]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_attr.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bgpd: more attribute parsing cleanup & paranoia
[mirror_frr.git] / bgpd / bgp_attr.c
1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "memory.h"
26 #include "vector.h"
27 #include "stream.h"
28 #include "log.h"
29 #include "hash.h"
30 #include "jhash.h"
31 #include "queue.h"
32 #include "table.h"
33 #include "filter.h"
34 #include "command.h"
35
36 #include "bgpd/bgpd.h"
37 #include "bgpd/bgp_attr.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_community.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_errors.h"
43 #include "bgpd/bgp_label.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_ecommunity.h"
46 #include "bgpd/bgp_lcommunity.h"
47 #include "bgpd/bgp_updgrp.h"
48 #include "bgpd/bgp_encap_types.h"
49 #if ENABLE_BGP_VNC
50 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
51 #include "bgp_encap_types.h"
52 #include "bgp_vnc_types.h"
53 #endif
54 #include "bgp_evpn.h"
55 #include "bgp_flowspec_private.h"
56 #include "bgp_mac.h"
57
58 /* Attribute strings for logging. */
59 static const struct message attr_str[] = {
60 {BGP_ATTR_ORIGIN, "ORIGIN"},
61 {BGP_ATTR_AS_PATH, "AS_PATH"},
62 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
63 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
64 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
65 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
66 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
67 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
68 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
69 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
70 {BGP_ATTR_DPA, "DPA"},
71 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
72 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
73 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
74 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
75 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
76 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
77 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
78 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
79 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
80 {BGP_ATTR_ENCAP, "ENCAP"},
81 #if ENABLE_BGP_VNC_ATTR
82 {BGP_ATTR_VNC, "VNC"},
83 #endif
84 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
85 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
86 {0}};
87
88 static const struct message attr_flag_str[] = {
89 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
90 {BGP_ATTR_FLAG_TRANS, "Transitive"},
91 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
92 /* bgp_attr_flags_diagnose() relies on this bit being last in
93 this list */
94 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
95 {0}};
96
97 static struct hash *cluster_hash;
98
99 static void *cluster_hash_alloc(void *p)
100 {
101 const struct cluster_list *val = (const struct cluster_list *)p;
102 struct cluster_list *cluster;
103
104 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
105 cluster->length = val->length;
106
107 if (cluster->length) {
108 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
109 memcpy(cluster->list, val->list, val->length);
110 } else
111 cluster->list = NULL;
112
113 cluster->refcnt = 0;
114
115 return cluster;
116 }
117
118 /* Cluster list related functions. */
119 static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
120 {
121 struct cluster_list tmp;
122 struct cluster_list *cluster;
123
124 tmp.length = length;
125 tmp.list = pnt;
126
127 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
128 cluster->refcnt++;
129 return cluster;
130 }
131
132 int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
133 {
134 int i;
135
136 for (i = 0; i < cluster->length / 4; i++)
137 if (cluster->list[i].s_addr == originator.s_addr)
138 return 1;
139 return 0;
140 }
141
142 static unsigned int cluster_hash_key_make(const void *p)
143 {
144 const struct cluster_list *cluster = p;
145
146 return jhash(cluster->list, cluster->length, 0);
147 }
148
149 static bool cluster_hash_cmp(const void *p1, const void *p2)
150 {
151 const struct cluster_list *cluster1 = p1;
152 const struct cluster_list *cluster2 = p2;
153
154 return (cluster1->length == cluster2->length
155 && memcmp(cluster1->list, cluster2->list, cluster1->length)
156 == 0);
157 }
158
159 static void cluster_free(struct cluster_list *cluster)
160 {
161 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
162 XFREE(MTYPE_CLUSTER, cluster);
163 }
164
165 static struct cluster_list *cluster_intern(struct cluster_list *cluster)
166 {
167 struct cluster_list *find;
168
169 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
170 find->refcnt++;
171
172 return find;
173 }
174
175 void cluster_unintern(struct cluster_list *cluster)
176 {
177 if (cluster->refcnt)
178 cluster->refcnt--;
179
180 if (cluster->refcnt == 0) {
181 hash_release(cluster_hash, cluster);
182 cluster_free(cluster);
183 }
184 }
185
186 static void cluster_init(void)
187 {
188 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
189 "BGP Cluster");
190 }
191
192 static void cluster_finish(void)
193 {
194 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
195 hash_free(cluster_hash);
196 cluster_hash = NULL;
197 }
198
199 static struct hash *encap_hash = NULL;
200 #if ENABLE_BGP_VNC
201 static struct hash *vnc_hash = NULL;
202 #endif
203
204 struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
205 {
206 struct bgp_attr_encap_subtlv *new;
207 struct bgp_attr_encap_subtlv *tail;
208 struct bgp_attr_encap_subtlv *p;
209
210 for (p = orig, tail = new = NULL; p; p = p->next) {
211 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
212 if (tail) {
213 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
214 tail = tail->next;
215 } else {
216 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
217 }
218 assert(tail);
219 memcpy(tail, p, size);
220 tail->next = NULL;
221 }
222
223 return new;
224 }
225
226 static void encap_free(struct bgp_attr_encap_subtlv *p)
227 {
228 struct bgp_attr_encap_subtlv *next;
229 while (p) {
230 next = p->next;
231 p->next = NULL;
232 XFREE(MTYPE_ENCAP_TLV, p);
233 p = next;
234 }
235 }
236
237 void bgp_attr_flush_encap(struct attr *attr)
238 {
239 if (!attr)
240 return;
241
242 if (attr->encap_subtlvs) {
243 encap_free(attr->encap_subtlvs);
244 attr->encap_subtlvs = NULL;
245 }
246 #if ENABLE_BGP_VNC
247 if (attr->vnc_subtlvs) {
248 encap_free(attr->vnc_subtlvs);
249 attr->vnc_subtlvs = NULL;
250 }
251 #endif
252 }
253
254 /*
255 * Compare encap sub-tlv chains
256 *
257 * 1 = equivalent
258 * 0 = not equivalent
259 *
260 * This algorithm could be made faster if needed
261 */
262 static int encap_same(const struct bgp_attr_encap_subtlv *h1,
263 const struct bgp_attr_encap_subtlv *h2)
264 {
265 const struct bgp_attr_encap_subtlv *p;
266 const struct bgp_attr_encap_subtlv *q;
267
268 if (h1 == h2)
269 return 1;
270 if (h1 == NULL || h2 == NULL)
271 return 0;
272
273 for (p = h1; p; p = p->next) {
274 for (q = h2; q; q = q->next) {
275 if ((p->type == q->type) && (p->length == q->length)
276 && !memcmp(p->value, q->value, p->length)) {
277
278 break;
279 }
280 }
281 if (!q)
282 return 0;
283 }
284
285 for (p = h2; p; p = p->next) {
286 for (q = h1; q; q = q->next) {
287 if ((p->type == q->type) && (p->length == q->length)
288 && !memcmp(p->value, q->value, p->length)) {
289
290 break;
291 }
292 }
293 if (!q)
294 return 0;
295 }
296
297 return 1;
298 }
299
300 static void *encap_hash_alloc(void *p)
301 {
302 /* Encap structure is already allocated. */
303 return p;
304 }
305
306 typedef enum {
307 ENCAP_SUBTLV_TYPE,
308 #if ENABLE_BGP_VNC
309 VNC_SUBTLV_TYPE
310 #endif
311 } encap_subtlv_type;
312
313 static struct bgp_attr_encap_subtlv *
314 encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
315 {
316 struct bgp_attr_encap_subtlv *find;
317 struct hash *hash = encap_hash;
318 #if ENABLE_BGP_VNC
319 if (type == VNC_SUBTLV_TYPE)
320 hash = vnc_hash;
321 #endif
322
323 find = hash_get(hash, encap, encap_hash_alloc);
324 if (find != encap)
325 encap_free(encap);
326 find->refcnt++;
327
328 return find;
329 }
330
331 static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
332 encap_subtlv_type type)
333 {
334 struct bgp_attr_encap_subtlv *encap = *encapp;
335 if (encap->refcnt)
336 encap->refcnt--;
337
338 if (encap->refcnt == 0) {
339 struct hash *hash = encap_hash;
340 #if ENABLE_BGP_VNC
341 if (type == VNC_SUBTLV_TYPE)
342 hash = vnc_hash;
343 #endif
344 hash_release(hash, encap);
345 encap_free(encap);
346 *encapp = NULL;
347 }
348 }
349
350 static unsigned int encap_hash_key_make(const void *p)
351 {
352 const struct bgp_attr_encap_subtlv *encap = p;
353
354 return jhash(encap->value, encap->length, 0);
355 }
356
357 static bool encap_hash_cmp(const void *p1, const void *p2)
358 {
359 return encap_same((const struct bgp_attr_encap_subtlv *)p1,
360 (const struct bgp_attr_encap_subtlv *)p2);
361 }
362
363 static void encap_init(void)
364 {
365 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
366 "BGP Encap Hash");
367 #if ENABLE_BGP_VNC
368 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
369 "BGP VNC Hash");
370 #endif
371 }
372
373 static void encap_finish(void)
374 {
375 hash_clean(encap_hash, (void (*)(void *))encap_free);
376 hash_free(encap_hash);
377 encap_hash = NULL;
378 #if ENABLE_BGP_VNC
379 hash_clean(vnc_hash, (void (*)(void *))encap_free);
380 hash_free(vnc_hash);
381 vnc_hash = NULL;
382 #endif
383 }
384
385 static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
386 {
387 if (!a1 && a2)
388 return false;
389 if (!a2 && a1)
390 return false;
391 if (!a1 && !a2)
392 return true;
393 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
394 sizeof(struct bgp_route_evpn));
395 }
396
397 /* Unknown transit attribute. */
398 static struct hash *transit_hash;
399
400 static void transit_free(struct transit *transit)
401 {
402 XFREE(MTYPE_TRANSIT_VAL, transit->val);
403 XFREE(MTYPE_TRANSIT, transit);
404 }
405
406 static void *transit_hash_alloc(void *p)
407 {
408 /* Transit structure is already allocated. */
409 return p;
410 }
411
412 static struct transit *transit_intern(struct transit *transit)
413 {
414 struct transit *find;
415
416 find = hash_get(transit_hash, transit, transit_hash_alloc);
417 if (find != transit)
418 transit_free(transit);
419 find->refcnt++;
420
421 return find;
422 }
423
424 static void transit_unintern(struct transit **transit)
425 {
426 if ((*transit)->refcnt)
427 (*transit)->refcnt--;
428
429 if ((*transit)->refcnt == 0) {
430 hash_release(transit_hash, *transit);
431 transit_free(*transit);
432 *transit = NULL;
433 }
434 }
435
436 static unsigned int transit_hash_key_make(const void *p)
437 {
438 const struct transit *transit = p;
439
440 return jhash(transit->val, transit->length, 0);
441 }
442
443 static bool transit_hash_cmp(const void *p1, const void *p2)
444 {
445 const struct transit *transit1 = p1;
446 const struct transit *transit2 = p2;
447
448 return (transit1->length == transit2->length
449 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
450 }
451
452 static void transit_init(void)
453 {
454 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
455 "BGP Transit Hash");
456 }
457
458 static void transit_finish(void)
459 {
460 hash_clean(transit_hash, (void (*)(void *))transit_free);
461 hash_free(transit_hash);
462 transit_hash = NULL;
463 }
464
465 /* Attribute hash routines. */
466 static struct hash *attrhash;
467
468 /* Shallow copy of an attribute
469 * Though, not so shallow that it doesn't copy the contents
470 * of the attr_extra pointed to by 'extra'
471 */
472 void bgp_attr_dup(struct attr *new, struct attr *orig)
473 {
474 *new = *orig;
475 }
476
477 unsigned long int attr_count(void)
478 {
479 return attrhash->count;
480 }
481
482 unsigned long int attr_unknown_count(void)
483 {
484 return transit_hash->count;
485 }
486
487 unsigned int attrhash_key_make(const void *p)
488 {
489 const struct attr *attr = (struct attr *)p;
490 uint32_t key = 0;
491 #define MIX(val) key = jhash_1word(val, key)
492 #define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
493
494 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
495 MIX3(attr->local_pref, attr->aggregator_as,
496 attr->aggregator_addr.s_addr);
497 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
498 attr->originator_id.s_addr);
499 MIX3(attr->tag, attr->label, attr->label_index);
500
501 if (attr->aspath)
502 MIX(aspath_key_make(attr->aspath));
503 if (attr->community)
504 MIX(community_hash_make(attr->community));
505
506 if (attr->lcommunity)
507 MIX(lcommunity_hash_make(attr->lcommunity));
508 if (attr->ecommunity)
509 MIX(ecommunity_hash_make(attr->ecommunity));
510 if (attr->cluster)
511 MIX(cluster_hash_key_make(attr->cluster));
512 if (attr->transit)
513 MIX(transit_hash_key_make(attr->transit));
514 if (attr->encap_subtlvs)
515 MIX(encap_hash_key_make(attr->encap_subtlvs));
516 #if ENABLE_BGP_VNC
517 if (attr->vnc_subtlvs)
518 MIX(encap_hash_key_make(attr->vnc_subtlvs));
519 #endif
520 MIX(attr->mp_nexthop_len);
521 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
522 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
523 MIX3(attr->nh_ifindex, attr->nh_lla_ifindex, attr->distance);
524 MIX(attr->rmap_table_id);
525
526 return key;
527 }
528
529 bool attrhash_cmp(const void *p1, const void *p2)
530 {
531 const struct attr *attr1 = p1;
532 const struct attr *attr2 = p2;
533
534 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
535 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
536 && attr1->aspath == attr2->aspath
537 && attr1->community == attr2->community && attr1->med == attr2->med
538 && attr1->local_pref == attr2->local_pref
539 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
540 if (attr1->aggregator_as == attr2->aggregator_as
541 && attr1->aggregator_addr.s_addr
542 == attr2->aggregator_addr.s_addr
543 && attr1->weight == attr2->weight
544 && attr1->tag == attr2->tag
545 && attr1->label_index == attr2->label_index
546 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
547 && attr1->ecommunity == attr2->ecommunity
548 && attr1->lcommunity == attr2->lcommunity
549 && attr1->cluster == attr2->cluster
550 && attr1->transit == attr2->transit
551 && attr1->rmap_table_id == attr2->rmap_table_id
552 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
553 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
554 #if ENABLE_BGP_VNC
555 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
556 #endif
557 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
558 &attr2->mp_nexthop_global)
559 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
560 &attr2->mp_nexthop_local)
561 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
562 &attr2->mp_nexthop_global_in)
563 && IPV4_ADDR_SAME(&attr1->originator_id,
564 &attr2->originator_id)
565 && overlay_index_same(attr1, attr2)
566 && attr1->nh_ifindex == attr2->nh_ifindex
567 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex
568 && attr1->distance == attr2->distance)
569 return true;
570 }
571
572 return false;
573 }
574
575 static void attrhash_init(void)
576 {
577 attrhash =
578 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
579 }
580
581 /*
582 * special for hash_clean below
583 */
584 static void attr_vfree(void *attr)
585 {
586 XFREE(MTYPE_ATTR, attr);
587 }
588
589 static void attrhash_finish(void)
590 {
591 hash_clean(attrhash, attr_vfree);
592 hash_free(attrhash);
593 attrhash = NULL;
594 }
595
596 static void attr_show_all_iterator(struct hash_bucket *bucket, struct vty *vty)
597 {
598 struct attr *attr = bucket->data;
599
600 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
601 inet_ntoa(attr->nexthop));
602 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
603 attr->flag, attr->med, attr->local_pref, attr->origin,
604 attr->weight, attr->label);
605 }
606
607 void attr_show_all(struct vty *vty)
608 {
609 hash_iterate(attrhash, (void (*)(struct hash_bucket *,
610 void *))attr_show_all_iterator,
611 vty);
612 }
613
614 static void *bgp_attr_hash_alloc(void *p)
615 {
616 struct attr *val = (struct attr *)p;
617 struct attr *attr;
618
619 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
620 *attr = *val;
621 if (val->encap_subtlvs) {
622 val->encap_subtlvs = NULL;
623 }
624 #if ENABLE_BGP_VNC
625 if (val->vnc_subtlvs) {
626 val->vnc_subtlvs = NULL;
627 }
628 #endif
629 attr->refcnt = 0;
630 return attr;
631 }
632
633 /* Internet argument attribute. */
634 struct attr *bgp_attr_intern(struct attr *attr)
635 {
636 struct attr *find;
637
638 /* Intern referenced strucutre. */
639 if (attr->aspath) {
640 if (!attr->aspath->refcnt)
641 attr->aspath = aspath_intern(attr->aspath);
642 else
643 attr->aspath->refcnt++;
644 }
645 if (attr->community) {
646 if (!attr->community->refcnt)
647 attr->community = community_intern(attr->community);
648 else
649 attr->community->refcnt++;
650 }
651
652 if (attr->ecommunity) {
653 if (!attr->ecommunity->refcnt)
654 attr->ecommunity = ecommunity_intern(attr->ecommunity);
655 else
656 attr->ecommunity->refcnt++;
657 }
658 if (attr->lcommunity) {
659 if (!attr->lcommunity->refcnt)
660 attr->lcommunity = lcommunity_intern(attr->lcommunity);
661 else
662 attr->lcommunity->refcnt++;
663 }
664 if (attr->cluster) {
665 if (!attr->cluster->refcnt)
666 attr->cluster = cluster_intern(attr->cluster);
667 else
668 attr->cluster->refcnt++;
669 }
670 if (attr->transit) {
671 if (!attr->transit->refcnt)
672 attr->transit = transit_intern(attr->transit);
673 else
674 attr->transit->refcnt++;
675 }
676 if (attr->encap_subtlvs) {
677 if (!attr->encap_subtlvs->refcnt)
678 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
679 ENCAP_SUBTLV_TYPE);
680 else
681 attr->encap_subtlvs->refcnt++;
682 }
683 #if ENABLE_BGP_VNC
684 if (attr->vnc_subtlvs) {
685 if (!attr->vnc_subtlvs->refcnt)
686 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
687 VNC_SUBTLV_TYPE);
688 else
689 attr->vnc_subtlvs->refcnt++;
690 }
691 #endif
692
693 /* At this point, attr only contains intern'd pointers. that means
694 * if we find it in attrhash, it has all the same pointers and we
695 * correctly updated the refcounts on these.
