 }
650 if (attr->lcommunity) {
651 if (!attr->lcommunity->refcnt)
652 attr->lcommunity = lcommunity_intern(attr->lcommunity);
653 else
654 attr->lcommunity->refcnt++;
655 }
656 if (attr->cluster) {
657 if (!attr->cluster->refcnt)
658 attr->cluster = cluster_intern(attr->cluster);
659 else
660 attr->cluster->refcnt++;
661 }
662 if (attr->transit) {
663 if (!attr->transit->refcnt)
664 attr->transit = transit_intern(attr->transit);
665 else
666 attr->transit->refcnt++;
667 }
668 if (attr->encap_subtlvs) {
669 if (!attr->encap_subtlvs->refcnt)
670 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
671 ENCAP_SUBTLV_TYPE);
672 else
673 attr->encap_subtlvs->refcnt++;
674 }
675 #if ENABLE_BGP_VNC
676 if (attr->vnc_subtlvs) {
677 if (!attr->vnc_subtlvs->refcnt)
678 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
679 VNC_SUBTLV_TYPE);
680 else
681 attr->vnc_subtlvs->refcnt++;
682 }
683 #endif
684
685 /* At this point, attr only contains intern'd pointers. that means
686 * if we find it in attrhash, it has all the same pointers and we
687 * correctly updated the refcounts on these.
688 * If we don't find it, we need to allocate a one because in all
689 * cases this returns a new reference to a hashed attr, but the input
690 * wasn't on hash. */
691 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
692 find->refcnt++;
693
694 return find;
695 }
696
697 /* Make network statement's attribute. */
698 struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
699 {
700 memset(attr, 0, sizeof(struct attr));
701
702 attr->origin = origin;
703 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
704 attr->aspath = aspath_empty();
705 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
706 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
707 attr->tag = 0;
708 attr->label_index = BGP_INVALID_LABEL_INDEX;
709 attr->label = MPLS_INVALID_LABEL;
710 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
711 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
712
713 return attr;
714 }
715
716 /* Create the attributes for an aggregate */
717 struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
718 struct aspath *aspath,
719 struct community *community,
720 struct ecommunity *ecommunity,
721 struct lcommunity *lcommunity,
722 struct bgp_aggregate *aggregate,
723 uint8_t atomic_aggregate,
724 struct prefix *p)
725 {
726 struct attr attr;
727 struct attr *new;
728 int ret;
729
730 memset(&attr, 0, sizeof(struct attr));
731
732 /* Origin attribute. */
733 attr.origin = origin;
734 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
735
736 /* AS path attribute. */
737 if (aspath)
738 attr.aspath = aspath_intern(aspath);
739 else
740 attr.aspath = aspath_empty();
741 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
742
743 /* Next hop attribute. */
744 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
745
746 if (community) {
747 uint32_t gshut = COMMUNITY_GSHUT;
748
749 /* If we are not shutting down ourselves and we are
750 * aggregating a route that contains the GSHUT community we
751 * need to remove that community when creating the aggregate */
752 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
753 && community_include(community, gshut)) {
754 community_del_val(community, &gshut);
755 }
756
757 attr.community = community;
758 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
759 }
760
761 if (ecommunity) {
762 attr.ecommunity = ecommunity;
763 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
764 }
765
766 if (lcommunity) {
767 attr.lcommunity = lcommunity;
768 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
769 }
770
771 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
772 bgp_attr_add_gshut_community(&attr);
773 }
774
775 attr.label_index = BGP_INVALID_LABEL_INDEX;
776 attr.label = MPLS_INVALID_LABEL;
777 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
778 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
779 if (!aggregate->as_set || atomic_aggregate)
780 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
781 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
782 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
783 attr.aggregator_as = bgp->confed_id;
784 else
785 attr.aggregator_as = bgp->as;
786 attr.aggregator_addr = bgp->router_id;
787 attr.label_index = BGP_INVALID_LABEL_INDEX;
788 attr.label = MPLS_INVALID_LABEL;
789
790 /* Apply route-map */
791 if (aggregate->rmap.name) {
792 struct attr attr_tmp = attr;
793 struct bgp_path_info rmap_path;
794
795 memset(&rmap_path, 0, sizeof(struct bgp_path_info));
796 rmap_path.peer = bgp->peer_self;
797 rmap_path.attr = &attr_tmp;
798
799 SET_FLAG(bgp->peer_self->rmap_type, PEER_RMAP_TYPE_AGGREGATE);
800
801 ret = route_map_apply(aggregate->rmap.map, p, RMAP_BGP,
802 &rmap_path);
803
804 bgp->peer_self->rmap_type = 0;
805
806 if (ret == RMAP_DENYMATCH) {
807 /* Free uninterned attribute. */
808 bgp_attr_flush(&attr_tmp);
809
810 /* Unintern original. */
811 aspath_unintern(&attr.aspath);
812 return NULL;
813 }
814
815 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN))
816 bgp_attr_add_gshut_community(&attr_tmp);
817
818 new = bgp_attr_intern(&attr_tmp);
819 } else {
820
821 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN))
822 bgp_attr_add_gshut_community(&attr);
823
824 new = bgp_attr_intern(&attr);
825 }
826
827 aspath_unintern(&new->aspath);
828 return new;
829 }
830
831 /* Unintern just the sub-components of the attr, but not the attr */
832 void bgp_attr_unintern_sub(struct attr *attr)
833 {
834 /* aspath refcount shoud be decrement. */
835 if (attr->aspath)
836 aspath_unintern(&attr->aspath);
837 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
838
839 if (attr->community)
840 community_unintern(&attr->community);
841 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
842
843 if (attr->ecommunity)
844 ecommunity_unintern(&attr->ecommunity);
845 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
846
847 if (attr->lcommunity)
848 lcommunity_unintern(&attr->lcommunity);
849 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
850
851 if (attr->cluster)
852 cluster_unintern(attr->cluster);
853 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
854
855 if (attr->transit)
856 transit_unintern(&attr->transit);
857
858 if (attr->encap_subtlvs)
859 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
860
861 #if ENABLE_BGP_VNC
862 if (attr->vnc_subtlvs)
863 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
864 #endif
865 }
866
867 /*
868 * We have some show commands that let you experimentally
869 * apply a route-map. When we apply the route-map
870 * we are reseting values but not saving them for
871 * posterity via intern'ing( because route-maps don't
872 * do that) but at this point in time we need
873 * to compare the new attr to the old and if the
874 * routemap has changed it we need to, as Snoop Dog says,
875 * Drop it like it's hot
876 */
877 void bgp_attr_undup(struct attr *new, struct attr *old)
878 {
879 if (new->aspath != old->aspath)
880 aspath_free(new->aspath);
881
882 if (new->community != old->community)
883 community_free(&new->community);
884
885 if (new->ecommunity != old->ecommunity)
886 ecommunity_free(&new->ecommunity);
887
888 if (new->lcommunity != old->lcommunity)
889 lcommunity_free(&new->lcommunity);
890 }
891
892 /* Free bgp attribute and aspath. */
893 void bgp_attr_unintern(struct attr **pattr)
894 {
895 struct attr *attr = *pattr;
896 struct attr *ret;
897 struct attr tmp;
898
899 /* Decrement attribute reference. */
900 attr->refcnt--;
901
902 tmp = *attr;
903
904 /* If reference becomes zero then free attribute object. */
905 if (attr->refcnt == 0) {
906 ret = hash_release(attrhash, attr);
907 assert(ret != NULL);
908 XFREE(MTYPE_ATTR, attr);
909 *pattr = NULL;
910 }
911
912 bgp_attr_unintern_sub(&tmp);
913 }
914
915 void bgp_attr_flush(struct attr *attr)
916 {
917 if (attr->aspath && !attr->aspath->refcnt) {
918 aspath_free(attr->aspath);
919 attr->aspath = NULL;
920 }
921 if (attr->community && !attr->community->refcnt)
922 community_free(&attr->community);
923 if (attr->ecommunity && !attr->ecommunity->refcnt)
924 ecommunity_free(&attr->ecommunity);
925 if (attr->lcommunity && !attr->lcommunity->refcnt)
926 lcommunity_free(&attr->lcommunity);
927 if (attr->cluster && !attr->cluster->refcnt) {
928 cluster_free(attr->cluster);
929 attr->cluster = NULL;
930 }
931 if (attr->transit && !attr->transit->refcnt) {
932 transit_free(attr->transit);
933 attr->transit = NULL;
934 }
935 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
936 encap_free(attr->encap_subtlvs);
937 attr->encap_subtlvs = NULL;
938 }
939 #if ENABLE_BGP_VNC
940 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
941 encap_free(attr->vnc_subtlvs);
942 attr->vnc_subtlvs = NULL;
943 }
944 #endif
945 }
946
947 /* Implement draft-scudder-idr-optional-transitive behaviour and
948 * avoid resetting sessions for malformed attributes which are
949 * are partial/optional and hence where the error likely was not
950 * introduced by the sending neighbour.
951 */
952 static bgp_attr_parse_ret_t
953 bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
954 bgp_size_t length)
955 {
956 struct peer *const peer = args->peer;
957 const uint8_t flags = args->flags;
958 /* startp and length must be special-cased, as whether or not to
959 * send the attribute data with the NOTIFY depends on the error,
960 * the caller therefore signals this with the seperate length argument
961 */
962 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
963
964 /* Only relax error handling for eBGP peers */
965 if (peer->sort != BGP_PEER_EBGP) {
966 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
967 notify_datap, length);
968 return BGP_ATTR_PARSE_ERROR;
969 }
970
971 /* Adjust the stream getp to the end of the attribute, in case we can
972 * still proceed but the caller hasn't read all the attribute.
973 */
974 stream_set_getp(BGP_INPUT(peer),
975 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
976 + args->total);
977
978 switch (args->type) {
979 /* where an attribute is relatively inconsequential, e.g. it does not
980 * affect route selection, and can be safely ignored, then any such
981 * attributes which are malformed should just be ignored and the route
982 * processed as normal.
983 */
984 case BGP_ATTR_AS4_AGGREGATOR:
985 case BGP_ATTR_AGGREGATOR:
986 case BGP_ATTR_ATOMIC_AGGREGATE:
987 return BGP_ATTR_PARSE_PROCEED;
988
989 /* Core attributes, particularly ones which may influence route
990 * selection, should always cause session resets
991 */
992 case BGP_ATTR_ORIGIN:
993 case BGP_ATTR_AS_PATH:
994 case BGP_ATTR_NEXT_HOP:
995 case BGP_ATTR_MULTI_EXIT_DISC:
996 case BGP_ATTR_LOCAL_PREF:
997 case BGP_ATTR_COMMUNITIES:
998 case BGP_ATTR_ORIGINATOR_ID:
999 case BGP_ATTR_CLUSTER_LIST:
1000 case BGP_ATTR_MP_REACH_NLRI:
1001 case BGP_ATTR_MP_UNREACH_NLRI:
1002 case BGP_ATTR_EXT_COMMUNITIES:
1003 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
1004 notify_datap, length);
1005 return BGP_ATTR_PARSE_ERROR;
1006 }
1007
1008 /* Partial optional attributes that are malformed should not cause
1009 * the whole session to be reset. Instead treat it as a withdrawal
1010 * of the routes, if possible.
1011 */
1012 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
1013 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1014 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
1015 return BGP_ATTR_PARSE_WITHDRAW;
1016
1017 /* default to reset */
1018 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1019 }
1020
1021 /* Find out what is wrong with the path attribute flag bits and log the error.
1022 "Flag bits" here stand for Optional, Transitive and Partial, but not for
1023 Extended Length. Checking O/T/P bits at once implies, that the attribute
1024 being diagnosed is defined by RFC as either a "well-known" or an "optional,
1025 non-transitive" attribute. */
1026 static void
1027 bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
1028 uint8_t desired_flags /* how RFC says it must be */
1029 )
1030 {
1031 uint8_t seen = 0, i;
1032 uint8_t real_flags = args->flags;
1033 const uint8_t attr_code = args->type;
1034
1035 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1036 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1037 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
1038 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1039 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
1040 flog_err(EC_BGP_ATTR_FLAG,
1041 "%s attribute must%s be flagged as \"%s\"",
1042 lookup_msg(attr_str, attr_code, NULL),
1043 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1044 ? ""
1045 : " not",
1046 attr_flag_str[i].str);
1047 seen = 1;
1048 }
1049 if (!seen) {
1050 zlog_debug(
1051 "Strange, %s called for attr %s, but no problem found with flags"
1052 " (real flags 0x%x, desired 0x%x)",
1053 __func__, lookup_msg(attr_str, attr_code, NULL),
1054 real_flags, desired_flags);
1055 }
1056 }
1057
1058 /* Required flags for attributes. EXTLEN will be masked off when testing,
1059 * as will PARTIAL for optional+transitive attributes.
1060 */
1061 const uint8_t attr_flags_values[] = {
1062 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1063 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1064 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1065 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1066 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1067 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1068 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1069 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1070 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1071 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1072 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1073 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1074 [BGP_ATTR_EXT_COMMUNITIES] =
1075 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1076 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1077 [BGP_ATTR_AS4_AGGREGATOR] =
1078 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1079 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1080 [BGP_ATTR_LARGE_COMMUNITIES] =
1081 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1082 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1083 };
1084 static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
1085
1086 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1087 {
1088 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1089 const uint8_t flags = args->flags;
1090 const uint8_t attr_code = args->type;
1091
1092 /* there may be attributes we don't know about */
1093 if (attr_code > attr_flags_values_max)
1094 return 0;
1095 if (attr_flags_values[attr_code] == 0)
1096 return 0;
1097
1098 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1099 * to
1100 * 1."
