]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_attr.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1417 from qlyoung/mfa-fix
[mirror_frr.git] / bgpd / bgp_attr.c
1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "memory.h"
26 #include "vector.h"
27 #include "stream.h"
28 #include "log.h"
29 #include "hash.h"
30 #include "jhash.h"
31 #include "queue.h"
32 #include "table.h"
33 #include "filter.h"
34 #include "command.h"
35
36 #include "bgpd/bgpd.h"
37 #include "bgpd/bgp_attr.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_community.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_label.h"
43 #include "bgpd/bgp_packet.h"
44 #include "bgpd/bgp_ecommunity.h"
45 #include "bgpd/bgp_lcommunity.h"
46 #include "bgpd/bgp_updgrp.h"
47 #include "bgpd/bgp_encap_types.h"
48 #if ENABLE_BGP_VNC
49 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
50 #include "bgp_encap_types.h"
51 #include "bgp_vnc_types.h"
52 #endif
53 #include "bgp_encap_types.h"
54 #include "bgp_evpn.h"
55
56 /* Attribute strings for logging. */
57 static const struct message attr_str[] = {
58 {BGP_ATTR_ORIGIN, "ORIGIN"},
59 {BGP_ATTR_AS_PATH, "AS_PATH"},
60 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
61 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
62 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
63 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
64 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
65 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
66 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
67 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
68 {BGP_ATTR_DPA, "DPA"},
69 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
70 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
71 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
72 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
73 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
74 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
75 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
76 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
77 {BGP_ATTR_ENCAP, "ENCAP"},
78 #if ENABLE_BGP_VNC
79 {BGP_ATTR_VNC, "VNC"},
80 #endif
81 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
82 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
83 {0}};
84
85 static const struct message attr_flag_str[] =
86 {
87 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
88 {BGP_ATTR_FLAG_TRANS, "Transitive"},
89 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
90 /* bgp_attr_flags_diagnose() relies on this bit being last in
91 this list */
92 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
93 {0}};
94
95 static struct hash *cluster_hash;
96
97 static void *cluster_hash_alloc(void *p)
98 {
99 const struct cluster_list *val = (const struct cluster_list *)p;
100 struct cluster_list *cluster;
101
102 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
103 cluster->length = val->length;
104
105 if (cluster->length) {
106 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
107 memcpy(cluster->list, val->list, val->length);
108 } else
109 cluster->list = NULL;
110
111 cluster->refcnt = 0;
112
113 return cluster;
114 }
115
116 /* Cluster list related functions. */
117 static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
118 {
119 struct cluster_list tmp;
120 struct cluster_list *cluster;
121
122 tmp.length = length;
123 tmp.list = pnt;
124
125 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
126 cluster->refcnt++;
127 return cluster;
128 }
129
130 int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
131 {
132 int i;
133
134 for (i = 0; i < cluster->length / 4; i++)
135 if (cluster->list[i].s_addr == originator.s_addr)
136 return 1;
137 return 0;
138 }
139
140 static unsigned int cluster_hash_key_make(void *p)
141 {
142 const struct cluster_list *cluster = p;
143
144 return jhash(cluster->list, cluster->length, 0);
145 }