696 * If we don't find it, we need to allocate a one because in all
697 * cases this returns a new reference to a hashed attr, but the input
698 * wasn't on hash. */
699 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
700 find->refcnt++;
701
702 return find;
703 }
704
705 /* Make network statement's attribute. */
706 struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
707 {
708 memset(attr, 0, sizeof(struct attr));
709
710 attr->origin = origin;
711 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
712 attr->aspath = aspath_empty();
713 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
714 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
715 attr->tag = 0;
716 attr->label_index = BGP_INVALID_LABEL_INDEX;
717 attr->label = MPLS_INVALID_LABEL;
718 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
719 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
720
721 return attr;
722 }
723
724 /* Create the attributes for an aggregate */
725 struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
726 struct aspath *aspath,
727 struct community *community,
728 struct ecommunity *ecommunity,
729 struct lcommunity *lcommunity,
730 struct bgp_aggregate *aggregate,
731 uint8_t atomic_aggregate,
732 struct prefix *p)
733 {
734 struct attr attr;
735 struct attr *new;
736 int ret;
737
738 memset(&attr, 0, sizeof(struct attr));
739
740 /* Origin attribute. */
741 attr.origin = origin;
742 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
743
744 /* AS path attribute. */
745 if (aspath)
746 attr.aspath = aspath_intern(aspath);
747 else
748 attr.aspath = aspath_empty();
749 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
750
751 /* Next hop attribute. */
752 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
753
754 if (community) {
755 uint32_t gshut = COMMUNITY_GSHUT;
756
757 /* If we are not shutting down ourselves and we are
758 * aggregating a route that contains the GSHUT community we
759 * need to remove that community when creating the aggregate */
760 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
761 && community_include(community, gshut)) {
762 community_del_val(community, &gshut);
763 }
764
765 attr.community = community;
766 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
767 }
768
769 if (ecommunity) {
770 attr.ecommunity = ecommunity;
771 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
772 }
773
774 if (lcommunity) {
775 attr.lcommunity = lcommunity;
776 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
777 }
778
779 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
780 bgp_attr_add_gshut_community(&attr);
781 }
782
783 attr.label_index = BGP_INVALID_LABEL_INDEX;
784 attr.label = MPLS_INVALID_LABEL;
785 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
786 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
787 if (!aggregate->as_set || atomic_aggregate)
788 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
789 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
790 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
791 attr.aggregator_as = bgp->confed_id;
792 else
793 attr.aggregator_as = bgp->as;
794 attr.aggregator_addr = bgp->router_id;
795 attr.label_index = BGP_INVALID_LABEL_INDEX;
796 attr.label = MPLS_INVALID_LABEL;
797
798 /* Apply route-map */
799 if (aggregate->rmap.name) {
800 struct attr attr_tmp = attr;
801 struct bgp_path_info rmap_path;
802
803 memset(&rmap_path, 0, sizeof(struct bgp_path_info));
804 rmap_path.peer = bgp->peer_self;
805 rmap_path.attr = &attr_tmp;
806
807 SET_FLAG(bgp->peer_self->rmap_type, PEER_RMAP_TYPE_AGGREGATE);
808
809 ret = route_map_apply(aggregate->rmap.map, p, RMAP_BGP,
810 &rmap_path);
811
812 bgp->peer_self->rmap_type = 0;
813
814 if (ret == RMAP_DENYMATCH) {
815 /* Free uninterned attribute. */
816 bgp_attr_flush(&attr_tmp);
817
818 /* Unintern original. */
819 aspath_unintern(&attr.aspath);
820 return NULL;
821 }
822
823 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN))
824 bgp_attr_add_gshut_community(&attr_tmp);
825
826 new = bgp_attr_intern(&attr_tmp);
827 } else {
828
829 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN))
830 bgp_attr_add_gshut_community(&attr);
831
832 new = bgp_attr_intern(&attr);
833 }
834
835 aspath_unintern(&new->aspath);
836 return new;
837 }
838
839 /* Unintern just the sub-components of the attr, but not the attr */
840 void bgp_attr_unintern_sub(struct attr *attr)
841 {
842 /* aspath refcount shoud be decrement. */
843 if (attr->aspath)
844 aspath_unintern(&attr->aspath);
845 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
846
847 if (attr->community)
848 community_unintern(&attr->community);
849 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
850
851 if (attr->ecommunity)
852 ecommunity_unintern(&attr->ecommunity);
853 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
854
855 if (attr->lcommunity)
856 lcommunity_unintern(&attr->lcommunity);
857 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
858
859 if (attr->cluster)
860 cluster_unintern(attr->cluster);
861 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
862
863 if (attr->transit)
864 transit_unintern(&attr->transit);
865
866 if (attr->encap_subtlvs)
867 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
868
869 #if ENABLE_BGP_VNC
870 if (attr->vnc_subtlvs)
871 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
872 #endif
873 }
874
875 /*
876 * We have some show commands that let you experimentally
877 * apply a route-map. When we apply the route-map
878 * we are reseting values but not saving them for
879 * posterity via intern'ing( because route-maps don't
880 * do that) but at this point in time we need
881 * to compare the new attr to the old and if the
882 * routemap has changed it we need to, as Snoop Dog says,
883 * Drop it like it's hot
884 */
885 void bgp_attr_undup(struct attr *new, struct attr *old)
886 {
887 if (new->aspath != old->aspath)
888 aspath_free(new->aspath);
889
890 if (new->community != old->community)
891 community_free(&new->community);
892
893 if (new->ecommunity != old->ecommunity)
894 ecommunity_free(&new->ecommunity);
895
896 if (new->lcommunity != old->lcommunity)
897 lcommunity_free(&new->lcommunity);
898 }
899
900 /* Free bgp attribute and aspath. */
901 void bgp_attr_unintern(struct attr **pattr)
902 {
903 struct attr *attr = *pattr;
904 struct attr *ret;
905 struct attr tmp;
906
907 /* Decrement attribute reference. */
908 attr->refcnt--;
909
910 tmp = *attr;
911
912 /* If reference becomes zero then free attribute object. */
913 if (attr->refcnt == 0) {
914 ret = hash_release(attrhash, attr);
915 assert(ret != NULL);
916 XFREE(MTYPE_ATTR, attr);
917 *pattr = NULL;
918 }
919
920 bgp_attr_unintern_sub(&tmp);
921 }
922
923 void bgp_attr_flush(struct attr *attr)
924 {
925 if (attr->aspath && !attr->aspath->refcnt) {
926 aspath_free(attr->aspath);
927 attr->aspath = NULL;
928 }
929 if (attr->community && !attr->community->refcnt)
930 community_free(&attr->community);
931 if (attr->ecommunity && !attr->ecommunity->refcnt)
932 ecommunity_free(&attr->ecommunity);
933 if (attr->lcommunity && !attr->lcommunity->refcnt)
934 lcommunity_free(&attr->lcommunity);
935 if (attr->cluster && !attr->cluster->refcnt) {
936 cluster_free(attr->cluster);
937 attr->cluster = NULL;
938 }
939 if (attr->transit && !attr->transit->refcnt) {
940 transit_free(attr->transit);
941 attr->transit = NULL;
942 }
943 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
944 encap_free(attr->encap_subtlvs);
945 attr->encap_subtlvs = NULL;
946 }
947 #if ENABLE_BGP_VNC
948 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
949 encap_free(attr->vnc_subtlvs);
950 attr->vnc_subtlvs = NULL;
951 }
952 #endif
953 }
954
955 /* Implement draft-scudder-idr-optional-transitive behaviour and
956 * avoid resetting sessions for malformed attributes which are
957 * are partial/optional and hence where the error likely was not
958 * introduced by the sending neighbour.
959 */
960 static bgp_attr_parse_ret_t
961 bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
962 bgp_size_t length)
963 {
964 struct peer *const peer = args->peer;
965 const uint8_t flags = args->flags;
966 /* startp and length must be special-cased, as whether or not to
967 * send the attribute data with the NOTIFY depends on the error,
968 * the caller therefore signals this with the seperate length argument
969 */
970 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
971
972 /* Only relax error handling for eBGP peers */
973 if (peer->sort != BGP_PEER_EBGP) {
974 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
975 notify_datap, length);
976 return BGP_ATTR_PARSE_ERROR;
977 }
978
979 /* Adjust the stream getp to the end of the attribute, in case we can
980 * still proceed but the caller hasn't read all the attribute.
981 */
982 stream_set_getp(BGP_INPUT(peer),
983 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
984 + args->total);
985
986 switch (args->type) {
987 /* where an attribute is relatively inconsequential, e.g. it does not
988 * affect route selection, and can be safely ignored, then any such
989 * attributes which are malformed should just be ignored and the route
990 * processed as normal.
991 */
992 case BGP_ATTR_AS4_AGGREGATOR:
993 case BGP_ATTR_AGGREGATOR:
994 case BGP_ATTR_ATOMIC_AGGREGATE:
995 return BGP_ATTR_PARSE_PROCEED;
996
997 /* Core attributes, particularly ones which may influence route
998 * selection, should always cause session resets
999 */
1000 case BGP_ATTR_ORIGIN:
1001 case BGP_ATTR_AS_PATH:
1002 case BGP_ATTR_NEXT_HOP:
1003 case BGP_ATTR_MULTI_EXIT_DISC:
1004 case BGP_ATTR_LOCAL_PREF:
1005 case BGP_ATTR_COMMUNITIES:
1006 case BGP_ATTR_ORIGINATOR_ID:
1007 case BGP_ATTR_CLUSTER_LIST:
1008 case BGP_ATTR_MP_REACH_NLRI:
1009 case BGP_ATTR_MP_UNREACH_NLRI:
1010 case BGP_ATTR_EXT_COMMUNITIES:
1011 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
1012 notify_datap, length);
1013 return BGP_ATTR_PARSE_ERROR;
1014 }
1015
1016 /* Partial optional attributes that are malformed should not cause
1017 * the whole session to be reset. Instead treat it as a withdrawal
1018 * of the routes, if possible.
1019 */
1020 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
1021 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1022 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
1023 return BGP_ATTR_PARSE_WITHDRAW;
1024
1025 /* default to reset */
1026 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1027 }
1028
1029 /* Find out what is wrong with the path attribute flag bits and log the error.
1030 "Flag bits" here stand for Optional, Transitive and Partial, but not for
1031 Extended Length. Checking O/T/P bits at once implies, that the attribute
1032 being diagnosed is defined by RFC as either a "well-known" or an "optional,
1033 non-transitive" attribute. */
1034 static void
1035 bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
1036 uint8_t desired_flags /* how RFC says it must be */
1037 )
1038 {
1039 uint8_t seen = 0, i;
1040 uint8_t real_flags = args->flags;
1041 const uint8_t attr_code = args->type;
1042
1043 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1044 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1045 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
1046 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1047 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
1048 flog_err(EC_BGP_ATTR_FLAG,
1049 "%s attribute must%s be flagged as \"%s\"",
1050 lookup_msg(attr_str, attr_code, NULL),
1051 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1052 ? ""
1053 : " not",
1054 attr_flag_str[i].str);
1055 seen = 1;
1056 }
1057 if (!seen) {
1058 zlog_debug(
1059 "Strange, %s called for attr %s, but no problem found with flags"
1060 " (real flags 0x%x, desired 0x%x)",
1061 __func__, lookup_msg(attr_str, attr_code, NULL),
1062 real_flags, desired_flags);
1063 }
1064 }
1065
1066 /* Required flags for attributes. EXTLEN will be masked off when testing,
1067 * as will PARTIAL for optional+transitive attributes.
