]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_attr.c
projects / mirror_frr.git / blob
? search:


e731af754cc05c9fbbf94be31afaed105e951d90
[mirror_frr.git] / bgpd / bgp_attr.c
1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "memory.h"
26 #include "vector.h"
27 #include "stream.h"
28 #include "log.h"
29 #include "hash.h"
30 #include "jhash.h"
31 #include "queue.h"
32 #include "table.h"
33 #include "filter.h"
34 #include "command.h"
35
36 #include "bgpd/bgpd.h"
37 #include "bgpd/bgp_attr.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_community.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_errors.h"
43 #include "bgpd/bgp_label.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_ecommunity.h"
46 #include "bgpd/bgp_lcommunity.h"
47 #include "bgpd/bgp_updgrp.h"
48 #include "bgpd/bgp_encap_types.h"
49 #if ENABLE_BGP_VNC
50 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
51 #include "bgp_encap_types.h"
52 #include "bgp_vnc_types.h"
53 #endif
54 #include "bgp_encap_types.h"
55 #include "bgp_evpn.h"
56 #include "bgp_flowspec_private.h"
57
58 /* Attribute strings for logging. */
59 static const struct message attr_str[] = {
60 {BGP_ATTR_ORIGIN, "ORIGIN"},
61 {BGP_ATTR_AS_PATH, "AS_PATH"},
62 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
63 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
64 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
65 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
66 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
67 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
68 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
69 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
70 {BGP_ATTR_DPA, "DPA"},
71 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
72 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
73 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
74 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
75 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
76 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
77 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
78 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
79 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
80 {BGP_ATTR_ENCAP, "ENCAP"},
81 #if ENABLE_BGP_VNC_ATTR
82 {BGP_ATTR_VNC, "VNC"},
83 #endif
84 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
85 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
86 {0}};
87
88 static const struct message attr_flag_str[] = {
89 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
90 {BGP_ATTR_FLAG_TRANS, "Transitive"},
91 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
92 /* bgp_attr_flags_diagnose() relies on this bit being last in
93 this list */
94 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
95 {0}};
96
97 static struct hash *cluster_hash;
98
99 static void *cluster_hash_alloc(void *p)
100 {
101 const struct cluster_list *val = (const struct cluster_list *)p;
102 struct cluster_list *cluster;
103
104 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
105 cluster->length = val->length;
106
107 if (cluster->length) {
108 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
109 memcpy(cluster->list, val->list, val->length);
110 } else
111 cluster->list = NULL;
112
113 cluster->refcnt = 0;
114
115 return cluster;
116 }
117
118 /* Cluster list related functions. */
119 static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
120 {
121 struct cluster_list tmp;
122 struct cluster_list *cluster;
123
124 tmp.length = length;
125 tmp.list = pnt;
126
127 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
128 cluster->refcnt++;
129 return cluster;
130 }
131
132 int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
133 {
134 int i;
135
136 for (i = 0; i < cluster->length / 4; i++)
137 if (cluster->list[i].s_addr == originator.s_addr)
138 return 1;
139 return 0;
140 }
141
142 static unsigned int cluster_hash_key_make(void *p)
143 {
144 const struct cluster_list *cluster = p;
145
146 return jhash(cluster->list, cluster->length, 0);
147 }
148
149 static bool cluster_hash_cmp(const void *p1, const void *p2)
150 {
151 const struct cluster_list *cluster1 = p1;
152 const struct cluster_list *cluster2 = p2;
153
154 return (cluster1->length == cluster2->length
155 && memcmp(cluster1->list, cluster2->list, cluster1->length)
156 == 0);
157 }
158
159 static void cluster_free(struct cluster_list *cluster)
160 {
161 if (cluster->list)
162 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
163 XFREE(MTYPE_CLUSTER, cluster);
164 }
165
166 static struct cluster_list *cluster_intern(struct cluster_list *cluster)
167 {
168 struct cluster_list *find;
169
170 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
171 find->refcnt++;
172
173 return find;
174 }
175
176 void cluster_unintern(struct cluster_list *cluster)
177 {
178 if (cluster->refcnt)
179 cluster->refcnt--;
180
181 if (cluster->refcnt == 0) {
182 hash_release(cluster_hash, cluster);
183 cluster_free(cluster);
184 }
185 }
186
187 static void cluster_init(void)
188 {
189 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
190 "BGP Cluster");
191 }
192
193 static void cluster_finish(void)
194 {
195 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
196 hash_free(cluster_hash);
197 cluster_hash = NULL;
198 }
199
200 static struct hash *encap_hash = NULL;
201 #if ENABLE_BGP_VNC
202 static struct hash *vnc_hash = NULL;
203 #endif
204
205 struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
206 {
207 struct bgp_attr_encap_subtlv *new;
208 struct bgp_attr_encap_subtlv *tail;
209 struct bgp_attr_encap_subtlv *p;
210
211 for (p = orig, tail = new = NULL; p; p = p->next) {
212 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
213 if (tail) {
214 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
215 tail = tail->next;
216 } else {
217 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
218 }
219 assert(tail);
220 memcpy(tail, p, size);
221 tail->next = NULL;
222 }
223
224 return new;
225 }
226
227 static void encap_free(struct bgp_attr_encap_subtlv *p)
228 {
229 struct bgp_attr_encap_subtlv *next;
230 while (p) {
231 next = p->next;
232 p->next = NULL;
233 XFREE(MTYPE_ENCAP_TLV, p);
234 p = next;
235 }
236 }
237
238 void bgp_attr_flush_encap(struct attr *attr)
239 {
240 if (!attr)
241 return;
242
243 if (attr->encap_subtlvs) {
244 encap_free(attr->encap_subtlvs);
245 attr->encap_subtlvs = NULL;
246 }
247 #if ENABLE_BGP_VNC
248 if (attr->vnc_subtlvs) {
249 encap_free(attr->vnc_subtlvs);
250 attr->vnc_subtlvs = NULL;
251 }
252 #endif
253 }
254
255 /*
256 * Compare encap sub-tlv chains
257 *
258 * 1 = equivalent
259 * 0 = not equivalent
260 *
261 * This algorithm could be made faster if needed
262 */
263 static int encap_same(const struct bgp_attr_encap_subtlv *h1,
264 const struct bgp_attr_encap_subtlv *h2)
265 {
266 const struct bgp_attr_encap_subtlv *p;
267 const struct bgp_attr_encap_subtlv *q;
268
269 if (h1 == h2)
270 return 1;
271 if (h1 == NULL || h2 == NULL)
272 return 0;
273
274 for (p = h1; p; p = p->next) {
275 for (q = h2; q; q = q->next) {
276 if ((p->type == q->type) && (p->length == q->length)
277 && !memcmp(p->value, q->value, p->length)) {
278
279 break;
280 }
281 }
282 if (!q)
283 return 0;
284 }
285
286 for (p = h2; p; p = p->next) {
287 for (q = h1; q; q = q->next) {
288 if ((p->type == q->type) && (p->length == q->length)
289 && !memcmp(p->value, q->value, p->length)) {
290
291 break;
292 }
293 }
294 if (!q)
295 return 0;
296 }
297
298 return 1;
299 }
300
301 static void *encap_hash_alloc(void *p)
302 {
303 /* Encap structure is already allocated. */
304 return p;
305 }
306
307 typedef enum {
308 ENCAP_SUBTLV_TYPE,
309 #if ENABLE_BGP_VNC
310 VNC_SUBTLV_TYPE
311 #endif
312 } encap_subtlv_type;
313
314 static struct bgp_attr_encap_subtlv *
315 encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
316 {
317 struct bgp_attr_encap_subtlv *find;
318 struct hash *hash = encap_hash;
319 #if ENABLE_BGP_VNC
320 if (type == VNC_SUBTLV_TYPE)
321 hash = vnc_hash;
322 #endif
323
324 find = hash_get(hash, encap, encap_hash_alloc);
325 if (find != encap)
326 encap_free(encap);
327 find->refcnt++;
328
329 return find;
330 }
331
332 static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
333 encap_subtlv_type type)
334 {
335 struct bgp_attr_encap_subtlv *encap = *encapp;
336 if (encap->refcnt)
337 encap->refcnt--;
338
339 if (encap->refcnt == 0) {
340 struct hash *hash = encap_hash;
341 #if ENABLE_BGP_VNC
342 if (type == VNC_SUBTLV_TYPE)
343 hash = vnc_hash;
344 #endif
345 hash_release(hash, encap);
346 encap_free(encap);
347 *encapp = NULL;
348 }
349 }
350
351 static unsigned int encap_hash_key_make(void *p)
352 {
353 const struct bgp_attr_encap_subtlv *encap = p;
354
355 return jhash(encap->value, encap->length, 0);
356 }
357
358 static bool encap_hash_cmp(const void *p1, const void *p2)
359 {
360 return encap_same((const struct bgp_attr_encap_subtlv *)p1,
361 (const struct bgp_attr_encap_subtlv *)p2);
362 }
363
364 static void encap_init(void)
365 {
366 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
367 "BGP Encap Hash");
368 #if ENABLE_BGP_VNC
369 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
370 "BGP VNC Hash");
371 #endif
372 }
373
374 static void encap_finish(void)
375 {
376 hash_clean(encap_hash, (void (*)(void *))encap_free);
377 hash_free(encap_hash);
378 encap_hash = NULL;
379 #if ENABLE_BGP_VNC
380 hash_clean(vnc_hash, (void (*)(void *))encap_free);
381 hash_free(vnc_hash);
382 vnc_hash = NULL;
383 #endif
384 }
385
386 static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
387 {
388 if (!a1 && a2)
389 return false;
390 if (!a2 && a1)
391 return false;
392 if (!a1 && !a2)
393 return true;
394 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
395 sizeof(struct bgp_route_evpn));
396 }
397
398 /* Unknown transit attribute. */
399 static struct hash *transit_hash;
400
401 static void transit_free(struct transit *transit)
402 {
403 if (transit->val)
404 XFREE(MTYPE_TRANSIT_VAL, transit->val);
405 XFREE(MTYPE_TRANSIT, transit);
406 }
407
408 static void *transit_hash_alloc(void *p)
409 {
410 /* Transit structure is already allocated. */
411 return p;
412 }
413
414 static struct transit *transit_intern(struct transit *transit)
415 {
416 struct transit *find;
417
418 find = hash_get(transit_hash, transit, transit_hash_alloc);
419 if (find != transit)
420 transit_free(transit);
421 find->refcnt++;
422
423 return find;
424 }
425
426 void transit_unintern(struct transit *transit)
427 {
428 if (transit->refcnt)
429 transit->refcnt--;
430
431 if (transit->refcnt == 0) {
432 hash_release(transit_hash, transit);
433 transit_free(transit);
434 }
435 }
436
437 static unsigned int transit_hash_key_make(void *p)
438 {
439 const struct transit *transit = p;
440
441 return jhash(transit->val, transit->length, 0);
442 }
443
444 static bool transit_hash_cmp(const void *p1, const void *p2)
445 {
446 const struct transit *transit1 = p1;
447 const struct transit *transit2 = p2;
448
449 return (transit1->length == transit2->length
450 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
451 }
452
453 static void transit_init(void)
454 {
455 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
456 "BGP Transit Hash");
457 }
458
459 static void transit_finish(void)
460 {
461 hash_clean(transit_hash, (void (*)(void *))transit_free);
462 hash_free(transit_hash);
463 transit_hash = NULL;
464 }
465
466 /* Attribute hash routines. */
467 static struct hash *attrhash;
468
469 /* Shallow copy of an attribute
470 * Though, not so shallow that it doesn't copy the contents
471 * of the attr_extra pointed to by 'extra'
472 */
473 void bgp_attr_dup(struct attr *new, struct attr *orig)
474 {
475 *new = *orig;
476 }
477
478 unsigned long int attr_count(void)
479 {
480 return attrhash->count;
481 }
482
483 unsigned long int attr_unknown_count(void)
484 {
485 return transit_hash->count;
486 }
487
488 unsigned int attrhash_key_make(void *p)
489 {
490 const struct attr *attr = (struct attr *)p;
491 uint32_t key = 0;
492 #define MIX(val) key = jhash_1word(val, key)
493 #define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
494
495 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
496 MIX3(attr->local_pref, attr->aggregator_as,
497 attr->aggregator_addr.s_addr);
498 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
499 attr->originator_id.s_addr);
500 MIX3(attr->tag, attr->label, attr->label_index);
501
502 if (attr->aspath)
503 MIX(aspath_key_make(attr->aspath));
504 if (attr->community)
505 MIX(community_hash_make(attr->community));
506
507 if (attr->lcommunity)
508 MIX(lcommunity_hash_make(attr->lcommunity));
509 if (attr->ecommunity)
510 MIX(ecommunity_hash_make(attr->ecommunity));
511 if (attr->cluster)
512 MIX(cluster_hash_key_make(attr->cluster));
513 if (attr->transit)
514 MIX(transit_hash_key_make(attr->transit));
515 if (attr->encap_subtlvs)
516 MIX(encap_hash_key_make(attr->encap_subtlvs));
517 #if ENABLE_BGP_VNC
518 if (attr->vnc_subtlvs)
519 MIX(encap_hash_key_make(attr->vnc_subtlvs));
520 #endif
521 MIX(attr->mp_nexthop_len);
522 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
523 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
524 MIX(attr->nh_ifindex);
525 MIX(attr->nh_lla_ifindex);
526
527 return key;
528 }
529
530 bool attrhash_cmp(const void *p1, const void *p2)
531 {
532 const struct attr *attr1 = p1;
533 const struct attr *attr2 = p2;
534
535 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
536 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
537 && attr1->aspath == attr2->aspath
538 && attr1->community == attr2->community && attr1->med == attr2->med
539 && attr1->local_pref == attr2->local_pref
540 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
541 if (attr1->aggregator_as == attr2->aggregator_as
542 && attr1->aggregator_addr.s_addr
543 == attr2->aggregator_addr.s_addr
544 && attr1->weight == attr2->weight
545 && attr1->tag == attr2->tag
546 && attr1->label_index == attr2->label_index
547 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
548 && attr1->ecommunity == attr2->ecommunity
549 && attr1->lcommunity == attr2->lcommunity
550 && attr1->cluster == attr2->cluster
551 && attr1->transit == attr2->transit
552 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
553 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
554 #if ENABLE_BGP_VNC
555 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
556 #endif
557 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
558 &attr2->mp_nexthop_global)
559 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
560 &attr2->mp_nexthop_local)
561 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
562 &attr2->mp_nexthop_global_in)
563 && IPV4_ADDR_SAME(&attr1->originator_id,
564 &attr2->originator_id)
565 && overlay_index_same(attr1, attr2)
566 && attr1->nh_ifindex == attr2->nh_ifindex
567 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex)
568 return true;
569 }
570
571 return false;
572 }
573
574 static void attrhash_init(void)
575 {
576 attrhash =
577 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
578 }
579
580 /*
581 * special for hash_clean below
582 */
583 static void attr_vfree(void *attr)
584 {
585 XFREE(MTYPE_ATTR, attr);
586 }
587
588 static void attrhash_finish(void)
589 {
590 hash_clean(attrhash, attr_vfree);
591 hash_free(attrhash);
592 attrhash = NULL;
593 }
594
595 static void attr_show_all_iterator(struct hash_bucket *bucket, struct vty *vty)
596 {
597 struct attr *attr = bucket->data;
598
599 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
600 inet_ntoa(attr->nexthop));
601 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
602 attr->flag, attr->med, attr->local_pref, attr->origin,
603 attr->weight, attr->label);
604 }
605
606 void attr_show_all(struct vty *vty)
607 {
608 hash_iterate(attrhash, (void (*)(struct hash_bucket *,
609 void *))attr_show_all_iterator,
610 vty);
611 }
612
613 static void *bgp_attr_hash_alloc(void *p)
614 {
615 struct attr *val = (struct attr *)p;
616 struct attr *attr;
617
618 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
619 *attr = *val;
620 if (val->encap_subtlvs) {
621 val->encap_subtlvs = NULL;
622 }
623 #if ENABLE_BGP_VNC
624 if (val->vnc_subtlvs) {
625 val->vnc_subtlvs = NULL;
626 }
627 #endif
628 attr->refcnt = 0;
629 return attr;
630 }
631
632 /* Internet argument attribute. */
633 struct attr *bgp_attr_intern(struct attr *attr)
634 {
635 struct attr *find;
636
637 /* Intern referenced strucutre. */
638 if (attr->aspath) {
639 if (!attr->aspath->refcnt)
640 attr->aspath = aspath_intern(attr->aspath);
641 else
642 attr->aspath->refcnt++;
643 }
644 if (attr->community) {
645 if (!attr->community->refcnt)
646 attr->community = community_intern(attr->community);
647 else
648 attr->community->refcnt++;
649 }
650
651 if (attr->ecommunity) {
652 if (!attr->ecommunity->refcnt)
653 attr->ecommunity = ecommunity_intern(attr->ecommunity);
654 else
655 attr->ecommunity->refcnt++;
656 }
657 if (attr->lcommunity) {
658 if (!attr->lcommunity->refcnt)
659 attr->lcommunity = lcommunity_intern(attr->lcommunity);
660 else
661 attr->lcommunity->refcnt++;
662 }
663 if (attr->cluster) {
664 if (!attr->cluster->refcnt)
665 attr->cluster = cluster_intern(attr->cluster);
666 else
667 attr->cluster->refcnt++;
668 }
669 if (attr->transit) {
670 if (!attr->transit->refcnt)
671 attr->transit = transit_intern(attr->transit);
672 else
673 attr->transit->refcnt++;
674 }
675 if (attr->encap_subtlvs) {
676 if (!attr->encap_subtlvs->refcnt)
677 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
678 ENCAP_SUBTLV_TYPE);
679 else
680 attr->encap_subtlvs->refcnt++;
681 }
682 #if ENABLE_BGP_VNC
683 if (attr->vnc_subtlvs) {
684 if (!attr->vnc_subtlvs->refcnt)
685 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
686 VNC_SUBTLV_TYPE);
687 else
688 attr->vnc_subtlvs->refcnt++;
689 }
690 #endif
691
692 /* At this point, attr only contains intern'd pointers. that means
693 * if we find it in attrhash, it has all the same pointers and we
694 * correctly updated the refcounts on these.