1101 */
1102 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1103 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
1104 flog_err(
1105 EC_BGP_ATTR_FLAG,
1106 "%s well-known attributes must have transitive flag set (%x)",
1107 lookup_msg(attr_str, attr_code, NULL), flags);
1108 return 1;
1109 }
1110
1111 /* "For well-known attributes and for optional non-transitive
1112 * attributes,
1113 * the Partial bit MUST be set to 0."
1114 */
1115 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1116 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
1117 flog_err(EC_BGP_ATTR_FLAG,
1118 "%s well-known attribute "
1119 "must NOT have the partial flag set (%x)",
1120 lookup_msg(attr_str, attr_code, NULL), flags);
1121 return 1;
1122 }
1123 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1124 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
1125 flog_err(EC_BGP_ATTR_FLAG,
1126 "%s optional + transitive attribute "
1127 "must NOT have the partial flag set (%x)",
1128 lookup_msg(attr_str, attr_code, NULL), flags);
1129 return 1;
1130 }
1131 }
1132
1133 /* Optional transitive attributes may go through speakers that don't
1134 * reocgnise them and set the Partial bit.
1135 */
1136 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1137 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1138 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1139
1140 if ((flags & ~mask) == attr_flags_values[attr_code])
1141 return 0;
1142
1143 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1144 return 1;
1145 }
1146
1147 /* Get origin attribute of the update message. */
1148 static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1149 {
1150 struct peer *const peer = args->peer;
1151 struct attr *const attr = args->attr;
1152 const bgp_size_t length = args->length;
1153
1154 /* If any recognized attribute has Attribute Length that conflicts
1155 with the expected length (based on the attribute type code), then
1156 the Error Subcode is set to Attribute Length Error. The Data
1157 field contains the erroneous attribute (type, length and
1158 value). */
1159 if (length != 1) {
1160 flog_err(EC_BGP_ATTR_LEN,
1161 "Origin attribute length is not one %d", length);
1162 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1163 args->total);
1164 }
1165
1166 /* Fetch origin attribute. */
1167 attr->origin = stream_getc(BGP_INPUT(peer));
1168
1169 /* If the ORIGIN attribute has an undefined value, then the Error
1170 Subcode is set to Invalid Origin Attribute. The Data field
1171 contains the unrecognized attribute (type, length and value). */
1172 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1173 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
1174 flog_err(EC_BGP_ATTR_ORIGIN,
1175 "Origin attribute value is invalid %d", attr->origin);
1176 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1177 args->total);
1178 }
1179
1180 /* Set oring attribute flag. */
1181 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1182
1183 return 0;
1184 }
1185
1186 /* Parse AS path information. This function is wrapper of
1187 aspath_parse. */
1188 static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1189 {
1190 struct attr *const attr = args->attr;
1191 struct peer *const peer = args->peer;
1192 const bgp_size_t length = args->length;
1193
1194 /*
1195 * peer with AS4 => will get 4Byte ASnums
1196 * otherwise, will get 16 Bit
1197 */
1198 attr->aspath = aspath_parse(peer->curr, length,
1199 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1200
1201 /* In case of IBGP, length will be zero. */
1202 if (!attr->aspath) {
1203 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1204 "Malformed AS path from %s, length is %d", peer->host,
1205 length);
1206 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1207 0);
1208 }
1209
1210 /* Set aspath attribute flag. */
1211 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1212
1213 return BGP_ATTR_PARSE_PROCEED;
1214 }
1215
1216 static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1217 struct attr *const attr)
1218 {
1219 /* These checks were part of bgp_attr_aspath, but with
1220 * as4 we should to check aspath things when
1221 * aspath synthesizing with as4_path has already taken place.
1222 * Otherwise we check ASPATH and use the synthesized thing, and that is
1223 * not right.
1224 * So do the checks later, i.e. here
1225 */
1226 struct aspath *aspath;
1227
1228 /* Confederation sanity check. */
1229 if ((peer->sort == BGP_PEER_CONFED
1230 && !aspath_left_confed_check(attr->aspath))
1231 || (peer->sort == BGP_PEER_EBGP
1232 && aspath_confed_check(attr->aspath))) {
1233 flog_err(EC_BGP_ATTR_MAL_AS_PATH, "Malformed AS path from %s",
1234 peer->host);
1235 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1236 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1237 return BGP_ATTR_PARSE_ERROR;
1238 }
1239
1240 /* First AS check for EBGP. */
1241 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
1242 if (peer->sort == BGP_PEER_EBGP
1243 && !aspath_firstas_check(attr->aspath, peer->as)) {
1244 flog_err(EC_BGP_ATTR_FIRST_AS,
1245 "%s incorrect first AS (must be %u)",
1246 peer->host, peer->as);
1247 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1248 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1249 return BGP_ATTR_PARSE_ERROR;
1250 }
1251 }
1252
1253 /* local-as prepend */
1254 if (peer->change_local_as
1255 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1256 aspath = aspath_dup(attr->aspath);
1257 aspath = aspath_add_seq(aspath, peer->change_local_as);
1258 aspath_unintern(&attr->aspath);
1259 attr->aspath = aspath_intern(aspath);
1260 }
1261
1262 return BGP_ATTR_PARSE_PROCEED;
1263 }
1264
1265 /* Parse AS4 path information. This function is another wrapper of
1266 aspath_parse. */
1267 static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1268 struct aspath **as4_path)
1269 {
1270 struct peer *const peer = args->peer;
1271 struct attr *const attr = args->attr;
1272 const bgp_size_t length = args->length;
1273
1274 *as4_path = aspath_parse(peer->curr, length, 1);
1275
1276 /* In case of IBGP, length will be zero. */
1277 if (!*as4_path) {
1278 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1279 "Malformed AS4 path from %s, length is %d", peer->host,
1280 length);
1281 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1282 0);
1283 }
1284
1285 /* Set aspath attribute flag. */
1286 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1287
1288 return BGP_ATTR_PARSE_PROCEED;
1289 }
1290
1291 /*
1292 * Check that the nexthop attribute is valid.
1293 */
1294 bgp_attr_parse_ret_t
1295 bgp_attr_nexthop_valid(struct peer *peer, struct attr *attr)
1296 {
1297 in_addr_t nexthop_h;
1298
1299 nexthop_h = ntohl(attr->nexthop.s_addr);
1300 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1301 || IPV4_CLASS_DE(nexthop_h))
1302 && !BGP_DEBUG(allow_martians, ALLOW_MARTIANS)) {
1303 uint8_t data[7]; /* type(2) + length(1) + nhop(4) */
1304 char buf[INET_ADDRSTRLEN];
1305
1306 inet_ntop(AF_INET, &attr->nexthop.s_addr, buf,
1307 INET_ADDRSTRLEN);
1308 flog_err(EC_BGP_ATTR_MARTIAN_NH, "Martian nexthop %s",
1309 buf);
1310 data[0] = BGP_ATTR_FLAG_TRANS;
1311 data[1] = BGP_ATTR_NEXT_HOP;
1312 data[2] = BGP_ATTR_NHLEN_IPV4;
1313 memcpy(&data[3], &attr->nexthop.s_addr, BGP_ATTR_NHLEN_IPV4);
1314 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1315 BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP,
1316 data, 7);
1317 return BGP_ATTR_PARSE_ERROR;
1318 }
1319
1320 return BGP_ATTR_PARSE_PROCEED;
1321 }
1322
1323 /* Nexthop attribute. */
1324 static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1325 {
1326 struct peer *const peer = args->peer;
1327 struct attr *const attr = args->attr;
1328 const bgp_size_t length = args->length;
1329
1330 /* Check nexthop attribute length. */
1331 if (length != 4) {
1332 flog_err(EC_BGP_ATTR_LEN,
1333 "Nexthop attribute length isn't four [%d]", length);
1334
1335 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1336 args->total);
1337 }
1338
1339 attr->nexthop.s_addr = stream_get_ipv4(peer->curr);
1340 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1341
1342 return BGP_ATTR_PARSE_PROCEED;
1343 }
1344
1345 /* MED atrribute. */
1346 static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
1347 {
1348 struct peer *const peer = args->peer;
1349 struct attr *const attr = args->attr;
1350 const bgp_size_t length = args->length;
1351
1352 /* Length check. */
1353 if (length != 4) {
1354 flog_err(EC_BGP_ATTR_LEN,
1355 "MED attribute length isn't four [%d]", length);
1356
1357 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1358 args->total);
1359 }
1360
1361 attr->med = stream_getl(peer->curr);
1362
1363 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
1364
1365 return BGP_ATTR_PARSE_PROCEED;
1366 }
1367
1368 /* Local preference attribute. */
1369 static bgp_attr_parse_ret_t
1370 bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1371 {
1372 struct peer *const peer = args->peer;
1373 struct attr *const attr = args->attr;
1374 const bgp_size_t length = args->length;
1375
1376 /* Length check. */
1377 if (length != 4) {
1378 flog_err(EC_BGP_ATTR_LEN,
1379 "LOCAL_PREF attribute length isn't 4 [%u]", length);
1380 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1381 args->total);
1382 }
1383
1384 /* If it is contained in an UPDATE message that is received from an
1385 external peer, then this attribute MUST be ignored by the
1386 receiving speaker. */
1387 if (peer->sort == BGP_PEER_EBGP) {
1388 stream_forward_getp(peer->curr, length);
1389 return BGP_ATTR_PARSE_PROCEED;
1390 }
1391
1392 attr->local_pref = stream_getl(peer->curr);
1393
1394 /* Set the local-pref flag. */
1395 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1396
1397 return BGP_ATTR_PARSE_PROCEED;
1398 }
1399
1400 /* Atomic aggregate. */
1401 static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
1402 {
1403 struct attr *const attr = args->attr;
1404 const bgp_size_t length = args->length;
1405
1406 /* Length check. */
1407 if (length != 0) {
1408 flog_err(EC_BGP_ATTR_LEN,
1409 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1410 length);
1411 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1412 args->total);
1413 }
1414
1415 /* Set atomic aggregate flag. */
1416 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
1417
1418 return BGP_ATTR_PARSE_PROCEED;
1419 }
1420
1421 /* Aggregator attribute */
1422 static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1423 {
1424 struct peer *const peer = args->peer;
1425 struct attr *const attr = args->attr;
1426 const bgp_size_t length = args->length;
1427
1428 int wantedlen = 6;
1429
1430 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1431 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1432 wantedlen = 8;
1433
1434 if (length != wantedlen) {
1435 flog_err(EC_BGP_ATTR_LEN,
1436 "AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1437 length);
1438 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1439 args->total);
1440 }
1441
1442 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1443 attr->aggregator_as = stream_getl(peer->curr);
1444 else
1445 attr->aggregator_as = stream_getw(peer->curr);
1446 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
1447
1448 /* Set atomic aggregate flag. */
1449 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1450
1451 return BGP_ATTR_PARSE_PROCEED;
1452 }
1453
1454 /* New Aggregator attribute */
1455 static bgp_attr_parse_ret_t
1456 bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1457 as_t *as4_aggregator_as,
1458 struct in_addr *as4_aggregator_addr)
1459 {
1460 struct peer *const peer = args->peer;
1461 struct attr *const attr = args->attr;
1462 const bgp_size_t length = args->length;
1463
1464 if (length != 8) {
1465 flog_err(EC_BGP_ATTR_LEN, "New Aggregator length is not 8 [%d]",
1466 length);
1467 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1468 0);
1469 }
1470
1471 *as4_aggregator_as = stream_getl(peer->curr);
1472 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
1473
1474 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1475
1476 return BGP_ATTR_PARSE_PROCEED;
1477 }
1478
1479 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1480 */
1481 static bgp_attr_parse_ret_t
1482 bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1483 struct aspath *as4_path, as_t as4_aggregator,
1484 struct in_addr *as4_aggregator_addr)
1485 {
1486 int ignore_as4_path = 0;
1487 struct aspath *newpath;
1488
1489 if (!attr->aspath) {
1490 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1491 * have
1492 * checked that all well-known, mandatory attributes were
1493 * present.
1494 *
1495 * Can only be a problem with peer itself - hard error
1496 */
1497 return BGP_ATTR_PARSE_ERROR;
1498 }
1499
1500 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1501 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1502 * if given.
1503 * It is worth a warning though, because the peer really
1504 * should not send them
1505 */
1506 if (BGP_DEBUG(as4, AS4)) {
1507 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1508 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1509 "AS4 capable peer, yet it sent");
1510
1511 if (attr->flag
1512 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1513 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1514 peer->host,
1515 "AS4 capable peer, yet it sent");
1516 }
1517
1518 return BGP_ATTR_PARSE_PROCEED;
1519 }
1520
1521 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1522 * because that may override AS4_PATH
1523 */
1524 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1525 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1526 /* received both.