1068 */
1069 const uint8_t attr_flags_values[] = {
1070 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1071 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1072 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1073 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1074 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1075 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1076 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1077 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1078 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1079 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1080 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1081 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1082 [BGP_ATTR_EXT_COMMUNITIES] =
1083 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1084 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1085 [BGP_ATTR_AS4_AGGREGATOR] =
1086 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1087 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1088 [BGP_ATTR_LARGE_COMMUNITIES] =
1089 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1090 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1091 };
1092 static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
1093
1094 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1095 {
1096 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1097 const uint8_t flags = args->flags;
1098 const uint8_t attr_code = args->type;
1099
1100 /* there may be attributes we don't know about */
1101 if (attr_code > attr_flags_values_max)
1102 return 0;
1103 if (attr_flags_values[attr_code] == 0)
1104 return 0;
1105
1106 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1107 * to
1108 * 1."
1109 */
1110 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1111 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
1112 flog_err(
1113 EC_BGP_ATTR_FLAG,
1114 "%s well-known attributes must have transitive flag set (%x)",
1115 lookup_msg(attr_str, attr_code, NULL), flags);
1116 return 1;
1117 }
1118
1119 /* "For well-known attributes and for optional non-transitive
1120 * attributes,
1121 * the Partial bit MUST be set to 0."
1122 */
1123 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1124 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
1125 flog_err(EC_BGP_ATTR_FLAG,
1126 "%s well-known attribute "
1127 "must NOT have the partial flag set (%x)",
1128 lookup_msg(attr_str, attr_code, NULL), flags);
1129 return 1;
1130 }
1131 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1132 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
1133 flog_err(EC_BGP_ATTR_FLAG,
1134 "%s optional + transitive attribute "
1135 "must NOT have the partial flag set (%x)",
1136 lookup_msg(attr_str, attr_code, NULL), flags);
1137 return 1;
1138 }
1139 }
1140
1141 /* Optional transitive attributes may go through speakers that don't
1142 * reocgnise them and set the Partial bit.
1143 */
1144 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1145 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1146 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1147
1148 if ((flags & ~mask) == attr_flags_values[attr_code])
1149 return 0;
1150
1151 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1152 return 1;
1153 }
1154
1155 /* Get origin attribute of the update message. */
1156 static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1157 {
1158 struct peer *const peer = args->peer;
1159 struct attr *const attr = args->attr;
1160 const bgp_size_t length = args->length;
1161
1162 /* If any recognized attribute has Attribute Length that conflicts
1163 with the expected length (based on the attribute type code), then
1164 the Error Subcode is set to Attribute Length Error. The Data
1165 field contains the erroneous attribute (type, length and
1166 value). */
1167 if (length != 1) {
1168 flog_err(EC_BGP_ATTR_LEN,
1169 "Origin attribute length is not one %d", length);
1170 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1171 args->total);
1172 }
1173
1174 /* Fetch origin attribute. */
1175 attr->origin = stream_getc(BGP_INPUT(peer));
1176
1177 /* If the ORIGIN attribute has an undefined value, then the Error
1178 Subcode is set to Invalid Origin Attribute. The Data field
1179 contains the unrecognized attribute (type, length and value). */
1180 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1181 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
1182 flog_err(EC_BGP_ATTR_ORIGIN,
1183 "Origin attribute value is invalid %d", attr->origin);
1184 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1185 args->total);
1186 }
1187
1188 /* Set oring attribute flag. */
1189 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1190
1191 return 0;
1192 }
1193
1194 /* Parse AS path information. This function is wrapper of
1195 aspath_parse. */
1196 static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1197 {
1198 struct attr *const attr = args->attr;
1199 struct peer *const peer = args->peer;
1200 const bgp_size_t length = args->length;
1201
1202 /*
1203 * peer with AS4 => will get 4Byte ASnums
1204 * otherwise, will get 16 Bit
1205 */
1206 attr->aspath = aspath_parse(peer->curr, length,
1207 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1208
1209 /* In case of IBGP, length will be zero. */
1210 if (!attr->aspath) {
1211 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1212 "Malformed AS path from %s, length is %d", peer->host,
1213 length);
1214 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1215 0);
1216 }
1217
1218 /* Set aspath attribute flag. */
1219 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1220
1221 return BGP_ATTR_PARSE_PROCEED;
1222 }
1223
1224 static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1225 struct attr *const attr)
1226 {
1227 /* These checks were part of bgp_attr_aspath, but with
1228 * as4 we should to check aspath things when
1229 * aspath synthesizing with as4_path has already taken place.
1230 * Otherwise we check ASPATH and use the synthesized thing, and that is
1231 * not right.
1232 * So do the checks later, i.e. here
1233 */
1234 struct aspath *aspath;
1235
1236 /* Confederation sanity check. */
1237 if ((peer->sort == BGP_PEER_CONFED
1238 && !aspath_left_confed_check(attr->aspath))
1239 || (peer->sort == BGP_PEER_EBGP
1240 && aspath_confed_check(attr->aspath))) {
1241 flog_err(EC_BGP_ATTR_MAL_AS_PATH, "Malformed AS path from %s",
1242 peer->host);
1243 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1244 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1245 return BGP_ATTR_PARSE_ERROR;
1246 }
1247
1248 /* First AS check for EBGP. */
1249 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
1250 if (peer->sort == BGP_PEER_EBGP
1251 && !aspath_firstas_check(attr->aspath, peer->as)) {
1252 flog_err(EC_BGP_ATTR_FIRST_AS,
1253 "%s incorrect first AS (must be %u)",
1254 peer->host, peer->as);
1255 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1256 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1257 return BGP_ATTR_PARSE_ERROR;
1258 }
1259 }
1260
1261 /* local-as prepend */
1262 if (peer->change_local_as
1263 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1264 aspath = aspath_dup(attr->aspath);
1265 aspath = aspath_add_seq(aspath, peer->change_local_as);
1266 aspath_unintern(&attr->aspath);
1267 attr->aspath = aspath_intern(aspath);
1268 }
1269
1270 return BGP_ATTR_PARSE_PROCEED;
1271 }
1272
1273 /* Parse AS4 path information. This function is another wrapper of
1274 aspath_parse. */
1275 static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1276 struct aspath **as4_path)
1277 {
1278 struct peer *const peer = args->peer;
1279 struct attr *const attr = args->attr;
1280 const bgp_size_t length = args->length;
1281
1282 *as4_path = aspath_parse(peer->curr, length, 1);
1283
1284 /* In case of IBGP, length will be zero. */
1285 if (!*as4_path) {
1286 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1287 "Malformed AS4 path from %s, length is %d", peer->host,
1288 length);
1289 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1290 0);
1291 }
1292
1293 /* Set aspath attribute flag. */
1294 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1295
1296 return BGP_ATTR_PARSE_PROCEED;
1297 }
1298
1299 /*
1300 * Check that the nexthop attribute is valid.
1301 */
1302 bgp_attr_parse_ret_t
1303 bgp_attr_nexthop_valid(struct peer *peer, struct attr *attr)
1304 {
1305 in_addr_t nexthop_h;
1306
1307 nexthop_h = ntohl(attr->nexthop.s_addr);
1308 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1309 || IPV4_CLASS_DE(nexthop_h))
1310 && !BGP_DEBUG(allow_martians, ALLOW_MARTIANS)) {
1311 uint8_t data[7]; /* type(2) + length(1) + nhop(4) */
1312 char buf[INET_ADDRSTRLEN];
1313
1314 inet_ntop(AF_INET, &attr->nexthop.s_addr, buf,
1315 INET_ADDRSTRLEN);
1316 flog_err(EC_BGP_ATTR_MARTIAN_NH, "Martian nexthop %s",
1317 buf);
1318 data[0] = BGP_ATTR_FLAG_TRANS;
1319 data[1] = BGP_ATTR_NEXT_HOP;
1320 data[2] = BGP_ATTR_NHLEN_IPV4;
1321 memcpy(&data[3], &attr->nexthop.s_addr, BGP_ATTR_NHLEN_IPV4);
1322 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1323 BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP,
1324 data, 7);
1325 return BGP_ATTR_PARSE_ERROR;
1326 }
1327
1328 return BGP_ATTR_PARSE_PROCEED;
1329 }
1330
1331 /* Nexthop attribute. */
1332 static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1333 {
1334 struct peer *const peer = args->peer;
1335 struct attr *const attr = args->attr;
1336 const bgp_size_t length = args->length;
1337
1338 /* Check nexthop attribute length. */
1339 if (length != 4) {
1340 flog_err(EC_BGP_ATTR_LEN,
1341 "Nexthop attribute length isn't four [%d]", length);
1342
1343 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1344 args->total);
1345 }
1346
1347 attr->nexthop.s_addr = stream_get_ipv4(peer->curr);
1348 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1349
1350 return BGP_ATTR_PARSE_PROCEED;
1351 }
1352
1353 /* MED atrribute. */
1354 static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
1355 {
1356 struct peer *const peer = args->peer;
1357 struct attr *const attr = args->attr;
1358 const bgp_size_t length = args->length;
1359
1360 /* Length check. */
1361 if (length != 4) {
1362 flog_err(EC_BGP_ATTR_LEN,
1363 "MED attribute length isn't four [%d]", length);
1364
1365 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1366 args->total);
1367 }
1368
1369 attr->med = stream_getl(peer->curr);
1370
1371 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
1372
1373 return BGP_ATTR_PARSE_PROCEED;
1374 }
1375
1376 /* Local preference attribute. */
1377 static bgp_attr_parse_ret_t
1378 bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1379 {
1380 struct peer *const peer = args->peer;
1381 struct attr *const attr = args->attr;
1382 const bgp_size_t length = args->length;
1383
1384 /* Length check. */
1385 if (length != 4) {
1386 flog_err(EC_BGP_ATTR_LEN,
1387 "LOCAL_PREF attribute length isn't 4 [%u]", length);
1388 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1389 args->total);
1390 }
1391
1392 /* If it is contained in an UPDATE message that is received from an
1393 external peer, then this attribute MUST be ignored by the
1394 receiving speaker. */
1395 if (peer->sort == BGP_PEER_EBGP) {
1396 stream_forward_getp(peer->curr, length);
1397 return BGP_ATTR_PARSE_PROCEED;
1398 }
1399
1400 attr->local_pref = stream_getl(peer->curr);
1401
1402 /* Set the local-pref flag. */
1403 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1404
1405 return BGP_ATTR_PARSE_PROCEED;
1406 }
1407
1408 /* Atomic aggregate. */
1409 static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
1410 {
1411 struct attr *const attr = args->attr;
1412 const bgp_size_t length = args->length;
1413
1414 /* Length check. */
1415 if (length != 0) {
1416 flog_err(EC_BGP_ATTR_LEN,
1417 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1418 length);
1419 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1420 args->total);
1421 }
1422
1423 /* Set atomic aggregate flag. */
1424 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
1425
1426 return BGP_ATTR_PARSE_PROCEED;
1427 }
1428
1429 /* Aggregator attribute */
1430 static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1431 {
1432 struct peer *const peer = args->peer;
1433 struct attr *const attr = args->attr;
1434 const bgp_size_t length = args->length;
1435
1436 int wantedlen = 6;
1437
1438 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1439 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1440 wantedlen = 8;
1441
1442 if (length != wantedlen) {
1443 flog_err(EC_BGP_ATTR_LEN,
1444 "AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1445 length);
1446 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1447 args->total);
1448 }
1449
1450 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1451 attr->aggregator_as = stream_getl(peer->curr);
1452 else
1453 attr->aggregator_as = stream_getw(peer->curr);
1454 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
1455
1456 /* Set atomic aggregate flag. */
1457 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1458
1459 return BGP_ATTR_PARSE_PROCEED;
1460 }
1461
1462 /* New Aggregator attribute */
1463 static bgp_attr_parse_ret_t
1464 bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1465 as_t *as4_aggregator_as,
1466 struct in_addr *as4_aggregator_addr)
1467 {
1468 struct peer *const peer = args->peer;
1469 struct attr *const attr = args->attr;
1470 const bgp_size_t length = args->length;
1471
1472 if (length != 8) {
1473 flog_err(EC_BGP_ATTR_LEN, "New Aggregator length is not 8 [%d]",
1474 length);
1475 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1476 0);
1477 }
1478
1479 *as4_aggregator_as = stream_getl(peer->curr);
1480 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
1481
1482 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1483
1484 return BGP_ATTR_PARSE_PROCEED;
1485 }
1486
1487 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1488 */
1489 static bgp_attr_parse_ret_t
1490 bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1491 struct aspath *as4_path, as_t as4_aggregator,
1492 struct in_addr *as4_aggregator_addr)
1493 {
1494 int ignore_as4_path = 0;
1495 struct aspath *newpath;
1496
1497 if (!attr->aspath) {
1498 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1499 * have
1500 * checked that all well-known, mandatory attributes were
1501 * present.
1502 *
1503 * Can only be a problem with peer itself - hard error
1504 */
1505 return BGP_ATTR_PARSE_ERROR;
1506 }
1507
1508 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1509 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1510 * if given.
1511 * It is worth a warning though, because the peer really
1512 * should not send them
1513 */
1514 if (BGP_DEBUG(as4, AS4)) {
1515 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1516 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1517 "AS4 capable peer, yet it sent");
1518
1519 if (attr->flag
1520 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1521 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1522 peer->host,
1523 "AS4 capable peer, yet it sent");
1524 }
1525
1526 return BGP_ATTR_PARSE_PROCEED;
1527 }
1528
1529 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1530 * because that may override AS4_PATH
1531 */
1532 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1533 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1534 /* received both.