146
147 static int cluster_hash_cmp(const void *p1, const void *p2)
148 {
149 const struct cluster_list *cluster1 = p1;
150 const struct cluster_list *cluster2 = p2;
151
152 return (cluster1->length == cluster2->length
153 && memcmp(cluster1->list, cluster2->list, cluster1->length)
154 == 0);
155 }
156
157 static void cluster_free(struct cluster_list *cluster)
158 {
159 if (cluster->list)
160 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
161 XFREE(MTYPE_CLUSTER, cluster);
162 }
163
164 static struct cluster_list *cluster_intern(struct cluster_list *cluster)
165 {
166 struct cluster_list *find;
167
168 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
169 find->refcnt++;
170
171 return find;
172 }
173
174 void cluster_unintern(struct cluster_list *cluster)
175 {
176 if (cluster->refcnt)
177 cluster->refcnt--;
178
179 if (cluster->refcnt == 0) {
180 hash_release(cluster_hash, cluster);
181 cluster_free(cluster);
182 }
183 }
184
185 static void cluster_init(void)
186 {
187 cluster_hash = hash_create(cluster_hash_key_make,
188 cluster_hash_cmp,
189 "BGP Cluster");
190 }
191
192 static void cluster_finish(void)
193 {
194 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
195 hash_free(cluster_hash);
196 cluster_hash = NULL;
197 }
198
199 static struct hash *encap_hash = NULL;
200 #if ENABLE_BGP_VNC
201 static struct hash *vnc_hash = NULL;
202 #endif
203
204 struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
205 {
206 struct bgp_attr_encap_subtlv *new;
207 struct bgp_attr_encap_subtlv *tail;
208 struct bgp_attr_encap_subtlv *p;
209
210 for (p = orig, tail = new = NULL; p; p = p->next) {
211 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
212 if (tail) {
213 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
214 tail = tail->next;
215 } else {
216 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
217 }
218 assert(tail);
219 memcpy(tail, p, size);
220 tail->next = NULL;
221 }
222
223 return new;
224 }
225
226 static void encap_free(struct bgp_attr_encap_subtlv *p)
227 {
228 struct bgp_attr_encap_subtlv *next;
229 while (p) {
230 next = p->next;
231 p->next = NULL;
232 XFREE(MTYPE_ENCAP_TLV, p);
233 p = next;
234 }
235 }
236
237 void bgp_attr_flush_encap(struct attr *attr)
238 {
239 if (!attr)
240 return;
241
242 if (attr->encap_subtlvs) {
243 encap_free(attr->encap_subtlvs);
244 attr->encap_subtlvs = NULL;
245 }
246 #if ENABLE_BGP_VNC
247 if (attr->vnc_subtlvs) {
248 encap_free(attr->vnc_subtlvs);
249 attr->vnc_subtlvs = NULL;
250 }
251 #endif
252 }
253
254 /*
255 * Compare encap sub-tlv chains
256 *
257 * 1 = equivalent
258 * 0 = not equivalent
259 *
260 * This algorithm could be made faster if needed
261 */
262 static int encap_same(struct bgp_attr_encap_subtlv *h1,
263 struct bgp_attr_encap_subtlv *h2)
264 {
265 struct bgp_attr_encap_subtlv *p;
266 struct bgp_attr_encap_subtlv *q;
267
268 if (h1 == h2)
269 return 1;
270 if (h1 == NULL || h2 == NULL)
271 return 0;
272
273 for (p = h1; p; p = p->next) {
274 for (q = h2; q; q = q->next) {
275 if ((p->type == q->type) && (p->length == q->length)
276 && !memcmp(p->value, q->value, p->length)) {
277
278 break;
279 }
280 }
281 if (!q)
282 return 0;
283 }
284
285 for (p = h2; p; p = p->next) {
286 for (q = h1; q; q = q->next) {
287 if ((p->type == q->type) && (p->length == q->length)
288 && !memcmp(p->value, q->value, p->length)) {
289
290 break;
291 }
292 }
293 if (!q)
294 return 0;
295 }
296
297 return 1;
298 }
299
300 static void *encap_hash_alloc(void *p)
301 {
302 /* Encap structure is already allocated. */
303 return p;
304 }
305
306 typedef enum {
307 ENCAP_SUBTLV_TYPE,
308 #if ENABLE_BGP_VNC
309 VNC_SUBTLV_TYPE
310 #endif
311 } encap_subtlv_type;
312
313 static struct bgp_attr_encap_subtlv *
314 encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
315 {
316 struct bgp_attr_encap_subtlv *find;
317 struct hash *hash = encap_hash;
318 #if ENABLE_BGP_VNC