695 * If we don't find it, we need to allocate a one because in all
696 * cases this returns a new reference to a hashed attr, but the input
697 * wasn't on hash. */
698 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
699 find->refcnt++;
700
701 return find;
702 }
703
704 /* Make network statement's attribute. */
705 struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
706 {
707 memset(attr, 0, sizeof(struct attr));
708
709 attr->origin = origin;
710 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
711 attr->aspath = aspath_empty();
712 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
713 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
714 attr->tag = 0;
715 attr->label_index = BGP_INVALID_LABEL_INDEX;
716 attr->label = MPLS_INVALID_LABEL;
717 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
718 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
719
720 return attr;
721 }
722
723 /* Create the attributes for an aggregate */
724 struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
725 struct aspath *aspath,
726 struct community *community,
727 struct ecommunity *ecommunity,
728 struct lcommunity *lcommunity,
729 int as_set, uint8_t atomic_aggregate)
730 {
731 struct attr attr;
732 struct attr *new;
733
734 memset(&attr, 0, sizeof(struct attr));
735
736 /* Origin attribute. */
737 attr.origin = origin;
738 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
739
740 /* AS path attribute. */
741 if (aspath)
742 attr.aspath = aspath_intern(aspath);
743 else
744 attr.aspath = aspath_empty();
745 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
746
747 /* Next hop attribute. */
748 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
749
750 if (community) {
751 uint32_t gshut = COMMUNITY_GSHUT;
752
753 /* If we are not shutting down ourselves and we are
754 * aggregating a route that contains the GSHUT community we
755 * need to remove that community when creating the aggregate */
756 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
757 && community_include(community, gshut)) {
758 community_del_val(community, &gshut);
759 }
760
761 attr.community = community;
762 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
763 }
764
765 if (ecommunity) {
766 attr.ecommunity = ecommunity;
767 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
768 }
769
770 if (lcommunity) {
771 attr.lcommunity = lcommunity;
772 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
773 }
774
775 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
776 bgp_attr_add_gshut_community(&attr);
777 }
778
779 attr.label_index = BGP_INVALID_LABEL_INDEX;
780 attr.label = MPLS_INVALID_LABEL;
781 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
782 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
783 if (!as_set || atomic_aggregate)
784 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
785 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
786 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
787 attr.aggregator_as = bgp->confed_id;
788 else
789 attr.aggregator_as = bgp->as;
790 attr.aggregator_addr = bgp->router_id;
791 attr.label_index = BGP_INVALID_LABEL_INDEX;
792 attr.label = MPLS_INVALID_LABEL;
793
794 new = bgp_attr_intern(&attr);
795
796 aspath_unintern(&new->aspath);
797 return new;
798 }
799
800 /* Unintern just the sub-components of the attr, but not the attr */
801 void bgp_attr_unintern_sub(struct attr *attr)
802 {
803 /* aspath refcount shoud be decrement. */
804 if (attr->aspath)
805 aspath_unintern(&attr->aspath);
806 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
807
808 if (attr->community)
809 community_unintern(&attr->community);
810 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
811
812 if (attr->ecommunity)
813 ecommunity_unintern(&attr->ecommunity);
814 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
815
816 if (attr->lcommunity)
817 lcommunity_unintern(&attr->lcommunity);
818 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
819
820 if (attr->cluster)
821 cluster_unintern(attr->cluster);
822 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
823
824 if (attr->transit)
825 transit_unintern(attr->transit);
826
827 if (attr->encap_subtlvs)
828 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
829
830 #if ENABLE_BGP_VNC
831 if (attr->vnc_subtlvs)
832 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
833 #endif
834 }
835
836 /*
837 * We have some show commands that let you experimentally
838 * apply a route-map. When we apply the route-map
839 * we are reseting values but not saving them for
840 * posterity via intern'ing( because route-maps don't
841 * do that) but at this point in time we need
842 * to compare the new attr to the old and if the
843 * routemap has changed it we need to, as Snoop Dog says,
844 * Drop it like it's hot
845 */
846 void bgp_attr_undup(struct attr *new, struct attr *old)
847 {
848 if (new->aspath != old->aspath)
849 aspath_free(new->aspath);
850
851 if (new->community != old->community)
852 community_free(&new->community);
853
854 if (new->ecommunity != old->ecommunity)
855 ecommunity_free(&new->ecommunity);
856
857 if (new->lcommunity != old->lcommunity)
858 lcommunity_free(&new->lcommunity);
859 }
860
861 /* Free bgp attribute and aspath. */
862 void bgp_attr_unintern(struct attr **pattr)
863 {
864 struct attr *attr = *pattr;
865 struct attr *ret;
866 struct attr tmp;
867
868 /* Decrement attribute reference. */
869 attr->refcnt--;
870
871 tmp = *attr;
872
873 /* If reference becomes zero then free attribute object. */
874 if (attr->refcnt == 0) {
875 ret = hash_release(attrhash, attr);
876 assert(ret != NULL);
877 XFREE(MTYPE_ATTR, attr);
878 *pattr = NULL;
879 }
880
881 bgp_attr_unintern_sub(&tmp);
882 }
883
884 void bgp_attr_flush(struct attr *attr)
885 {
886 if (attr->aspath && !attr->aspath->refcnt) {
887 aspath_free(attr->aspath);
888 attr->aspath = NULL;
889 }
890 if (attr->community && !attr->community->refcnt)
891 community_free(&attr->community);
892 if (attr->ecommunity && !attr->ecommunity->refcnt)
893 ecommunity_free(&attr->ecommunity);
894 if (attr->lcommunity && !attr->lcommunity->refcnt)
895 lcommunity_free(&attr->lcommunity);
896 if (attr->cluster && !attr->cluster->refcnt) {
897 cluster_free(attr->cluster);
898 attr->cluster = NULL;
899 }
900 if (attr->transit && !attr->transit->refcnt) {
901 transit_free(attr->transit);
902 attr->transit = NULL;
903 }
904 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
905 encap_free(attr->encap_subtlvs);
906 attr->encap_subtlvs = NULL;
907 }
908 #if ENABLE_BGP_VNC
909 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
910 encap_free(attr->vnc_subtlvs);
911 attr->vnc_subtlvs = NULL;
912 }
913 #endif
914 }
915
916 /* Implement draft-scudder-idr-optional-transitive behaviour and
917 * avoid resetting sessions for malformed attributes which are
918 * are partial/optional and hence where the error likely was not
919 * introduced by the sending neighbour.
920 */
921 static bgp_attr_parse_ret_t
922 bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
923 bgp_size_t length)
924 {
925 struct peer *const peer = args->peer;
926 const uint8_t flags = args->flags;
927 /* startp and length must be special-cased, as whether or not to
928 * send the attribute data with the NOTIFY depends on the error,
929 * the caller therefore signals this with the seperate length argument
930 */
931 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
932
933 /* Only relax error handling for eBGP peers */
934 if (peer->sort != BGP_PEER_EBGP) {
935 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
936 notify_datap, length);
937 return BGP_ATTR_PARSE_ERROR;
938 }
939
940 /* Adjust the stream getp to the end of the attribute, in case we can
941 * still proceed but the caller hasn't read all the attribute.
942 */
943 stream_set_getp(BGP_INPUT(peer),
944 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
945 + args->total);
946
947 switch (args->type) {
948 /* where an attribute is relatively inconsequential, e.g. it does not
949 * affect route selection, and can be safely ignored, then any such
950 * attributes which are malformed should just be ignored and the route
951 * processed as normal.
952 */
953 case BGP_ATTR_AS4_AGGREGATOR:
954 case BGP_ATTR_AGGREGATOR:
955 case BGP_ATTR_ATOMIC_AGGREGATE:
956 return BGP_ATTR_PARSE_PROCEED;
957
958 /* Core attributes, particularly ones which may influence route
959 * selection, should always cause session resets
960 */
961 case BGP_ATTR_ORIGIN:
962 case BGP_ATTR_AS_PATH:
963 case BGP_ATTR_NEXT_HOP:
964 case BGP_ATTR_MULTI_EXIT_DISC:
965 case BGP_ATTR_LOCAL_PREF:
966 case BGP_ATTR_COMMUNITIES:
967 case BGP_ATTR_ORIGINATOR_ID:
968 case BGP_ATTR_CLUSTER_LIST:
969 case BGP_ATTR_MP_REACH_NLRI:
970 case BGP_ATTR_MP_UNREACH_NLRI:
971 case BGP_ATTR_EXT_COMMUNITIES:
972 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
973 notify_datap, length);
974 return BGP_ATTR_PARSE_ERROR;
975 }
976
977 /* Partial optional attributes that are malformed should not cause
978 * the whole session to be reset. Instead treat it as a withdrawal
979 * of the routes, if possible.
980 */
981 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
982 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
983 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
984 return BGP_ATTR_PARSE_WITHDRAW;
985
986 /* default to reset */
987 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
988 }
989
990 /* Find out what is wrong with the path attribute flag bits and log the error.
991 "Flag bits" here stand for Optional, Transitive and Partial, but not for
992 Extended Length. Checking O/T/P bits at once implies, that the attribute
993 being diagnosed is defined by RFC as either a "well-known" or an "optional,
994 non-transitive" attribute. */
995 static void
996 bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
997 uint8_t desired_flags /* how RFC says it must be */
998 )
999 {
1000 uint8_t seen = 0, i;
1001 uint8_t real_flags = args->flags;
1002 const uint8_t attr_code = args->type;
1003
1004 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1005 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1006 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
1007 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1008 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
1009 flog_err(EC_BGP_ATTR_FLAG,
1010 "%s attribute must%s be flagged as \"%s\"",
1011 lookup_msg(attr_str, attr_code, NULL),
1012 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1013 ? ""
1014 : " not",
1015 attr_flag_str[i].str);
1016 seen = 1;
1017 }
1018 if (!seen) {
1019 zlog_debug(
1020 "Strange, %s called for attr %s, but no problem found with flags"
1021 " (real flags 0x%x, desired 0x%x)",
1022 __func__, lookup_msg(attr_str, attr_code, NULL),
1023 real_flags, desired_flags);
1024 }
1025 }
1026
1027 /* Required flags for attributes. EXTLEN will be masked off when testing,
1028 * as will PARTIAL for optional+transitive attributes.