1535 * if the as_number in aggregator is not AS_TRANS,
1536 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1537 * and the Aggregator shall be taken as
1538 * info on the aggregating node, and the AS_PATH
1539 * shall be taken as the AS_PATH
1540 * otherwise
1541 * the Aggregator shall be ignored and the
1542 * AS4_AGGREGATOR shall be taken as the
1543 * Aggregating node and the AS_PATH is to be
1544 * constructed "as in all other cases"
1545 */
1546 if (attr->aggregator_as != BGP_AS_TRANS) {
1547 /* ignore */
1548 if (BGP_DEBUG(as4, AS4))
1549 zlog_debug(
1550 "[AS4] %s BGP not AS4 capable peer"
1551 " send AGGREGATOR != AS_TRANS and"
1552 " AS4_AGGREGATOR, so ignore"
1553 " AS4_AGGREGATOR and AS4_PATH",
1554 peer->host);
1555 ignore_as4_path = 1;
1556 } else {
1557 /* "New_aggregator shall be taken as aggregator"
1558 */
1559 attr->aggregator_as = as4_aggregator;
1560 attr->aggregator_addr.s_addr =
1561 as4_aggregator_addr->s_addr;
1562 }
1563 } else {
1564 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1565 * That is bogus - but reading the conditions
1566 * we have to handle AS4_AGGREGATOR as if it were
1567 * AGGREGATOR in that case
1568 */
1569 if (BGP_DEBUG(as4, AS4))
1570 zlog_debug(
1571 "[AS4] %s BGP not AS4 capable peer send"
1572 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1573 " it as if AGGREGATOR with AS_TRANS had been there",
1574 peer->host);
1575 attr->aggregator_as = as4_aggregator;
1576 /* sweep it under the carpet and simulate a "good"
1577 * AGGREGATOR */
1578 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1579 }
1580 }
1581
1582 /* need to reconcile NEW_AS_PATH and AS_PATH */
1583 if (!ignore_as4_path
1584 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1585 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
1586 if (!newpath)
1587 return BGP_ATTR_PARSE_ERROR;
1588
1589 aspath_unintern(&attr->aspath);
1590 attr->aspath = aspath_intern(newpath);
1591 }
1592 return BGP_ATTR_PARSE_PROCEED;
1593 }
1594
1595 /* Community attribute. */
1596 static bgp_attr_parse_ret_t
1597 bgp_attr_community(struct bgp_attr_parser_args *args)
1598 {
1599 struct peer *const peer = args->peer;
1600 struct attr *const attr = args->attr;
1601 const bgp_size_t length = args->length;
1602
1603 if (length == 0) {
1604 attr->community = NULL;
1605 return BGP_ATTR_PARSE_PROCEED;
1606 }
1607
1608 attr->community =
1609 community_parse((uint32_t *)stream_pnt(peer->curr), length);
1610
1611 /* XXX: fix community_parse to use stream API and remove this */
1612 stream_forward_getp(peer->curr, length);
1613
1614 if (!attr->community)
1615 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1616 args->total);
1617
1618 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1619
1620 return BGP_ATTR_PARSE_PROCEED;
1621 }
1622
1623 /* Originator ID attribute. */
1624 static bgp_attr_parse_ret_t
1625 bgp_attr_originator_id(struct bgp_attr_parser_args *args)
1626 {
1627 struct peer *const peer = args->peer;
1628 struct attr *const attr = args->attr;
1629 const bgp_size_t length = args->length;
1630
1631 /* Length check. */
1632 if (length != 4) {
1633 flog_err(EC_BGP_ATTR_LEN, "Bad originator ID length %d",
1634 length);
1635
1636 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1637 args->total);
1638 }
1639
1640 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
1641
1642 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
1643
1644 return BGP_ATTR_PARSE_PROCEED;
1645 }
1646
1647 /* Cluster list attribute. */
1648 static bgp_attr_parse_ret_t
1649 bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
1650 {
1651 struct peer *const peer = args->peer;
1652 struct attr *const attr = args->attr;
1653 const bgp_size_t length = args->length;
1654
1655 /* Check length. */
1656 if (length % 4) {
1657 flog_err(EC_BGP_ATTR_LEN, "Bad cluster list length %d", length);
1658
1659 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1660 args->total);
1661 }
1662
1663 attr->cluster =
1664 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
1665
1666 /* XXX: Fix cluster_parse to use stream API and then remove this */
1667 stream_forward_getp(peer->curr, length);
1668
1669 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
1670
1671 return BGP_ATTR_PARSE_PROCEED;
1672 }
1673
1674 /* Multiprotocol reachability information parse. */
1675 int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1676 struct bgp_nlri *mp_update)
1677 {
1678 iana_afi_t pkt_afi;
1679 afi_t afi;
1680 iana_safi_t pkt_safi;
1681 safi_t safi;
1682 bgp_size_t nlri_len;
1683 size_t start;
1684 struct stream *s;
1685 struct peer *const peer = args->peer;
1686 struct attr *const attr = args->attr;
1687 const bgp_size_t length = args->length;
1688
1689 /* Set end of packet. */
1690 s = BGP_INPUT(peer);
1691 start = stream_get_getp(s);
1692
1693 /* safe to read statically sized header? */
1694 #define BGP_MP_REACH_MIN_SIZE 5
1695 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1696 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1697 zlog_info("%s: %s sent invalid length, %lu, of MP_REACH_NLRI",
1698 __func__, peer->host, (unsigned long)length);
1699 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1700 }
1701
1702 /* Load AFI, SAFI. */
1703 pkt_afi = stream_getw(s);
1704 pkt_safi = stream_getc(s);
1705
1706 /* Convert AFI, SAFI to internal values, check. */
1707 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1708 /* Log if AFI or SAFI is unrecognized. This is not an error
1709 * unless
1710 * the attribute is otherwise malformed.
1711 */
1712 if (bgp_debug_update(peer, NULL, NULL, 0))
1713 zlog_debug(
1714 "%s sent unrecognizable AFI, %s or, SAFI, %s, of MP_REACH_NLRI",
1715 peer->host, iana_afi2str(pkt_afi),
1716 iana_safi2str(pkt_safi));
1717 return BGP_ATTR_PARSE_ERROR;
1718 }
1719
1720 /* Get nexthop length. */
1721 attr->mp_nexthop_len = stream_getc(s);
1722
1723 if (LEN_LEFT < attr->mp_nexthop_len) {
1724 zlog_info(
1725 "%s: %s sent next-hop length, %u, in MP_REACH_NLRI which goes past the end of attribute",
1726 __func__, peer->host, attr->mp_nexthop_len);
1727 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1728 }
1729
1730 /* Nexthop length check. */
1731 switch (attr->mp_nexthop_len) {
1732 case 0:
1733 if (safi != SAFI_FLOWSPEC) {
1734 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
1735 __func__, peer->host, attr->mp_nexthop_len);
1736 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1737 }
1738 break;
1739 case BGP_ATTR_NHLEN_VPNV4:
1740 stream_getl(s); /* RD high */
1741 stream_getl(s); /* RD low */
1742 /*
1743 * NOTE: intentional fall through
1744 * - for consistency in rx processing
1745 *
1746 * The following comment is to signal GCC this intention
1747 * and suppress the warning
1748 */
1749 /* FALLTHRU */
1750 case BGP_ATTR_NHLEN_IPV4:
1751 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1752 /* Probably needed for RFC 2283 */
1753 if (attr->nexthop.s_addr == 0)
1754 memcpy(&attr->nexthop.s_addr,
1755 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1756 break;
1757 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1758 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1759 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1760 stream_getl(s); /* RD high */
1761 stream_getl(s); /* RD low */
1762 }
1763 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1764 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1765 if (!peer->nexthop.ifp) {
1766 zlog_warn("%s sent a v6 global attribute but address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1767 peer->host);
1768 return BGP_ATTR_PARSE_WITHDRAW;
1769 }
1770 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1771 }
1772 break;
1773 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1774 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1775 if (attr->mp_nexthop_len
1776 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1777 stream_getl(s); /* RD high */
1778 stream_getl(s); /* RD low */
1779 }
1780 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1781 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1782 if (!peer->nexthop.ifp) {
1783 zlog_warn("%s sent a v6 global and LL attribute but global address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1784 peer->host);
1785 return BGP_ATTR_PARSE_WITHDRAW;
1786 }
1787 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1788 }
1789 if (attr->mp_nexthop_len
1790 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1791 stream_getl(s); /* RD high */
1792 stream_getl(s); /* RD low */
1793 }
1794 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1795 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1796 char buf1[INET6_ADDRSTRLEN];
1797 char buf2[INET6_ADDRSTRLEN];
1798
1799 if (bgp_debug_update(peer, NULL, NULL, 1))
1800 zlog_debug(
1801 "%s sent next-hops %s and %s. Ignoring non-LL value",
1802 peer->host,
1803 inet_ntop(AF_INET6,
1804 &attr->mp_nexthop_global,
1805 buf1, INET6_ADDRSTRLEN),
1806 inet_ntop(AF_INET6,
1807 &attr->mp_nexthop_local, buf2,
1808 INET6_ADDRSTRLEN));
1809
1810 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1811 }
1812 if (!peer->nexthop.ifp) {
1813 zlog_warn("%s sent a v6 LL next-hop and there's no peer interface information. Hence, withdrawing",
1814 peer->host);
1815 return BGP_ATTR_PARSE_WITHDRAW;
1816 }
1817 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
1818 break;
1819 default:
1820 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
1821 __func__, peer->host, attr->mp_nexthop_len);
1822 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1823 }
1824
1825 if (!LEN_LEFT) {
1826 zlog_info("%s: %s sent SNPA which couldn't be read",
1827 __func__, peer->host);
1828 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1829 }
1830
1831 {
1832 uint8_t val;
1833 if ((val = stream_getc(s)))
1834 flog_warn(
1835 EC_BGP_DEFUNCT_SNPA_LEN,
1836 "%s sent non-zero value, %u, for defunct SNPA-length field",
1837 peer->host, val);
1838 }
1839
1840 /* must have nrli_len, what is left of the attribute */
1841 nlri_len = LEN_LEFT;
1842 if (nlri_len > STREAM_READABLE(s)) {
1843 zlog_info("%s: %s sent MP_REACH_NLRI which couldn't be read",
1844 __func__, peer->host);
1845 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1846 }
1847
1848 if (!nlri_len) {
1849 zlog_info("%s: %s sent a zero-length NLRI. Hence, treating as a EOR marker",
1850 __func__, peer->host);
1851
1852 mp_update->afi = afi;
1853 mp_update->safi = safi;
1854 return BGP_ATTR_PARSE_EOR;
1855 }
1856
1857 mp_update->afi = afi;
1858 mp_update->safi = safi;
1859 mp_update->nlri = stream_pnt(s);
1860 mp_update->length = nlri_len;
1861
1862 stream_forward_getp(s, nlri_len);
1863
1864 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1865
1866 return BGP_ATTR_PARSE_PROCEED;
1867 #undef LEN_LEFT
1868 }
1869
1870 /* Multiprotocol unreachable parse */
1871 int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1872 struct bgp_nlri *mp_withdraw)
1873 {
1874 struct stream *s;
1875 iana_afi_t pkt_afi;
1876 afi_t afi;
1877 iana_safi_t pkt_safi;
1878 safi_t safi;
1879 uint16_t withdraw_len;
1880 struct peer *const peer = args->peer;
1881 struct attr *const attr = args->attr;
1882 const bgp_size_t length = args->length;
1883
1884 s = peer->curr;
1885
1886 #define BGP_MP_UNREACH_MIN_SIZE 3
1887 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1888 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1889
1890 pkt_afi = stream_getw(s);
1891 pkt_safi = stream_getc(s);
1892
1893 /* Convert AFI, SAFI to internal values, check. */
1894 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1895 /* Log if AFI or SAFI is unrecognized. This is not an error
1896 * unless
1897 * the attribute is otherwise malformed.
1898 */
1899 if (bgp_debug_update(peer, NULL, NULL, 0))
1900 zlog_debug(
1901 "%s: MP_UNREACH received AFI %s or SAFI %s is unrecognized",
1902 peer->host, iana_afi2str(pkt_afi),
1903 iana_safi2str(pkt_safi));
1904 return BGP_ATTR_PARSE_ERROR;
1905 }
1906
1907 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
1908
1909 mp_withdraw->afi = afi;
1910 mp_withdraw->safi = safi;
1911 mp_withdraw->nlri = stream_pnt(s);
1912 mp_withdraw->length = withdraw_len;
1913
1914 stream_forward_getp(s, withdraw_len);
1915
1916 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1917
1918 return BGP_ATTR_PARSE_PROCEED;
1919 }
1920
1921 /* Large Community attribute. */
1922 static bgp_attr_parse_ret_t
1923 bgp_attr_large_community(struct bgp_attr_parser_args *args)
1924 {
1925 struct peer *const peer = args->peer;
1926 struct attr *const attr = args->attr;
1927 const bgp_size_t length = args->length;
1928
1929 /*
1930 * Large community follows new attribute format.
1931 */
1932 if (length == 0) {
1933 attr->lcommunity = NULL;
1934 /* Empty extcomm doesn't seem to be invalid per se */
1935 return BGP_ATTR_PARSE_PROCEED;
1936 }
1937
1938 attr->lcommunity =
1939 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1940 /* XXX: fix ecommunity_parse to use stream API */
1941 stream_forward_getp(peer->curr, length);
1942
1943 if (!attr->lcommunity)
1944 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1945 args->total);
1946
1947 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
1948
1949 return BGP_ATTR_PARSE_PROCEED;
1950 }
1951
1952 /* Extended Community attribute. */
1953 static bgp_attr_parse_ret_t
1954 bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1955 {
1956 struct peer *const peer = args->peer;
1957 struct attr *const attr = args->attr;
1958 const bgp_size_t length = args->length;
1959 uint8_t sticky = 0;
1960
1961 if (length == 0) {
1962 attr->ecommunity = NULL;
1963 /* Empty extcomm doesn't seem to be invalid per se */
1964 return BGP_ATTR_PARSE_PROCEED;
1965 }
1966
1967 attr->ecommunity =
1968 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1969 /* XXX: fix ecommunity_parse to use stream API */
1970 stream_forward_getp(peer->curr, length);
1971
1972 if (!attr->ecommunity)
1973 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1974 args->total);
1975
1976 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1977
1978 /* Extract MAC mobility sequence number, if any. */
1979 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1980 attr->sticky = sticky;
1981
1982 /* Check if this is a Gateway MAC-IP advertisement */
1983 attr->default_gw = bgp_attr_default_gw(attr);
1984
1985 /* Handle scenario where router flag ecommunity is not
1986 * set but default gw ext community is present.
1987 * Use default gateway, set and propogate R-bit.