1527 * if the as_number in aggregator is not AS_TRANS,
1528 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1529 * and the Aggregator shall be taken as
1530 * info on the aggregating node, and the AS_PATH
1531 * shall be taken as the AS_PATH
1532 * otherwise
1533 * the Aggregator shall be ignored and the
1534 * AS4_AGGREGATOR shall be taken as the
1535 * Aggregating node and the AS_PATH is to be
1536 * constructed "as in all other cases"
1537 */
1538 if (attr->aggregator_as != BGP_AS_TRANS) {
1539 /* ignore */
1540 if (BGP_DEBUG(as4, AS4))
1541 zlog_debug(
1542 "[AS4] %s BGP not AS4 capable peer"
1543 " send AGGREGATOR != AS_TRANS and"
1544 " AS4_AGGREGATOR, so ignore"
1545 " AS4_AGGREGATOR and AS4_PATH",
1546 peer->host);
1547 ignore_as4_path = 1;
1548 } else {
1549 /* "New_aggregator shall be taken as aggregator"
1550 */
1551 attr->aggregator_as = as4_aggregator;
1552 attr->aggregator_addr.s_addr =
1553 as4_aggregator_addr->s_addr;
1554 }
1555 } else {
1556 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1557 * That is bogus - but reading the conditions
1558 * we have to handle AS4_AGGREGATOR as if it were
1559 * AGGREGATOR in that case
1560 */
1561 if (BGP_DEBUG(as4, AS4))
1562 zlog_debug(
1563 "[AS4] %s BGP not AS4 capable peer send"
1564 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1565 " it as if AGGREGATOR with AS_TRANS had been there",
1566 peer->host);
1567 attr->aggregator_as = as4_aggregator;
1568 /* sweep it under the carpet and simulate a "good"
1569 * AGGREGATOR */
1570 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1571 }
1572 }
1573
1574 /* need to reconcile NEW_AS_PATH and AS_PATH */
1575 if (!ignore_as4_path
1576 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1577 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
1578 if (!newpath)
1579 return BGP_ATTR_PARSE_ERROR;
1580
1581 aspath_unintern(&attr->aspath);
1582 attr->aspath = aspath_intern(newpath);
1583 }
1584 return BGP_ATTR_PARSE_PROCEED;
1585 }
1586
1587 /* Community attribute. */
1588 static bgp_attr_parse_ret_t
1589 bgp_attr_community(struct bgp_attr_parser_args *args)
1590 {
1591 struct peer *const peer = args->peer;
1592 struct attr *const attr = args->attr;
1593 const bgp_size_t length = args->length;
1594
1595 if (length == 0) {
1596 attr->community = NULL;
1597 return BGP_ATTR_PARSE_PROCEED;
1598 }
1599
1600 attr->community =
1601 community_parse((uint32_t *)stream_pnt(peer->curr), length);
1602
1603 /* XXX: fix community_parse to use stream API and remove this */
1604 stream_forward_getp(peer->curr, length);
1605
1606 if (!attr->community)
1607 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1608 args->total);
1609
1610 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1611
1612 return BGP_ATTR_PARSE_PROCEED;
1613 }
1614
1615 /* Originator ID attribute. */
1616 static bgp_attr_parse_ret_t
1617 bgp_attr_originator_id(struct bgp_attr_parser_args *args)
1618 {
1619 struct peer *const peer = args->peer;
1620 struct attr *const attr = args->attr;
1621 const bgp_size_t length = args->length;
1622
1623 /* Length check. */
1624 if (length != 4) {
1625 flog_err(EC_BGP_ATTR_LEN, "Bad originator ID length %d",
1626 length);
1627
1628 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1629 args->total);
1630 }
1631
1632 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
1633
1634 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
1635
1636 return BGP_ATTR_PARSE_PROCEED;
1637 }
1638
1639 /* Cluster list attribute. */
1640 static bgp_attr_parse_ret_t
1641 bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
1642 {
1643 struct peer *const peer = args->peer;
1644 struct attr *const attr = args->attr;
1645 const bgp_size_t length = args->length;
1646
1647 /* Check length. */
1648 if (length % 4) {
1649 flog_err(EC_BGP_ATTR_LEN, "Bad cluster list length %d", length);
1650
1651 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1652 args->total);
1653 }
1654
1655 attr->cluster =
1656 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
1657
1658 /* XXX: Fix cluster_parse to use stream API and then remove this */
1659 stream_forward_getp(peer->curr, length);
1660
1661 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
1662
1663 return BGP_ATTR_PARSE_PROCEED;
1664 }
1665
1666 /* Multiprotocol reachability information parse. */
1667 int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1668 struct bgp_nlri *mp_update)
1669 {
1670 iana_afi_t pkt_afi;
1671 afi_t afi;
1672 iana_safi_t pkt_safi;
1673 safi_t safi;
1674 bgp_size_t nlri_len;
1675 size_t start;
1676 struct stream *s;
1677 struct peer *const peer = args->peer;
1678 struct attr *const attr = args->attr;
1679 const bgp_size_t length = args->length;
1680
1681 /* Set end of packet. */
1682 s = BGP_INPUT(peer);
1683 start = stream_get_getp(s);
1684
1685 /* safe to read statically sized header? */
1686 #define BGP_MP_REACH_MIN_SIZE 5
1687 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1688 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1689 zlog_info("%s: %s sent invalid length, %lu, of MP_REACH_NLRI",
1690 __func__, peer->host, (unsigned long)length);
1691 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1692 }
1693
1694 /* Load AFI, SAFI. */
1695 pkt_afi = stream_getw(s);
1696 pkt_safi = stream_getc(s);
1697
1698 /* Convert AFI, SAFI to internal values, check. */
1699 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1700 /* Log if AFI or SAFI is unrecognized. This is not an error
1701 * unless
1702 * the attribute is otherwise malformed.
1703 */
1704 if (bgp_debug_update(peer, NULL, NULL, 0))
1705 zlog_debug(
1706 "%s sent unrecognizable AFI, %s or, SAFI, %s, of MP_REACH_NLRI",
1707 peer->host, iana_afi2str(pkt_afi),
1708 iana_safi2str(pkt_safi));
1709 return BGP_ATTR_PARSE_ERROR;
1710 }
1711
1712 /* Get nexthop length. */
1713 attr->mp_nexthop_len = stream_getc(s);
1714
1715 if (LEN_LEFT < attr->mp_nexthop_len) {
1716 zlog_info(
1717 "%s: %s sent next-hop length, %u, in MP_REACH_NLRI which goes past the end of attribute",
1718 __func__, peer->host, attr->mp_nexthop_len);
1719 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1720 }
1721
1722 /* Nexthop length check. */
1723 switch (attr->mp_nexthop_len) {
1724 case 0:
1725 if (safi != SAFI_FLOWSPEC) {
1726 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
1727 __func__, peer->host, attr->mp_nexthop_len);
1728 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1729 }
1730 break;
1731 case BGP_ATTR_NHLEN_VPNV4:
1732 stream_getl(s); /* RD high */
1733 stream_getl(s); /* RD low */
1734 /*
1735 * NOTE: intentional fall through
1736 * - for consistency in rx processing
1737 *
1738 * The following comment is to signal GCC this intention
1739 * and suppress the warning
1740 */
1741 /* FALLTHRU */
1742 case BGP_ATTR_NHLEN_IPV4:
1743 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1744 /* Probably needed for RFC 2283 */
1745 if (attr->nexthop.s_addr == 0)
1746 memcpy(&attr->nexthop.s_addr,
1747 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1748 break;
1749 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1750 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1751 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1752 stream_getl(s); /* RD high */
1753 stream_getl(s); /* RD low */
1754 }
1755 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1756 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1757 if (!peer->nexthop.ifp) {
1758 zlog_warn("%s sent a v6 global attribute but address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1759 peer->host);
1760 return BGP_ATTR_PARSE_WITHDRAW;
1761 }
1762 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1763 }
1764 break;
1765 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1766 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1767 if (attr->mp_nexthop_len
1768 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1769 stream_getl(s); /* RD high */
1770 stream_getl(s); /* RD low */
1771 }
1772 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1773 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1774 if (!peer->nexthop.ifp) {
1775 zlog_warn("%s sent a v6 global and LL attribute but global address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1776 peer->host);
1777 return BGP_ATTR_PARSE_WITHDRAW;
1778 }
1779 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1780 }
1781 if (attr->mp_nexthop_len
1782 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1783 stream_getl(s); /* RD high */
1784 stream_getl(s); /* RD low */
1785 }
1786 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1787 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1788 char buf1[INET6_ADDRSTRLEN];
1789 char buf2[INET6_ADDRSTRLEN];
1790
1791 if (bgp_debug_update(peer, NULL, NULL, 1))
1792 zlog_debug(
1793 "%s sent next-hops %s and %s. Ignoring non-LL value",
1794 peer->host,
1795 inet_ntop(AF_INET6,
1796 &attr->mp_nexthop_global,
1797 buf1, INET6_ADDRSTRLEN),
1798 inet_ntop(AF_INET6,
1799 &attr->mp_nexthop_local, buf2,
1800 INET6_ADDRSTRLEN));
1801
1802 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1803 }
1804 if (!peer->nexthop.ifp) {
1805 zlog_warn("%s sent a v6 LL next-hop and there's no peer interface information. Hence, withdrawing",
1806 peer->host);
1807 return BGP_ATTR_PARSE_WITHDRAW;
1808 }
1809 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
1810 break;
1811 default:
1812 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
1813 __func__, peer->host, attr->mp_nexthop_len);
1814 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1815 }
1816
1817 if (!LEN_LEFT) {
1818 zlog_info("%s: %s sent SNPA which couldn't be read",
1819 __func__, peer->host);
1820 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1821 }
1822
1823 {
1824 uint8_t val;
1825 if ((val = stream_getc(s)))
1826 flog_warn(
1827 EC_BGP_DEFUNCT_SNPA_LEN,
1828 "%s sent non-zero value, %u, for defunct SNPA-length field",
1829 peer->host, val);
1830 }
1831
1832 /* must have nrli_len, what is left of the attribute */
1833 nlri_len = LEN_LEFT;
1834 if (nlri_len > STREAM_READABLE(s)) {
1835 zlog_info("%s: %s sent MP_REACH_NLRI which couldn't be read",
1836 __func__, peer->host);
1837 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1838 }
1839
1840 if (!nlri_len) {
1841 zlog_info("%s: %s sent a zero-length NLRI. Hence, treating as a EOR marker",
1842 __func__, peer->host);
1843
1844 mp_update->afi = afi;
1845 mp_update->safi = safi;
1846 return BGP_ATTR_PARSE_EOR;
1847 }
1848
1849 mp_update->afi = afi;
1850 mp_update->safi = safi;
1851 mp_update->nlri = stream_pnt(s);
1852 mp_update->length = nlri_len;
1853
1854 stream_forward_getp(s, nlri_len);
1855
1856 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1857
1858 return BGP_ATTR_PARSE_PROCEED;
1859 #undef LEN_LEFT
1860 }
1861
1862 /* Multiprotocol unreachable parse */
1863 int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1864 struct bgp_nlri *mp_withdraw)
1865 {
1866 struct stream *s;
1867 iana_afi_t pkt_afi;
1868 afi_t afi;
1869 iana_safi_t pkt_safi;
1870 safi_t safi;
1871 uint16_t withdraw_len;
1872 struct peer *const peer = args->peer;
1873 struct attr *const attr = args->attr;
1874 const bgp_size_t length = args->length;
1875
1876 s = peer->curr;
1877
1878 #define BGP_MP_UNREACH_MIN_SIZE 3
1879 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1880 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1881
1882 pkt_afi = stream_getw(s);
1883 pkt_safi = stream_getc(s);
1884
1885 /* Convert AFI, SAFI to internal values, check. */
1886 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1887 /* Log if AFI or SAFI is unrecognized. This is not an error
1888 * unless
1889 * the attribute is otherwise malformed.
1890 */
1891 if (bgp_debug_update(peer, NULL, NULL, 0))
1892 zlog_debug(
1893 "%s: MP_UNREACH received AFI %s or SAFI %s is unrecognized",
1894 peer->host, iana_afi2str(pkt_afi),
1895 iana_safi2str(pkt_safi));
1896 return BGP_ATTR_PARSE_ERROR;
1897 }
1898
1899 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
1900
1901 mp_withdraw->afi = afi;
1902 mp_withdraw->safi = safi;
1903 mp_withdraw->nlri = stream_pnt(s);
1904 mp_withdraw->length = withdraw_len;
1905
1906 stream_forward_getp(s, withdraw_len);
1907
1908 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1909
1910 return BGP_ATTR_PARSE_PROCEED;
1911 }
1912
1913 /* Large Community attribute. */
1914 static bgp_attr_parse_ret_t
1915 bgp_attr_large_community(struct bgp_attr_parser_args *args)
1916 {
1917 struct peer *const peer = args->peer;
1918 struct attr *const attr = args->attr;
1919 const bgp_size_t length = args->length;
1920
1921 /*
1922 * Large community follows new attribute format.