319 if (type == VNC_SUBTLV_TYPE)
320 hash = vnc_hash;
321 #endif
322
323 find = hash_get(hash, encap, encap_hash_alloc);
324 if (find != encap)
325 encap_free(encap);
326 find->refcnt++;
327
328 return find;
329 }
330
331 static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
332 encap_subtlv_type type)
333 {
334 struct bgp_attr_encap_subtlv *encap = *encapp;
335 if (encap->refcnt)
336 encap->refcnt--;
337
338 if (encap->refcnt == 0) {
339 struct hash *hash = encap_hash;
340 #if ENABLE_BGP_VNC
341 if (type == VNC_SUBTLV_TYPE)
342 hash = vnc_hash;
343 #endif
344 hash_release(hash, encap);
345 encap_free(encap);
346 *encapp = NULL;
347 }
348 }
349
350 static unsigned int encap_hash_key_make(void *p)
351 {
352 const struct bgp_attr_encap_subtlv *encap = p;
353
354 return jhash(encap->value, encap->length, 0);
355 }
356
357 static int encap_hash_cmp(const void *p1, const void *p2)
358 {
359 return encap_same((struct bgp_attr_encap_subtlv *)p1,
360 (struct bgp_attr_encap_subtlv *)p2);
361 }
362
363 static void encap_init(void)
364 {
365 encap_hash = hash_create(encap_hash_key_make,
366 encap_hash_cmp,
367 "BGP Encap Hash");
368 #if ENABLE_BGP_VNC
369 vnc_hash = hash_create(encap_hash_key_make,
370 encap_hash_cmp,
371 "BGP VNC Hash");
372 #endif
373 }
374
375 static void encap_finish(void)
376 {
377 hash_clean(encap_hash, (void (*)(void *))encap_free);
378 hash_free(encap_hash);
379 encap_hash = NULL;
380 #if ENABLE_BGP_VNC
381 hash_clean(vnc_hash, (void (*)(void *))encap_free);
382 hash_free(vnc_hash);
383 vnc_hash = NULL;
384 #endif
385 }
386
387 static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
388 {
389 if (!a1 && a2)
390 return false;
391 if (!a2 && a1)
392 return false;
393 if (!a1 && !a2)
394 return true;
395 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
396 sizeof(struct overlay_index));
397 }
398
399 /* Unknown transit attribute. */
400 static struct hash *transit_hash;
401
402 static void transit_free(struct transit *transit)
403 {
404 if (transit->val)
405 XFREE(MTYPE_TRANSIT_VAL, transit->val);
406 XFREE(MTYPE_TRANSIT, transit);
407 }
408
409 static void *transit_hash_alloc(void *p)
410 {
411 /* Transit structure is already allocated. */
412 return p;
413 }
414
415 static struct transit *transit_intern(struct transit *transit)
416 {
417 struct transit *find;
418
419 find = hash_get(transit_hash, transit, transit_hash_alloc);
420 if (find != transit)
421 transit_free(transit);
422 find->refcnt++;
423
424 return find;
425 }
426
427 void transit_unintern(struct transit *transit)
428 {
429 if (transit->refcnt)
430 transit->refcnt--;
431
432 if (transit->refcnt == 0) {
433 hash_release(transit_hash, transit);
434 transit_free(transit);
435 }
436 }
437
438 static unsigned int transit_hash_key_make(void *p)
439 {
440 const struct transit *transit = p;
441
442 return jhash(transit->val, transit->length, 0);
443 }
444
445 static int transit_hash_cmp(const void *p1, const void *p2)
446 {
447 const struct transit *transit1 = p1;
448 const struct transit *transit2 = p2;
449
450 return (transit1->length == transit2->length
451 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
452 }
453
454 static void transit_init(void)
455 {
456 transit_hash = hash_create(transit_hash_key_make,
457 transit_hash_cmp,
458 "BGP Transit Hash");
459 }
460
461 static void transit_finish(void)
462 {
463 hash_clean(transit_hash, (void (*)(void *))transit_free);
464 hash_free(transit_hash);
465 transit_hash = NULL;
466 }
467
468 /* Attribute hash routines. */
469 static struct hash *attrhash;
470
471 /* Shallow copy of an attribute
472 * Though, not so shallow that it doesn't copy the contents
473 * of the attr_extra pointed to by 'extra'
474 */
475 void bgp_attr_dup(struct attr *new, struct attr *orig)
476 {
477 *new = *orig;
478 }
479
480 unsigned long int attr_count(void)
481 {
482 return attrhash->count;
483 }
484
485 unsigned long int attr_unknown_count(void)
486 {