1029 */
1030 const uint8_t attr_flags_values[] = {
1031 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1032 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1033 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1034 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1035 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1036 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1037 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1038 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1039 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1040 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1041 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1042 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1043 [BGP_ATTR_EXT_COMMUNITIES] =
1044 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1045 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1046 [BGP_ATTR_AS4_AGGREGATOR] =
1047 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1048 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1049 [BGP_ATTR_LARGE_COMMUNITIES] =
1050 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1051 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1052 };
1053 static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
1054
1055 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1056 {
1057 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1058 const uint8_t flags = args->flags;
1059 const uint8_t attr_code = args->type;
1060
1061 /* there may be attributes we don't know about */
1062 if (attr_code > attr_flags_values_max)
1063 return 0;
1064 if (attr_flags_values[attr_code] == 0)
1065 return 0;
1066
1067 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1068 * to
1069 * 1."
1070 */
1071 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1072 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
1073 flog_err(
1074 EC_BGP_ATTR_FLAG,
1075 "%s well-known attributes must have transitive flag set (%x)",
1076 lookup_msg(attr_str, attr_code, NULL), flags);
1077 return 1;
1078 }
1079
1080 /* "For well-known attributes and for optional non-transitive
1081 * attributes,
1082 * the Partial bit MUST be set to 0."
1083 */
1084 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1085 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
1086 flog_err(EC_BGP_ATTR_FLAG,
1087 "%s well-known attribute "
1088 "must NOT have the partial flag set (%x)",
1089 lookup_msg(attr_str, attr_code, NULL), flags);
1090 return 1;
1091 }
1092 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1093 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
1094 flog_err(EC_BGP_ATTR_FLAG,
1095 "%s optional + transitive attribute "
1096 "must NOT have the partial flag set (%x)",
1097 lookup_msg(attr_str, attr_code, NULL), flags);
1098 return 1;
1099 }
1100 }
1101
1102 /* Optional transitive attributes may go through speakers that don't
1103 * reocgnise them and set the Partial bit.
1104 */
1105 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1106 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1107 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1108
1109 if ((flags & ~mask) == attr_flags_values[attr_code])
1110 return 0;
1111
1112 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1113 return 1;
1114 }
1115
1116 /* Get origin attribute of the update message. */
1117 static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1118 {
1119 struct peer *const peer = args->peer;
1120 struct attr *const attr = args->attr;
1121 const bgp_size_t length = args->length;
1122
1123 /* If any recognized attribute has Attribute Length that conflicts
1124 with the expected length (based on the attribute type code), then
1125 the Error Subcode is set to Attribute Length Error. The Data
1126 field contains the erroneous attribute (type, length and
1127 value). */
1128 if (length != 1) {
1129 flog_err(EC_BGP_ATTR_LEN,
1130 "Origin attribute length is not one %d", length);
1131 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1132 args->total);
1133 }
1134
1135 /* Fetch origin attribute. */
1136 attr->origin = stream_getc(BGP_INPUT(peer));
1137
1138 /* If the ORIGIN attribute has an undefined value, then the Error
1139 Subcode is set to Invalid Origin Attribute. The Data field
1140 contains the unrecognized attribute (type, length and value). */
1141 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1142 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
1143 flog_err(EC_BGP_ATTR_ORIGIN,
1144 "Origin attribute value is invalid %d", attr->origin);
1145 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1146 args->total);
1147 }
1148
1149 /* Set oring attribute flag. */
1150 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1151
1152 return 0;
1153 }
1154
1155 /* Parse AS path information. This function is wrapper of
1156 aspath_parse. */
1157 static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1158 {
1159 struct attr *const attr = args->attr;
1160 struct peer *const peer = args->peer;
1161 const bgp_size_t length = args->length;
1162
1163 /*
1164 * peer with AS4 => will get 4Byte ASnums
1165 * otherwise, will get 16 Bit
1166 */
1167 attr->aspath = aspath_parse(peer->curr, length,
1168 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1169
1170 /* In case of IBGP, length will be zero. */
1171 if (!attr->aspath) {
1172 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1173 "Malformed AS path from %s, length is %d", peer->host,
1174 length);
1175 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1176 0);
1177 }
1178
1179 /* Set aspath attribute flag. */
1180 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1181
1182 return BGP_ATTR_PARSE_PROCEED;
1183 }
1184
1185 static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1186 struct attr *const attr)
1187 {
1188 /* These checks were part of bgp_attr_aspath, but with
1189 * as4 we should to check aspath things when
1190 * aspath synthesizing with as4_path has already taken place.
1191 * Otherwise we check ASPATH and use the synthesized thing, and that is
1192 * not right.
1193 * So do the checks later, i.e. here
1194 */
1195 struct aspath *aspath;
1196
1197 /* Confederation sanity check. */
1198 if ((peer->sort == BGP_PEER_CONFED
1199 && !aspath_left_confed_check(attr->aspath))
1200 || (peer->sort == BGP_PEER_EBGP
1201 && aspath_confed_check(attr->aspath))) {
1202 flog_err(EC_BGP_ATTR_MAL_AS_PATH, "Malformed AS path from %s",
1203 peer->host);
1204 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1205 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1206 return BGP_ATTR_PARSE_ERROR;
1207 }
1208
1209 /* First AS check for EBGP. */
1210 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
1211 if (peer->sort == BGP_PEER_EBGP
1212 && !aspath_firstas_check(attr->aspath, peer->as)) {
1213 flog_err(EC_BGP_ATTR_FIRST_AS,
1214 "%s incorrect first AS (must be %u)",
1215 peer->host, peer->as);
1216 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1217 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1218 return BGP_ATTR_PARSE_ERROR;
1219 }
1220 }
1221
1222 /* local-as prepend */
1223 if (peer->change_local_as
1224 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1225 aspath = aspath_dup(attr->aspath);
1226 aspath = aspath_add_seq(aspath, peer->change_local_as);
1227 aspath_unintern(&attr->aspath);
1228 attr->aspath = aspath_intern(aspath);
1229 }
1230
1231 return BGP_ATTR_PARSE_PROCEED;
1232 }
1233
1234 /* Parse AS4 path information. This function is another wrapper of
1235 aspath_parse. */
1236 static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1237 struct aspath **as4_path)
1238 {
1239 struct peer *const peer = args->peer;
1240 struct attr *const attr = args->attr;
1241 const bgp_size_t length = args->length;
1242
1243 *as4_path = aspath_parse(peer->curr, length, 1);
1244
1245 /* In case of IBGP, length will be zero. */
1246 if (!*as4_path) {
1247 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1248 "Malformed AS4 path from %s, length is %d", peer->host,
1249 length);
1250 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1251 0);
1252 }
1253
1254 /* Set aspath attribute flag. */
1255 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1256
1257 return BGP_ATTR_PARSE_PROCEED;
1258 }
1259
1260 /* Nexthop attribute. */
1261 static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1262 {
1263 struct peer *const peer = args->peer;
1264 struct attr *const attr = args->attr;
1265 const bgp_size_t length = args->length;
1266
1267 in_addr_t nexthop_h, nexthop_n;
1268
1269 /* Check nexthop attribute length. */
1270 if (length != 4) {
1271 flog_err(EC_BGP_ATTR_LEN,
1272 "Nexthop attribute length isn't four [%d]", length);
1273
1274 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1275 args->total);
1276 }
1277
1278 /* According to section 6.3 of RFC4271, syntactically incorrect NEXT_HOP
1279 attribute must result in a NOTIFICATION message (this is implemented
1280 below).
1281 At the same time, semantically incorrect NEXT_HOP is more likely to
1282 be just
1283 logged locally (this is implemented somewhere else). The UPDATE
1284 message
1285 gets ignored in any of these cases. */
1286 nexthop_n = stream_get_ipv4(peer->curr);
1287 nexthop_h = ntohl(nexthop_n);
1288 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1289 || IPV4_CLASS_DE(nexthop_h))
1290 && !BGP_DEBUG(
1291 allow_martians,
1292 ALLOW_MARTIANS)) /* loopbacks may be used in testing */
1293 {
1294 char buf[INET_ADDRSTRLEN];
1295 inet_ntop(AF_INET, &nexthop_n, buf, INET_ADDRSTRLEN);
1296 flog_err(EC_BGP_ATTR_MARTIAN_NH, "Martian nexthop %s", buf);
1297 return bgp_attr_malformed(
1298 args, BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP, args->total);
1299 }
1300
1301 attr->nexthop.s_addr = nexthop_n;
1302 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1303
1304 return BGP_ATTR_PARSE_PROCEED;
1305 }
1306
1307 /* MED atrribute. */
1308 static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
1309 {
1310 struct peer *const peer = args->peer;
1311 struct attr *const attr = args->attr;
1312 const bgp_size_t length = args->length;
1313
1314 /* Length check. */
1315 if (length != 4) {
1316 flog_err(EC_BGP_ATTR_LEN,
1317 "MED attribute length isn't four [%d]", length);
1318
1319 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1320 args->total);
1321 }
1322
1323 attr->med = stream_getl(peer->curr);
1324
1325 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
1326
1327 return BGP_ATTR_PARSE_PROCEED;
1328 }
1329
1330 /* Local preference attribute. */
1331 static bgp_attr_parse_ret_t
1332 bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1333 {
1334 struct peer *const peer = args->peer;
1335 struct attr *const attr = args->attr;
1336 const bgp_size_t length = args->length;
1337
1338 /* Length check. */
1339 if (length != 4) {
1340 flog_err(EC_BGP_ATTR_LEN,
1341 "LOCAL_PREF attribute length isn't 4 [%u]", length);
1342 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1343 args->total);
1344 }
1345
1346 /* If it is contained in an UPDATE message that is received from an
1347 external peer, then this attribute MUST be ignored by the
1348 receiving speaker. */
1349 if (peer->sort == BGP_PEER_EBGP) {
1350 stream_forward_getp(peer->curr, length);
1351 return BGP_ATTR_PARSE_PROCEED;
1352 }
1353
1354 attr->local_pref = stream_getl(peer->curr);
1355
1356 /* Set the local-pref flag. */
1357 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1358
1359 return BGP_ATTR_PARSE_PROCEED;
1360 }
1361
1362 /* Atomic aggregate. */
1363 static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
1364 {
1365 struct attr *const attr = args->attr;
1366 const bgp_size_t length = args->length;
1367
1368 /* Length check. */
1369 if (length != 0) {
1370 flog_err(EC_BGP_ATTR_LEN,
1371 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1372 length);
1373 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1374 args->total);
1375 }
1376
1377 /* Set atomic aggregate flag. */
1378 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
1379
1380 return BGP_ATTR_PARSE_PROCEED;
1381 }
1382
1383 /* Aggregator attribute */
1384 static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1385 {
1386 struct peer *const peer = args->peer;
1387 struct attr *const attr = args->attr;
1388 const bgp_size_t length = args->length;
1389
1390 int wantedlen = 6;
1391
1392 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1393 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1394 wantedlen = 8;
1395
1396 if (length != wantedlen) {
1397 flog_err(EC_BGP_ATTR_LEN,
1398 "AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1399 length);
1400 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1401 args->total);
1402 }
1403
1404 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1405 attr->aggregator_as = stream_getl(peer->curr);
1406 else
1407 attr->aggregator_as = stream_getw(peer->curr);
1408 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
1409
1410 /* Set atomic aggregate flag. */
1411 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1412
1413 return BGP_ATTR_PARSE_PROCEED;
1414 }
1415
1416 /* New Aggregator attribute */
1417 static bgp_attr_parse_ret_t
1418 bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1419 as_t *as4_aggregator_as,
1420 struct in_addr *as4_aggregator_addr)
1421 {
1422 struct peer *const peer = args->peer;
1423 struct attr *const attr = args->attr;
1424 const bgp_size_t length = args->length;
1425
1426 if (length != 8) {
1427 flog_err(EC_BGP_ATTR_LEN, "New Aggregator length is not 8 [%d]",
1428 length);
1429 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1430 0);
1431 }
1432
1433 *as4_aggregator_as = stream_getl(peer->curr);
1434 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
1435
1436 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1437
1438 return BGP_ATTR_PARSE_PROCEED;
1439 }
1440
1441 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1442 */
1443 static bgp_attr_parse_ret_t
1444 bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1445 struct aspath *as4_path, as_t as4_aggregator,
1446 struct in_addr *as4_aggregator_addr)
1447 {
1448 int ignore_as4_path = 0;
1449 struct aspath *newpath;
1450
1451 if (!attr->aspath) {
1452 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1453 * have
1454 * checked that all well-known, mandatory attributes were
1455 * present.
1456 *
1457 * Can only be a problem with peer itself - hard error
1458 */
1459 return BGP_ATTR_PARSE_ERROR;
1460 }
1461
1462 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1463 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1464 * if given.
1465 * It is worth a warning though, because the peer really
1466 * should not send them
1467 */
1468 if (BGP_DEBUG(as4, AS4)) {
1469 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1470 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1471 "AS4 capable peer, yet it sent");
1472
1473 if (attr->flag
1474 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1475 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1476 peer->host,
1477 "AS4 capable peer, yet it sent");
1478 }
1479
1480 return BGP_ATTR_PARSE_PROCEED;
1481 }
1482
1483 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1484 * because that may override AS4_PATH
1485 */
1486 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1487 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1488 /* received both.