1923 */
1924 if (length == 0) {
1925 attr->lcommunity = NULL;
1926 /* Empty extcomm doesn't seem to be invalid per se */
1927 return BGP_ATTR_PARSE_PROCEED;
1928 }
1929
1930 attr->lcommunity =
1931 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1932 /* XXX: fix ecommunity_parse to use stream API */
1933 stream_forward_getp(peer->curr, length);
1934
1935 if (!attr->lcommunity)
1936 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1937 args->total);
1938
1939 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
1940
1941 return BGP_ATTR_PARSE_PROCEED;
1942 }
1943
1944 /* Extended Community attribute. */
1945 static bgp_attr_parse_ret_t
1946 bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1947 {
1948 struct peer *const peer = args->peer;
1949 struct attr *const attr = args->attr;
1950 const bgp_size_t length = args->length;
1951 uint8_t sticky = 0;
1952
1953 if (length == 0) {
1954 attr->ecommunity = NULL;
1955 /* Empty extcomm doesn't seem to be invalid per se */
1956 return BGP_ATTR_PARSE_PROCEED;
1957 }
1958
1959 attr->ecommunity =
1960 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1961 /* XXX: fix ecommunity_parse to use stream API */
1962 stream_forward_getp(peer->curr, length);
1963
1964 if (!attr->ecommunity)
1965 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1966 args->total);
1967
1968 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1969
1970 /* Extract MAC mobility sequence number, if any. */
1971 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1972 attr->sticky = sticky;
1973
1974 /* Check if this is a Gateway MAC-IP advertisement */
1975 attr->default_gw = bgp_attr_default_gw(attr);
1976
1977 /* Handle scenario where router flag ecommunity is not
1978 * set but default gw ext community is present.
1979 * Use default gateway, set and propogate R-bit.
1980 */
1981 if (attr->default_gw)
1982 attr->router_flag = 1;
1983
1984 /* Check EVPN Neighbor advertisement flags, R-bit */
1985 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1986
1987 /* Extract the Rmac, if any */
1988 if (bgp_attr_rmac(attr, &attr->rmac)) {
1989 if (bgp_debug_update(peer, NULL, NULL, 1) &&
1990 bgp_mac_exist(&attr->rmac)) {
1991 char buf1[ETHER_ADDR_STRLEN];
1992
1993 zlog_debug("%s: router mac %s is self mac",
1994 __func__,
1995 prefix_mac2str(&attr->rmac, buf1,
1996 sizeof(buf1)));
1997 }
1998
1999 }
2000
2001 /* Get the tunnel type from encap extended community */
2002 bgp_attr_extcom_tunnel_type(attr,
2003 (bgp_encap_types *)&attr->encap_tunneltype);
2004
2005 return BGP_ATTR_PARSE_PROCEED;
2006 }
2007
2008 /* Parse Tunnel Encap attribute in an UPDATE */
2009 static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
2010 bgp_size_t length, /* IN: attr's length field */
2011 struct attr *attr, /* IN: caller already allocated */
2012 uint8_t flag, /* IN: attr's flags field */
2013 uint8_t *startp)
2014 {
2015 bgp_size_t total;
2016 uint16_t tunneltype = 0;
2017
2018 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
2019
2020 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
2021 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2022 zlog_info(
2023 "Tunnel Encap attribute flag isn't optional and transitive %d",
2024 flag);
2025 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2026 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2027 startp, total);
2028 return -1;
2029 }
2030
2031 if (BGP_ATTR_ENCAP == type) {
2032 /* read outer TLV type and length */
2033 uint16_t tlv_length;
2034
2035 if (length < 4) {
2036 zlog_info(
2037 "Tunnel Encap attribute not long enough to contain outer T,L");
2038 bgp_notify_send_with_data(
2039 peer, BGP_NOTIFY_UPDATE_ERR,
2040 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2041 return -1;
2042 }
2043 tunneltype = stream_getw(BGP_INPUT(peer));
2044 tlv_length = stream_getw(BGP_INPUT(peer));
2045 length -= 4;
2046
2047 if (tlv_length != length) {
2048 zlog_info("%s: tlv_length(%d) != length(%d)",
2049 __func__, tlv_length, length);
2050 }
2051 }
2052
2053 while (length >= 4) {
2054 uint16_t subtype = 0;
2055 uint16_t sublength = 0;
2056 struct bgp_attr_encap_subtlv *tlv;
2057
2058 if (BGP_ATTR_ENCAP == type) {
2059 subtype = stream_getc(BGP_INPUT(peer));
2060 sublength = stream_getc(BGP_INPUT(peer));
2061 length -= 2;
2062 #if ENABLE_BGP_VNC
2063 } else {
2064 subtype = stream_getw(BGP_INPUT(peer));
2065 sublength = stream_getw(BGP_INPUT(peer));
2066 length -= 4;
2067 #endif
2068 }
2069
2070 if (sublength > length) {
2071 zlog_info(
2072 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2073 sublength, length);
2074 bgp_notify_send_with_data(
2075 peer, BGP_NOTIFY_UPDATE_ERR,
2076 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2077 return -1;
2078 }
2079
2080 /* alloc and copy sub-tlv */
2081 /* TBD make sure these are freed when attributes are released */
2082 tlv = XCALLOC(MTYPE_ENCAP_TLV,
2083 sizeof(struct bgp_attr_encap_subtlv) + sublength);
2084 tlv->type = subtype;
2085 tlv->length = sublength;
2086 stream_get(tlv->value, peer->curr, sublength);
2087 length -= sublength;
2088
2089 /* attach tlv to encap chain */
2090 if (BGP_ATTR_ENCAP == type) {
2091 struct bgp_attr_encap_subtlv *stlv_last;
2092 for (stlv_last = attr->encap_subtlvs;
2093 stlv_last && stlv_last->next;
2094 stlv_last = stlv_last->next)
2095 ;
2096 if (stlv_last) {
2097 stlv_last->next = tlv;
2098 } else {
2099 attr->encap_subtlvs = tlv;
2100 }
2101 #if ENABLE_BGP_VNC
2102 } else {
2103 struct bgp_attr_encap_subtlv *stlv_last;
2104 for (stlv_last = attr->vnc_subtlvs;
2105 stlv_last && stlv_last->next;
2106 stlv_last = stlv_last->next)
2107 ;
2108 if (stlv_last) {
2109 stlv_last->next = tlv;
2110 } else {
2111 attr->vnc_subtlvs = tlv;
2112 }
2113 #endif
2114 }
2115 }
2116
2117 if (BGP_ATTR_ENCAP == type) {
2118 attr->encap_tunneltype = tunneltype;
2119 }
2120
2121 if (length) {
2122 /* spurious leftover data */
2123 zlog_info(
2124 "Tunnel Encap attribute length is bad: %d leftover octets",
2125 length);
2126 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2127 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2128 startp, total);
2129 return -1;
2130 }
2131
2132 return 0;
2133 }
2134
2135 /*
2136 * Read an individual SID value returning how much data we have read
2137 * Returns 0 if there was an error that needs to be passed up the stack
2138 */
2139 static bgp_attr_parse_ret_t bgp_attr_psid_sub(uint8_t type, uint16_t length,
2140 struct bgp_attr_parser_args *args,
2141 struct bgp_nlri *mp_update)
2142 {
2143 struct peer *const peer = args->peer;
2144 struct attr *const attr = args->attr;
2145 uint32_t label_index;
2146 struct in6_addr ipv6_sid;
2147 uint32_t srgb_base;
2148 uint32_t srgb_range;
2149 int srgb_count;
2150
2151 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2152 if (STREAM_READABLE(peer->curr) < length
2153 || length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
2154 flog_err(EC_BGP_ATTR_LEN,
2155 "Prefix SID label index length is %" PRIu16
2156 " instead of %u",
2157 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
2158 return bgp_attr_malformed(args,
2159 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2160 args->total);
2161 }
2162
2163 /* Ignore flags and reserved */
2164 stream_getc(peer->curr);
2165 stream_getw(peer->curr);
2166
2167 /* Fetch the label index and see if it is valid. */
2168 label_index = stream_getl(peer->curr);
2169 if (label_index == BGP_INVALID_LABEL_INDEX)
2170 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2171 args->total);
2172
2173 /* Store label index; subsequently, we'll check on
2174 * address-family */
2175 attr->label_index = label_index;
2176
2177 /*
2178 * Ignore the Label index attribute unless received for
2179 * labeled-unicast
2180 * SAFI.
2181 */
2182 if (!mp_update->length
2183 || mp_update->safi != SAFI_LABELED_UNICAST)
2184 attr->label_index = BGP_INVALID_LABEL_INDEX;
2185 }
2186
2187 /* Placeholder code for the IPv6 SID type */
2188 else if (type == BGP_PREFIX_SID_IPV6) {
2189 if (STREAM_READABLE(peer->curr) < length
2190 || length != BGP_PREFIX_SID_IPV6_LENGTH) {
2191 flog_err(EC_BGP_ATTR_LEN,
2192 "Prefix SID IPv6 length is %" PRIu16
2193 " instead of %u",
2194 length, BGP_PREFIX_SID_IPV6_LENGTH);
2195 return bgp_attr_malformed(args,
2196 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2197 args->total);
2198 }
2199
2200 /* Ignore reserved */
2201 stream_getc(peer->curr);
2202 stream_getw(peer->curr);
2203
2204 stream_get(&ipv6_sid, peer->curr, 16);
2205 }
2206
2207 /* Placeholder code for the Originator SRGB type */
2208 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2209 /*
2210 * ietf-idr-bgp-prefix-sid-05:
2211 * Length is the total length of the value portion of the
2212 * TLV: 2 + multiple of 6.
2213 *
2214 * peer->curr stream readp should be at the beginning of the 16
2215 * bit flag field at this point in the code.
2216 */
2217
2218 /*
2219 * Check that the TLV length field is sane: at least 2 bytes of
2220 * flag, and at least 1 SRGB (these are 6 bytes each)
2221 */
2222 if (length < (2 + BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH)) {
2223 flog_err(
2224 EC_BGP_ATTR_LEN,
2225 "Prefix SID Originator SRGB length field claims length of %" PRIu16 " bytes, but the minimum for this TLV type is %u",
2226 length,
2227 2 + BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2228 return bgp_attr_malformed(
2229 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2230 args->total);
2231 }
2232
2233 /*
2234 * Check that we actually have at least as much data as
2235 * specified by the length field
2236 */
2237 if (STREAM_READABLE(peer->curr) < length) {
2238 flog_err(EC_BGP_ATTR_LEN,
2239 "Prefix SID Originator SRGB specifies length %" PRIu16 ", but only %zu bytes remain",
2240 length, STREAM_READABLE(peer->curr));
2241 return bgp_attr_malformed(
2242 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2243 args->total);
2244 }
2245
2246 /*
2247 * Check that the portion of the TLV containing the sequence of
2248 * SRGBs corresponds to a multiple of the SRGB size; to get
2249 * that length, we skip the 16 bit flags field
2250 */
2251 stream_getw(peer->curr);
2252 length -= 2;
2253 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
2254 flog_err(
2255 EC_BGP_ATTR_LEN,
2256 "Prefix SID Originator SRGB length field claims attribute SRGB sequence section is %" PRIu16 "bytes, but it must be a multiple of %u",
2257 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2258 return bgp_attr_malformed(
2259 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2260 args->total);
2261 }
2262
2263 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2264
2265 for (int i = 0; i < srgb_count; i++) {
2266 stream_get(&srgb_base, peer->curr, 3);
2267 stream_get(&srgb_range, peer->curr, 3);
2268 }
2269 }
2270
2271 /*
2272 * Placeholder code for Unsupported TLV
2273 * - SRv6 L3 Service TLV (type5)
2274 * - SRv6 L2 Service TLV (type6)
2275 */
2276 else if (type == BGP_PREFIX_SID_SRV6_L3_SERVICE
2277 || type == BGP_PREFIX_SID_SRV6_L2_SERVICE) {
2278
2279 if (STREAM_READABLE(peer->curr) < length) {
2280 flog_err(
2281 EC_BGP_ATTR_LEN,
2282 "Prefix SID SRv6 length is %" PRIu16
2283 " - too long, only %zu remaining in this UPDATE",
2284 length, STREAM_READABLE(peer->curr));
2285 return bgp_attr_malformed(
2286 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2287 args->total);
2288 }
2289
2290 if (bgp_debug_update(peer, NULL, NULL, 1))
2291 zlog_debug(
2292 "%s attr Prefix-SID sub-type=%u is not supported, skipped",
2293 peer->host, type);
2294
2295 stream_forward_getp(peer->curr, length);
2296 }
2297
2298 return BGP_ATTR_PARSE_PROCEED;
2299 }
2300
2301 /* Prefix SID attribute
2302 * draft-ietf-idr-bgp-prefix-sid-05
2303 */
2304 bgp_attr_parse_ret_t bgp_attr_prefix_sid(struct bgp_attr_parser_args *args,
2305 struct bgp_nlri *mp_update)
2306 {
2307 struct peer *const peer = args->peer;
2308 struct attr *const attr = args->attr;
2309 bgp_attr_parse_ret_t ret;
2310
2311 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2312
2313 uint8_t type;
2314 uint16_t length;
2315 size_t headersz = sizeof(type) + sizeof(length);
2316
2317 while (STREAM_READABLE(peer->curr) > 0) {
2318
2319 if (STREAM_READABLE(peer->curr) < headersz) {
2320 flog_err(
2321 EC_BGP_ATTR_LEN,
2322 "Malformed Prefix SID attribute - insufficent data (need %zu for attribute header, have %zu remaining in UPDATE)",
2323 headersz, STREAM_READABLE(peer->curr));
2324 return bgp_attr_malformed(
2325 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2326 args->total);
2327 }
2328
2329 type = stream_getc(peer->curr);
2330 length = stream_getw(peer->curr);
2331
2332 if (STREAM_READABLE(peer->curr) < length) {
2333 flog_err(
2334 EC_BGP_ATTR_LEN,
2335 "Malformed Prefix SID attribute - insufficient data (need %" PRIu8
2336 " for attribute body, have %zu remaining in UPDATE)",
2337 length, STREAM_READABLE(peer->curr));
2338 return bgp_attr_malformed(args,
2339 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2340 args->total);
2341 }
2342
2343 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2344
2345 if (ret != BGP_ATTR_PARSE_PROCEED)
2346 return ret;
2347 }
2348
2349 return BGP_ATTR_PARSE_PROCEED;
2350 }
2351
2352 /* PMSI tunnel attribute (RFC 6514)
2353 * Basic validation checks done here.