487 return transit_hash->count;
488 }
489
490 unsigned int attrhash_key_make(void *p)
491 {
492 const struct attr *attr = (struct attr *)p;
493 uint32_t key = 0;
494 #define MIX(val) key = jhash_1word(val, key)
495
496 MIX(attr->origin);
497 MIX(attr->nexthop.s_addr);
498 MIX(attr->med);
499 MIX(attr->local_pref);
500 MIX(attr->aggregator_as);
501 MIX(attr->aggregator_addr.s_addr);
502 MIX(attr->weight);
503 MIX(attr->mp_nexthop_global_in.s_addr);
504 MIX(attr->originator_id.s_addr);
505 MIX(attr->tag);
506 MIX(attr->label);
507 MIX(attr->label_index);
508
509 if (attr->aspath)
510 MIX(aspath_key_make(attr->aspath));
511 if (attr->community)
512 MIX(community_hash_make(attr->community));
513
514 if (attr->lcommunity)
515 MIX(lcommunity_hash_make(attr->lcommunity));
516 if (attr->ecommunity)
517 MIX(ecommunity_hash_make(attr->ecommunity));
518 if (attr->cluster)
519 MIX(cluster_hash_key_make(attr->cluster));
520 if (attr->transit)
521 MIX(transit_hash_key_make(attr->transit));
522 if (attr->encap_subtlvs)
523 MIX(encap_hash_key_make(attr->encap_subtlvs));
524 #if ENABLE_BGP_VNC
525 if (attr->vnc_subtlvs)
526 MIX(encap_hash_key_make(attr->vnc_subtlvs));
527 #endif
528 MIX(attr->mp_nexthop_len);
529 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
530 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
531
532 return key;
533 }
534
535 int attrhash_cmp(const void *p1, const void *p2)
536 {
537 const struct attr *attr1 = p1;
538 const struct attr *attr2 = p2;
539
540 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
541 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
542 && attr1->aspath == attr2->aspath
543 && attr1->community == attr2->community && attr1->med == attr2->med
544 && attr1->local_pref == attr2->local_pref
545 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
546 if (attr1->aggregator_as == attr2->aggregator_as
547 && attr1->aggregator_addr.s_addr
548 == attr2->aggregator_addr.s_addr
549 && attr1->weight == attr2->weight
550 && attr1->tag == attr2->tag
551 && attr1->label_index == attr2->label_index
552 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
553 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
554 &attr2->mp_nexthop_global)
555 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
556 &attr2->mp_nexthop_local)
557 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
558 &attr2->mp_nexthop_global_in)
559 && attr1->ecommunity == attr2->ecommunity
560 && attr1->lcommunity == attr2->lcommunity
561 && attr1->cluster == attr2->cluster
562 && attr1->transit == attr2->transit
563 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
564 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
565 #if ENABLE_BGP_VNC
566 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
567 #endif
568 && IPV4_ADDR_SAME(&attr1->originator_id,
569 &attr2->originator_id)
570 && overlay_index_same(attr1, attr2))
571 return 1;
572 }
573
574 return 0;
575 }
576
577 static void attrhash_init(void)
578 {
579 attrhash = hash_create(attrhash_key_make,
580 attrhash_cmp,
581 "BGP Attributes");
582 }
583
584 /*
585 * special for hash_clean below
586 */
587 static void attr_vfree(void *attr)
588 {
589 XFREE(MTYPE_ATTR, attr);
590 }
591
592 static void attrhash_finish(void)
593 {
594 hash_clean(attrhash, attr_vfree);
595 hash_free(attrhash);
596 attrhash = NULL;
597 }
598
599 static void attr_show_all_iterator(struct hash_backet *backet, struct vty *vty)
600 {
601 struct attr *attr = backet->data;
602
603 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
604 inet_ntoa(attr->nexthop));
605 }
606
607 void attr_show_all(struct vty *vty)
608 {
609 hash_iterate(attrhash, (void (*)(struct hash_backet *,
610 void *))attr_show_all_iterator,
611 vty);
612 }
613
614 static void *bgp_attr_hash_alloc(void *p)
615 {
616 struct attr *val = (struct attr *)p;
617 struct attr *attr;
618
619 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