1489 * if the as_number in aggregator is not AS_TRANS,
1490 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1491 * and the Aggregator shall be taken as
1492 * info on the aggregating node, and the AS_PATH
1493 * shall be taken as the AS_PATH
1494 * otherwise
1495 * the Aggregator shall be ignored and the
1496 * AS4_AGGREGATOR shall be taken as the
1497 * Aggregating node and the AS_PATH is to be
1498 * constructed "as in all other cases"
1499 */
1500 if (attr->aggregator_as != BGP_AS_TRANS) {
1501 /* ignore */
1502 if (BGP_DEBUG(as4, AS4))
1503 zlog_debug(
1504 "[AS4] %s BGP not AS4 capable peer"
1505 " send AGGREGATOR != AS_TRANS and"
1506 " AS4_AGGREGATOR, so ignore"
1507 " AS4_AGGREGATOR and AS4_PATH",
1508 peer->host);
1509 ignore_as4_path = 1;
1510 } else {
1511 /* "New_aggregator shall be taken as aggregator"
1512 */
1513 attr->aggregator_as = as4_aggregator;
1514 attr->aggregator_addr.s_addr =
1515 as4_aggregator_addr->s_addr;
1516 }
1517 } else {
1518 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1519 * That is bogus - but reading the conditions
1520 * we have to handle AS4_AGGREGATOR as if it were
1521 * AGGREGATOR in that case
1522 */
1523 if (BGP_DEBUG(as4, AS4))
1524 zlog_debug(
1525 "[AS4] %s BGP not AS4 capable peer send"
1526 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1527 " it as if AGGREGATOR with AS_TRANS had been there",
1528 peer->host);
1529 attr->aggregator_as = as4_aggregator;
1530 /* sweep it under the carpet and simulate a "good"
1531 * AGGREGATOR */
1532 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1533 }
1534 }
1535
1536 /* need to reconcile NEW_AS_PATH and AS_PATH */
1537 if (!ignore_as4_path
1538 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1539 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
1540 if (!newpath)
1541 return BGP_ATTR_PARSE_ERROR;
1542
1543 aspath_unintern(&attr->aspath);
1544 attr->aspath = aspath_intern(newpath);
1545 }
1546 return BGP_ATTR_PARSE_PROCEED;
1547 }
1548
1549 /* Community attribute. */
1550 static bgp_attr_parse_ret_t
1551 bgp_attr_community(struct bgp_attr_parser_args *args)
1552 {
1553 struct peer *const peer = args->peer;
1554 struct attr *const attr = args->attr;
1555 const bgp_size_t length = args->length;
1556
1557 if (length == 0) {
1558 attr->community = NULL;
1559 return BGP_ATTR_PARSE_PROCEED;
1560 }
1561
1562 attr->community =
1563 community_parse((uint32_t *)stream_pnt(peer->curr), length);
1564
1565 /* XXX: fix community_parse to use stream API and remove this */
1566 stream_forward_getp(peer->curr, length);
1567
1568 if (!attr->community)
1569 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1570 args->total);
1571
1572 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1573
1574 return BGP_ATTR_PARSE_PROCEED;
1575 }
1576
1577 /* Originator ID attribute. */
1578 static bgp_attr_parse_ret_t
1579 bgp_attr_originator_id(struct bgp_attr_parser_args *args)
1580 {
1581 struct peer *const peer = args->peer;
1582 struct attr *const attr = args->attr;
1583 const bgp_size_t length = args->length;
1584
1585 /* Length check. */
1586 if (length != 4) {
1587 flog_err(EC_BGP_ATTR_LEN, "Bad originator ID length %d",
1588 length);
1589
1590 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1591 args->total);
1592 }
1593
1594 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
1595
1596 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
1597
1598 return BGP_ATTR_PARSE_PROCEED;
1599 }
1600
1601 /* Cluster list attribute. */
1602 static bgp_attr_parse_ret_t
1603 bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
1604 {
1605 struct peer *const peer = args->peer;
1606 struct attr *const attr = args->attr;
1607 const bgp_size_t length = args->length;
1608
1609 /* Check length. */
1610 if (length % 4) {
1611 flog_err(EC_BGP_ATTR_LEN, "Bad cluster list length %d", length);
1612
1613 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1614 args->total);
1615 }
1616
1617 attr->cluster =
1618 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
1619
1620 /* XXX: Fix cluster_parse to use stream API and then remove this */
1621 stream_forward_getp(peer->curr, length);
1622
1623 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
1624
1625 return BGP_ATTR_PARSE_PROCEED;
1626 }
1627
1628 /* Multiprotocol reachability information parse. */
1629 int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1630 struct bgp_nlri *mp_update)
1631 {
1632 iana_afi_t pkt_afi;
1633 afi_t afi;
1634 iana_safi_t pkt_safi;
1635 safi_t safi;
1636 bgp_size_t nlri_len;
1637 size_t start;
1638 struct stream *s;
1639 struct peer *const peer = args->peer;
1640 struct attr *const attr = args->attr;
1641 const bgp_size_t length = args->length;
1642
1643 /* Set end of packet. */
1644 s = BGP_INPUT(peer);
1645 start = stream_get_getp(s);
1646
1647 /* safe to read statically sized header? */
1648 #define BGP_MP_REACH_MIN_SIZE 5
1649 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1650 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1651 zlog_info("%s: %s sent invalid length, %lu", __func__,
1652 peer->host, (unsigned long)length);
1653 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1654 }
1655
1656 /* Load AFI, SAFI. */
1657 pkt_afi = stream_getw(s);
1658 pkt_safi = stream_getc(s);
1659
1660 /* Convert AFI, SAFI to internal values, check. */
1661 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1662 /* Log if AFI or SAFI is unrecognized. This is not an error
1663 * unless
1664 * the attribute is otherwise malformed.
1665 */
1666 if (bgp_debug_update(peer, NULL, NULL, 0))
1667 zlog_debug(
1668 "%s: MP_REACH received AFI %u or SAFI %u is unrecognized",
1669 peer->host, pkt_afi, pkt_safi);
1670 return BGP_ATTR_PARSE_ERROR;
1671 }
1672
1673 /* Get nexthop length. */
1674 attr->mp_nexthop_len = stream_getc(s);
1675
1676 if (LEN_LEFT < attr->mp_nexthop_len) {
1677 zlog_info(
1678 "%s: %s, MP nexthop length, %u, goes past end of attribute",
1679 __func__, peer->host, attr->mp_nexthop_len);
1680 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1681 }
1682
1683 /* Nexthop length check. */
1684 switch (attr->mp_nexthop_len) {
1685 case 0:
1686 if (safi != SAFI_FLOWSPEC) {
1687 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1688 __func__, peer->host, attr->mp_nexthop_len);
1689 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1690 }
1691 break;
1692 case BGP_ATTR_NHLEN_VPNV4:
1693 stream_getl(s); /* RD high */
1694 stream_getl(s); /* RD low */
1695 /*
1696 * NOTE: intentional fall through
1697 * - for consistency in rx processing
1698 *
1699 * The following comment is to signal GCC this intention
1700 * and suppress the warning
1701 */
1702 /* FALLTHRU */
1703 case BGP_ATTR_NHLEN_IPV4:
1704 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1705 /* Probably needed for RFC 2283 */
1706 if (attr->nexthop.s_addr == 0)
1707 memcpy(&attr->nexthop.s_addr,
1708 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1709 break;
1710 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1711 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1712 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1713 stream_getl(s); /* RD high */
1714 stream_getl(s); /* RD low */
1715 }
1716 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1717 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1718 if (!peer->nexthop.ifp) {
1719 zlog_warn("%s: interface not set appropriately to handle some attributes",
1720 peer->host);
1721 return BGP_ATTR_PARSE_WITHDRAW;
1722 }
1723 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1724 }
1725 break;
1726 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1727 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1728 if (attr->mp_nexthop_len
1729 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1730 stream_getl(s); /* RD high */
1731 stream_getl(s); /* RD low */
1732 }
1733 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1734 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1735 if (!peer->nexthop.ifp) {
1736 zlog_warn("%s: interface not set appropriately to handle some attributes",
1737 peer->host);
1738 return BGP_ATTR_PARSE_WITHDRAW;
1739 }
1740 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1741 }
1742 if (attr->mp_nexthop_len
1743 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1744 stream_getl(s); /* RD high */
1745 stream_getl(s); /* RD low */
1746 }
1747 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1748 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1749 char buf1[INET6_ADDRSTRLEN];
1750 char buf2[INET6_ADDRSTRLEN];
1751
1752 if (bgp_debug_update(peer, NULL, NULL, 1))
1753 zlog_debug(
1754 "%s rcvd nexthops %s, %s -- ignoring non-LL value",
1755 peer->host,
1756 inet_ntop(AF_INET6,
1757 &attr->mp_nexthop_global,
1758 buf1, INET6_ADDRSTRLEN),
1759 inet_ntop(AF_INET6,
1760 &attr->mp_nexthop_local, buf2,
1761 INET6_ADDRSTRLEN));
1762
1763 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1764 }
1765 if (!peer->nexthop.ifp) {
1766 zlog_warn("%s: Interface not set appropriately to handle this some attributes",
1767 peer->host);
1768 return BGP_ATTR_PARSE_WITHDRAW;
1769 }
1770 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
1771 break;
1772 default:
1773 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1774 __func__, peer->host, attr->mp_nexthop_len);
1775 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1776 }
1777
1778 if (!LEN_LEFT) {
1779 zlog_info("%s: (%s) Failed to read SNPA and NLRI(s)", __func__,
1780 peer->host);
1781 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1782 }
1783
1784 {
1785 uint8_t val;
1786 if ((val = stream_getc(s)))
1787 flog_warn(
1788 EC_BGP_DEFUNCT_SNPA_LEN,
1789 "%s sent non-zero value, %u, for defunct SNPA-length field",
1790 peer->host, val);
1791 }
1792
1793 /* must have nrli_len, what is left of the attribute */
1794 nlri_len = LEN_LEFT;
1795 if (nlri_len > STREAM_READABLE(s)) {
1796 zlog_info("%s: (%s) Failed to read NLRI", __func__, peer->host);
1797 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1798 }
1799
1800 if (!nlri_len) {
1801 zlog_info("%s: (%s) No Reachability, Treating as a EOR marker",
1802 __func__, peer->host);
1803
1804 mp_update->afi = afi;
1805 mp_update->safi = safi;
1806 return BGP_ATTR_PARSE_EOR;
1807 }
1808
1809 mp_update->afi = afi;
1810 mp_update->safi = safi;
1811 mp_update->nlri = stream_pnt(s);
1812 mp_update->length = nlri_len;
1813
1814 stream_forward_getp(s, nlri_len);
1815
1816 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1817
1818 return BGP_ATTR_PARSE_PROCEED;
1819 #undef LEN_LEFT
1820 }
1821
1822 /* Multiprotocol unreachable parse */
1823 int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1824 struct bgp_nlri *mp_withdraw)
1825 {
1826 struct stream *s;
1827 iana_afi_t pkt_afi;
1828 afi_t afi;
1829 iana_safi_t pkt_safi;
1830 safi_t safi;
1831 uint16_t withdraw_len;
1832 struct peer *const peer = args->peer;
1833 struct attr *const attr = args->attr;
1834 const bgp_size_t length = args->length;
1835
1836 s = peer->curr;
1837
1838 #define BGP_MP_UNREACH_MIN_SIZE 3
1839 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1840 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1841
1842 pkt_afi = stream_getw(s);
1843 pkt_safi = stream_getc(s);
1844
1845 /* Convert AFI, SAFI to internal values, check. */
1846 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1847 /* Log if AFI or SAFI is unrecognized. This is not an error
1848 * unless
1849 * the attribute is otherwise malformed.
1850 */
1851 if (bgp_debug_update(peer, NULL, NULL, 0))
1852 zlog_debug(
1853 "%s: MP_UNREACH received AFI %u or SAFI %u is unrecognized",
1854 peer->host, pkt_afi, pkt_safi);
1855 return BGP_ATTR_PARSE_ERROR;
1856 }
1857
1858 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
1859
1860 mp_withdraw->afi = afi;
1861 mp_withdraw->safi = safi;
1862 mp_withdraw->nlri = stream_pnt(s);
1863 mp_withdraw->length = withdraw_len;
1864
1865 stream_forward_getp(s, withdraw_len);
1866
1867 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1868
1869 return BGP_ATTR_PARSE_PROCEED;
1870 }
1871
1872 /* Large Community attribute. */
1873 static bgp_attr_parse_ret_t
1874 bgp_attr_large_community(struct bgp_attr_parser_args *args)
1875 {
1876 struct peer *const peer = args->peer;
1877 struct attr *const attr = args->attr;
1878 const bgp_size_t length = args->length;
1879
1880 /*
1881 * Large community follows new attribute format.
1882 */
1883 if (length == 0) {
1884 attr->lcommunity = NULL;
1885 /* Empty extcomm doesn't seem to be invalid per se */
1886 return BGP_ATTR_PARSE_PROCEED;
1887 }
1888
1889 attr->lcommunity =
1890 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1891 /* XXX: fix ecommunity_parse to use stream API */
1892 stream_forward_getp(peer->curr, length);
1893
1894 if (!attr->lcommunity)
1895 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1896 args->total);
1897
1898 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
1899
1900 return BGP_ATTR_PARSE_PROCEED;
1901 }
1902
1903 /* Extended Community attribute. */
1904 static bgp_attr_parse_ret_t
1905 bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1906 {
1907 struct peer *const peer = args->peer;
1908 struct attr *const attr = args->attr;
1909 const bgp_size_t length = args->length;
1910 uint8_t sticky = 0;
1911
1912 if (length == 0) {
1913 attr->ecommunity = NULL;
1914 /* Empty extcomm doesn't seem to be invalid per se */
1915 return BGP_ATTR_PARSE_PROCEED;
1916 }
1917
1918 attr->ecommunity =
1919 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1920 /* XXX: fix ecommunity_parse to use stream API */
1921 stream_forward_getp(peer->curr, length);
1922
1923 if (!attr->ecommunity)
1924 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1925 args->total);
1926
1927 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1928
1929 /* Extract MAC mobility sequence number, if any. */
1930 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1931 attr->sticky = sticky;
1932
1933 /* Check if this is a Gateway MAC-IP advertisement */
1934 attr->default_gw = bgp_attr_default_gw(attr);
1935
1936 /* Handle scenario where router flag ecommunity is not
1937 * set but default gw ext community is present.
1938 * Use default gateway, set and propogate R-bit.