1988 */
1989 if (attr->default_gw)
1990 attr->router_flag = 1;
1991
1992 /* Check EVPN Neighbor advertisement flags, R-bit */
1993 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1994
1995 /* Extract the Rmac, if any */
1996 if (bgp_attr_rmac(attr, &attr->rmac)) {
1997 if (bgp_debug_update(peer, NULL, NULL, 1) &&
1998 bgp_mac_exist(&attr->rmac)) {
1999 char buf1[ETHER_ADDR_STRLEN];
2000
2001 zlog_debug("%s: router mac %s is self mac",
2002 __func__,
2003 prefix_mac2str(&attr->rmac, buf1,
2004 sizeof(buf1)));
2005 }
2006
2007 }
2008
2009 /* Get the tunnel type from encap extended community */
2010 bgp_attr_extcom_tunnel_type(attr,
2011 (bgp_encap_types *)&attr->encap_tunneltype);
2012
2013 return BGP_ATTR_PARSE_PROCEED;
2014 }
2015
2016 /* Parse Tunnel Encap attribute in an UPDATE */
2017 static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
2018 bgp_size_t length, /* IN: attr's length field */
2019 struct attr *attr, /* IN: caller already allocated */
2020 uint8_t flag, /* IN: attr's flags field */
2021 uint8_t *startp)
2022 {
2023 bgp_size_t total;
2024 uint16_t tunneltype = 0;
2025
2026 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
2027
2028 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
2029 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2030 zlog_info(
2031 "Tunnel Encap attribute flag isn't optional and transitive %d",
2032 flag);
2033 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2034 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2035 startp, total);
2036 return -1;
2037 }
2038
2039 if (BGP_ATTR_ENCAP == type) {
2040 /* read outer TLV type and length */
2041 uint16_t tlv_length;
2042
2043 if (length < 4) {
2044 zlog_info(
2045 "Tunnel Encap attribute not long enough to contain outer T,L");
2046 bgp_notify_send_with_data(
2047 peer, BGP_NOTIFY_UPDATE_ERR,
2048 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2049 return -1;
2050 }
2051 tunneltype = stream_getw(BGP_INPUT(peer));
2052 tlv_length = stream_getw(BGP_INPUT(peer));
2053 length -= 4;
2054
2055 if (tlv_length != length) {
2056 zlog_info("%s: tlv_length(%d) != length(%d)",
2057 __func__, tlv_length, length);
2058 }
2059 }
2060
2061 while (length >= 4) {
2062 uint16_t subtype = 0;
2063 uint16_t sublength = 0;
2064 struct bgp_attr_encap_subtlv *tlv;
2065
2066 if (BGP_ATTR_ENCAP == type) {
2067 subtype = stream_getc(BGP_INPUT(peer));
2068 sublength = stream_getc(BGP_INPUT(peer));
2069 length -= 2;
2070 #if ENABLE_BGP_VNC
2071 } else {
2072 subtype = stream_getw(BGP_INPUT(peer));
2073 sublength = stream_getw(BGP_INPUT(peer));
2074 length -= 4;
2075 #endif
2076 }
2077
2078 if (sublength > length) {
2079 zlog_info(
2080 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2081 sublength, length);
2082 bgp_notify_send_with_data(
2083 peer, BGP_NOTIFY_UPDATE_ERR,
2084 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2085 return -1;
2086 }
2087
2088 /* alloc and copy sub-tlv */
2089 /* TBD make sure these are freed when attributes are released */
2090 tlv = XCALLOC(MTYPE_ENCAP_TLV,
2091 sizeof(struct bgp_attr_encap_subtlv) + sublength);
2092 tlv->type = subtype;
2093 tlv->length = sublength;
2094 stream_get(tlv->value, peer->curr, sublength);
2095 length -= sublength;
2096
2097 /* attach tlv to encap chain */
2098 if (BGP_ATTR_ENCAP == type) {
2099 struct bgp_attr_encap_subtlv *stlv_last;
2100 for (stlv_last = attr->encap_subtlvs;
2101 stlv_last && stlv_last->next;
2102 stlv_last = stlv_last->next)
2103 ;
2104 if (stlv_last) {
2105 stlv_last->next = tlv;
2106 } else {
2107 attr->encap_subtlvs = tlv;
2108 }
2109 #if ENABLE_BGP_VNC
2110 } else {
2111 struct bgp_attr_encap_subtlv *stlv_last;
2112 for (stlv_last = attr->vnc_subtlvs;
2113 stlv_last && stlv_last->next;
2114 stlv_last = stlv_last->next)
2115 ;
2116 if (stlv_last) {
2117 stlv_last->next = tlv;
2118 } else {
2119 attr->vnc_subtlvs = tlv;
2120 }
2121 #endif
2122 }
2123 }
2124
2125 if (BGP_ATTR_ENCAP == type) {
2126 attr->encap_tunneltype = tunneltype;
2127 }
2128
2129 if (length) {
2130 /* spurious leftover data */
2131 zlog_info(
2132 "Tunnel Encap attribute length is bad: %d leftover octets",
2133 length);
2134 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2135 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2136 startp, total);
2137 return -1;
2138 }
2139
2140 return 0;
2141 }
2142
2143 /*
2144 * Read an individual SID value returning how much data we have read
2145 * Returns 0 if there was an error that needs to be passed up the stack
2146 */
2147 static bgp_attr_parse_ret_t bgp_attr_psid_sub(int32_t type,
2148 int32_t length,
2149 struct bgp_attr_parser_args *args,
2150 struct bgp_nlri *mp_update)
2151 {
2152 struct peer *const peer = args->peer;
2153 struct attr *const attr = args->attr;
2154 uint32_t label_index;
2155 struct in6_addr ipv6_sid;
2156 uint32_t srgb_base;
2157 uint32_t srgb_range;
2158 int srgb_count;
2159
2160 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2161 if (length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
2162 flog_err(
2163 EC_BGP_ATTR_LEN,
2164 "Prefix SID label index length is %d instead of %d",
2165 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
2166 return bgp_attr_malformed(args,
2167 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2168 args->total);
2169 }
2170
2171 /* Ignore flags and reserved */
2172 stream_getc(peer->curr);
2173 stream_getw(peer->curr);
2174
2175 /* Fetch the label index and see if it is valid. */
2176 label_index = stream_getl(peer->curr);
2177 if (label_index == BGP_INVALID_LABEL_INDEX)
2178 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2179 args->total);
2180
2181 /* Store label index; subsequently, we'll check on
2182 * address-family */
2183 attr->label_index = label_index;
2184
2185 /*
2186 * Ignore the Label index attribute unless received for
2187 * labeled-unicast
2188 * SAFI.
2189 */
2190 if (!mp_update->length
2191 || mp_update->safi != SAFI_LABELED_UNICAST)
2192 attr->label_index = BGP_INVALID_LABEL_INDEX;
2193 }
2194
2195 /* Placeholder code for the IPv6 SID type */
2196 else if (type == BGP_PREFIX_SID_IPV6) {
2197 if (length != BGP_PREFIX_SID_IPV6_LENGTH) {
2198 flog_err(EC_BGP_ATTR_LEN,
2199 "Prefix SID IPv6 length is %d instead of %d",
2200 length, BGP_PREFIX_SID_IPV6_LENGTH);
2201 return bgp_attr_malformed(args,
2202 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2203 args->total);
2204 }
2205
2206 /* Ignore reserved */
2207 stream_getc(peer->curr);
2208 stream_getw(peer->curr);
2209
2210 stream_get(&ipv6_sid, peer->curr, 16);
2211 }
2212
2213 /* Placeholder code for the Originator SRGB type */
2214 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2215 /* Ignore flags */
2216 stream_getw(peer->curr);
2217
2218 length -= 2;
2219
2220 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
2221 flog_err(
2222 EC_BGP_ATTR_LEN,
2223 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2224 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2225 return bgp_attr_malformed(
2226 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2227 args->total);
2228 }
2229
2230 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2231
2232 for (int i = 0; i < srgb_count; i++) {
2233 stream_get(&srgb_base, peer->curr, 3);
2234 stream_get(&srgb_range, peer->curr, 3);
2235 }
2236 }
2237
2238 /*
2239 * Placeholder code for Unsupported TLV
2240 * - SRv6 L3 Service TLV (type5)
2241 * - SRv6 L2 Service TLV (type6)
2242 */
2243 else if (type == BGP_PREFIX_SID_SRV6_L3_SERVICE
2244 || type == BGP_PREFIX_SID_SRV6_L2_SERVICE) {
2245 if (bgp_debug_update(peer, NULL, NULL, 1))
2246 zlog_debug(
2247 "%s attr Prefix-SID sub-type=%u is not supported, skipped",
2248 peer->host, type);
2249 for (int i = 0; i < length; i++)
2250 stream_getc(peer->curr);
2251 }
2252
2253 return BGP_ATTR_PARSE_PROCEED;
2254 }
2255
2256 /* Prefix SID attribute
2257 * draft-ietf-idr-bgp-prefix-sid-05
2258 */
2259 bgp_attr_parse_ret_t
2260 bgp_attr_prefix_sid(int32_t tlength, struct bgp_attr_parser_args *args,
2261 struct bgp_nlri *mp_update)
2262 {
2263 struct peer *const peer = args->peer;
2264 struct attr *const attr = args->attr;
2265 bgp_attr_parse_ret_t ret;
2266
2267 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2268
2269 while (tlength) {
2270 int32_t type, length;
2271
2272 type = stream_getc(peer->curr);
2273 length = stream_getw(peer->curr);
2274
2275 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2276
2277 if (ret != BGP_ATTR_PARSE_PROCEED)
2278 return ret;
2279 /*
2280 * Subtract length + the T and the L
2281 * since length is the Vector portion
2282 */
2283 tlength -= length + 3;
2284
2285 if (tlength < 0) {
2286 flog_err(
2287 EC_BGP_ATTR_LEN,
2288 "Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2289 length);
2290 return bgp_attr_malformed(args,
2291 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2292 args->total);
2293 }
2294 }
2295
2296 return BGP_ATTR_PARSE_PROCEED;
2297 }
2298
2299 /* PMSI tunnel attribute (RFC 6514)
2300 * Basic validation checks done here.
2301 */
2302 static bgp_attr_parse_ret_t
2303 bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2304 {
2305 struct peer *const peer = args->peer;
2306 struct attr *const attr = args->attr;
2307 const bgp_size_t length = args->length;
2308 uint8_t tnl_type;
2309 int attr_parse_len = 2 + BGP_LABEL_BYTES;
2310
2311 /* Verify that the receiver is expecting "ingress replication" as we
2312 * can only support that.
2313 */
2314 if (length < attr_parse_len) {
2315 flog_err(EC_BGP_ATTR_LEN, "Bad PMSI tunnel attribute length %d",
2316 length);
2317 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2318 args->total);
2319 }
2320 stream_getc(peer->curr); /* Flags */
2321 tnl_type = stream_getc(peer->curr);
2322 if (tnl_type > PMSI_TNLTYPE_MAX) {
2323 flog_err(EC_BGP_ATTR_PMSI_TYPE,
2324 "Invalid PMSI tunnel attribute type %d", tnl_type);
2325 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2326 args->total);
2327 }
2328 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2329 if (length != 9) {
2330 flog_err(EC_BGP_ATTR_PMSI_LEN,
2331 "Bad PMSI tunnel attribute length %d for IR",
2332 length);
2333 return bgp_attr_malformed(
2334 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2335 args->total);
2336 }
2337 }
2338
2339 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2340 attr->pmsi_tnl_type = tnl_type;
2341 stream_get(&attr->label, peer->curr, BGP_LABEL_BYTES);
2342
2343 /* Forward read pointer of input stream. */
2344 stream_forward_getp(peer->curr, length - attr_parse_len);
2345
2346 return BGP_ATTR_PARSE_PROCEED;
2347 }
2348
2349 /* BGP unknown attribute treatment. */
2350 static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2351 {
2352 bgp_size_t total = args->total;
2353 struct transit *transit;
2354 struct peer *const peer = args->peer;
2355 struct attr *const attr = args->attr;
2356 uint8_t *const startp = args->startp;
2357 const uint8_t type = args->type;
2358 const uint8_t flag = args->flags;
2359 const bgp_size_t length = args->length;
2360
2361 if (bgp_debug_update(peer, NULL, NULL, 1))
2362 zlog_debug(
2363 "%s Unknown attribute is received (type %d, length %d)",
2364 peer->host, type, length);
2365
2366 /* Forward read pointer of input stream. */
2367 stream_forward_getp(peer->curr, length);
2368
2369 /* If any of the mandatory well-known attributes are not recognized,
2370 then the Error Subcode is set to Unrecognized Well-known
2371 Attribute. The Data field contains the unrecognized attribute
2372 (type, length and value). */
2373 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2374 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2375 args->total);
2376 }
2377
2378 /* Unrecognized non-transitive optional attributes must be quietly
2379 ignored and not passed along to other BGP peers. */
2380 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2381 return BGP_ATTR_PARSE_PROCEED;
2382
2383 /* If a path with recognized transitive optional attribute is
2384 accepted and passed along to other BGP peers and the Partial bit
2385 in the Attribute Flags octet is set to 1 by some previous AS, it
2386 is not set back to 0 by the current AS. */
2387 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2388
2389 /* Store transitive attribute to the end of attr->transit. */
2390 if (!attr->transit)
2391 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2392
2393 transit = attr->transit;
2394
2395 if (transit->val)
2396 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2397 transit->length + total);
2398 else
2399 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2400
2401 memcpy(transit->val + transit->length, startp, total);
2402 transit->length += total;
2403
2404 return BGP_ATTR_PARSE_PROCEED;
2405 }
2406
2407 /* Well-known attribute check. */
2408 static int bgp_attr_check(struct peer *peer, struct attr *attr)
2409 {
2410 uint8_t type = 0;
2411
2412 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2413 * empty UPDATE. */
2414 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2415 return BGP_ATTR_PARSE_PROCEED;
2416
2417 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2418 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2419 are present, it should. Check for any other attribute being present
2420 instead.
2421 */
2422 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2423 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
2424 return BGP_ATTR_PARSE_PROCEED;
2425
2426 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2427 type = BGP_ATTR_ORIGIN;
2428
2429 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2430 type = BGP_ATTR_AS_PATH;
2431
2432 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2433 * and
2434 * NLRI is empty. We can't easily check NLRI empty here though.
2435 */
2436 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2437 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2438 type = BGP_ATTR_NEXT_HOP;
2439
2440 if (peer->sort == BGP_PEER_IBGP
2441 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2442 type = BGP_ATTR_LOCAL_PREF;
2443
2444 if (type) {
2445 flog_warn(EC_BGP_MISSING_ATTRIBUTE,
2446 "%s Missing well-known attribute %s.", peer->host,
2447 lookup_msg(attr_str, type, NULL));
2448 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2449 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2450 1);
2451 return BGP_ATTR_PARSE_ERROR;
2452 }
2453 return BGP_ATTR_PARSE_PROCEED;
2454 }
2455
2456 /* Read attribute of update packet. This function is called from
2457 bgp_update_receive() in bgp_packet.c. */
2458 bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2459 bgp_size_t size, struct bgp_nlri *mp_update,
2460 struct bgp_nlri *mp_withdraw)
2461 {
2462 bgp_attr_parse_ret_t ret;
2463 uint8_t flag = 0;
2464 uint8_t type = 0;
2465 bgp_size_t length;
2466 uint8_t *startp, *endp;
2467 uint8_t *attr_endp;
2468 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
2469 /* we need the as4_path only until we have synthesized the as_path with
2470 * it */
2471 /* same goes for as4_aggregator */
2472 struct aspath *as4_path = NULL;
2473 as_t as4_aggregator = 0;
2474 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2475
2476 /* Initialize bitmap. */
2477 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2478
2479 /* End pointer of BGP attribute. */
2480 endp = BGP_INPUT_PNT(peer) + size;
2481
2482 /* Get attributes to the end of attribute length. */
2483 while (BGP_INPUT_PNT(peer) < endp) {
2484 /* Check remaining length check.*/
2485 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2486 /* XXX warning: long int format, int arg (arg 5) */
2487 flog_warn(
2488 EC_BGP_ATTRIBUTE_TOO_SMALL,
2489 "%s: error BGP attribute length %lu is smaller than min len",
2490 peer->host,
2491 (unsigned long)(endp
2492 - stream_pnt(BGP_INPUT(peer))));
2493
2494 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2495 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2496 ret = BGP_ATTR_PARSE_ERROR;
2497 goto done;
2498 }
2499
2500 /* Fetch attribute flag and type. */
2501 startp = BGP_INPUT_PNT(peer);
2502 /* "The lower-order four bits of the Attribute Flags octet are
2503 unused. They MUST be zero when sent and MUST be ignored when
2504 received." */
2505 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2506 type = stream_getc(BGP_INPUT(peer));
2507
2508 /* Check whether Extended-Length applies and is in bounds */
2509 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2510 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
2511 flog_warn(
2512 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL,
2513 "%s: Extended length set, but just %lu bytes of attr header",
2514 peer->host,
2515 (unsigned long)(endp
2516 - stream_pnt(BGP_INPUT(peer))));
2517
2518 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2519 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2520 ret = BGP_ATTR_PARSE_ERROR;
2521 goto done;
2522 }
2523
2524 /* Check extended attribue length bit. */
2525 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2526 length = stream_getw(BGP_INPUT(peer));
2527 else
2528 length = stream_getc(BGP_INPUT(peer));
2529
2530 /* If any attribute appears more than once in the UPDATE
2531 message, then the Error Subcode is set to Malformed Attribute
2532 List. */
2533
2534 if (CHECK_BITMAP(seen, type)) {
2535 flog_warn(
2536 EC_BGP_ATTRIBUTE_REPEATED,
2537 "%s: error BGP attribute type %d appears twice in a message",
2538 peer->host, type);
2539
2540 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2541 BGP_NOTIFY_UPDATE_MAL_ATTR);
2542 ret = BGP_ATTR_PARSE_ERROR;
2543 goto done;
2544 }
2545
2546 /* Set type to bitmap to check duplicate attribute. `type' is
2547 unsigned char so it never overflow bitmap range. */
2548
2549 SET_BITMAP(seen, type);
2550
2551 /* Overflow check. */
2552 attr_endp = BGP_INPUT_PNT(peer) + length;
2553
2554 if (attr_endp > endp) {
2555 flog_warn(
2556 EC_BGP_ATTRIBUTE_TOO_LARGE,
2557 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2558 peer->host, type, length, size, attr_endp,
2559 endp);
2560 /*
2561 * RFC 4271 6.3
2562 * If any recognized attribute has an Attribute
2563 * Length that conflicts with the expected length
2564 * (based on the attribute type code), then the
2565 * Error Subcode MUST be set to Attribute Length
2566 * Error. The Data field MUST contain the erroneous
2567 * attribute (type, length, and value).