620 *attr = *val;
621 if (val->encap_subtlvs) {
622 val->encap_subtlvs = NULL;
623 }
624 #if ENABLE_BGP_VNC
625 if (val->vnc_subtlvs) {
626 val->vnc_subtlvs = NULL;
627 }
628 #endif
629 attr->refcnt = 0;
630 return attr;
631 }
632
633 /* Internet argument attribute. */
634 struct attr *bgp_attr_intern(struct attr *attr)
635 {
636 struct attr *find;
637
638 /* Intern referenced strucutre. */
639 if (attr->aspath) {
640 if (!attr->aspath->refcnt)
641 attr->aspath = aspath_intern(attr->aspath);
642 else
643 attr->aspath->refcnt++;
644 }
645 if (attr->community) {
646 if (!attr->community->refcnt)
647 attr->community = community_intern(attr->community);
648 else
649 attr->community->refcnt++;
650 }
651
652 if (attr->ecommunity) {
653 if (!attr->ecommunity->refcnt)
654 attr->ecommunity = ecommunity_intern(attr->ecommunity);
655 else
656 attr->ecommunity->refcnt++;
657 }
658 if (attr->lcommunity) {
659 if (!attr->lcommunity->refcnt)
660 attr->lcommunity = lcommunity_intern(attr->lcommunity);
661 else
662 attr->lcommunity->refcnt++;
663 }
664 if (attr->cluster) {
665 if (!attr->cluster->refcnt)
666 attr->cluster = cluster_intern(attr->cluster);
667 else
668 attr->cluster->refcnt++;
669 }
670 if (attr->transit) {
671 if (!attr->transit->refcnt)
672 attr->transit = transit_intern(attr->transit);
673 else
674 attr->transit->refcnt++;
675 }
676 if (attr->encap_subtlvs) {
677 if (!attr->encap_subtlvs->refcnt)
678 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
679 ENCAP_SUBTLV_TYPE);
680 else
681 attr->encap_subtlvs->refcnt++;
682 }
683 #if ENABLE_BGP_VNC
684 if (attr->vnc_subtlvs) {
685 if (!attr->vnc_subtlvs->refcnt)
686 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
687 VNC_SUBTLV_TYPE);
688 else
689 attr->vnc_subtlvs->refcnt++;
690 }
691 #endif
692
693 /* At this point, attr only contains intern'd pointers. that means
694 * if we find it in attrhash, it has all the same pointers and we
695 * correctly updated the refcounts on these.
696 * If we don't find it, we need to allocate a one because in all
697 * cases this returns a new reference to a hashed attr, but the input
698 * wasn't on hash. */
699 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
700 find->refcnt++;
701
702 return find;
703 }
704
705 /* Make network statement's attribute. */
706 struct attr *bgp_attr_default_set(struct attr *attr, u_char origin)
707 {
708 memset(attr, 0, sizeof(struct attr));
709
710 attr->origin = origin;
711 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
712 attr->aspath = aspath_empty();
713 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
714 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
715 attr->tag = 0;
716 attr->label_index = BGP_INVALID_LABEL_INDEX;
717 attr->label = MPLS_INVALID_LABEL;
718 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
719 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
720
721 return attr;
722 }
723
724 /* Create the attributes for an aggregate */
725 struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, u_char origin,
726 struct aspath *aspath,
727 struct community *community, int as_set,
728 u_char atomic_aggregate)
729 {
730 struct attr attr;
731 struct attr *new;
732
733 memset(&attr, 0, sizeof(struct attr));
734
735 /* Origin attribute. */
736 attr.origin = origin;
737 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
738
739 /* AS path attribute. */
740 if (aspath)
741 attr.aspath = aspath_intern(aspath);
742 else
743 attr.aspath = aspath_empty();
744 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
745
746 /* Next hop attribute. */
747 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
748
749 if (community) {
750 u_int32_t gshut = COMMUNITY_GSHUT;
751
752 /* If we are not shutting down ourselves and we are
753 * aggregating a route that contains the GSHUT community we
754 * need to remove that community when creating the aggregate */
755 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN) &&