2354 */
2355 static bgp_attr_parse_ret_t
2356 bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2357 {
2358 struct peer *const peer = args->peer;
2359 struct attr *const attr = args->attr;
2360 const bgp_size_t length = args->length;
2361 uint8_t tnl_type;
2362 int attr_parse_len = 2 + BGP_LABEL_BYTES;
2363
2364 /* Verify that the receiver is expecting "ingress replication" as we
2365 * can only support that.
2366 */
2367 if (length < attr_parse_len) {
2368 flog_err(EC_BGP_ATTR_LEN, "Bad PMSI tunnel attribute length %d",
2369 length);
2370 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2371 args->total);
2372 }
2373 stream_getc(peer->curr); /* Flags */
2374 tnl_type = stream_getc(peer->curr);
2375 if (tnl_type > PMSI_TNLTYPE_MAX) {
2376 flog_err(EC_BGP_ATTR_PMSI_TYPE,
2377 "Invalid PMSI tunnel attribute type %d", tnl_type);
2378 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2379 args->total);
2380 }
2381 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2382 if (length != 9) {
2383 flog_err(EC_BGP_ATTR_PMSI_LEN,
2384 "Bad PMSI tunnel attribute length %d for IR",
2385 length);
2386 return bgp_attr_malformed(
2387 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2388 args->total);
2389 }
2390 }
2391
2392 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2393 attr->pmsi_tnl_type = tnl_type;
2394 stream_get(&attr->label, peer->curr, BGP_LABEL_BYTES);
2395
2396 /* Forward read pointer of input stream. */
2397 stream_forward_getp(peer->curr, length - attr_parse_len);
2398
2399 return BGP_ATTR_PARSE_PROCEED;
2400 }
2401
2402 /* BGP unknown attribute treatment. */
2403 static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2404 {
2405 bgp_size_t total = args->total;
2406 struct transit *transit;
2407 struct peer *const peer = args->peer;
2408 struct attr *const attr = args->attr;
2409 uint8_t *const startp = args->startp;
2410 const uint8_t type = args->type;
2411 const uint8_t flag = args->flags;
2412 const bgp_size_t length = args->length;
2413
2414 if (bgp_debug_update(peer, NULL, NULL, 1))
2415 zlog_debug(
2416 "%s Unknown attribute is received (type %d, length %d)",
2417 peer->host, type, length);
2418
2419 /* Forward read pointer of input stream. */
2420 stream_forward_getp(peer->curr, length);
2421
2422 /* If any of the mandatory well-known attributes are not recognized,
2423 then the Error Subcode is set to Unrecognized Well-known
2424 Attribute. The Data field contains the unrecognized attribute
2425 (type, length and value). */
2426 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2427 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2428 args->total);
2429 }
2430
2431 /* Unrecognized non-transitive optional attributes must be quietly
2432 ignored and not passed along to other BGP peers. */
2433 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2434 return BGP_ATTR_PARSE_PROCEED;
2435
2436 /* If a path with recognized transitive optional attribute is
2437 accepted and passed along to other BGP peers and the Partial bit
2438 in the Attribute Flags octet is set to 1 by some previous AS, it
2439 is not set back to 0 by the current AS. */
2440 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2441
2442 /* Store transitive attribute to the end of attr->transit. */
2443 if (!attr->transit)
2444 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2445
2446 transit = attr->transit;
2447
2448 if (transit->val)
2449 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2450 transit->length + total);
2451 else
2452 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2453
2454 memcpy(transit->val + transit->length, startp, total);
2455 transit->length += total;
2456
2457 return BGP_ATTR_PARSE_PROCEED;
2458 }
2459
2460 /* Well-known attribute check. */
2461 static int bgp_attr_check(struct peer *peer, struct attr *attr)
2462 {
2463 uint8_t type = 0;
2464
2465 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2466 * empty UPDATE. */
2467 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2468 return BGP_ATTR_PARSE_PROCEED;
2469
2470 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2471 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2472 are present, it should. Check for any other attribute being present
2473 instead.
2474 */
2475 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2476 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
2477 return BGP_ATTR_PARSE_PROCEED;
2478
2479 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2480 type = BGP_ATTR_ORIGIN;
2481
2482 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2483 type = BGP_ATTR_AS_PATH;
2484
2485 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2486 * and
2487 * NLRI is empty. We can't easily check NLRI empty here though.
2488 */
2489 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2490 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2491 type = BGP_ATTR_NEXT_HOP;
2492
2493 if (peer->sort == BGP_PEER_IBGP
2494 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2495 type = BGP_ATTR_LOCAL_PREF;
2496
2497 if (type) {
2498 flog_warn(EC_BGP_MISSING_ATTRIBUTE,
2499 "%s Missing well-known attribute %s.", peer->host,
2500 lookup_msg(attr_str, type, NULL));
2501 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2502 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2503 1);
2504 return BGP_ATTR_PARSE_ERROR;
2505 }
2506 return BGP_ATTR_PARSE_PROCEED;
2507 }
2508
2509 /* Read attribute of update packet. This function is called from
2510 bgp_update_receive() in bgp_packet.c. */
2511 bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2512 bgp_size_t size, struct bgp_nlri *mp_update,
2513 struct bgp_nlri *mp_withdraw)
2514 {
2515 bgp_attr_parse_ret_t ret;
2516 uint8_t flag = 0;
2517 uint8_t type = 0;
2518 bgp_size_t length;
2519 uint8_t *startp, *endp;
2520 uint8_t *attr_endp;
2521 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
2522 /* we need the as4_path only until we have synthesized the as_path with
2523 * it */
2524 /* same goes for as4_aggregator */
2525 struct aspath *as4_path = NULL;
2526 as_t as4_aggregator = 0;
2527 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2528
2529 /* Initialize bitmap. */
2530 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2531
2532 /* End pointer of BGP attribute. */
2533 endp = BGP_INPUT_PNT(peer) + size;
2534
2535 /* Get attributes to the end of attribute length. */
2536 while (BGP_INPUT_PNT(peer) < endp) {
2537 /* Check remaining length check.*/
2538 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2539 /* XXX warning: long int format, int arg (arg 5) */
2540 flog_warn(
2541 EC_BGP_ATTRIBUTE_TOO_SMALL,
2542 "%s: error BGP attribute length %lu is smaller than min len",
2543 peer->host,
2544 (unsigned long)(endp
2545 - stream_pnt(BGP_INPUT(peer))));
2546
2547 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2548 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2549 ret = BGP_ATTR_PARSE_ERROR;
2550 goto done;
2551 }
2552
2553 /* Fetch attribute flag and type. */
2554 startp = BGP_INPUT_PNT(peer);
2555 /* "The lower-order four bits of the Attribute Flags octet are
2556 unused. They MUST be zero when sent and MUST be ignored when
2557 received." */
2558 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2559 type = stream_getc(BGP_INPUT(peer));
2560
2561 /* Check whether Extended-Length applies and is in bounds */
2562 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2563 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
2564 flog_warn(
2565 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL,
2566 "%s: Extended length set, but just %lu bytes of attr header",
2567 peer->host,
2568 (unsigned long)(endp
2569 - stream_pnt(BGP_INPUT(peer))));
2570
2571 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2572 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2573 ret = BGP_ATTR_PARSE_ERROR;
2574 goto done;
2575 }
2576
2577 /* Check extended attribue length bit. */
2578 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2579 length = stream_getw(BGP_INPUT(peer));
2580 else
2581 length = stream_getc(BGP_INPUT(peer));
2582
2583 /* If any attribute appears more than once in the UPDATE
2584 message, then the Error Subcode is set to Malformed Attribute
2585 List. */
2586
2587 if (CHECK_BITMAP(seen, type)) {
2588 flog_warn(
2589 EC_BGP_ATTRIBUTE_REPEATED,
2590 "%s: error BGP attribute type %d appears twice in a message",
2591 peer->host, type);
2592
2593 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2594 BGP_NOTIFY_UPDATE_MAL_ATTR);
2595 ret = BGP_ATTR_PARSE_ERROR;
2596 goto done;
2597 }
2598
2599 /* Set type to bitmap to check duplicate attribute. `type' is
2600 unsigned char so it never overflow bitmap range. */
2601
2602 SET_BITMAP(seen, type);
2603
2604 /* Overflow check. */
2605 attr_endp = BGP_INPUT_PNT(peer) + length;
2606
2607 if (attr_endp > endp) {
2608 flog_warn(
2609 EC_BGP_ATTRIBUTE_TOO_LARGE,
2610 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2611 peer->host, type, length, size, attr_endp,
2612 endp);
2613 /*
2614 * RFC 4271 6.3
2615 * If any recognized attribute has an Attribute
2616 * Length that conflicts with the expected length
2617 * (based on the attribute type code), then the
2618 * Error Subcode MUST be set to Attribute Length
2619 * Error. The Data field MUST contain the erroneous
2620 * attribute (type, length, and value).
2621 * ----------
2622 * We do not currently have a good way to determine the
2623 * length of the attribute independent of the length
2624 * received in the message. Instead we send the
2625 * minimum between the amount of data we have and the
2626 * amount specified by the attribute length field.
2627 *
2628 * Instead of directly passing in the packet buffer and
2629 * offset we use the stream_get* functions to read into
2630 * a stack buffer, since they perform bounds checking
2631 * and we are working with untrusted data.
2632 */
2633 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2634 memset(ndata, 0x00, sizeof(ndata));
2635 size_t lfl =
2636 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2637 /* Rewind to end of flag field */
2638 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2639 /* Type */
2640 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2641 /* Length */
2642 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2643 /* Value */
2644 size_t atl = attr_endp - startp;
2645 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2646 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2647
2648 bgp_notify_send_with_data(
2649 peer, BGP_NOTIFY_UPDATE_ERR,
2650 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2651 ndl + lfl + 1);
2652
2653 ret = BGP_ATTR_PARSE_ERROR;
2654 goto done;
2655 }
2656
2657 struct bgp_attr_parser_args attr_args = {
2658 .peer = peer,
2659 .length = length,
2660 .attr = attr,
2661 .type = type,
2662 .flags = flag,
2663 .startp = startp,
2664 .total = attr_endp - startp,
2665 };
2666
2667
2668 /* If any recognized attribute has Attribute Flags that conflict
2669 with the Attribute Type Code, then the Error Subcode is set
2670 to
2671 Attribute Flags Error. The Data field contains the erroneous
2672 attribute (type, length and value). */
2673 if (bgp_attr_flag_invalid(&attr_args)) {
2674 ret = bgp_attr_malformed(
2675 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2676 attr_args.total);
2677 if (ret == BGP_ATTR_PARSE_PROCEED)
2678 continue;
2679 goto done;
2680 }
2681
2682 /* OK check attribute and store it's value. */
2683 switch (type) {
2684 case BGP_ATTR_ORIGIN:
2685 ret = bgp_attr_origin(&attr_args);
2686 break;
2687 case BGP_ATTR_AS_PATH:
2688 ret = bgp_attr_aspath(&attr_args);
2689 break;
2690 case BGP_ATTR_AS4_PATH:
2691 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2692 break;
2693 case BGP_ATTR_NEXT_HOP:
2694 ret = bgp_attr_nexthop(&attr_args);
2695 break;
2696 case BGP_ATTR_MULTI_EXIT_DISC:
2697 ret = bgp_attr_med(&attr_args);
2698 break;
2699 case BGP_ATTR_LOCAL_PREF:
2700 ret = bgp_attr_local_pref(&attr_args);
2701 break;
2702 case BGP_ATTR_ATOMIC_AGGREGATE:
2703 ret = bgp_attr_atomic(&attr_args);
2704 break;
2705 case BGP_ATTR_AGGREGATOR:
2706 ret = bgp_attr_aggregator(&attr_args);
2707 break;
2708 case BGP_ATTR_AS4_AGGREGATOR:
2709 ret = bgp_attr_as4_aggregator(&attr_args,
2710 &as4_aggregator,
2711 &as4_aggregator_addr);
2712 break;
2713 case BGP_ATTR_COMMUNITIES:
2714 ret = bgp_attr_community(&attr_args);
2715 break;
2716 case BGP_ATTR_LARGE_COMMUNITIES:
2717 ret = bgp_attr_large_community(&attr_args);
2718 break;
2719 case BGP_ATTR_ORIGINATOR_ID:
2720 ret = bgp_attr_originator_id(&attr_args);
2721 break;
2722 case BGP_ATTR_CLUSTER_LIST:
2723 ret = bgp_attr_cluster_list(&attr_args);
2724 break;
2725 case BGP_ATTR_MP_REACH_NLRI:
2726 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2727 break;
2728 case BGP_ATTR_MP_UNREACH_NLRI:
2729 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2730 break;
2731 case BGP_ATTR_EXT_COMMUNITIES:
2732 ret = bgp_attr_ext_communities(&attr_args);
2733 break;
2734 #if ENABLE_BGP_VNC_ATTR
2735 case BGP_ATTR_VNC:
2736 #endif
2737 case BGP_ATTR_ENCAP:
2738 ret = bgp_attr_encap(type, peer, length, attr, flag,
2739 startp);
2740 break;
2741 case BGP_ATTR_PREFIX_SID:
2742 ret = bgp_attr_prefix_sid(&attr_args, mp_update);
2743 break;
2744 case BGP_ATTR_PMSI_TUNNEL:
2745 ret = bgp_attr_pmsi_tunnel(&attr_args);
2746 break;
2747 default:
2748 ret = bgp_attr_unknown(&attr_args);
2749 break;
2750 }
2751
2752 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2753 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2754 BGP_NOTIFY_UPDATE_MAL_ATTR);
2755 ret = BGP_ATTR_PARSE_ERROR;
2756 goto done;
2757 }
2758
2759 if (ret == BGP_ATTR_PARSE_EOR) {
2760 goto done;
2761 }
2762
2763 if (ret == BGP_ATTR_PARSE_ERROR) {
2764 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR,
2765 "%s: Attribute %s, parse error", peer->host,
2766 lookup_msg(attr_str, type, NULL));
2767 goto done;
2768 }
2769 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2770 flog_warn(
2771 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW,
2772 "%s: Attribute %s, parse error - treating as withdrawal",
2773 peer->host, lookup_msg(attr_str, type, NULL));
2774 goto done;
2775 }
2776
2777 /* Check the fetched length. */
2778 if (BGP_INPUT_PNT(peer) != attr_endp) {
2779 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR,
2780 "%s: BGP attribute %s, fetch error",
2781 peer->host, lookup_msg(attr_str, type, NULL));
2782 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2783 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2784 ret = BGP_ATTR_PARSE_ERROR;
2785 goto done;
2786 }
2787 }
2788
2789 /* Check final read pointer is same as end pointer. */
2790 if (BGP_INPUT_PNT(peer) != endp) {
2791 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH,
2792 "%s: BGP attribute %s, length mismatch", peer->host,
2793 lookup_msg(attr_str, type, NULL));
2794 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2795 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2796
2797 ret = BGP_ATTR_PARSE_ERROR;
2798 goto done;
2799 }
2800
2801 /*
2802 * RFC4271: If the NEXT_HOP attribute field is syntactically incorrect,
2803 * then the Error Subcode MUST be set to Invalid NEXT_HOP Attribute.