1939 */
1940 if (attr->default_gw)
1941 attr->router_flag = 1;
1942
1943 /* Check EVPN Neighbor advertisement flags, R-bit */
1944 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1945
1946 /* Extract the Rmac, if any */
1947 bgp_attr_rmac(attr, &attr->rmac);
1948
1949 return BGP_ATTR_PARSE_PROCEED;
1950 }
1951
1952 /* Parse Tunnel Encap attribute in an UPDATE */
1953 static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
1954 bgp_size_t length, /* IN: attr's length field */
1955 struct attr *attr, /* IN: caller already allocated */
1956 uint8_t flag, /* IN: attr's flags field */
1957 uint8_t *startp)
1958 {
1959 bgp_size_t total;
1960 uint16_t tunneltype = 0;
1961
1962 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
1963
1964 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
1965 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
1966 zlog_info(
1967 "Tunnel Encap attribute flag isn't optional and transitive %d",
1968 flag);
1969 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1970 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
1971 startp, total);
1972 return -1;
1973 }
1974
1975 if (BGP_ATTR_ENCAP == type) {
1976 /* read outer TLV type and length */
1977 uint16_t tlv_length;
1978
1979 if (length < 4) {
1980 zlog_info(
1981 "Tunnel Encap attribute not long enough to contain outer T,L");
1982 bgp_notify_send_with_data(
1983 peer, BGP_NOTIFY_UPDATE_ERR,
1984 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1985 return -1;
1986 }
1987 tunneltype = stream_getw(BGP_INPUT(peer));
1988 tlv_length = stream_getw(BGP_INPUT(peer));
1989 length -= 4;
1990
1991 if (tlv_length != length) {
1992 zlog_info("%s: tlv_length(%d) != length(%d)", __func__,
1993 tlv_length, length);
1994 }
1995 }
1996
1997 while (length >= 4) {
1998 uint16_t subtype = 0;
1999 uint16_t sublength = 0;
2000 struct bgp_attr_encap_subtlv *tlv;
2001
2002 if (BGP_ATTR_ENCAP == type) {
2003 subtype = stream_getc(BGP_INPUT(peer));
2004 sublength = stream_getc(BGP_INPUT(peer));
2005 length -= 2;
2006 #if ENABLE_BGP_VNC
2007 } else {
2008 subtype = stream_getw(BGP_INPUT(peer));
2009 sublength = stream_getw(BGP_INPUT(peer));
2010 length -= 4;
2011 #endif
2012 }
2013
2014 if (sublength > length) {
2015 zlog_info(
2016 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2017 sublength, length);
2018 bgp_notify_send_with_data(
2019 peer, BGP_NOTIFY_UPDATE_ERR,
2020 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2021 return -1;
2022 }
2023
2024 /* alloc and copy sub-tlv */
2025 /* TBD make sure these are freed when attributes are released */
2026 tlv = XCALLOC(MTYPE_ENCAP_TLV,
2027 sizeof(struct bgp_attr_encap_subtlv) + sublength);
2028 tlv->type = subtype;
2029 tlv->length = sublength;
2030 stream_get(tlv->value, peer->curr, sublength);
2031 length -= sublength;
2032
2033 /* attach tlv to encap chain */
2034 if (BGP_ATTR_ENCAP == type) {
2035 struct bgp_attr_encap_subtlv *stlv_last;
2036 for (stlv_last = attr->encap_subtlvs;
2037 stlv_last && stlv_last->next;
2038 stlv_last = stlv_last->next)
2039 ;
2040 if (stlv_last) {
2041 stlv_last->next = tlv;
2042 } else {
2043 attr->encap_subtlvs = tlv;
2044 }
2045 #if ENABLE_BGP_VNC
2046 } else {
2047 struct bgp_attr_encap_subtlv *stlv_last;
2048 for (stlv_last = attr->vnc_subtlvs;
2049 stlv_last && stlv_last->next;
2050 stlv_last = stlv_last->next)
2051 ;
2052 if (stlv_last) {
2053 stlv_last->next = tlv;
2054 } else {
2055 attr->vnc_subtlvs = tlv;
2056 }
2057 #endif
2058 }
2059 }
2060
2061 if (BGP_ATTR_ENCAP == type) {
2062 attr->encap_tunneltype = tunneltype;
2063 }
2064
2065 if (length) {
2066 /* spurious leftover data */
2067 zlog_info(
2068 "Tunnel Encap attribute length is bad: %d leftover octets",
2069 length);
2070 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2071 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2072 startp, total);
2073 return -1;
2074 }
2075
2076 return 0;
2077 }
2078
2079 /*
2080 * Read an individual SID value returning how much data we have read
2081 * Returns 0 if there was an error that needs to be passed up the stack
2082 */
2083 static bgp_attr_parse_ret_t bgp_attr_psid_sub(int32_t type,
2084 int32_t length,
2085 struct bgp_attr_parser_args *args,
2086 struct bgp_nlri *mp_update)
2087 {
2088 struct peer *const peer = args->peer;
2089 struct attr *const attr = args->attr;
2090 uint32_t label_index;
2091 struct in6_addr ipv6_sid;
2092 uint32_t srgb_base;
2093 uint32_t srgb_range;
2094 int srgb_count;
2095
2096 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2097 if (length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
2098 flog_err(
2099 EC_BGP_ATTR_LEN,
2100 "Prefix SID label index length is %d instead of %d",
2101 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
2102 return bgp_attr_malformed(args,
2103 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2104 args->total);
2105 }
2106
2107 /* Ignore flags and reserved */
2108 stream_getc(peer->curr);
2109 stream_getw(peer->curr);
2110
2111 /* Fetch the label index and see if it is valid. */
2112 label_index = stream_getl(peer->curr);
2113 if (label_index == BGP_INVALID_LABEL_INDEX)
2114 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2115 args->total);
2116
2117 /* Store label index; subsequently, we'll check on
2118 * address-family */
2119 attr->label_index = label_index;
2120
2121 /*
2122 * Ignore the Label index attribute unless received for
2123 * labeled-unicast
2124 * SAFI.
2125 */
2126 if (!mp_update->length
2127 || mp_update->safi != SAFI_LABELED_UNICAST)
2128 attr->label_index = BGP_INVALID_LABEL_INDEX;
2129 }
2130
2131 /* Placeholder code for the IPv6 SID type */
2132 else if (type == BGP_PREFIX_SID_IPV6) {
2133 if (length != BGP_PREFIX_SID_IPV6_LENGTH) {
2134 flog_err(EC_BGP_ATTR_LEN,
2135 "Prefix SID IPv6 length is %d instead of %d",
2136 length, BGP_PREFIX_SID_IPV6_LENGTH);
2137 return bgp_attr_malformed(args,
2138 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2139 args->total);
2140 }
2141
2142 /* Ignore reserved */
2143 stream_getc(peer->curr);
2144 stream_getw(peer->curr);
2145
2146 stream_get(&ipv6_sid, peer->curr, 16);
2147 }
2148
2149 /* Placeholder code for the Originator SRGB type */
2150 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2151 /* Ignore flags */
2152 stream_getw(peer->curr);
2153
2154 length -= 2;
2155
2156 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
2157 flog_err(
2158 EC_BGP_ATTR_LEN,
2159 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2160 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2161 return bgp_attr_malformed(
2162 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2163 args->total);
2164 }
2165
2166 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2167
2168 for (int i = 0; i < srgb_count; i++) {
2169 stream_get(&srgb_base, peer->curr, 3);
2170 stream_get(&srgb_range, peer->curr, 3);
2171 }
2172 }
2173
2174 return BGP_ATTR_PARSE_PROCEED;
2175 }
2176
2177 /* Prefix SID attribute
2178 * draft-ietf-idr-bgp-prefix-sid-05
2179 */
2180 bgp_attr_parse_ret_t
2181 bgp_attr_prefix_sid(int32_t tlength, struct bgp_attr_parser_args *args,
2182 struct bgp_nlri *mp_update)
2183 {
2184 struct peer *const peer = args->peer;
2185 struct attr *const attr = args->attr;
2186 bgp_attr_parse_ret_t ret;
2187
2188 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2189
2190 while (tlength) {
2191 int32_t type, length;
2192
2193 type = stream_getc(peer->curr);
2194 length = stream_getw(peer->curr);
2195
2196 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2197
2198 if (ret != BGP_ATTR_PARSE_PROCEED)
2199 return ret;
2200 /*
2201 * Subtract length + the T and the L
2202 * since length is the Vector portion
2203 */
2204 tlength -= length + 3;
2205
2206 if (tlength < 0) {
2207 flog_err(
2208 EC_BGP_ATTR_LEN,
2209 "Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2210 length);
2211 return bgp_attr_malformed(args,
2212 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2213 args->total);
2214 }
2215 }
2216
2217 return BGP_ATTR_PARSE_PROCEED;
2218 }
2219
2220 /* PMSI tunnel attribute (RFC 6514)
2221 * Basic validation checks done here.
2222 */
2223 static bgp_attr_parse_ret_t
2224 bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2225 {
2226 struct peer *const peer = args->peer;
2227 struct attr *const attr = args->attr;
2228 const bgp_size_t length = args->length;
2229 uint8_t tnl_type;
2230 int attr_parse_len = 2 + BGP_LABEL_BYTES;
2231
2232 /* Verify that the receiver is expecting "ingress replication" as we
2233 * can only support that.
2234 */
2235 if (length < attr_parse_len) {
2236 flog_err(EC_BGP_ATTR_LEN, "Bad PMSI tunnel attribute length %d",
2237 length);
2238 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2239 args->total);
2240 }
2241 stream_getc(peer->curr); /* Flags */
2242 tnl_type = stream_getc(peer->curr);
2243 if (tnl_type > PMSI_TNLTYPE_MAX) {
2244 flog_err(EC_BGP_ATTR_PMSI_TYPE,
2245 "Invalid PMSI tunnel attribute type %d", tnl_type);
2246 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2247 args->total);
2248 }
2249 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2250 if (length != 9) {
2251 flog_err(EC_BGP_ATTR_PMSI_LEN,
2252 "Bad PMSI tunnel attribute length %d for IR",
2253 length);
2254 return bgp_attr_malformed(
2255 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2256 args->total);
2257 }
2258 }
2259
2260 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2261 attr->pmsi_tnl_type = tnl_type;
2262 stream_get(&attr->label, peer->curr, BGP_LABEL_BYTES);
2263
2264 /* Forward read pointer of input stream. */
2265 stream_forward_getp(peer->curr, length - attr_parse_len);
2266
2267 return BGP_ATTR_PARSE_PROCEED;
2268 }
2269
2270 /* BGP unknown attribute treatment. */
2271 static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2272 {
2273 bgp_size_t total = args->total;
2274 struct transit *transit;
2275 struct peer *const peer = args->peer;
2276 struct attr *const attr = args->attr;
2277 uint8_t *const startp = args->startp;
2278 const uint8_t type = args->type;
2279 const uint8_t flag = args->flags;
2280 const bgp_size_t length = args->length;
2281
2282 if (bgp_debug_update(peer, NULL, NULL, 1))
2283 zlog_debug(
2284 "%s Unknown attribute is received (type %d, length %d)",
2285 peer->host, type, length);
2286
2287 /* Forward read pointer of input stream. */
2288 stream_forward_getp(peer->curr, length);
2289
2290 /* If any of the mandatory well-known attributes are not recognized,
2291 then the Error Subcode is set to Unrecognized Well-known
2292 Attribute. The Data field contains the unrecognized attribute
2293 (type, length and value). */
2294 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2295 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2296 args->total);
2297 }
2298
2299 /* Unrecognized non-transitive optional attributes must be quietly
2300 ignored and not passed along to other BGP peers. */
2301 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2302 return BGP_ATTR_PARSE_PROCEED;
2303
2304 /* If a path with recognized transitive optional attribute is
2305 accepted and passed along to other BGP peers and the Partial bit
2306 in the Attribute Flags octet is set to 1 by some previous AS, it
2307 is not set back to 0 by the current AS. */
2308 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2309
2310 /* Store transitive attribute to the end of attr->transit. */
2311 if (!attr->transit)
2312 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2313
2314 transit = attr->transit;
2315
2316 if (transit->val)
2317 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2318 transit->length + total);
2319 else
2320 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2321
2322 memcpy(transit->val + transit->length, startp, total);
2323 transit->length += total;
2324
2325 return BGP_ATTR_PARSE_PROCEED;
2326 }
2327
2328 /* Well-known attribute check. */
2329 static int bgp_attr_check(struct peer *peer, struct attr *attr)
2330 {
2331 uint8_t type = 0;
2332
2333 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2334 * empty UPDATE. */
2335 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2336 return BGP_ATTR_PARSE_PROCEED;
2337
2338 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2339 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2340 are present, it should. Check for any other attribute being present
2341 instead.
2342 */
2343 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2344 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
2345 return BGP_ATTR_PARSE_PROCEED;
2346
2347 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2348 type = BGP_ATTR_ORIGIN;
2349
2350 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2351 type = BGP_ATTR_AS_PATH;
2352
2353 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2354 * and
2355 * NLRI is empty. We can't easily check NLRI empty here though.