756 community_include(community, gshut)) {
757 community_del_val(community, &gshut);
758 }
759
760 attr.community = community;
761 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
762 }
763
764 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
765 bgp_attr_add_gshut_community(&attr);
766 }
767
768 attr.label_index = BGP_INVALID_LABEL_INDEX;
769 attr.label = MPLS_INVALID_LABEL;
770 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
771 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
772 if (!as_set || atomic_aggregate)
773 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
774 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
775 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
776 attr.aggregator_as = bgp->confed_id;
777 else
778 attr.aggregator_as = bgp->as;
779 attr.aggregator_addr = bgp->router_id;
780 attr.label_index = BGP_INVALID_LABEL_INDEX;
781 attr.label = MPLS_INVALID_LABEL;
782
783 new = bgp_attr_intern(&attr);
784
785 aspath_unintern(&new->aspath);
786 return new;
787 }
788
789 /* Unintern just the sub-components of the attr, but not the attr */
790 void bgp_attr_unintern_sub(struct attr *attr)
791 {
792 /* aspath refcount shoud be decrement. */
793 if (attr->aspath)
794 aspath_unintern(&attr->aspath);
795 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
796
797 if (attr->community)
798 community_unintern(&attr->community);
799 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
800
801 if (attr->ecommunity)
802 ecommunity_unintern(&attr->ecommunity);
803 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
804
805 if (attr->lcommunity)
806 lcommunity_unintern(&attr->lcommunity);
807 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
808
809 if (attr->cluster)
810 cluster_unintern(attr->cluster);
811 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
812
813 if (attr->transit)
814 transit_unintern(attr->transit);
815
816 if (attr->encap_subtlvs)
817 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
818
819 #if ENABLE_BGP_VNC
820 if (attr->vnc_subtlvs)
821 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
822 #endif
823 }
824
825 /* Free bgp attribute and aspath. */
826 void bgp_attr_unintern(struct attr **pattr)
827 {
828 struct attr *attr = *pattr;
829 struct attr *ret;
830 struct attr tmp;
831
832 /* Decrement attribute reference. */
833 attr->refcnt--;
834
835 tmp = *attr;
836
837 /* If reference becomes zero then free attribute object. */
838 if (attr->refcnt == 0) {
839 ret = hash_release(attrhash, attr);
840 assert(ret != NULL);
841 XFREE(MTYPE_ATTR, attr);
842 *pattr = NULL;
843 }
844
845 bgp_attr_unintern_sub(&tmp);
846 }
847
848 void bgp_attr_flush(struct attr *attr)
849 {
850 if (attr->aspath && !attr->aspath->refcnt) {
851 aspath_free(attr->aspath);
852 attr->aspath = NULL;
853 }
854 if (attr->community && !attr->community->refcnt) {
855 community_free(attr->community);
856 attr->community = NULL;
857 }
858
859 if (attr->ecommunity && !attr->ecommunity->refcnt)
860 ecommunity_free(&attr->ecommunity);
861 if (attr->lcommunity && !attr->lcommunity->refcnt)
862 lcommunity_free(&attr->lcommunity);
863 if (attr->cluster && !attr->cluster->refcnt) {
864 cluster_free(attr->cluster);
865 attr->cluster = NULL;
866 }
867 if (attr->transit && !attr->transit->refcnt) {
868 transit_free(attr->transit);
869 attr->transit = NULL;
870 }
871 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
872 encap_free(attr->encap_subtlvs);
873 attr->encap_subtlvs = NULL;
874 }
875 #if ENABLE_BGP_VNC
876 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
877 encap_free(attr->vnc_subtlvs);
878 attr->vnc_subtlvs = NULL;
879 }
880 #endif
881 }
882
883 /* Implement draft-scudder-idr-optional-transitive behaviour and
884 * avoid resetting sessions for malformed attributes which are
885 * are partial/optional and hence where the error likely was not
886 * introduced by the sending neighbour.