2804 * This is implemented below and will result in a NOTIFICATION. If the
2805 * NEXT_HOP attribute is semantically incorrect, the error SHOULD be
2806 * logged, and the route SHOULD be ignored. In this case, a NOTIFICATION
2807 * message SHOULD NOT be sent. This is implemented elsewhere.
2808 *
2809 * RFC4760: An UPDATE message that carries no NLRI, other than the one
2810 * encoded in the MP_REACH_NLRI attribute, SHOULD NOT carry the NEXT_HOP
2811 * attribute. If such a message contains the NEXT_HOP attribute, the BGP
2812 * speaker that receives the message SHOULD ignore this attribute.
2813 */
2814 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2815 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
2816 if (bgp_attr_nexthop_valid(peer, attr) < 0) {
2817 ret = BGP_ATTR_PARSE_ERROR;
2818 goto done;
2819 }
2820 }
2821
2822 /* Check all mandatory well-known attributes are present */
2823 if ((ret = bgp_attr_check(peer, attr)) < 0)
2824 goto done;
2825
2826 /*
2827 * At this place we can see whether we got AS4_PATH and/or
2828 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2829 * We can not do this before we've read all attributes because
2830 * the as4 handling does not say whether AS4_PATH has to be sent
2831 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2832 * in relationship to AGGREGATOR.
2833 * So, to be defensive, we are not relying on any order and read
2834 * all attributes first, including these 32bit ones, and now,
2835 * afterwards, we look what and if something is to be done for as4.
2836 *
2837 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2838 * MP_UNREACH_NLRI.
2839 */
2840 /* actually... this doesn't ever return failure currently, but
2841 * better safe than sorry */
2842 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2843 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2844 &as4_aggregator_addr)) {
2845 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2846 BGP_NOTIFY_UPDATE_MAL_ATTR);
2847 ret = BGP_ATTR_PARSE_ERROR;
2848 goto done;
2849 }
2850
2851 /*
2852 * Finally do the checks on the aspath we did not do yet
2853 * because we waited for a potentially synthesized aspath.
2854 */
2855 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2856 ret = bgp_attr_aspath_check(peer, attr);
2857 if (ret != BGP_ATTR_PARSE_PROCEED)
2858 goto done;
2859 }
2860
2861 ret = BGP_ATTR_PARSE_PROCEED;
2862 done:
2863
2864 /*
2865 * At this stage, we have done all fiddling with as4, and the
2866 * resulting info is in attr->aggregator resp. attr->aspath so
2867 * we can chuck as4_aggregator and as4_path alltogether in order
2868 * to save memory
2869 */
2870 if (as4_path) {
2871 /*
2872 * unintern - it is in the hash
2873 * The flag that we got this is still there, but that
2874 * does not do any trouble
2875 */
2876 aspath_unintern(&as4_path);
2877 }
2878
2879 if (ret != BGP_ATTR_PARSE_ERROR) {
2880 /* Finally intern unknown attribute. */
2881 if (attr->transit)
2882 attr->transit = transit_intern(attr->transit);
2883 if (attr->encap_subtlvs)
2884 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
2885 ENCAP_SUBTLV_TYPE);
2886 #if ENABLE_BGP_VNC
2887 if (attr->vnc_subtlvs)
2888 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
2889 VNC_SUBTLV_TYPE);
2890 #endif
2891 } else {
2892 if (attr->transit) {
2893 transit_free(attr->transit);
2894 attr->transit = NULL;
2895 }
2896
2897 bgp_attr_flush_encap(attr);
2898 };
2899
2900 /* Sanity checks */
2901 if (attr->transit)
2902 assert(attr->transit->refcnt > 0);
2903 if (attr->encap_subtlvs)
2904 assert(attr->encap_subtlvs->refcnt > 0);
2905 #if ENABLE_BGP_VNC
2906 if (attr->vnc_subtlvs)
2907 assert(attr->vnc_subtlvs->refcnt > 0);
2908 #endif
2909
2910 return ret;
2911 }
2912
2913 /*
2914 * Extract the tunnel type from extended community
2915 */
2916 void bgp_attr_extcom_tunnel_type(struct attr *attr,
2917 bgp_encap_types *tunnel_type)
2918 {
2919 struct ecommunity *ecom;
2920 int i;
2921 if (!attr)
2922 return;
2923
2924 ecom = attr->ecommunity;
2925 if (!ecom || !ecom->size)
2926 return;
2927
2928 for (i = 0; i < ecom->size; i++) {
2929 uint8_t *pnt;
2930 uint8_t type, sub_type;
2931
2932 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2933 type = pnt[0];
2934 sub_type = pnt[1];
2935 if (!(type == ECOMMUNITY_ENCODE_OPAQUE &&
2936 sub_type == ECOMMUNITY_OPAQUE_SUBTYPE_ENCAP))
2937 continue;
2938 *tunnel_type = ((pnt[6] << 8) | pnt[7]);
2939 return;
2940 }
2941
2942 return;
2943 }
2944
2945 size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2946 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2947 struct attr *attr)
2948 {
2949 size_t sizep;
2950 iana_afi_t pkt_afi;
2951 iana_safi_t pkt_safi;
2952 afi_t nh_afi;
2953
2954 /* Set extended bit always to encode the attribute length as 2 bytes */
2955 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2956 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2957 sizep = stream_get_endp(s);
2958 stream_putw(s, 0); /* Marker: Attribute length. */
2959
2960
2961 /* Convert AFI, SAFI to values for packet. */
2962 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2963
2964 stream_putw(s, pkt_afi); /* AFI */
2965 stream_putc(s, pkt_safi); /* SAFI */
2966
2967 /* Nexthop AFI */
2968 if (afi == AFI_IP
2969 && (safi == SAFI_UNICAST ||
2970 safi == SAFI_LABELED_UNICAST ||
2971 safi == SAFI_MULTICAST))
2972 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
2973 else
2974 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2975
2976 /* Nexthop */
2977 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2978 switch (nh_afi) {
2979 case AFI_IP:
2980 switch (safi) {
2981 case SAFI_UNICAST:
2982 case SAFI_MULTICAST:
2983 case SAFI_LABELED_UNICAST:
2984 stream_putc(s, 4);
2985 stream_put_ipv4(s, attr->nexthop.s_addr);
2986 break;
2987 case SAFI_MPLS_VPN:
2988 stream_putc(s, 12);
2989 stream_putl(s, 0); /* RD = 0, per RFC */
2990 stream_putl(s, 0);
2991 stream_put(s, &attr->mp_nexthop_global_in, 4);
2992 break;
2993 case SAFI_ENCAP:
2994 case SAFI_EVPN:
2995 stream_putc(s, 4);
2996 stream_put(s, &attr->mp_nexthop_global_in, 4);
2997 break;
2998 case SAFI_FLOWSPEC:
2999 stream_putc(s, 0); /* no nexthop for flowspec */
3000 default:
3001 break;
3002 }
3003 break;
3004 case AFI_IP6:
3005 switch (safi) {
3006 case SAFI_UNICAST:
3007 case SAFI_MULTICAST:
3008 case SAFI_LABELED_UNICAST:
3009 case SAFI_EVPN: {
3010 if (attr->mp_nexthop_len
3011 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
3012 stream_putc(s,
3013 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
3014 stream_put(s, &attr->mp_nexthop_global,
3015 IPV6_MAX_BYTELEN);
3016 stream_put(s, &attr->mp_nexthop_local,
3017 IPV6_MAX_BYTELEN);
3018 } else {
3019 stream_putc(s, IPV6_MAX_BYTELEN);
3020 stream_put(s, &attr->mp_nexthop_global,
3021 IPV6_MAX_BYTELEN);
3022 }
3023 } break;
3024 case SAFI_MPLS_VPN: {
3025 if (attr->mp_nexthop_len
3026 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
3027 stream_putc(s, 24);
3028 stream_putl(s, 0); /* RD = 0, per RFC */
3029 stream_putl(s, 0);
3030 stream_put(s, &attr->mp_nexthop_global,
3031 IPV6_MAX_BYTELEN);
3032 } else if (attr->mp_nexthop_len
3033 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
3034 stream_putc(s, 48);
3035 stream_putl(s, 0); /* RD = 0, per RFC */
3036 stream_putl(s, 0);
3037 stream_put(s, &attr->mp_nexthop_global,
3038 IPV6_MAX_BYTELEN);
3039 stream_putl(s, 0); /* RD = 0, per RFC */
3040 stream_putl(s, 0);
3041 stream_put(s, &attr->mp_nexthop_local,
3042 IPV6_MAX_BYTELEN);
3043 }
3044 } break;
3045 case SAFI_ENCAP:
3046 stream_putc(s, IPV6_MAX_BYTELEN);
3047 stream_put(s, &attr->mp_nexthop_global,
3048 IPV6_MAX_BYTELEN);
3049 break;
3050 case SAFI_FLOWSPEC:
3051 stream_putc(s, 0); /* no nexthop for flowspec */
3052 default:
3053 break;
3054 }
3055 break;
3056 default:
3057 if (safi != SAFI_FLOWSPEC)
3058 flog_err(
3059 EC_BGP_ATTR_NH_SEND_LEN,
3060 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
3061 peer->host, afi, safi, attr->mp_nexthop_len);
3062 break;
3063 }
3064
3065 /* SNPA */
3066 stream_putc(s, 0);
3067 return sizep;
3068 }
3069
3070 void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
3071 struct prefix *p, struct prefix_rd *prd,
3072 mpls_label_t *label, uint32_t num_labels,
3073 int addpath_encode, uint32_t addpath_tx_id,
3074 struct attr *attr)
3075 {
3076 if (safi == SAFI_MPLS_VPN) {
3077 if (addpath_encode)
3078 stream_putl(s, addpath_tx_id);
3079 /* Label, RD, Prefix write. */
3080 stream_putc(s, p->prefixlen + 88);
3081 stream_put(s, label, BGP_LABEL_BYTES);
3082 stream_put(s, prd->val, 8);
3083 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
3084 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
3085 /* EVPN prefix - contents depend on type */
3086 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
3087 addpath_encode, addpath_tx_id);
3088 } else if (safi == SAFI_LABELED_UNICAST) {
3089 /* Prefix write with label. */
3090 stream_put_labeled_prefix(s, p, label, addpath_encode,
3091 addpath_tx_id);
3092 } else if (safi == SAFI_FLOWSPEC) {
3093 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
3094 stream_putc(s, PSIZE (p->prefixlen)+2);
3095 else
3096 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
3097 stream_putc(s, 2);/* Filter type */
3098 stream_putc(s, p->prefixlen);/* Prefix length */
3099 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
3100 } else
3101 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
3102 }
3103
3104 size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
3105 {
3106 int size = PSIZE(p->prefixlen);
3107 if (safi == SAFI_MPLS_VPN)
3108 size += 88;
3109 else if (safi == SAFI_LABELED_UNICAST)
3110 size += BGP_LABEL_BYTES;
3111 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
3112 size += 232; // TODO: Maximum possible for type-2, type-3 and
3113 // type-5
3114 return size;
3115 }
3116
3117 /*
3118 * Encodes the tunnel encapsulation attribute,
3119 * and with ENABLE_BGP_VNC the VNC attribute which uses
3120 * almost the same TLV format
3121 */
3122 static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
3123 struct stream *s, struct attr *attr,
3124 uint8_t attrtype)
3125 {
3126 unsigned int attrlenfield = 0;
3127 unsigned int attrhdrlen = 0;
3128 struct bgp_attr_encap_subtlv *subtlvs;
3129 struct bgp_attr_encap_subtlv *st;
3130 const char *attrname;
3131
3132 if (!attr || (attrtype == BGP_ATTR_ENCAP
3133 && (!attr->encap_tunneltype
3134 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
3135 return;
3136
3137 switch (attrtype) {
3138 case BGP_ATTR_ENCAP:
3139 attrname = "Tunnel Encap";
3140 subtlvs = attr->encap_subtlvs;
3141 if (subtlvs == NULL) /* nothing to do */
3142 return;
3143 /*
3144 * The tunnel encap attr has an "outer" tlv.