2356 */
2357 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2358 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2359 type = BGP_ATTR_NEXT_HOP;
2360
2361 if (peer->sort == BGP_PEER_IBGP
2362 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2363 type = BGP_ATTR_LOCAL_PREF;
2364
2365 if (type) {
2366 flog_warn(EC_BGP_MISSING_ATTRIBUTE,
2367 "%s Missing well-known attribute %s.", peer->host,
2368 lookup_msg(attr_str, type, NULL));
2369 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2370 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2371 1);
2372 return BGP_ATTR_PARSE_ERROR;
2373 }
2374 return BGP_ATTR_PARSE_PROCEED;
2375 }
2376
2377 /* Read attribute of update packet. This function is called from
2378 bgp_update_receive() in bgp_packet.c. */
2379 bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2380 bgp_size_t size, struct bgp_nlri *mp_update,
2381 struct bgp_nlri *mp_withdraw)
2382 {
2383 bgp_attr_parse_ret_t ret;
2384 uint8_t flag = 0;
2385 uint8_t type = 0;
2386 bgp_size_t length;
2387 uint8_t *startp, *endp;
2388 uint8_t *attr_endp;
2389 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
2390 /* we need the as4_path only until we have synthesized the as_path with
2391 * it */
2392 /* same goes for as4_aggregator */
2393 struct aspath *as4_path = NULL;
2394 as_t as4_aggregator = 0;
2395 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2396
2397 /* Initialize bitmap. */
2398 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2399
2400 /* End pointer of BGP attribute. */
2401 endp = BGP_INPUT_PNT(peer) + size;
2402
2403 /* Get attributes to the end of attribute length. */
2404 while (BGP_INPUT_PNT(peer) < endp) {
2405 /* Check remaining length check.*/
2406 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2407 /* XXX warning: long int format, int arg (arg 5) */
2408 flog_warn(
2409 EC_BGP_ATTRIBUTE_TOO_SMALL,
2410 "%s: error BGP attribute length %lu is smaller than min len",
2411 peer->host,
2412 (unsigned long)(endp
2413 - stream_pnt(BGP_INPUT(peer))));
2414
2415 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2416 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2417 return BGP_ATTR_PARSE_ERROR;
2418 }
2419
2420 /* Fetch attribute flag and type. */
2421 startp = BGP_INPUT_PNT(peer);
2422 /* "The lower-order four bits of the Attribute Flags octet are
2423 unused. They MUST be zero when sent and MUST be ignored when
2424 received." */
2425 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2426 type = stream_getc(BGP_INPUT(peer));
2427
2428 /* Check whether Extended-Length applies and is in bounds */
2429 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2430 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
2431 flog_warn(
2432 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL,
2433 "%s: Extended length set, but just %lu bytes of attr header",
2434 peer->host,
2435 (unsigned long)(endp
2436 - stream_pnt(BGP_INPUT(peer))));
2437
2438 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2439 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2440 return BGP_ATTR_PARSE_ERROR;
2441 }
2442
2443 /* Check extended attribue length bit. */
2444 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2445 length = stream_getw(BGP_INPUT(peer));
2446 else
2447 length = stream_getc(BGP_INPUT(peer));
2448
2449 /* If any attribute appears more than once in the UPDATE
2450 message, then the Error Subcode is set to Malformed Attribute
2451 List. */
2452
2453 if (CHECK_BITMAP(seen, type)) {
2454 flog_warn(
2455 EC_BGP_ATTRIBUTE_REPEATED,
2456 "%s: error BGP attribute type %d appears twice in a message",
2457 peer->host, type);
2458
2459 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2460 BGP_NOTIFY_UPDATE_MAL_ATTR);
2461 return BGP_ATTR_PARSE_ERROR;
2462 }
2463
2464 /* Set type to bitmap to check duplicate attribute. `type' is
2465 unsigned char so it never overflow bitmap range. */
2466
2467 SET_BITMAP(seen, type);
2468
2469 /* Overflow check. */
2470 attr_endp = BGP_INPUT_PNT(peer) + length;
2471
2472 if (attr_endp > endp) {
2473 flog_warn(
2474 EC_BGP_ATTRIBUTE_TOO_LARGE,
2475 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2476 peer->host, type, length, size, attr_endp,
2477 endp);
2478 /*
2479 * RFC 4271 6.3
2480 * If any recognized attribute has an Attribute
2481 * Length that conflicts with the expected length
2482 * (based on the attribute type code), then the
2483 * Error Subcode MUST be set to Attribute Length
2484 * Error. The Data field MUST contain the erroneous
2485 * attribute (type, length, and value).
2486 * ----------
2487 * We do not currently have a good way to determine the
2488 * length of the attribute independent of the length
2489 * received in the message. Instead we send the
2490 * minimum between the amount of data we have and the
2491 * amount specified by the attribute length field.
2492 *
2493 * Instead of directly passing in the packet buffer and
2494 * offset we use the stream_get* functions to read into
2495 * a stack buffer, since they perform bounds checking
2496 * and we are working with untrusted data.
2497 */
2498 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2499 memset(ndata, 0x00, sizeof(ndata));
2500 size_t lfl =
2501 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2502 /* Rewind to end of flag field */
2503 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2504 /* Type */
2505 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2506 /* Length */
2507 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2508 /* Value */
2509 size_t atl = attr_endp - startp;
2510 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2511 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2512
2513 bgp_notify_send_with_data(
2514 peer, BGP_NOTIFY_UPDATE_ERR,
2515 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2516 ndl + lfl + 1);
2517
2518 return BGP_ATTR_PARSE_ERROR;
2519 }
2520
2521 struct bgp_attr_parser_args attr_args = {
2522 .peer = peer,
2523 .length = length,
2524 .attr = attr,
2525 .type = type,
2526 .flags = flag,
2527 .startp = startp,
2528 .total = attr_endp - startp,
2529 };
2530
2531
2532 /* If any recognized attribute has Attribute Flags that conflict
2533 with the Attribute Type Code, then the Error Subcode is set
2534 to
2535 Attribute Flags Error. The Data field contains the erroneous
2536 attribute (type, length and value). */
2537 if (bgp_attr_flag_invalid(&attr_args)) {
2538 ret = bgp_attr_malformed(
2539 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2540 attr_args.total);
2541 if (ret == BGP_ATTR_PARSE_PROCEED)
2542 continue;
2543 return ret;
2544 }
2545
2546 /* OK check attribute and store it's value. */
2547 switch (type) {
2548 case BGP_ATTR_ORIGIN:
2549 ret = bgp_attr_origin(&attr_args);
2550 break;
2551 case BGP_ATTR_AS_PATH:
2552 ret = bgp_attr_aspath(&attr_args);
2553 break;
2554 case BGP_ATTR_AS4_PATH:
2555 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2556 break;
2557 case BGP_ATTR_NEXT_HOP:
2558 ret = bgp_attr_nexthop(&attr_args);
2559 break;
2560 case BGP_ATTR_MULTI_EXIT_DISC:
2561 ret = bgp_attr_med(&attr_args);
2562 break;
2563 case BGP_ATTR_LOCAL_PREF:
2564 ret = bgp_attr_local_pref(&attr_args);
2565 break;
2566 case BGP_ATTR_ATOMIC_AGGREGATE:
2567 ret = bgp_attr_atomic(&attr_args);
2568 break;
2569 case BGP_ATTR_AGGREGATOR:
2570 ret = bgp_attr_aggregator(&attr_args);
2571 break;
2572 case BGP_ATTR_AS4_AGGREGATOR:
2573 ret = bgp_attr_as4_aggregator(&attr_args,
2574 &as4_aggregator,
2575 &as4_aggregator_addr);
2576 break;
2577 case BGP_ATTR_COMMUNITIES:
2578 ret = bgp_attr_community(&attr_args);
2579 break;
2580 case BGP_ATTR_LARGE_COMMUNITIES:
2581 ret = bgp_attr_large_community(&attr_args);
2582 break;
2583 case BGP_ATTR_ORIGINATOR_ID:
2584 ret = bgp_attr_originator_id(&attr_args);
2585 break;
2586 case BGP_ATTR_CLUSTER_LIST:
2587 ret = bgp_attr_cluster_list(&attr_args);
2588 break;
2589 case BGP_ATTR_MP_REACH_NLRI:
2590 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2591 break;
2592 case BGP_ATTR_MP_UNREACH_NLRI:
2593 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2594 break;
2595 case BGP_ATTR_EXT_COMMUNITIES:
2596 ret = bgp_attr_ext_communities(&attr_args);
2597 break;
2598 #if ENABLE_BGP_VNC_ATTR
2599 case BGP_ATTR_VNC:
2600 #endif
2601 case BGP_ATTR_ENCAP:
2602 ret = bgp_attr_encap(type, peer, length, attr, flag,
2603 startp);
2604 break;
2605 case BGP_ATTR_PREFIX_SID:
2606 ret = bgp_attr_prefix_sid(length,
2607 &attr_args, mp_update);
2608 break;
2609 case BGP_ATTR_PMSI_TUNNEL:
2610 ret = bgp_attr_pmsi_tunnel(&attr_args);
2611 break;
2612 default:
2613 ret = bgp_attr_unknown(&attr_args);
2614 break;
2615 }
2616
2617 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2618 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2619 BGP_NOTIFY_UPDATE_MAL_ATTR);
2620 ret = BGP_ATTR_PARSE_ERROR;
2621 }
2622
2623 if (ret == BGP_ATTR_PARSE_EOR) {
2624 if (as4_path)
2625 aspath_unintern(&as4_path);
2626 return ret;
2627 }
2628
2629 /* If hard error occurred immediately return to the caller. */
2630 if (ret == BGP_ATTR_PARSE_ERROR) {
2631 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR,
2632 "%s: Attribute %s, parse error", peer->host,
2633 lookup_msg(attr_str, type, NULL));
2634 if (as4_path)
2635 aspath_unintern(&as4_path);
2636 return ret;
2637 }
2638 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2639
2640 flog_warn(
2641 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW,
2642 "%s: Attribute %s, parse error - treating as withdrawal",
2643 peer->host, lookup_msg(attr_str, type, NULL));
2644 if (as4_path)
2645 aspath_unintern(&as4_path);
2646 return ret;
2647 }
2648
2649 /* Check the fetched length. */
2650 if (BGP_INPUT_PNT(peer) != attr_endp) {
2651 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR,
2652 "%s: BGP attribute %s, fetch error",
2653 peer->host, lookup_msg(attr_str, type, NULL));
2654 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2655 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2656 if (as4_path)
2657 aspath_unintern(&as4_path);
2658 return BGP_ATTR_PARSE_ERROR;
2659 }
2660 }
2661
2662 /* Check final read pointer is same as end pointer. */
2663 if (BGP_INPUT_PNT(peer) != endp) {
2664 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH,
2665 "%s: BGP attribute %s, length mismatch", peer->host,
2666 lookup_msg(attr_str, type, NULL));
2667 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2668 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2669 if (as4_path)
2670 aspath_unintern(&as4_path);
2671 return BGP_ATTR_PARSE_ERROR;
2672 }
2673
2674 /* Check all mandatory well-known attributes are present */
2675 if ((ret = bgp_attr_check(peer, attr)) < 0) {
2676 if (as4_path)
2677 aspath_unintern(&as4_path);
2678 return ret;
2679 }
2680
2681 /*
2682 * At this place we can see whether we got AS4_PATH and/or
2683 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2684 * We can not do this before we've read all attributes because
2685 * the as4 handling does not say whether AS4_PATH has to be sent
2686 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2687 * in relationship to AGGREGATOR.
2688 * So, to be defensive, we are not relying on any order and read
2689 * all attributes first, including these 32bit ones, and now,
2690 * afterwards, we look what and if something is to be done for as4.
2691 *
2692 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2693 * MP_UNREACH_NLRI.
2694 */
2695 /* actually... this doesn't ever return failure currently, but
2696 * better safe than sorry */
2697 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2698 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2699 &as4_aggregator_addr)) {
2700 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2701 BGP_NOTIFY_UPDATE_MAL_ATTR);
2702 if (as4_path)
2703 aspath_unintern(&as4_path);
2704 return BGP_ATTR_PARSE_ERROR;
2705 }
2706
2707 /* At this stage, we have done all fiddling with as4, and the
2708 * resulting info is in attr->aggregator resp. attr->aspath
2709 * so we can chuck as4_aggregator and as4_path alltogether in
2710 * order to save memory
2711 */
2712 if (as4_path) {
2713 aspath_unintern(&as4_path); /* unintern - it is in the hash */
2714 /* The flag that we got this is still there, but that does not
2715 * do any trouble
2716 */
2717 }
2718 /*
2719 * The "rest" of the code does nothing with as4_aggregator.
2720 * there is no memory attached specifically which is not part
2721 * of the attr.
2722 * so ignoring just means do nothing.
2723 */
2724 /*
2725 * Finally do the checks on the aspath we did not do yet
2726 * because we waited for a potentially synthesized aspath.