2568 * ----------
2569 * We do not currently have a good way to determine the
2570 * length of the attribute independent of the length
2571 * received in the message. Instead we send the
2572 * minimum between the amount of data we have and the
2573 * amount specified by the attribute length field.
2574 *
2575 * Instead of directly passing in the packet buffer and
2576 * offset we use the stream_get* functions to read into
2577 * a stack buffer, since they perform bounds checking
2578 * and we are working with untrusted data.
2579 */
2580 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2581 memset(ndata, 0x00, sizeof(ndata));
2582 size_t lfl =
2583 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2584 /* Rewind to end of flag field */
2585 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2586 /* Type */
2587 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2588 /* Length */
2589 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2590 /* Value */
2591 size_t atl = attr_endp - startp;
2592 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2593 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2594
2595 bgp_notify_send_with_data(
2596 peer, BGP_NOTIFY_UPDATE_ERR,
2597 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2598 ndl + lfl + 1);
2599
2600 ret = BGP_ATTR_PARSE_ERROR;
2601 goto done;
2602 }
2603
2604 struct bgp_attr_parser_args attr_args = {
2605 .peer = peer,
2606 .length = length,
2607 .attr = attr,
2608 .type = type,
2609 .flags = flag,
2610 .startp = startp,
2611 .total = attr_endp - startp,
2612 };
2613
2614
2615 /* If any recognized attribute has Attribute Flags that conflict
2616 with the Attribute Type Code, then the Error Subcode is set
2617 to
2618 Attribute Flags Error. The Data field contains the erroneous
2619 attribute (type, length and value). */
2620 if (bgp_attr_flag_invalid(&attr_args)) {
2621 ret = bgp_attr_malformed(
2622 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2623 attr_args.total);
2624 if (ret == BGP_ATTR_PARSE_PROCEED)
2625 continue;
2626 goto done;
2627 }
2628
2629 /* OK check attribute and store it's value. */
2630 switch (type) {
2631 case BGP_ATTR_ORIGIN:
2632 ret = bgp_attr_origin(&attr_args);
2633 break;
2634 case BGP_ATTR_AS_PATH:
2635 ret = bgp_attr_aspath(&attr_args);
2636 break;
2637 case BGP_ATTR_AS4_PATH:
2638 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2639 break;
2640 case BGP_ATTR_NEXT_HOP:
2641 ret = bgp_attr_nexthop(&attr_args);
2642 break;
2643 case BGP_ATTR_MULTI_EXIT_DISC:
2644 ret = bgp_attr_med(&attr_args);
2645 break;
2646 case BGP_ATTR_LOCAL_PREF:
2647 ret = bgp_attr_local_pref(&attr_args);
2648 break;
2649 case BGP_ATTR_ATOMIC_AGGREGATE:
2650 ret = bgp_attr_atomic(&attr_args);
2651 break;
2652 case BGP_ATTR_AGGREGATOR:
2653 ret = bgp_attr_aggregator(&attr_args);
2654 break;
2655 case BGP_ATTR_AS4_AGGREGATOR:
2656 ret = bgp_attr_as4_aggregator(&attr_args,
2657 &as4_aggregator,
2658 &as4_aggregator_addr);
2659 break;
2660 case BGP_ATTR_COMMUNITIES:
2661 ret = bgp_attr_community(&attr_args);
2662 break;
2663 case BGP_ATTR_LARGE_COMMUNITIES:
2664 ret = bgp_attr_large_community(&attr_args);
2665 break;
2666 case BGP_ATTR_ORIGINATOR_ID:
2667 ret = bgp_attr_originator_id(&attr_args);
2668 break;
2669 case BGP_ATTR_CLUSTER_LIST:
2670 ret = bgp_attr_cluster_list(&attr_args);
2671 break;
2672 case BGP_ATTR_MP_REACH_NLRI:
2673 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2674 break;
2675 case BGP_ATTR_MP_UNREACH_NLRI:
2676 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2677 break;
2678 case BGP_ATTR_EXT_COMMUNITIES:
2679 ret = bgp_attr_ext_communities(&attr_args);
2680 break;
2681 #if ENABLE_BGP_VNC_ATTR
2682 case BGP_ATTR_VNC:
2683 #endif
2684 case BGP_ATTR_ENCAP:
2685 ret = bgp_attr_encap(type, peer, length, attr, flag,
2686 startp);
2687 break;
2688 case BGP_ATTR_PREFIX_SID:
2689 ret = bgp_attr_prefix_sid(length,
2690 &attr_args, mp_update);
2691 break;
2692 case BGP_ATTR_PMSI_TUNNEL:
2693 ret = bgp_attr_pmsi_tunnel(&attr_args);
2694 break;
2695 default:
2696 ret = bgp_attr_unknown(&attr_args);
2697 break;
2698 }
2699
2700 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2701 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2702 BGP_NOTIFY_UPDATE_MAL_ATTR);
2703 ret = BGP_ATTR_PARSE_ERROR;
2704 goto done;
2705 }
2706
2707 if (ret == BGP_ATTR_PARSE_EOR) {
2708 goto done;
2709 }
2710
2711 if (ret == BGP_ATTR_PARSE_ERROR) {
2712 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR,
2713 "%s: Attribute %s, parse error", peer->host,
2714 lookup_msg(attr_str, type, NULL));
2715 goto done;
2716 }
2717 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2718 flog_warn(
2719 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW,
2720 "%s: Attribute %s, parse error - treating as withdrawal",
2721 peer->host, lookup_msg(attr_str, type, NULL));
2722 goto done;
2723 }
2724
2725 /* Check the fetched length. */
2726 if (BGP_INPUT_PNT(peer) != attr_endp) {
2727 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR,
2728 "%s: BGP attribute %s, fetch error",
2729 peer->host, lookup_msg(attr_str, type, NULL));
2730 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2731 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2732 ret = BGP_ATTR_PARSE_ERROR;
2733 goto done;
2734 }
2735 }
2736
2737 /* Check final read pointer is same as end pointer. */
2738 if (BGP_INPUT_PNT(peer) != endp) {
2739 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH,
2740 "%s: BGP attribute %s, length mismatch", peer->host,
2741 lookup_msg(attr_str, type, NULL));
2742 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2743 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2744
2745 ret = BGP_ATTR_PARSE_ERROR;
2746 goto done;
2747 }
2748
2749 /*
2750 * RFC4271: If the NEXT_HOP attribute field is syntactically incorrect,
2751 * then the Error Subcode MUST be set to Invalid NEXT_HOP Attribute.
2752 * This is implemented below and will result in a NOTIFICATION. If the
2753 * NEXT_HOP attribute is semantically incorrect, the error SHOULD be
2754 * logged, and the route SHOULD be ignored. In this case, a NOTIFICATION
2755 * message SHOULD NOT be sent. This is implemented elsewhere.
2756 *
2757 * RFC4760: An UPDATE message that carries no NLRI, other than the one
2758 * encoded in the MP_REACH_NLRI attribute, SHOULD NOT carry the NEXT_HOP
2759 * attribute. If such a message contains the NEXT_HOP attribute, the BGP
2760 * speaker that receives the message SHOULD ignore this attribute.
2761 */
2762 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2763 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
2764 if (bgp_attr_nexthop_valid(peer, attr) < 0) {
2765 ret = BGP_ATTR_PARSE_ERROR;
2766 goto done;
2767 }
2768 }
2769
2770 /* Check all mandatory well-known attributes are present */
2771 if ((ret = bgp_attr_check(peer, attr)) < 0)
2772 goto done;
2773
2774 /*
2775 * At this place we can see whether we got AS4_PATH and/or
2776 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2777 * We can not do this before we've read all attributes because
2778 * the as4 handling does not say whether AS4_PATH has to be sent
2779 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2780 * in relationship to AGGREGATOR.
2781 * So, to be defensive, we are not relying on any order and read
2782 * all attributes first, including these 32bit ones, and now,
2783 * afterwards, we look what and if something is to be done for as4.
2784 *
2785 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2786 * MP_UNREACH_NLRI.
2787 */
2788 /* actually... this doesn't ever return failure currently, but
2789 * better safe than sorry */
2790 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2791 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2792 &as4_aggregator_addr)) {
2793 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2794 BGP_NOTIFY_UPDATE_MAL_ATTR);
2795 ret = BGP_ATTR_PARSE_ERROR;
2796 goto done;
2797 }
2798
2799 /*
2800 * Finally do the checks on the aspath we did not do yet
2801 * because we waited for a potentially synthesized aspath.
2802 */
2803 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2804 ret = bgp_attr_aspath_check(peer, attr);
2805 if (ret != BGP_ATTR_PARSE_PROCEED)
2806 goto done;
2807 }
2808
2809 ret = BGP_ATTR_PARSE_PROCEED;
2810 done:
2811
2812 /*
2813 * At this stage, we have done all fiddling with as4, and the
2814 * resulting info is in attr->aggregator resp. attr->aspath so
2815 * we can chuck as4_aggregator and as4_path alltogether in order
2816 * to save memory
2817 */
2818 if (as4_path) {
2819 /*
2820 * unintern - it is in the hash
2821 * The flag that we got this is still there, but that
2822 * does not do any trouble
2823 */
2824 aspath_unintern(&as4_path);
2825 }
2826
2827 if (ret != BGP_ATTR_PARSE_ERROR) {
2828 /* Finally intern unknown attribute. */
2829 if (attr->transit)
2830 attr->transit = transit_intern(attr->transit);
2831 if (attr->encap_subtlvs)
2832 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
2833 ENCAP_SUBTLV_TYPE);
2834 #if ENABLE_BGP_VNC
2835 if (attr->vnc_subtlvs)
2836 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
2837 VNC_SUBTLV_TYPE);
2838 #endif
2839 } else {
2840 if (attr->transit) {
2841 transit_free(attr->transit);
2842 attr->transit = NULL;
2843 }
2844
2845 bgp_attr_flush_encap(attr);
2846 };
2847
2848 /* Sanity checks */
2849 if (attr->transit)
2850 assert(attr->transit->refcnt > 0);
2851 if (attr->encap_subtlvs)
2852 assert(attr->encap_subtlvs->refcnt > 0);
2853 #if ENABLE_BGP_VNC
2854 if (attr->vnc_subtlvs)
2855 assert(attr->vnc_subtlvs->refcnt > 0);
2856 #endif
2857
2858 return ret;
2859 }
2860
2861 /*
2862 * Extract the tunnel type from extended community
2863 */
2864 void bgp_attr_extcom_tunnel_type(struct attr *attr,
2865 bgp_encap_types *tunnel_type)
2866 {
2867 struct ecommunity *ecom;
2868 int i;
2869 if (!attr)
2870 return;
2871
2872 ecom = attr->ecommunity;
2873 if (!ecom || !ecom->size)
2874 return;
2875
2876 for (i = 0; i < ecom->size; i++) {
2877 uint8_t *pnt;
2878 uint8_t type, sub_type;
2879
2880 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2881 type = pnt[0];
2882 sub_type = pnt[1];
2883 if (!(type == ECOMMUNITY_ENCODE_OPAQUE &&
2884 sub_type == ECOMMUNITY_OPAQUE_SUBTYPE_ENCAP))
2885 continue;
2886 *tunnel_type = ((pnt[6] << 8) | pnt[7]);
2887 return;
2888 }
2889
2890 return;
2891 }
2892
2893 size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2894 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2895 struct attr *attr)
2896 {
2897 size_t sizep;
2898 iana_afi_t pkt_afi;
2899 iana_safi_t pkt_safi;
2900 afi_t nh_afi;
2901
2902 /* Set extended bit always to encode the attribute length as 2 bytes */
2903 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2904 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2905 sizep = stream_get_endp(s);
2906 stream_putw(s, 0); /* Marker: Attribute length. */
2907
2908
2909 /* Convert AFI, SAFI to values for packet. */
2910 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2911
2912 stream_putw(s, pkt_afi); /* AFI */
2913 stream_putc(s, pkt_safi); /* SAFI */
2914
2915 /* Nexthop AFI */
2916 if (afi == AFI_IP
2917 && (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
2918 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
2919 else
2920 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2921
2922 /* Nexthop */
2923 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2924 switch (nh_afi) {
2925 case AFI_IP:
2926 switch (safi) {
2927 case SAFI_UNICAST:
2928 case SAFI_MULTICAST:
2929 case SAFI_LABELED_UNICAST:
2930 stream_putc(s, 4);
2931 stream_put_ipv4(s, attr->nexthop.s_addr);
2932 break;
2933 case SAFI_MPLS_VPN:
2934 stream_putc(s, 12);
2935 stream_putl(s, 0); /* RD = 0, per RFC */
2936 stream_putl(s, 0);
2937 stream_put(s, &attr->mp_nexthop_global_in, 4);
2938 break;
2939 case SAFI_ENCAP:
2940 case SAFI_EVPN:
2941 stream_putc(s, 4);
2942 stream_put(s, &attr->mp_nexthop_global_in, 4);
2943 break;
2944 case SAFI_FLOWSPEC:
2945 stream_putc(s, 0); /* no nexthop for flowspec */
2946 default:
2947 break;
2948 }
2949 break;
2950 case AFI_IP6:
2951 switch (safi) {
2952 case SAFI_UNICAST:
2953 case SAFI_MULTICAST:
2954 case SAFI_LABELED_UNICAST:
2955 case SAFI_EVPN: {
2956 if (attr->mp_nexthop_len
2957 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2958 stream_putc(s,
2959 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
2960 stream_put(s, &attr->mp_nexthop_global,
2961 IPV6_MAX_BYTELEN);
2962 stream_put(s, &attr->mp_nexthop_local,
2963 IPV6_MAX_BYTELEN);
2964 } else {
2965 stream_putc(s, IPV6_MAX_BYTELEN);
2966 stream_put(s, &attr->mp_nexthop_global,
2967 IPV6_MAX_BYTELEN);
2968 }
2969 } break;
2970 case SAFI_MPLS_VPN: {
2971 if (attr->mp_nexthop_len
2972 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
2973 stream_putc(s, 24);