887 */
888 static bgp_attr_parse_ret_t
889 bgp_attr_malformed(struct bgp_attr_parser_args *args, u_char subcode,
890 bgp_size_t length)
891 {
892 struct peer *const peer = args->peer;
893 const u_int8_t flags = args->flags;
894 /* startp and length must be special-cased, as whether or not to
895 * send the attribute data with the NOTIFY depends on the error,
896 * the caller therefore signals this with the seperate length argument
897 */
898 u_char *notify_datap = (length > 0 ? args->startp : NULL);
899
900 /* Only relax error handling for eBGP peers */
901 if (peer->sort != BGP_PEER_EBGP) {
902 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
903 notify_datap, length);
904 return BGP_ATTR_PARSE_ERROR;
905 }
906
907 /* Adjust the stream getp to the end of the attribute, in case we can
908 * still proceed but the caller hasn't read all the attribute.
909 */
910 stream_set_getp(BGP_INPUT(peer),
911 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
912 + args->total);
913
914 switch (args->type) {
915 /* where an attribute is relatively inconsequential, e.g. it does not
916 * affect route selection, and can be safely ignored, then any such
917 * attributes which are malformed should just be ignored and the route
918 * processed as normal.
919 */
920 case BGP_ATTR_AS4_AGGREGATOR:
921 case BGP_ATTR_AGGREGATOR:
922 case BGP_ATTR_ATOMIC_AGGREGATE:
923 return BGP_ATTR_PARSE_PROCEED;
924
925 /* Core attributes, particularly ones which may influence route
926 * selection, should always cause session resets
927 */
928 case BGP_ATTR_ORIGIN:
929 case BGP_ATTR_AS_PATH:
930 case BGP_ATTR_NEXT_HOP:
931 case BGP_ATTR_MULTI_EXIT_DISC:
932 case BGP_ATTR_LOCAL_PREF:
933 case BGP_ATTR_COMMUNITIES:
934 case BGP_ATTR_ORIGINATOR_ID:
935 case BGP_ATTR_CLUSTER_LIST:
936 case BGP_ATTR_MP_REACH_NLRI:
937 case BGP_ATTR_MP_UNREACH_NLRI:
938 case BGP_ATTR_EXT_COMMUNITIES:
939 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
940 notify_datap, length);
941 return BGP_ATTR_PARSE_ERROR;
942 }
943
944 /* Partial optional attributes that are malformed should not cause
945 * the whole session to be reset. Instead treat it as a withdrawal
946 * of the routes, if possible.
947 */
948 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
949 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
950 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
951 return BGP_ATTR_PARSE_WITHDRAW;
952
953 /* default to reset */
954 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
955 }
956
957 /* Find out what is wrong with the path attribute flag bits and log the error.
958 "Flag bits" here stand for Optional, Transitive and Partial, but not for
959 Extended Length. Checking O/T/P bits at once implies, that the attribute
960 being diagnosed is defined by RFC as either a "well-known" or an "optional,
961 non-transitive" attribute. */
962 static void
963 bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
964 u_int8_t desired_flags /* how RFC says it must be */
965 )
966 {
967 u_char seen = 0, i;
968 u_char real_flags = args->flags;
969 const u_int8_t attr_code = args->type;
970
971 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
972 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
973 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
974 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
975 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
976 zlog_err("%s attribute must%s be flagged as \"%s\"",
977 lookup_msg(attr_str, attr_code, NULL),
978 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
979 ? ""
980 : " not",
981 attr_flag_str[i].str);
982 seen = 1;
983 }
984 if (!seen) {
985 zlog_debug(
986 "Strange, %s called for attr %s, but no problem found with flags"
987 " (real flags 0x%x, desired 0x%x)",
988 __func__, lookup_msg(attr_str, attr_code, NULL),
989 real_flags, desired_flags);
990 }
991 }
992
993 /* Required flags for attributes. EXTLEN will be masked off when testing,
994 * as will PARTIAL for optional+transitive attributes.