3145 * T = tunneltype,
3146 * L = total length of subtlvs,
3147 * V = concatenated subtlvs.
3148 */
3149 attrlenfield = 2 + 2; /* T + L */
3150 attrhdrlen = 1 + 1; /* subTLV T + L */
3151 break;
3152
3153 #if ENABLE_BGP_VNC_ATTR
3154 case BGP_ATTR_VNC:
3155 attrname = "VNC";
3156 subtlvs = attr->vnc_subtlvs;
3157 if (subtlvs == NULL) /* nothing to do */
3158 return;
3159 attrlenfield = 0; /* no outer T + L */
3160 attrhdrlen = 2 + 2; /* subTLV T + L */
3161 break;
3162 #endif
3163
3164 default:
3165 assert(0);
3166 }
3167
3168 /* compute attr length */
3169 for (st = subtlvs; st; st = st->next) {
3170 attrlenfield += (attrhdrlen + st->length);
3171 }
3172
3173 if (attrlenfield > 0xffff) {
3174 zlog_info("%s attribute is too long (length=%d), can't send it",
3175 attrname, attrlenfield);
3176 return;
3177 }
3178
3179 if (attrlenfield > 0xff) {
3180 /* 2-octet length field */
3181 stream_putc(s,
3182 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3183 | BGP_ATTR_FLAG_EXTLEN);
3184 stream_putc(s, attrtype);
3185 stream_putw(s, attrlenfield & 0xffff);
3186 } else {
3187 /* 1-octet length field */
3188 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
3189 stream_putc(s, attrtype);
3190 stream_putc(s, attrlenfield & 0xff);
3191 }
3192
3193 if (attrtype == BGP_ATTR_ENCAP) {
3194 /* write outer T+L */
3195 stream_putw(s, attr->encap_tunneltype);
3196 stream_putw(s, attrlenfield - 4);
3197 }
3198
3199 /* write each sub-tlv */
3200 for (st = subtlvs; st; st = st->next) {
3201 if (attrtype == BGP_ATTR_ENCAP) {
3202 stream_putc(s, st->type);
3203 stream_putc(s, st->length);
3204 #if ENABLE_BGP_VNC
3205 } else {
3206 stream_putw(s, st->type);
3207 stream_putw(s, st->length);
3208 #endif
3209 }
3210 stream_put(s, st->value, st->length);
3211 }
3212 }
3213
3214 void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
3215 {
3216 /* Set MP attribute length. Don't count the (2) bytes used to encode
3217 the attr length */
3218 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
3219 }
3220
3221 static int bgp_append_local_as(struct peer *peer, afi_t afi, safi_t safi)
3222 {
3223 if (!BGP_AS_IS_PRIVATE(peer->local_as)
3224 || (BGP_AS_IS_PRIVATE(peer->local_as)
3225 && !CHECK_FLAG(peer->af_flags[afi][safi],
3226 PEER_FLAG_REMOVE_PRIVATE_AS)
3227 && !CHECK_FLAG(peer->af_flags[afi][safi],
3228 PEER_FLAG_REMOVE_PRIVATE_AS_ALL)
3229 && !CHECK_FLAG(peer->af_flags[afi][safi],
3230 PEER_FLAG_REMOVE_PRIVATE_AS_REPLACE)
3231 && !CHECK_FLAG(peer->af_flags[afi][safi],
3232 PEER_FLAG_REMOVE_PRIVATE_AS_ALL_REPLACE)))
3233 return 1;
3234 return 0;
3235 }
3236
3237 /* Make attribute packet. */
3238 bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
3239 struct stream *s, struct attr *attr,
3240 struct bpacket_attr_vec_arr *vecarr,
3241 struct prefix *p, afi_t afi, safi_t safi,
3242 struct peer *from, struct prefix_rd *prd,
3243 mpls_label_t *label, uint32_t num_labels,
3244 int addpath_encode, uint32_t addpath_tx_id)
3245 {
3246 size_t cp;
3247 size_t aspath_sizep;
3248 struct aspath *aspath;
3249 int send_as4_path = 0;
3250 int send_as4_aggregator = 0;
3251 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
3252
3253 if (!bgp)
3254 bgp = peer->bgp;
3255
3256 /* Remember current pointer. */
3257 cp = stream_get_endp(s);
3258
3259 if (p
3260 && !((afi == AFI_IP && safi == SAFI_UNICAST)
3261 && !peer_cap_enhe(peer, afi, safi))) {
3262 size_t mpattrlen_pos = 0;
3263
3264 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
3265 vecarr, attr);
3266 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3267 num_labels, addpath_encode,
3268 addpath_tx_id, attr);
3269 bgp_packet_mpattr_end(s, mpattrlen_pos);
3270 }
3271
3272 /* Origin attribute. */
3273 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3274 stream_putc(s, BGP_ATTR_ORIGIN);
3275 stream_putc(s, 1);
3276 stream_putc(s, attr->origin);
3277
3278 /* AS path attribute. */
3279
3280 /* If remote-peer is EBGP */
3281 if (peer->sort == BGP_PEER_EBGP
3282 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3283 PEER_FLAG_AS_PATH_UNCHANGED)
3284 || attr->aspath->segments == NULL)
3285 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3286 PEER_FLAG_RSERVER_CLIENT))) {
3287 aspath = aspath_dup(attr->aspath);
3288
3289 /* Even though we may not be configured for confederations we
3290 * may have
3291 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3292 aspath = aspath_delete_confed_seq(aspath);
3293
3294 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3295 /* Stuff our path CONFED_ID on the front */
3296 aspath = aspath_add_seq(aspath, bgp->confed_id);
3297 } else {
3298 if (peer->change_local_as) {
3299 /* If replace-as is specified, we only use the
3300 change_local_as when
3301 advertising routes. */
3302 if (!CHECK_FLAG(peer->flags,
3303 PEER_FLAG_LOCAL_AS_REPLACE_AS))
3304 if (bgp_append_local_as(peer, afi,
3305 safi))
3306 aspath = aspath_add_seq(
3307 aspath, peer->local_as);
3308 aspath = aspath_add_seq(aspath,
3309 peer->change_local_as);
3310 } else {
3311 aspath = aspath_add_seq(aspath, peer->local_as);
3312 }
3313 }
3314 } else if (peer->sort == BGP_PEER_CONFED) {
3315 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3316 * thing */
3317 aspath = aspath_dup(attr->aspath);
3318 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3319 } else
3320 aspath = attr->aspath;
3321
3322 /* If peer is not AS4 capable, then:
3323 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3324 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3325 * segment
3326 * types are in it (i.e. exclude them if they are there)
3327 * AND do this only if there is at least one asnum > 65535 in the
3328 * path!
3329 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3330 * change
3331 * all ASnums > 65535 to BGP_AS_TRANS
3332 */
3333
3334 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3335 stream_putc(s, BGP_ATTR_AS_PATH);
3336 aspath_sizep = stream_get_endp(s);
3337 stream_putw(s, 0);
3338 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3339
3340 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3341 * in the path
3342 */
3343 if (!use32bit && aspath_has_as4(aspath))
3344 send_as4_path =
3345 1; /* we'll do this later, at the correct place */
3346
3347 /* Nexthop attribute. */
3348 if (afi == AFI_IP && safi == SAFI_UNICAST
3349 && !peer_cap_enhe(peer, afi, safi)) {
3350 afi_t nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
3351
3352 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3353 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3354 stream_putc(s, BGP_ATTR_NEXT_HOP);
3355 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3356 attr);
3357 stream_putc(s, 4);
3358 stream_put_ipv4(s, attr->nexthop.s_addr);
3359 } else if (peer_cap_enhe(from, afi, safi)
3360 || (nh_afi == AFI_IP6)) {
3361 /*
3362 * Likely this is the case when an IPv4 prefix was
3363 * received with Extended Next-hop capability in this
3364 * or another vrf and is now being advertised to
3365 * non-ENHE peers. Since peer_cap_enhe only checks
3366 * peers in this vrf, also check the nh_afi to catch
3367 * the case where the originator was in another vrf.
3368 * Setting the mandatory (ipv4) next-hop attribute here
3369 * to enable implicit next-hop self with correct A-F
3370 * (ipv4 address family).
3371 */
3372 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3373 stream_putc(s, BGP_ATTR_NEXT_HOP);
3374 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3375 NULL);
3376 stream_putc(s, 4);
3377 stream_put_ipv4(s, 0);
3378 }
3379 }
3380
3381 /* MED attribute. */
3382 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3383 || bgp->maxmed_active) {
3384 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3385 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3386 stream_putc(s, 4);
3387 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3388 : attr->med));
3389 }
3390
3391 /* Local preference. */
3392 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3393 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3394 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3395 stream_putc(s, 4);
3396 stream_putl(s, attr->local_pref);
3397 }
3398
3399 /* Atomic aggregate. */
3400 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3401 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3402 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3403 stream_putc(s, 0);
3404 }
3405
3406 /* Aggregator. */
3407 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3408 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3409 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3410 stream_putc(s, BGP_ATTR_AGGREGATOR);
3411
3412 if (use32bit) {
3413 /* AS4 capable peer */
3414 stream_putc(s, 8);
3415 stream_putl(s, attr->aggregator_as);
3416 } else {
3417 /* 2-byte AS peer */
3418 stream_putc(s, 6);
3419
3420 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3421 * used? */
3422 if (attr->aggregator_as > 65535) {
3423 stream_putw(s, BGP_AS_TRANS);
3424
3425 /* we have to send AS4_AGGREGATOR, too.
3426 * we'll do that later in order to send
3427 * attributes in ascending
3428 * order.
3429 */
3430 send_as4_aggregator = 1;
3431 } else
3432 stream_putw(s, (uint16_t)attr->aggregator_as);
3433 }
3434 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3435 }
3436
3437 /* Community attribute. */
3438 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3439 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3440 if (attr->community->size * 4 > 255) {
3441 stream_putc(s,
3442 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3443 | BGP_ATTR_FLAG_EXTLEN);
3444 stream_putc(s, BGP_ATTR_COMMUNITIES);
3445 stream_putw(s, attr->community->size * 4);
3446 } else {
3447 stream_putc(s,
3448 BGP_ATTR_FLAG_OPTIONAL
3449 | BGP_ATTR_FLAG_TRANS);
3450 stream_putc(s, BGP_ATTR_COMMUNITIES);
3451 stream_putc(s, attr->community->size * 4);
3452 }
3453 stream_put(s, attr->community->val, attr->community->size * 4);
3454 }
3455
3456 /*
3457 * Large Community attribute.