2974 stream_putl(s, 0); /* RD = 0, per RFC */
2975 stream_putl(s, 0);
2976 stream_put(s, &attr->mp_nexthop_global,
2977 IPV6_MAX_BYTELEN);
2978 } else if (attr->mp_nexthop_len
2979 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2980 stream_putc(s, 48);
2981 stream_putl(s, 0); /* RD = 0, per RFC */
2982 stream_putl(s, 0);
2983 stream_put(s, &attr->mp_nexthop_global,
2984 IPV6_MAX_BYTELEN);
2985 stream_putl(s, 0); /* RD = 0, per RFC */
2986 stream_putl(s, 0);
2987 stream_put(s, &attr->mp_nexthop_local,
2988 IPV6_MAX_BYTELEN);
2989 }
2990 } break;
2991 case SAFI_ENCAP:
2992 stream_putc(s, IPV6_MAX_BYTELEN);
2993 stream_put(s, &attr->mp_nexthop_global,
2994 IPV6_MAX_BYTELEN);
2995 break;
2996 case SAFI_FLOWSPEC:
2997 stream_putc(s, 0); /* no nexthop for flowspec */
2998 default:
2999 break;
3000 }
3001 break;
3002 default:
3003 if (safi != SAFI_FLOWSPEC)
3004 flog_err(
3005 EC_BGP_ATTR_NH_SEND_LEN,
3006 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
3007 peer->host, afi, safi, attr->mp_nexthop_len);
3008 break;
3009 }
3010
3011 /* SNPA */
3012 stream_putc(s, 0);
3013 return sizep;
3014 }
3015
3016 void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
3017 struct prefix *p, struct prefix_rd *prd,
3018 mpls_label_t *label, uint32_t num_labels,
3019 int addpath_encode, uint32_t addpath_tx_id,
3020 struct attr *attr)
3021 {
3022 if (safi == SAFI_MPLS_VPN) {
3023 if (addpath_encode)
3024 stream_putl(s, addpath_tx_id);
3025 /* Label, RD, Prefix write. */
3026 stream_putc(s, p->prefixlen + 88);
3027 stream_put(s, label, BGP_LABEL_BYTES);
3028 stream_put(s, prd->val, 8);
3029 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
3030 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
3031 /* EVPN prefix - contents depend on type */
3032 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
3033 addpath_encode, addpath_tx_id);
3034 } else if (safi == SAFI_LABELED_UNICAST) {
3035 /* Prefix write with label. */
3036 stream_put_labeled_prefix(s, p, label, addpath_encode,
3037 addpath_tx_id);
3038 } else if (safi == SAFI_FLOWSPEC) {
3039 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
3040 stream_putc(s, PSIZE (p->prefixlen)+2);
3041 else
3042 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
3043 stream_putc(s, 2);/* Filter type */
3044 stream_putc(s, p->prefixlen);/* Prefix length */
3045 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
3046 } else
3047 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
3048 }
3049
3050 size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
3051 {
3052 int size = PSIZE(p->prefixlen);
3053 if (safi == SAFI_MPLS_VPN)
3054 size += 88;
3055 else if (safi == SAFI_LABELED_UNICAST)
3056 size += BGP_LABEL_BYTES;
3057 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
3058 size += 232; // TODO: Maximum possible for type-2, type-3 and
3059 // type-5
3060 return size;
3061 }
3062
3063 /*
3064 * Encodes the tunnel encapsulation attribute,
3065 * and with ENABLE_BGP_VNC the VNC attribute which uses
3066 * almost the same TLV format
3067 */
3068 static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
3069 struct stream *s, struct attr *attr,
3070 uint8_t attrtype)
3071 {
3072 unsigned int attrlenfield = 0;
3073 unsigned int attrhdrlen = 0;
3074 struct bgp_attr_encap_subtlv *subtlvs;
3075 struct bgp_attr_encap_subtlv *st;
3076 const char *attrname;
3077
3078 if (!attr || (attrtype == BGP_ATTR_ENCAP
3079 && (!attr->encap_tunneltype
3080 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
3081 return;
3082
3083 switch (attrtype) {
3084 case BGP_ATTR_ENCAP:
3085 attrname = "Tunnel Encap";
3086 subtlvs = attr->encap_subtlvs;
3087 if (subtlvs == NULL) /* nothing to do */
3088 return;
3089 /*
3090 * The tunnel encap attr has an "outer" tlv.
3091 * T = tunneltype,
3092 * L = total length of subtlvs,
3093 * V = concatenated subtlvs.
3094 */
3095 attrlenfield = 2 + 2; /* T + L */
3096 attrhdrlen = 1 + 1; /* subTLV T + L */
3097 break;
3098
3099 #if ENABLE_BGP_VNC_ATTR
3100 case BGP_ATTR_VNC:
3101 attrname = "VNC";
3102 subtlvs = attr->vnc_subtlvs;
3103 if (subtlvs == NULL) /* nothing to do */
3104 return;
3105 attrlenfield = 0; /* no outer T + L */
3106 attrhdrlen = 2 + 2; /* subTLV T + L */
3107 break;
3108 #endif
3109
3110 default:
3111 assert(0);
3112 }
3113
3114 /* compute attr length */
3115 for (st = subtlvs; st; st = st->next) {
3116 attrlenfield += (attrhdrlen + st->length);
3117 }
3118
3119 if (attrlenfield > 0xffff) {
3120 zlog_info("%s attribute is too long (length=%d), can't send it",
3121 attrname, attrlenfield);
3122 return;
3123 }
3124
3125 if (attrlenfield > 0xff) {
3126 /* 2-octet length field */
3127 stream_putc(s,
3128 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3129 | BGP_ATTR_FLAG_EXTLEN);
3130 stream_putc(s, attrtype);
3131 stream_putw(s, attrlenfield & 0xffff);
3132 } else {
3133 /* 1-octet length field */
3134 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
3135 stream_putc(s, attrtype);
3136 stream_putc(s, attrlenfield & 0xff);
3137 }
3138
3139 if (attrtype == BGP_ATTR_ENCAP) {
3140 /* write outer T+L */
3141 stream_putw(s, attr->encap_tunneltype);
3142 stream_putw(s, attrlenfield - 4);
3143 }
3144
3145 /* write each sub-tlv */
3146 for (st = subtlvs; st; st = st->next) {
3147 if (attrtype == BGP_ATTR_ENCAP) {
3148 stream_putc(s, st->type);
3149 stream_putc(s, st->length);
3150 #if ENABLE_BGP_VNC
3151 } else {
3152 stream_putw(s, st->type);
3153 stream_putw(s, st->length);
3154 #endif
3155 }
3156 stream_put(s, st->value, st->length);
3157 }
3158 }
3159
3160 void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
3161 {
3162 /* Set MP attribute length. Don't count the (2) bytes used to encode
3163 the attr length */
3164 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
3165 }
3166
3167 static int bgp_append_local_as(struct peer *peer, afi_t afi, safi_t safi)
3168 {
3169 if (!BGP_AS_IS_PRIVATE(peer->local_as)
3170 || (BGP_AS_IS_PRIVATE(peer->local_as)
3171 && !CHECK_FLAG(peer->af_flags[afi][safi],
3172 PEER_FLAG_REMOVE_PRIVATE_AS)
3173 && !CHECK_FLAG(peer->af_flags[afi][safi],
3174 PEER_FLAG_REMOVE_PRIVATE_AS_ALL)
3175 && !CHECK_FLAG(peer->af_flags[afi][safi],
3176 PEER_FLAG_REMOVE_PRIVATE_AS_REPLACE)
3177 && !CHECK_FLAG(peer->af_flags[afi][safi],
3178 PEER_FLAG_REMOVE_PRIVATE_AS_ALL_REPLACE)))
3179 return 1;
3180 return 0;
3181 }
3182
3183 /* Make attribute packet. */
3184 bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
3185 struct stream *s, struct attr *attr,
3186 struct bpacket_attr_vec_arr *vecarr,
3187 struct prefix *p, afi_t afi, safi_t safi,
3188 struct peer *from, struct prefix_rd *prd,
3189 mpls_label_t *label, uint32_t num_labels,
3190 int addpath_encode, uint32_t addpath_tx_id)
3191 {
3192 size_t cp;
3193 size_t aspath_sizep;
3194 struct aspath *aspath;
3195 int send_as4_path = 0;
3196 int send_as4_aggregator = 0;
3197 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
3198
3199 if (!bgp)
3200 bgp = peer->bgp;
3201
3202 /* Remember current pointer. */
3203 cp = stream_get_endp(s);
3204
3205 if (p
3206 && !((afi == AFI_IP && safi == SAFI_UNICAST)
3207 && !peer_cap_enhe(peer, afi, safi))) {
3208 size_t mpattrlen_pos = 0;
3209
3210 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
3211 vecarr, attr);
3212 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3213 num_labels, addpath_encode,
3214 addpath_tx_id, attr);
3215 bgp_packet_mpattr_end(s, mpattrlen_pos);
3216 }
3217
3218 /* Origin attribute. */
3219 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3220 stream_putc(s, BGP_ATTR_ORIGIN);
3221 stream_putc(s, 1);
3222 stream_putc(s, attr->origin);
3223
3224 /* AS path attribute. */
3225
3226 /* If remote-peer is EBGP */
3227 if (peer->sort == BGP_PEER_EBGP
3228 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3229 PEER_FLAG_AS_PATH_UNCHANGED)
3230 || attr->aspath->segments == NULL)
3231 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3232 PEER_FLAG_RSERVER_CLIENT))) {
3233 aspath = aspath_dup(attr->aspath);
3234
3235 /* Even though we may not be configured for confederations we
3236 * may have
3237 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3238 aspath = aspath_delete_confed_seq(aspath);
3239
3240 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3241 /* Stuff our path CONFED_ID on the front */
3242 aspath = aspath_add_seq(aspath, bgp->confed_id);
3243 } else {
3244 if (peer->change_local_as) {
3245 /* If replace-as is specified, we only use the
3246 change_local_as when
3247 advertising routes. */
3248 if (!CHECK_FLAG(peer->flags,
3249 PEER_FLAG_LOCAL_AS_REPLACE_AS))
3250 if (bgp_append_local_as(peer, afi,
3251 safi))
3252 aspath = aspath_add_seq(
3253 aspath, peer->local_as);
3254 aspath = aspath_add_seq(aspath,
3255 peer->change_local_as);
3256 } else {
3257 aspath = aspath_add_seq(aspath, peer->local_as);
3258 }
3259 }
3260 } else if (peer->sort == BGP_PEER_CONFED) {
3261 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3262 * thing */
3263 aspath = aspath_dup(attr->aspath);
3264 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3265 } else
3266 aspath = attr->aspath;
3267
3268 /* If peer is not AS4 capable, then:
3269 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3270 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3271 * segment
3272 * types are in it (i.e. exclude them if they are there)
3273 * AND do this only if there is at least one asnum > 65535 in the
3274 * path!
3275 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3276 * change
3277 * all ASnums > 65535 to BGP_AS_TRANS
3278 */
3279
3280 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3281 stream_putc(s, BGP_ATTR_AS_PATH);
3282 aspath_sizep = stream_get_endp(s);
3283 stream_putw(s, 0);
3284 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3285
3286 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3287 * in the path
3288 */
3289 if (!use32bit && aspath_has_as4(aspath))
3290 send_as4_path =
3291 1; /* we'll do this later, at the correct place */
3292
3293 /* Nexthop attribute. */
3294 if (afi == AFI_IP && safi == SAFI_UNICAST
3295 && !peer_cap_enhe(peer, afi, safi)) {
3296 afi_t nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
3297
3298 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3299 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3300 stream_putc(s, BGP_ATTR_NEXT_HOP);
3301 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3302 attr);
3303 stream_putc(s, 4);
3304 stream_put_ipv4(s, attr->nexthop.s_addr);
3305 } else if (peer_cap_enhe(from, afi, safi)
3306 || (nh_afi == AFI_IP6)) {
3307 /*
3308 * Likely this is the case when an IPv4 prefix was
3309 * received with Extended Next-hop capability in this
3310 * or another vrf and is now being advertised to
3311 * non-ENHE peers. Since peer_cap_enhe only checks
3312 * peers in this vrf, also check the nh_afi to catch
3313 * the case where the originator was in another vrf.
3314 * Setting the mandatory (ipv4) next-hop attribute here
3315 * to enable implicit next-hop self with correct A-F
3316 * (ipv4 address family).
3317 */
3318 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3319 stream_putc(s, BGP_ATTR_NEXT_HOP);
3320 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3321 NULL);
3322 stream_putc(s, 4);
3323 stream_put_ipv4(s, 0);
3324 }
3325 }
3326
3327 /* MED attribute. */
3328 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3329 || bgp->maxmed_active) {
3330 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3331 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3332 stream_putc(s, 4);
3333 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3334 : attr->med));
3335 }
3336
3337 /* Local preference. */
3338 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3339 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3340 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3341 stream_putc(s, 4);
3342 stream_putl(s, attr->local_pref);
3343 }
3344
3345 /* Atomic aggregate. */
3346 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3347 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3348 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3349 stream_putc(s, 0);
3350 }
3351
3352 /* Aggregator. */
3353 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3354 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3355 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3356 stream_putc(s, BGP_ATTR_AGGREGATOR);
3357
3358 if (use32bit) {
3359 /* AS4 capable peer */
3360 stream_putc(s, 8);
3361 stream_putl(s, attr->aggregator_as);
3362 } else {
3363 /* 2-byte AS peer */
3364 stream_putc(s, 6);
3365
3366 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3367 * used? */
3368 if (attr->aggregator_as > 65535) {
3369 stream_putw(s, BGP_AS_TRANS);
3370
3371 /* we have to send AS4_AGGREGATOR, too.
3372 * we'll do that later in order to send
3373 * attributes in ascending
3374 * order.