2727 */
2728 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2729 ret = bgp_attr_aspath_check(peer, attr);
2730 if (ret != BGP_ATTR_PARSE_PROCEED)
2731 return ret;
2732 }
2733 /* Finally intern unknown attribute. */
2734 if (attr->transit)
2735 attr->transit = transit_intern(attr->transit);
2736 if (attr->encap_subtlvs)
2737 attr->encap_subtlvs =
2738 encap_intern(attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
2739 #if ENABLE_BGP_VNC
2740 if (attr->vnc_subtlvs)
2741 attr->vnc_subtlvs =
2742 encap_intern(attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
2743 #endif
2744
2745 return BGP_ATTR_PARSE_PROCEED;
2746 }
2747
2748 size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2749 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2750 struct attr *attr)
2751 {
2752 size_t sizep;
2753 iana_afi_t pkt_afi;
2754 iana_safi_t pkt_safi;
2755 afi_t nh_afi;
2756
2757 /* Set extended bit always to encode the attribute length as 2 bytes */
2758 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2759 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2760 sizep = stream_get_endp(s);
2761 stream_putw(s, 0); /* Marker: Attribute length. */
2762
2763
2764 /* Convert AFI, SAFI to values for packet. */
2765 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2766
2767 stream_putw(s, pkt_afi); /* AFI */
2768 stream_putc(s, pkt_safi); /* SAFI */
2769
2770 /* Nexthop AFI */
2771 if (afi == AFI_IP
2772 && (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
2773 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
2774 else
2775 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2776
2777 /* Nexthop */
2778 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2779 switch (nh_afi) {
2780 case AFI_IP:
2781 switch (safi) {
2782 case SAFI_UNICAST:
2783 case SAFI_MULTICAST:
2784 case SAFI_LABELED_UNICAST:
2785 stream_putc(s, 4);
2786 stream_put_ipv4(s, attr->nexthop.s_addr);
2787 break;
2788 case SAFI_MPLS_VPN:
2789 stream_putc(s, 12);
2790 stream_putl(s, 0); /* RD = 0, per RFC */
2791 stream_putl(s, 0);
2792 stream_put(s, &attr->mp_nexthop_global_in, 4);
2793 break;
2794 case SAFI_ENCAP:
2795 case SAFI_EVPN:
2796 stream_putc(s, 4);
2797 stream_put(s, &attr->mp_nexthop_global_in, 4);
2798 break;
2799 case SAFI_FLOWSPEC:
2800 stream_putc(s, 0); /* no nexthop for flowspec */
2801 default:
2802 break;
2803 }
2804 break;
2805 case AFI_IP6:
2806 switch (safi) {
2807 case SAFI_UNICAST:
2808 case SAFI_MULTICAST:
2809 case SAFI_LABELED_UNICAST:
2810 case SAFI_EVPN: {
2811 if (attr->mp_nexthop_len
2812 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2813 stream_putc(s,
2814 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
2815 stream_put(s, &attr->mp_nexthop_global,
2816 IPV6_MAX_BYTELEN);
2817 stream_put(s, &attr->mp_nexthop_local,
2818 IPV6_MAX_BYTELEN);
2819 } else {
2820 stream_putc(s, IPV6_MAX_BYTELEN);
2821 stream_put(s, &attr->mp_nexthop_global,
2822 IPV6_MAX_BYTELEN);
2823 }
2824 } break;
2825 case SAFI_MPLS_VPN: {
2826 if (attr->mp_nexthop_len
2827 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
2828 stream_putc(s, 24);
2829 stream_putl(s, 0); /* RD = 0, per RFC */
2830 stream_putl(s, 0);
2831 stream_put(s, &attr->mp_nexthop_global,
2832 IPV6_MAX_BYTELEN);
2833 } else if (attr->mp_nexthop_len
2834 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2835 stream_putc(s, 48);
2836 stream_putl(s, 0); /* RD = 0, per RFC */
2837 stream_putl(s, 0);
2838 stream_put(s, &attr->mp_nexthop_global,
2839 IPV6_MAX_BYTELEN);
2840 stream_putl(s, 0); /* RD = 0, per RFC */
2841 stream_putl(s, 0);
2842 stream_put(s, &attr->mp_nexthop_local,
2843 IPV6_MAX_BYTELEN);
2844 }
2845 } break;
2846 case SAFI_ENCAP:
2847 stream_putc(s, IPV6_MAX_BYTELEN);
2848 stream_put(s, &attr->mp_nexthop_global,
2849 IPV6_MAX_BYTELEN);
2850 break;
2851 case SAFI_FLOWSPEC:
2852 stream_putc(s, 0); /* no nexthop for flowspec */
2853 default:
2854 break;
2855 }
2856 break;
2857 default:
2858 if (safi != SAFI_FLOWSPEC)
2859 flog_err(
2860 EC_BGP_ATTR_NH_SEND_LEN,
2861 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
2862 peer->host, afi, safi, attr->mp_nexthop_len);
2863 break;
2864 }
2865
2866 /* SNPA */
2867 stream_putc(s, 0);
2868 return sizep;
2869 }
2870
2871 void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
2872 struct prefix *p, struct prefix_rd *prd,
2873 mpls_label_t *label, uint32_t num_labels,
2874 int addpath_encode, uint32_t addpath_tx_id,
2875 struct attr *attr)
2876 {
2877 if (safi == SAFI_MPLS_VPN) {
2878 if (addpath_encode)
2879 stream_putl(s, addpath_tx_id);
2880 /* Label, RD, Prefix write. */
2881 stream_putc(s, p->prefixlen + 88);
2882 stream_put(s, label, BGP_LABEL_BYTES);
2883 stream_put(s, prd->val, 8);
2884 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
2885 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
2886 /* EVPN prefix - contents depend on type */
2887 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
2888 addpath_encode, addpath_tx_id);
2889 } else if (safi == SAFI_LABELED_UNICAST) {
2890 /* Prefix write with label. */
2891 stream_put_labeled_prefix(s, p, label);
2892 } else if (safi == SAFI_FLOWSPEC) {
2893 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
2894 stream_putc(s, PSIZE (p->prefixlen)+2);
2895 else
2896 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
2897 stream_putc(s, 2);/* Filter type */
2898 stream_putc(s, p->prefixlen);/* Prefix length */
2899 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
2900 } else
2901 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
2902 }
2903
2904 size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
2905 {
2906 int size = PSIZE(p->prefixlen);
2907 if (safi == SAFI_MPLS_VPN)
2908 size += 88;
2909 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
2910 size += 232; // TODO: Maximum possible for type-2, type-3 and
2911 // type-5
2912 return size;
2913 }
2914
2915 /*
2916 * Encodes the tunnel encapsulation attribute,
2917 * and with ENABLE_BGP_VNC the VNC attribute which uses
2918 * almost the same TLV format
2919 */
2920 static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
2921 struct stream *s, struct attr *attr,
2922 uint8_t attrtype)
2923 {
2924 unsigned int attrlenfield = 0;
2925 unsigned int attrhdrlen = 0;
2926 struct bgp_attr_encap_subtlv *subtlvs;
2927 struct bgp_attr_encap_subtlv *st;
2928 const char *attrname;
2929
2930 if (!attr || (attrtype == BGP_ATTR_ENCAP
2931 && (!attr->encap_tunneltype
2932 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
2933 return;
2934
2935 switch (attrtype) {
2936 case BGP_ATTR_ENCAP:
2937 attrname = "Tunnel Encap";
2938 subtlvs = attr->encap_subtlvs;
2939 if (subtlvs == NULL) /* nothing to do */
2940 return;
2941 /*
2942 * The tunnel encap attr has an "outer" tlv.
2943 * T = tunneltype,
2944 * L = total length of subtlvs,
2945 * V = concatenated subtlvs.
2946 */
2947 attrlenfield = 2 + 2; /* T + L */
2948 attrhdrlen = 1 + 1; /* subTLV T + L */
2949 break;
2950
2951 #if ENABLE_BGP_VNC_ATTR
2952 case BGP_ATTR_VNC:
2953 attrname = "VNC";
2954 subtlvs = attr->vnc_subtlvs;
2955 if (subtlvs == NULL) /* nothing to do */
2956 return;
2957 attrlenfield = 0; /* no outer T + L */
2958 attrhdrlen = 2 + 2; /* subTLV T + L */
2959 break;
2960 #endif
2961
2962 default:
2963 assert(0);
2964 }
2965
2966 /* compute attr length */
2967 for (st = subtlvs; st; st = st->next) {
2968 attrlenfield += (attrhdrlen + st->length);
2969 }
2970
2971 if (attrlenfield > 0xffff) {
2972 zlog_info("%s attribute is too long (length=%d), can't send it",
2973 attrname, attrlenfield);
2974 return;
2975 }
2976
2977 if (attrlenfield > 0xff) {
2978 /* 2-octet length field */
2979 stream_putc(s,
2980 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
2981 | BGP_ATTR_FLAG_EXTLEN);
2982 stream_putc(s, attrtype);
2983 stream_putw(s, attrlenfield & 0xffff);
2984 } else {
2985 /* 1-octet length field */
2986 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
2987 stream_putc(s, attrtype);
2988 stream_putc(s, attrlenfield & 0xff);
2989 }
2990
2991 if (attrtype == BGP_ATTR_ENCAP) {
2992 /* write outer T+L */
2993 stream_putw(s, attr->encap_tunneltype);
2994 stream_putw(s, attrlenfield - 4);
2995 }
2996
2997 /* write each sub-tlv */
2998 for (st = subtlvs; st; st = st->next) {
2999 if (attrtype == BGP_ATTR_ENCAP) {
3000 stream_putc(s, st->type);
3001 stream_putc(s, st->length);
3002 #if ENABLE_BGP_VNC
3003 } else {
3004 stream_putw(s, st->type);
3005 stream_putw(s, st->length);
3006 #endif
3007 }
3008 stream_put(s, st->value, st->length);
3009 }
3010 }
3011
3012 void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
3013 {
3014 /* Set MP attribute length. Don't count the (2) bytes used to encode
3015 the attr length */
3016 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
3017 }
3018
3019 /* Make attribute packet. */
3020 bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
3021 struct stream *s, struct attr *attr,
3022 struct bpacket_attr_vec_arr *vecarr,
3023 struct prefix *p, afi_t afi, safi_t safi,
3024 struct peer *from, struct prefix_rd *prd,
3025 mpls_label_t *label, uint32_t num_labels,
3026 int addpath_encode, uint32_t addpath_tx_id)
3027 {
3028 size_t cp;
3029 size_t aspath_sizep;
3030 struct aspath *aspath;
3031 int send_as4_path = 0;
3032 int send_as4_aggregator = 0;
3033 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
3034
3035 if (!bgp)
3036 bgp = peer->bgp;
3037
3038 /* Remember current pointer. */
3039 cp = stream_get_endp(s);
3040
3041 if (p
3042 && !((afi == AFI_IP && safi == SAFI_UNICAST)
3043 && !peer_cap_enhe(peer, afi, safi))) {
3044 size_t mpattrlen_pos = 0;
3045
3046 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
3047 vecarr, attr);
3048 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3049 num_labels, addpath_encode,
3050 addpath_tx_id, attr);
3051 bgp_packet_mpattr_end(s, mpattrlen_pos);
3052 }
3053
3054 /* Origin attribute. */
3055 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3056 stream_putc(s, BGP_ATTR_ORIGIN);
3057 stream_putc(s, 1);
3058 stream_putc(s, attr->origin);
3059
3060 /* AS path attribute. */
3061
3062 /* If remote-peer is EBGP */
3063 if (peer->sort == BGP_PEER_EBGP
3064 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3065 PEER_FLAG_AS_PATH_UNCHANGED)
3066 || attr->aspath->segments == NULL)
3067 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3068 PEER_FLAG_RSERVER_CLIENT))) {
3069 aspath = aspath_dup(attr->aspath);
3070
3071 /* Even though we may not be configured for confederations we
3072 * may have
3073 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3074 aspath = aspath_delete_confed_seq(aspath);
3075
3076 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3077 /* Stuff our path CONFED_ID on the front */
3078 aspath = aspath_add_seq(aspath, bgp->confed_id);
3079 } else {
3080 if (peer->change_local_as) {
3081 /* If replace-as is specified, we only use the
3082 change_local_as when
3083 advertising routes. */
3084 if (!CHECK_FLAG(
3085 peer->flags,
3086 PEER_FLAG_LOCAL_AS_REPLACE_AS)) {
3087 aspath = aspath_add_seq(aspath,
3088 peer->local_as);
3089 }
3090 aspath = aspath_add_seq(aspath,
3091 peer->change_local_as);
3092 } else {
3093 aspath = aspath_add_seq(aspath, peer->local_as);
3094 }
3095 }
3096 } else if (peer->sort == BGP_PEER_CONFED) {
3097 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3098 * thing */
3099 aspath = aspath_dup(attr->aspath);
3100 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3101 } else
3102 aspath = attr->aspath;
3103
3104 /* If peer is not AS4 capable, then:
3105 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3106 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3107 * segment
3108 * types are in it (i.e. exclude them if they are there)
3109 * AND do this only if there is at least one asnum > 65535 in the
3110 * path!
3111 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3112 * change
3113 * all ASnums > 65535 to BGP_AS_TRANS
3114 */
3115
3116 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3117 stream_putc(s, BGP_ATTR_AS_PATH);
3118 aspath_sizep = stream_get_endp(s);
3119 stream_putw(s, 0);
3120 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3121
3122 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3123 * in the path
3124 */
3125 if (!use32bit && aspath_has_as4(aspath))
3126 send_as4_path =
3127 1; /* we'll do this later, at the correct place */
3128
3129 /* Nexthop attribute. */
3130 if (afi == AFI_IP && safi == SAFI_UNICAST
3131 && !peer_cap_enhe(peer, afi, safi)) {
3132 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3133 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3134 stream_putc(s, BGP_ATTR_NEXT_HOP);
3135 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3136 attr);
3137 stream_putc(s, 4);
3138 stream_put_ipv4(s, attr->nexthop.s_addr);
3139 } else if (peer_cap_enhe(from, afi, safi)) {
3140 /*
3141 * Likely this is the case when an IPv4 prefix was
3142 * received with
3143 * Extended Next-hop capability and now being advertised
3144 * to
3145 * non-ENHE peers.
3146 * Setting the mandatory (ipv4) next-hop attribute here
3147 * to enable
3148 * implicit next-hop self with correct (ipv4 address
3149 * family).
3150 */
3151 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3152 stream_putc(s, BGP_ATTR_NEXT_HOP);
3153 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3154 NULL);
3155 stream_putc(s, 4);
3156 stream_put_ipv4(s, 0);
3157 }
3158 }
3159
3160 /* MED attribute. */
3161 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3162 || bgp->maxmed_active) {
3163 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3164 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3165 stream_putc(s, 4);
3166 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3167 : attr->med));
3168 }
3169
3170 /* Local preference. */
3171 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3172 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3173 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3174 stream_putc(s, 4);
3175 stream_putl(s, attr->local_pref);
3176 }
3177
3178 /* Atomic aggregate. */
3179 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3180 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3181 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3182 stream_putc(s, 0);
3183 }
3184
3185 /* Aggregator. */
3186 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3187 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3188 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3189 stream_putc(s, BGP_ATTR_AGGREGATOR);
3190
3191 if (use32bit) {
3192 /* AS4 capable peer */
3193 stream_putc(s, 8);
3194 stream_putl(s, attr->aggregator_as);
3195 } else {
3196 /* 2-byte AS peer */
3197 stream_putc(s, 6);
3198
3199 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3200 * used? */
3201 if (attr->aggregator_as > 65535) {
3202 stream_putw(s, BGP_AS_TRANS);
3203
3204 /* we have to send AS4_AGGREGATOR, too.
3205 * we'll do that later in order to send
3206 * attributes in ascending
3207 * order.
3208 */
3209 send_as4_aggregator = 1;
3210 } else
3211 stream_putw(s, (uint16_t)attr->aggregator_as);
3212 }
3213 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3214 }
3215
3216 /* Community attribute. */
3217 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3218 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3219 if (attr->community->size * 4 > 255) {
3220 stream_putc(s,
3221 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3222 | BGP_ATTR_FLAG_EXTLEN);
3223 stream_putc(s, BGP_ATTR_COMMUNITIES);
3224 stream_putw(s, attr->community->size * 4);
3225 } else {
3226 stream_putc(s,
3227 BGP_ATTR_FLAG_OPTIONAL
3228 | BGP_ATTR_FLAG_TRANS);
3229 stream_putc(s, BGP_ATTR_COMMUNITIES);
3230 stream_putc(s, attr->community->size * 4);
3231 }
3232 stream_put(s, attr->community->val, attr->community->size * 4);
3233 }
3234
3235 /*
3236 * Large Community attribute.