3458 */
3459 if (CHECK_FLAG(peer->af_flags[afi][safi],
3460 PEER_FLAG_SEND_LARGE_COMMUNITY)
3461 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
3462 if (lcom_length(attr->lcommunity) > 255) {
3463 stream_putc(s,
3464 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3465 | BGP_ATTR_FLAG_EXTLEN);
3466 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3467 stream_putw(s, lcom_length(attr->lcommunity));
3468 } else {
3469 stream_putc(s,
3470 BGP_ATTR_FLAG_OPTIONAL
3471 | BGP_ATTR_FLAG_TRANS);
3472 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3473 stream_putc(s, lcom_length(attr->lcommunity));
3474 }
3475 stream_put(s, attr->lcommunity->val,
3476 lcom_length(attr->lcommunity));
3477 }
3478
3479 /* Route Reflector. */
3480 if (peer->sort == BGP_PEER_IBGP && from
3481 && from->sort == BGP_PEER_IBGP) {
3482 /* Originator ID. */
3483 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3484 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3485 stream_putc(s, 4);
3486
3487 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3488 stream_put_in_addr(s, &attr->originator_id);
3489 else
3490 stream_put_in_addr(s, &from->remote_id);
3491
3492 /* Cluster list. */
3493 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3494 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3495
3496 if (attr->cluster) {
3497 stream_putc(s, attr->cluster->length + 4);
3498 /* If this peer configuration's parent BGP has
3499 * cluster_id. */
3500 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3501 stream_put_in_addr(s, &bgp->cluster_id);
3502 else
3503 stream_put_in_addr(s, &bgp->router_id);
3504 stream_put(s, attr->cluster->list,
3505 attr->cluster->length);
3506 } else {
3507 stream_putc(s, 4);
3508 /* If this peer configuration's parent BGP has
3509 * cluster_id. */
3510 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3511 stream_put_in_addr(s, &bgp->cluster_id);
3512 else
3513 stream_put_in_addr(s, &bgp->router_id);
3514 }
3515 }
3516
3517 /* Extended Communities attribute. */
3518 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3519 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3520 if (peer->sort == BGP_PEER_IBGP
3521 || peer->sort == BGP_PEER_CONFED) {
3522 if (attr->ecommunity->size * 8 > 255) {
3523 stream_putc(s,
3524 BGP_ATTR_FLAG_OPTIONAL
3525 | BGP_ATTR_FLAG_TRANS
3526 | BGP_ATTR_FLAG_EXTLEN);
3527 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3528 stream_putw(s, attr->ecommunity->size * 8);
3529 } else {
3530 stream_putc(s,
3531 BGP_ATTR_FLAG_OPTIONAL
3532 | BGP_ATTR_FLAG_TRANS);
3533 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3534 stream_putc(s, attr->ecommunity->size * 8);
3535 }
3536 stream_put(s, attr->ecommunity->val,
3537 attr->ecommunity->size * 8);
3538 } else {
3539 uint8_t *pnt;
3540 int tbit;
3541 int ecom_tr_size = 0;
3542 int i;
3543
3544 for (i = 0; i < attr->ecommunity->size; i++) {
3545 pnt = attr->ecommunity->val + (i * 8);
3546 tbit = *pnt;
3547
3548 if (CHECK_FLAG(tbit,
3549 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3550 continue;
3551
3552 ecom_tr_size++;
3553 }
3554
3555 if (ecom_tr_size) {
3556 if (ecom_tr_size * 8 > 255) {
3557 stream_putc(
3558 s,
3559 BGP_ATTR_FLAG_OPTIONAL
3560 | BGP_ATTR_FLAG_TRANS
3561 | BGP_ATTR_FLAG_EXTLEN);
3562 stream_putc(s,
3563 BGP_ATTR_EXT_COMMUNITIES);
3564 stream_putw(s, ecom_tr_size * 8);
3565 } else {
3566 stream_putc(
3567 s,
3568 BGP_ATTR_FLAG_OPTIONAL
3569 | BGP_ATTR_FLAG_TRANS);
3570 stream_putc(s,
3571 BGP_ATTR_EXT_COMMUNITIES);
3572 stream_putc(s, ecom_tr_size * 8);
3573 }
3574
3575 for (i = 0; i < attr->ecommunity->size; i++) {
3576 pnt = attr->ecommunity->val + (i * 8);
3577 tbit = *pnt;
3578
3579 if (CHECK_FLAG(
3580 tbit,
3581 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3582 continue;
3583
3584 stream_put(s, pnt, 8);
3585 }
3586 }
3587 }
3588 }
3589
3590 /* Label index attribute. */
3591 if (safi == SAFI_LABELED_UNICAST) {
3592 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3593 uint32_t label_index;
3594
3595 label_index = attr->label_index;
3596
3597 if (label_index != BGP_INVALID_LABEL_INDEX) {
3598 stream_putc(s,
3599 BGP_ATTR_FLAG_OPTIONAL
3600 | BGP_ATTR_FLAG_TRANS);
3601 stream_putc(s, BGP_ATTR_PREFIX_SID);
3602 stream_putc(s, 10);
3603 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3604 stream_putw(s,
3605 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3606 stream_putc(s, 0); // reserved
3607 stream_putw(s, 0); // flags
3608 stream_putl(s, label_index);
3609 }
3610 }
3611 }
3612
3613 if (send_as4_path) {
3614 /* If the peer is NOT As4 capable, AND */
3615 /* there are ASnums > 65535 in path THEN
3616 * give out AS4_PATH */
3617
3618 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3619 * path segments!
3620 * Hm, I wonder... confederation things *should* only be at
3621 * the beginning of an aspath, right? Then we should use
3622 * aspath_delete_confed_seq for this, because it is already
3623 * there! (JK)
3624 * Folks, talk to me: what is reasonable here!?
3625 */
3626 aspath = aspath_delete_confed_seq(aspath);
3627
3628 stream_putc(s,
3629 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3630 | BGP_ATTR_FLAG_EXTLEN);
3631 stream_putc(s, BGP_ATTR_AS4_PATH);
3632 aspath_sizep = stream_get_endp(s);
3633 stream_putw(s, 0);
3634 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3635 }
3636
3637 if (aspath != attr->aspath)
3638 aspath_free(aspath);
3639
3640 if (send_as4_aggregator) {
3641 /* send AS4_AGGREGATOR, at this place */
3642 /* this section of code moved here in order to ensure the
3643 * correct
3644 * *ascending* order of attributes
3645 */
3646 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3647 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3648 stream_putc(s, 8);
3649 stream_putl(s, attr->aggregator_as);
3650 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3651 }
3652
3653 if (((afi == AFI_IP || afi == AFI_IP6)
3654 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3655 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3656 /* Tunnel Encap attribute */
3657 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
3658
3659 #if ENABLE_BGP_VNC_ATTR
3660 /* VNC attribute */
3661 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
3662 #endif
3663 }
3664
3665 /* PMSI Tunnel */
3666 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3667 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3668 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3669 stream_putc(s, 9); // Length
3670 stream_putc(s, 0); // Flags
3671 stream_putc(s, attr->pmsi_tnl_type);
3672 stream_put(s, &(attr->label),
3673 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
3674 stream_put_ipv4(s, attr->nexthop.s_addr);
3675 // Unicast tunnel endpoint IP address
3676 }
3677
3678 /* Unknown transit attribute. */
3679 if (attr->transit)
3680 stream_put(s, attr->transit->val, attr->transit->length);
3681
3682 /* Return total size of attribute. */
3683 return stream_get_endp(s) - cp;
3684 }
3685
3686 size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
3687 {
3688 unsigned long attrlen_pnt;
3689 iana_afi_t pkt_afi;
3690 iana_safi_t pkt_safi;
3691
3692 /* Set extended bit always to encode the attribute length as 2 bytes */
3693 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3694 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
3695
3696 attrlen_pnt = stream_get_endp(s);
3697 stream_putw(s, 0); /* Length of this attribute. */
3698
3699 /* Convert AFI, SAFI to values for packet. */
3700 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
3701
3702 stream_putw(s, pkt_afi);
3703 stream_putc(s, pkt_safi);
3704
3705 return attrlen_pnt;
3706 }
3707
3708 void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3709 safi_t safi, struct prefix_rd *prd,
3710 mpls_label_t *label, uint32_t num_labels,
3711 int addpath_encode, uint32_t addpath_tx_id,
3712 struct attr *attr)
3713 {
3714 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
3715
3716 if (safi == SAFI_LABELED_UNICAST) {
3717 label = (mpls_label_t *)wlabel;
3718 num_labels = 1;
3719 }
3720
3721 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
3722 addpath_encode, addpath_tx_id, attr);
3723 }
3724
3725 void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
3726 {
3727 bgp_packet_mpattr_end(s, attrlen_pnt);
3728 }
3729
3730 /* Initialization of attribute. */
3731 void bgp_attr_init(void)
3732 {
3733 aspath_init();
3734 attrhash_init();
3735 community_init();
3736 ecommunity_init();
3737 lcommunity_init();
3738 cluster_init();
3739 transit_init();
3740 encap_init();
3741 }
3742
3743 void bgp_attr_finish(void)
3744 {
3745 aspath_finish();
3746 attrhash_finish();
3747 community_finish();
3748 ecommunity_finish();
3749 lcommunity_finish();
3750 cluster_finish();
3751 transit_finish();
3752 encap_finish();
3753 }
3754
3755 /* Make attribute packet. */
3756 void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3757 struct prefix *prefix)
3758 {
3759 unsigned long cp;
3760 unsigned long len;
3761 size_t aspath_lenp;
3762 struct aspath *aspath;
3763 int addpath_encode = 0;
3764 uint32_t addpath_tx_id = 0;
3765
3766 /* Remember current pointer. */
3767 cp = stream_get_endp(s);
3768
3769 /* Place holder of length. */
3770 stream_putw(s, 0);
3771
3772 /* Origin attribute. */
3773 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3774 stream_putc(s, BGP_ATTR_ORIGIN);
3775 stream_putc(s, 1);
3776 stream_putc(s, attr->origin);
3777
3778 aspath = attr->aspath;
3779
3780 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3781 stream_putc(s, BGP_ATTR_AS_PATH);
3782 aspath_lenp = stream_get_endp(s);
3783 stream_putw(s, 0);
3784
3785 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3786
3787 /* Nexthop attribute. */
3788 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3789 if (prefix != NULL && prefix->family != AF_INET6) {
3790 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3791 stream_putc(s, BGP_ATTR_NEXT_HOP);
3792 stream_putc(s, 4);
3793 stream_put_ipv4(s, attr->nexthop.s_addr);
3794 }
3795
3796 /* MED attribute. */
3797 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3798 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3799 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3800 stream_putc(s, 4);
3801 stream_putl(s, attr->med);
3802 }
3803
3804 /* Local preference. */
3805 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3806 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3807 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3808 stream_putc(s, 4);
3809 stream_putl(s, attr->local_pref);
3810 }
3811
3812 /* Atomic aggregate. */
3813 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3814 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3815 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3816 stream_putc(s, 0);
3817 }
3818
3819 /* Aggregator. */
3820 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3821 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3822 stream_putc(s, BGP_ATTR_AGGREGATOR);
3823 stream_putc(s, 8);
3824 stream_putl(s, attr->aggregator_as);
3825 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3826 }
3827
3828 /* Community attribute. */
3829 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3830 if (attr->community->size * 4 > 255) {
3831 stream_putc(s,
3832 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3833 | BGP_ATTR_FLAG_EXTLEN);
3834 stream_putc(s, BGP_ATTR_COMMUNITIES);
3835 stream_putw(s, attr->community->size * 4);
3836 } else {
3837 stream_putc(s,
3838 BGP_ATTR_FLAG_OPTIONAL
3839 | BGP_ATTR_FLAG_TRANS);
3840 stream_putc(s, BGP_ATTR_COMMUNITIES);
3841 stream_putc(s, attr->community->size * 4);
3842 }
3843 stream_put(s, attr->community->val, attr->community->size * 4);
3844 }
3845
3846 /* Large Community attribute. */
3847 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
3848 if (lcom_length(attr->lcommunity) > 255) {
3849 stream_putc(s,
3850 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3851 | BGP_ATTR_FLAG_EXTLEN);
3852 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3853 stream_putw(s, lcom_length(attr->lcommunity));
3854 } else {
3855 stream_putc(s,
3856 BGP_ATTR_FLAG_OPTIONAL
3857 | BGP_ATTR_FLAG_TRANS);
3858 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3859 stream_putc(s, lcom_length(attr->lcommunity));
3860 }
3861
3862 stream_put(s, attr->lcommunity->val,
3863 lcom_length(attr->lcommunity));
3864 }
3865
3866 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3867 if (prefix != NULL && prefix->family == AF_INET6
3868 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3869 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3870 int sizep;
3871
3872 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3873 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3874 sizep = stream_get_endp(s);
3875
3876 /* MP header */
3877 stream_putc(s, 0); /* Marker: Attribute length. */
3878 stream_putw(s, AFI_IP6); /* AFI */
3879 stream_putc(s, SAFI_UNICAST); /* SAFI */
3880
3881 /* Next hop */
3882 stream_putc(s, attr->mp_nexthop_len);
3883 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3884 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3885 stream_put(s, &attr->mp_nexthop_local,
3886 IPV6_MAX_BYTELEN);
3887
3888 /* SNPA */
3889 stream_putc(s, 0);
3890
3891 /* Prefix */
3892 stream_put_prefix_addpath(s, prefix, addpath_encode,
3893 addpath_tx_id);
3894
3895 /* Set MP attribute length. */
3896 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3897 }
3898
3899 /* Prefix SID */
3900 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3901 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
3902 stream_putc(s,
3903 BGP_ATTR_FLAG_OPTIONAL
3904 | BGP_ATTR_FLAG_TRANS);
3905 stream_putc(s, BGP_ATTR_PREFIX_SID);
3906 stream_putc(s, 10);
3907 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3908 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3909 stream_putc(s, 0); // reserved
3910 stream_putw(s, 0); // flags
3911 stream_putl(s, attr->label_index);
3912 }
3913 }
3914
3915 /* Return total size of attribute. */
3916 len = stream_get_endp(s) - cp - 2;
3917 stream_putw_at(s, cp, len);
3918 }
FRRouting mirror