3375 */
3376 send_as4_aggregator = 1;
3377 } else
3378 stream_putw(s, (uint16_t)attr->aggregator_as);
3379 }
3380 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3381 }
3382
3383 /* Community attribute. */
3384 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3385 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3386 if (attr->community->size * 4 > 255) {
3387 stream_putc(s,
3388 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3389 | BGP_ATTR_FLAG_EXTLEN);
3390 stream_putc(s, BGP_ATTR_COMMUNITIES);
3391 stream_putw(s, attr->community->size * 4);
3392 } else {
3393 stream_putc(s,
3394 BGP_ATTR_FLAG_OPTIONAL
3395 | BGP_ATTR_FLAG_TRANS);
3396 stream_putc(s, BGP_ATTR_COMMUNITIES);
3397 stream_putc(s, attr->community->size * 4);
3398 }
3399 stream_put(s, attr->community->val, attr->community->size * 4);
3400 }
3401
3402 /*
3403 * Large Community attribute.
3404 */
3405 if (CHECK_FLAG(peer->af_flags[afi][safi],
3406 PEER_FLAG_SEND_LARGE_COMMUNITY)
3407 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
3408 if (lcom_length(attr->lcommunity) > 255) {
3409 stream_putc(s,
3410 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3411 | BGP_ATTR_FLAG_EXTLEN);
3412 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3413 stream_putw(s, lcom_length(attr->lcommunity));
3414 } else {
3415 stream_putc(s,
3416 BGP_ATTR_FLAG_OPTIONAL
3417 | BGP_ATTR_FLAG_TRANS);
3418 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3419 stream_putc(s, lcom_length(attr->lcommunity));
3420 }
3421 stream_put(s, attr->lcommunity->val,
3422 lcom_length(attr->lcommunity));
3423 }
3424
3425 /* Route Reflector. */
3426 if (peer->sort == BGP_PEER_IBGP && from
3427 && from->sort == BGP_PEER_IBGP) {
3428 /* Originator ID. */
3429 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3430 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3431 stream_putc(s, 4);
3432
3433 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3434 stream_put_in_addr(s, &attr->originator_id);
3435 else
3436 stream_put_in_addr(s, &from->remote_id);
3437
3438 /* Cluster list. */
3439 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3440 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3441
3442 if (attr->cluster) {
3443 stream_putc(s, attr->cluster->length + 4);
3444 /* If this peer configuration's parent BGP has
3445 * cluster_id. */
3446 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3447 stream_put_in_addr(s, &bgp->cluster_id);
3448 else
3449 stream_put_in_addr(s, &bgp->router_id);
3450 stream_put(s, attr->cluster->list,
3451 attr->cluster->length);
3452 } else {
3453 stream_putc(s, 4);
3454 /* If this peer configuration's parent BGP has
3455 * cluster_id. */
3456 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3457 stream_put_in_addr(s, &bgp->cluster_id);
3458 else
3459 stream_put_in_addr(s, &bgp->router_id);
3460 }
3461 }
3462
3463 /* Extended Communities attribute. */
3464 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3465 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3466 if (peer->sort == BGP_PEER_IBGP
3467 || peer->sort == BGP_PEER_CONFED) {
3468 if (attr->ecommunity->size * 8 > 255) {
3469 stream_putc(s,
3470 BGP_ATTR_FLAG_OPTIONAL
3471 | BGP_ATTR_FLAG_TRANS
3472 | BGP_ATTR_FLAG_EXTLEN);
3473 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3474 stream_putw(s, attr->ecommunity->size * 8);
3475 } else {
3476 stream_putc(s,
3477 BGP_ATTR_FLAG_OPTIONAL
3478 | BGP_ATTR_FLAG_TRANS);
3479 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3480 stream_putc(s, attr->ecommunity->size * 8);
3481 }
3482 stream_put(s, attr->ecommunity->val,
3483 attr->ecommunity->size * 8);
3484 } else {
3485 uint8_t *pnt;
3486 int tbit;
3487 int ecom_tr_size = 0;
3488 int i;
3489
3490 for (i = 0; i < attr->ecommunity->size; i++) {
3491 pnt = attr->ecommunity->val + (i * 8);
3492 tbit = *pnt;
3493
3494 if (CHECK_FLAG(tbit,
3495 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3496 continue;
3497
3498 ecom_tr_size++;
3499 }
3500
3501 if (ecom_tr_size) {
3502 if (ecom_tr_size * 8 > 255) {
3503 stream_putc(
3504 s,
3505 BGP_ATTR_FLAG_OPTIONAL
3506 | BGP_ATTR_FLAG_TRANS
3507 | BGP_ATTR_FLAG_EXTLEN);
3508 stream_putc(s,
3509 BGP_ATTR_EXT_COMMUNITIES);
3510 stream_putw(s, ecom_tr_size * 8);
3511 } else {
3512 stream_putc(
3513 s,
3514 BGP_ATTR_FLAG_OPTIONAL
3515 | BGP_ATTR_FLAG_TRANS);
3516 stream_putc(s,
3517 BGP_ATTR_EXT_COMMUNITIES);
3518 stream_putc(s, ecom_tr_size * 8);
3519 }
3520
3521 for (i = 0; i < attr->ecommunity->size; i++) {
3522 pnt = attr->ecommunity->val + (i * 8);
3523 tbit = *pnt;
3524
3525 if (CHECK_FLAG(
3526 tbit,
3527 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3528 continue;
3529
3530 stream_put(s, pnt, 8);
3531 }
3532 }
3533 }
3534 }
3535
3536 /* Label index attribute. */
3537 if (safi == SAFI_LABELED_UNICAST) {
3538 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3539 uint32_t label_index;
3540
3541 label_index = attr->label_index;
3542
3543 if (label_index != BGP_INVALID_LABEL_INDEX) {
3544 stream_putc(s,
3545 BGP_ATTR_FLAG_OPTIONAL
3546 | BGP_ATTR_FLAG_TRANS);
3547 stream_putc(s, BGP_ATTR_PREFIX_SID);
3548 stream_putc(s, 10);
3549 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3550 stream_putw(s,
3551 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3552 stream_putc(s, 0); // reserved
3553 stream_putw(s, 0); // flags
3554 stream_putl(s, label_index);
3555 }
3556 }
3557 }
3558
3559 if (send_as4_path) {
3560 /* If the peer is NOT As4 capable, AND */
3561 /* there are ASnums > 65535 in path THEN
3562 * give out AS4_PATH */
3563
3564 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3565 * path segments!
3566 * Hm, I wonder... confederation things *should* only be at
3567 * the beginning of an aspath, right? Then we should use
3568 * aspath_delete_confed_seq for this, because it is already
3569 * there! (JK)
3570 * Folks, talk to me: what is reasonable here!?
3571 */
3572 aspath = aspath_delete_confed_seq(aspath);
3573
3574 stream_putc(s,
3575 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3576 | BGP_ATTR_FLAG_EXTLEN);
3577 stream_putc(s, BGP_ATTR_AS4_PATH);
3578 aspath_sizep = stream_get_endp(s);
3579 stream_putw(s, 0);
3580 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3581 }
3582
3583 if (aspath != attr->aspath)
3584 aspath_free(aspath);
3585
3586 if (send_as4_aggregator) {
3587 /* send AS4_AGGREGATOR, at this place */
3588 /* this section of code moved here in order to ensure the
3589 * correct
3590 * *ascending* order of attributes
3591 */
3592 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3593 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3594 stream_putc(s, 8);
3595 stream_putl(s, attr->aggregator_as);
3596 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3597 }
3598
3599 if (((afi == AFI_IP || afi == AFI_IP6)
3600 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3601 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3602 /* Tunnel Encap attribute */
3603 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
3604
3605 #if ENABLE_BGP_VNC_ATTR
3606 /* VNC attribute */
3607 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
3608 #endif
3609 }
3610
3611 /* PMSI Tunnel */
3612 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3613 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3614 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3615 stream_putc(s, 9); // Length
3616 stream_putc(s, 0); // Flags
3617 stream_putc(s, attr->pmsi_tnl_type);
3618 stream_put(s, &(attr->label),
3619 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
3620 stream_put_ipv4(s, attr->nexthop.s_addr);
3621 // Unicast tunnel endpoint IP address
3622 }
3623
3624 /* Unknown transit attribute. */
3625 if (attr->transit)
3626 stream_put(s, attr->transit->val, attr->transit->length);
3627
3628 /* Return total size of attribute. */
3629 return stream_get_endp(s) - cp;
3630 }
3631
3632 size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
3633 {
3634 unsigned long attrlen_pnt;
3635 iana_afi_t pkt_afi;
3636 iana_safi_t pkt_safi;
3637
3638 /* Set extended bit always to encode the attribute length as 2 bytes */
3639 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3640 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
3641
3642 attrlen_pnt = stream_get_endp(s);
3643 stream_putw(s, 0); /* Length of this attribute. */
3644
3645 /* Convert AFI, SAFI to values for packet. */
3646 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
3647
3648 stream_putw(s, pkt_afi);
3649 stream_putc(s, pkt_safi);
3650
3651 return attrlen_pnt;
3652 }
3653
3654 void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3655 safi_t safi, struct prefix_rd *prd,
3656 mpls_label_t *label, uint32_t num_labels,
3657 int addpath_encode, uint32_t addpath_tx_id,
3658 struct attr *attr)
3659 {
3660 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
3661
3662 if (safi == SAFI_LABELED_UNICAST) {
3663 label = (mpls_label_t *)wlabel;
3664 num_labels = 1;
3665 }
3666
3667 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
3668 addpath_encode, addpath_tx_id, attr);
3669 }
3670
3671 void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
3672 {
3673 bgp_packet_mpattr_end(s, attrlen_pnt);
3674 }
3675
3676 /* Initialization of attribute. */
3677 void bgp_attr_init(void)
3678 {
3679 aspath_init();
3680 attrhash_init();
3681 community_init();
3682 ecommunity_init();
3683 lcommunity_init();
3684 cluster_init();
3685 transit_init();
3686 encap_init();
3687 }
3688
3689 void bgp_attr_finish(void)
3690 {
3691 aspath_finish();
3692 attrhash_finish();
3693 community_finish();
3694 ecommunity_finish();
3695 lcommunity_finish();
3696 cluster_finish();
3697 transit_finish();
3698 encap_finish();
3699 }
3700
3701 /* Make attribute packet. */
3702 void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3703 struct prefix *prefix)
3704 {
3705 unsigned long cp;
3706 unsigned long len;
3707 size_t aspath_lenp;
3708 struct aspath *aspath;
3709 int addpath_encode = 0;
3710 uint32_t addpath_tx_id = 0;
3711
3712 /* Remember current pointer. */
3713 cp = stream_get_endp(s);
3714
3715 /* Place holder of length. */
3716 stream_putw(s, 0);
3717
3718 /* Origin attribute. */
3719 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3720 stream_putc(s, BGP_ATTR_ORIGIN);
3721 stream_putc(s, 1);
3722 stream_putc(s, attr->origin);
3723
3724 aspath = attr->aspath;
3725
3726 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3727 stream_putc(s, BGP_ATTR_AS_PATH);
3728 aspath_lenp = stream_get_endp(s);
3729 stream_putw(s, 0);
3730
3731 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3732
3733 /* Nexthop attribute. */
3734 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3735 if (prefix != NULL && prefix->family != AF_INET6) {
3736 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3737 stream_putc(s, BGP_ATTR_NEXT_HOP);
3738 stream_putc(s, 4);
3739 stream_put_ipv4(s, attr->nexthop.s_addr);
3740 }
3741
3742 /* MED attribute. */
3743 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3744 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3745 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3746 stream_putc(s, 4);
3747 stream_putl(s, attr->med);
3748 }
3749
3750 /* Local preference. */
3751 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3752 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3753 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3754 stream_putc(s, 4);
3755 stream_putl(s, attr->local_pref);
3756 }
3757
3758 /* Atomic aggregate. */
3759 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3760 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3761 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3762 stream_putc(s, 0);
3763 }
3764
3765 /* Aggregator. */
3766 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3767 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3768 stream_putc(s, BGP_ATTR_AGGREGATOR);
3769 stream_putc(s, 8);
3770 stream_putl(s, attr->aggregator_as);
3771 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3772 }
3773
3774 /* Community attribute. */
3775 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3776 if (attr->community->size * 4 > 255) {
3777 stream_putc(s,
3778 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3779 | BGP_ATTR_FLAG_EXTLEN);
3780 stream_putc(s, BGP_ATTR_COMMUNITIES);
3781 stream_putw(s, attr->community->size * 4);
3782 } else {
3783 stream_putc(s,
3784 BGP_ATTR_FLAG_OPTIONAL
3785 | BGP_ATTR_FLAG_TRANS);
3786 stream_putc(s, BGP_ATTR_COMMUNITIES);
3787 stream_putc(s, attr->community->size * 4);
3788 }
3789 stream_put(s, attr->community->val, attr->community->size * 4);
3790 }
3791
3792 /* Large Community attribute. */
3793 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
3794 if (lcom_length(attr->lcommunity) > 255) {
3795 stream_putc(s,
3796 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3797 | BGP_ATTR_FLAG_EXTLEN);
3798 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3799 stream_putw(s, lcom_length(attr->lcommunity));
3800 } else {
3801 stream_putc(s,
3802 BGP_ATTR_FLAG_OPTIONAL
3803 | BGP_ATTR_FLAG_TRANS);
3804 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3805 stream_putc(s, lcom_length(attr->lcommunity));
3806 }
3807
3808 stream_put(s, attr->lcommunity->val,
3809 lcom_length(attr->lcommunity));
3810 }
3811
3812 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3813 if (prefix != NULL && prefix->family == AF_INET6
3814 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3815 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3816 int sizep;
3817
3818 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3819 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3820 sizep = stream_get_endp(s);
3821
3822 /* MP header */
3823 stream_putc(s, 0); /* Marker: Attribute length. */
3824 stream_putw(s, AFI_IP6); /* AFI */
3825 stream_putc(s, SAFI_UNICAST); /* SAFI */
3826
3827 /* Next hop */
3828 stream_putc(s, attr->mp_nexthop_len);
3829 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3830 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3831 stream_put(s, &attr->mp_nexthop_local,
3832 IPV6_MAX_BYTELEN);
3833
3834 /* SNPA */
3835 stream_putc(s, 0);
3836
3837 /* Prefix */
3838 stream_put_prefix_addpath(s, prefix, addpath_encode,
3839 addpath_tx_id);
3840
3841 /* Set MP attribute length. */
3842 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3843 }
3844
3845 /* Prefix SID */
3846 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3847 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
3848 stream_putc(s,
3849 BGP_ATTR_FLAG_OPTIONAL
3850 | BGP_ATTR_FLAG_TRANS);
3851 stream_putc(s, BGP_ATTR_PREFIX_SID);
3852 stream_putc(s, 10);
3853 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3854 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3855 stream_putc(s, 0); // reserved
3856 stream_putw(s, 0); // flags
3857 stream_putl(s, attr->label_index);
3858 }
3859 }
3860
3861 /* Return total size of attribute. */
3862 len = stream_get_endp(s) - cp - 2;
3863 stream_putw_at(s, cp, len);
3864 }
FRRouting mirror