3237 */
3238 if (CHECK_FLAG(peer->af_flags[afi][safi],
3239 PEER_FLAG_SEND_LARGE_COMMUNITY)
3240 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
3241 if (lcom_length(attr->lcommunity) > 255) {
3242 stream_putc(s,
3243 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3244 | BGP_ATTR_FLAG_EXTLEN);
3245 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3246 stream_putw(s, lcom_length(attr->lcommunity));
3247 } else {
3248 stream_putc(s,
3249 BGP_ATTR_FLAG_OPTIONAL
3250 | BGP_ATTR_FLAG_TRANS);
3251 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3252 stream_putc(s, lcom_length(attr->lcommunity));
3253 }
3254 stream_put(s, attr->lcommunity->val,
3255 lcom_length(attr->lcommunity));
3256 }
3257
3258 /* Route Reflector. */
3259 if (peer->sort == BGP_PEER_IBGP && from
3260 && from->sort == BGP_PEER_IBGP) {
3261 /* Originator ID. */
3262 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3263 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3264 stream_putc(s, 4);
3265
3266 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3267 stream_put_in_addr(s, &attr->originator_id);
3268 else
3269 stream_put_in_addr(s, &from->remote_id);
3270
3271 /* Cluster list. */
3272 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3273 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3274
3275 if (attr->cluster) {
3276 stream_putc(s, attr->cluster->length + 4);
3277 /* If this peer configuration's parent BGP has
3278 * cluster_id. */
3279 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3280 stream_put_in_addr(s, &bgp->cluster_id);
3281 else
3282 stream_put_in_addr(s, &bgp->router_id);
3283 stream_put(s, attr->cluster->list,
3284 attr->cluster->length);
3285 } else {
3286 stream_putc(s, 4);
3287 /* If this peer configuration's parent BGP has
3288 * cluster_id. */
3289 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3290 stream_put_in_addr(s, &bgp->cluster_id);
3291 else
3292 stream_put_in_addr(s, &bgp->router_id);
3293 }
3294 }
3295
3296 /* Extended Communities attribute. */
3297 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3298 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3299 if (peer->sort == BGP_PEER_IBGP
3300 || peer->sort == BGP_PEER_CONFED) {
3301 if (attr->ecommunity->size * 8 > 255) {
3302 stream_putc(s,
3303 BGP_ATTR_FLAG_OPTIONAL
3304 | BGP_ATTR_FLAG_TRANS
3305 | BGP_ATTR_FLAG_EXTLEN);
3306 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3307 stream_putw(s, attr->ecommunity->size * 8);
3308 } else {
3309 stream_putc(s,
3310 BGP_ATTR_FLAG_OPTIONAL
3311 | BGP_ATTR_FLAG_TRANS);
3312 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3313 stream_putc(s, attr->ecommunity->size * 8);
3314 }
3315 stream_put(s, attr->ecommunity->val,
3316 attr->ecommunity->size * 8);
3317 } else {
3318 uint8_t *pnt;
3319 int tbit;
3320 int ecom_tr_size = 0;
3321 int i;
3322
3323 for (i = 0; i < attr->ecommunity->size; i++) {
3324 pnt = attr->ecommunity->val + (i * 8);
3325 tbit = *pnt;
3326
3327 if (CHECK_FLAG(tbit,
3328 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3329 continue;
3330
3331 ecom_tr_size++;
3332 }
3333
3334 if (ecom_tr_size) {
3335 if (ecom_tr_size * 8 > 255) {
3336 stream_putc(
3337 s,
3338 BGP_ATTR_FLAG_OPTIONAL
3339 | BGP_ATTR_FLAG_TRANS
3340 | BGP_ATTR_FLAG_EXTLEN);
3341 stream_putc(s,
3342 BGP_ATTR_EXT_COMMUNITIES);
3343 stream_putw(s, ecom_tr_size * 8);
3344 } else {
3345 stream_putc(
3346 s,
3347 BGP_ATTR_FLAG_OPTIONAL
3348 | BGP_ATTR_FLAG_TRANS);
3349 stream_putc(s,
3350 BGP_ATTR_EXT_COMMUNITIES);
3351 stream_putc(s, ecom_tr_size * 8);
3352 }
3353
3354 for (i = 0; i < attr->ecommunity->size; i++) {
3355 pnt = attr->ecommunity->val + (i * 8);
3356 tbit = *pnt;
3357
3358 if (CHECK_FLAG(
3359 tbit,
3360 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3361 continue;
3362
3363 stream_put(s, pnt, 8);
3364 }
3365 }
3366 }
3367 }
3368
3369 /* Label index attribute. */
3370 if (safi == SAFI_LABELED_UNICAST) {
3371 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3372 uint32_t label_index;
3373
3374 label_index = attr->label_index;
3375
3376 if (label_index != BGP_INVALID_LABEL_INDEX) {
3377 stream_putc(s,
3378 BGP_ATTR_FLAG_OPTIONAL
3379 | BGP_ATTR_FLAG_TRANS);
3380 stream_putc(s, BGP_ATTR_PREFIX_SID);
3381 stream_putc(s, 10);
3382 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3383 stream_putw(s,
3384 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3385 stream_putc(s, 0); // reserved
3386 stream_putw(s, 0); // flags
3387 stream_putl(s, label_index);
3388 }
3389 }
3390 }
3391
3392 if (send_as4_path) {
3393 /* If the peer is NOT As4 capable, AND */
3394 /* there are ASnums > 65535 in path THEN
3395 * give out AS4_PATH */
3396
3397 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3398 * path segments!
3399 * Hm, I wonder... confederation things *should* only be at
3400 * the beginning of an aspath, right? Then we should use
3401 * aspath_delete_confed_seq for this, because it is already
3402 * there! (JK)
3403 * Folks, talk to me: what is reasonable here!?
3404 */
3405 aspath = aspath_delete_confed_seq(aspath);
3406
3407 stream_putc(s,
3408 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3409 | BGP_ATTR_FLAG_EXTLEN);
3410 stream_putc(s, BGP_ATTR_AS4_PATH);
3411 aspath_sizep = stream_get_endp(s);
3412 stream_putw(s, 0);
3413 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3414 }
3415
3416 if (aspath != attr->aspath)
3417 aspath_free(aspath);
3418
3419 if (send_as4_aggregator) {
3420 /* send AS4_AGGREGATOR, at this place */
3421 /* this section of code moved here in order to ensure the
3422 * correct
3423 * *ascending* order of attributes
3424 */
3425 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3426 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3427 stream_putc(s, 8);
3428 stream_putl(s, attr->aggregator_as);
3429 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3430 }
3431
3432 if (((afi == AFI_IP || afi == AFI_IP6)
3433 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3434 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3435 /* Tunnel Encap attribute */
3436 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
3437
3438 #if ENABLE_BGP_VNC_ATTR
3439 /* VNC attribute */
3440 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
3441 #endif
3442 }
3443
3444 /* PMSI Tunnel */
3445 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3446 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3447 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3448 stream_putc(s, 9); // Length
3449 stream_putc(s, 0); // Flags
3450 stream_putc(s, attr->pmsi_tnl_type);
3451 stream_put(s, &(attr->label),
3452 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
3453 stream_put_ipv4(s, attr->nexthop.s_addr);
3454 // Unicast tunnel endpoint IP address
3455 }
3456
3457 /* Unknown transit attribute. */
3458 if (attr->transit)
3459 stream_put(s, attr->transit->val, attr->transit->length);
3460
3461 /* Return total size of attribute. */
3462 return stream_get_endp(s) - cp;
3463 }
3464
3465 size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
3466 {
3467 unsigned long attrlen_pnt;
3468 iana_afi_t pkt_afi;
3469 iana_safi_t pkt_safi;
3470
3471 /* Set extended bit always to encode the attribute length as 2 bytes */
3472 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3473 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
3474
3475 attrlen_pnt = stream_get_endp(s);
3476 stream_putw(s, 0); /* Length of this attribute. */
3477
3478 /* Convert AFI, SAFI to values for packet. */
3479 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
3480
3481 stream_putw(s, pkt_afi);
3482 stream_putc(s, pkt_safi);
3483
3484 return attrlen_pnt;
3485 }
3486
3487 void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3488 safi_t safi, struct prefix_rd *prd,
3489 mpls_label_t *label, uint32_t num_labels,
3490 int addpath_encode, uint32_t addpath_tx_id,
3491 struct attr *attr)
3492 {
3493 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
3494
3495 if (safi == SAFI_LABELED_UNICAST) {
3496 label = (mpls_label_t *)wlabel;
3497 num_labels = 1;
3498 }
3499
3500 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
3501 addpath_encode, addpath_tx_id, attr);
3502 }
3503
3504 void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
3505 {
3506 bgp_packet_mpattr_end(s, attrlen_pnt);
3507 }
3508
3509 /* Initialization of attribute. */
3510 void bgp_attr_init(void)
3511 {
3512 aspath_init();
3513 attrhash_init();
3514 community_init();
3515 ecommunity_init();
3516 lcommunity_init();
3517 cluster_init();
3518 transit_init();
3519 encap_init();
3520 }
3521
3522 void bgp_attr_finish(void)
3523 {
3524 aspath_finish();
3525 attrhash_finish();
3526 community_finish();
3527 ecommunity_finish();
3528 lcommunity_finish();
3529 cluster_finish();
3530 transit_finish();
3531 encap_finish();
3532 }
3533
3534 /* Make attribute packet. */
3535 void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3536 struct prefix *prefix)
3537 {
3538 unsigned long cp;
3539 unsigned long len;
3540 size_t aspath_lenp;
3541 struct aspath *aspath;
3542 int addpath_encode = 0;
3543 uint32_t addpath_tx_id = 0;
3544
3545 /* Remember current pointer. */
3546 cp = stream_get_endp(s);
3547
3548 /* Place holder of length. */
3549 stream_putw(s, 0);
3550
3551 /* Origin attribute. */
3552 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3553 stream_putc(s, BGP_ATTR_ORIGIN);
3554 stream_putc(s, 1);
3555 stream_putc(s, attr->origin);
3556
3557 aspath = attr->aspath;
3558
3559 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3560 stream_putc(s, BGP_ATTR_AS_PATH);
3561 aspath_lenp = stream_get_endp(s);
3562 stream_putw(s, 0);
3563
3564 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3565
3566 /* Nexthop attribute. */
3567 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3568 if (prefix != NULL && prefix->family != AF_INET6) {
3569 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3570 stream_putc(s, BGP_ATTR_NEXT_HOP);
3571 stream_putc(s, 4);
3572 stream_put_ipv4(s, attr->nexthop.s_addr);
3573 }
3574
3575 /* MED attribute. */
3576 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3577 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3578 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3579 stream_putc(s, 4);
3580 stream_putl(s, attr->med);
3581 }
3582
3583 /* Local preference. */
3584 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3585 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3586 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3587 stream_putc(s, 4);
3588 stream_putl(s, attr->local_pref);
3589 }
3590
3591 /* Atomic aggregate. */
3592 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3593 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3594 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3595 stream_putc(s, 0);
3596 }
3597
3598 /* Aggregator. */
3599 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3600 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3601 stream_putc(s, BGP_ATTR_AGGREGATOR);
3602 stream_putc(s, 8);
3603 stream_putl(s, attr->aggregator_as);
3604 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3605 }
3606
3607 /* Community attribute. */
3608 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3609 if (attr->community->size * 4 > 255) {
3610 stream_putc(s,
3611 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3612 | BGP_ATTR_FLAG_EXTLEN);
3613 stream_putc(s, BGP_ATTR_COMMUNITIES);
3614 stream_putw(s, attr->community->size * 4);
3615 } else {
3616 stream_putc(s,
3617 BGP_ATTR_FLAG_OPTIONAL
3618 | BGP_ATTR_FLAG_TRANS);
3619 stream_putc(s, BGP_ATTR_COMMUNITIES);
3620 stream_putc(s, attr->community->size * 4);
3621 }
3622 stream_put(s, attr->community->val, attr->community->size * 4);
3623 }
3624
3625 /* Large Community attribute. */
3626 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
3627 if (lcom_length(attr->lcommunity) > 255) {
3628 stream_putc(s,
3629 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3630 | BGP_ATTR_FLAG_EXTLEN);
3631 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3632 stream_putw(s, lcom_length(attr->lcommunity));
3633 } else {
3634 stream_putc(s,
3635 BGP_ATTR_FLAG_OPTIONAL
3636 | BGP_ATTR_FLAG_TRANS);
3637 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3638 stream_putc(s, lcom_length(attr->lcommunity));
3639 }
3640
3641 stream_put(s, attr->lcommunity->val,
3642 lcom_length(attr->lcommunity));
3643 }
3644
3645 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3646 if (prefix != NULL && prefix->family == AF_INET6
3647 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3648 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3649 int sizep;
3650
3651 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3652 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3653 sizep = stream_get_endp(s);
3654
3655 /* MP header */
3656 stream_putc(s, 0); /* Marker: Attribute length. */
3657 stream_putw(s, AFI_IP6); /* AFI */
3658 stream_putc(s, SAFI_UNICAST); /* SAFI */
3659
3660 /* Next hop */
3661 stream_putc(s, attr->mp_nexthop_len);
3662 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3663 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3664 stream_put(s, &attr->mp_nexthop_local,
3665 IPV6_MAX_BYTELEN);
3666
3667 /* SNPA */
3668 stream_putc(s, 0);
3669
3670 /* Prefix */
3671 stream_put_prefix_addpath(s, prefix, addpath_encode,
3672 addpath_tx_id);
3673
3674 /* Set MP attribute length. */
3675 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3676 }
3677
3678 /* Prefix SID */
3679 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3680 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
3681 stream_putc(s,
3682 BGP_ATTR_FLAG_OPTIONAL
3683 | BGP_ATTR_FLAG_TRANS);
3684 stream_putc(s, BGP_ATTR_PREFIX_SID);
3685 stream_putc(s, 10);
3686 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3687 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3688 stream_putc(s, 0); // reserved
3689 stream_putw(s, 0); // flags
3690 stream_putl(s, attr->label_index);
3691 }
3692 }
3693
3694 /* Return total size of attribute. */
3695 len = stream_get_endp(s) - cp - 2;
3696 stream_putw_at(s, cp, len);
3697 }
FRRouting mirror