995 */
996 const u_int8_t attr_flags_values[] = {
997 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
998 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
999 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1000 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1001 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1002 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1003 [BGP_ATTR_AGGREGATOR] =
1004 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1005 [BGP_ATTR_COMMUNITIES] =
1006 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1007 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1008 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1009 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1010 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1011 [BGP_ATTR_EXT_COMMUNITIES] =
1012 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1013 [BGP_ATTR_AS4_PATH] =
1014 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1015 [BGP_ATTR_AS4_AGGREGATOR] =
1016 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1017 [BGP_ATTR_LARGE_COMMUNITIES] =
1018 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1019 [BGP_ATTR_PREFIX_SID] =
1020 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1021 };
1022 static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
1023
1024 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1025 {
1026 u_int8_t mask = BGP_ATTR_FLAG_EXTLEN;
1027 const u_int8_t flags = args->flags;
1028 const u_int8_t attr_code = args->type;
1029
1030 /* there may be attributes we don't know about */
1031 if (attr_code > attr_flags_values_max)
1032 return 0;
1033 if (attr_flags_values[attr_code] == 0)
1034 return 0;
1035
1036 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1037 * to
1038 * 1."
1039 */
1040 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1041 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
1042 zlog_err(
1043 "%s well-known attributes must have transitive flag set (%x)",
1044 lookup_msg(attr_str, attr_code, NULL), flags);
1045 return 1;
1046 }
1047
1048 /* "For well-known attributes and for optional non-transitive
1049 * attributes,
1050 * the Partial bit MUST be set to 0."
1051 */
1052 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1053 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
1054 zlog_err(
1055 "%s well-known attribute "
1056 "must NOT have the partial flag set (%x)",
1057 lookup_msg(attr_str, attr_code, NULL), flags);
1058 return 1;
1059 }
1060 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1061 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
1062 zlog_err(
1063 "%s optional + transitive attribute "
1064 "must NOT have the partial flag set (%x)",
1065 lookup_msg(attr_str, attr_code, NULL), flags);
1066 return 1;
1067 }
1068 }
1069
1070 /* Optional transitive attributes may go through speakers that don't
1071 * reocgnise them and set the Partial bit.
1072 */
1073 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1074 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1075 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1076
1077 if ((flags & ~mask) == attr_flags_values[attr_code])
1078 return 0;
1079
1080 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1081 return 1;
1082 }
1083
1084 /* Get origin attribute of the update message. */
1085 static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1086 {
1087 struct peer *const peer = args->peer;
1088 struct attr *const attr = args->attr;
1089 const bgp_size_t length = args->length;
1090
1091 /* If any recognized attribute has Attribute Length that conflicts
1092 with the expected length (based on the attribute type code), then
1093 the Error Subcode is set to Attribute Length Error. The Data
1094 field contains the erroneous attribute (type, length and
1095 value). */
1096 if (length != 1) {
1097 zlog_err("Origin attribute length is not one %d", length);
1098 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1099 args->total);
1100 }
1101
1102 /* Fetch origin attribute. */
1103 attr->origin = stream_getc(BGP_INPUT(peer));
1104
1105 /* If the ORIGIN attribute has an undefined value, then the Error
1106 Subcode is set to Invalid Origin Attribute. The Data field
1107 contains the unrecognized attribute (type, length and value). */
1108 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1109 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
1110 zlog_err("Origin attribute value is invalid %d", attr->origin);
1111 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1112 args->total);
1113 }
1114
1115 /* Set oring attribute flag. */
1116 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1117
1118 return 0;
1119 }
1120
1121 /* Parse AS path information. This function is wrapper of
1122 aspath_parse. */
1123 static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1124 {
1125 struct attr *const attr = args->attr;
1126 struct peer *const peer = args->peer;
1127 const bgp_size_t length = args->length;
1128
1129 /*
1130 * peer with AS4 => will get 4Byte ASnums
1131 * otherwise, will get 16 Bit
1132 */
1133 attr->aspath = aspath_parse(peer->ibuf, length,
1134 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1135
1136 /* In case of IBGP, length will be zero. */
1137 if (!attr->aspath) {
1138 zlog_err("Malformed AS path from %s, length is %d", peer->host,
1139 length);
1140 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1141 0);
1142 }
1143
1144 /* Set aspath attribute flag. */
1145 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1146
1147 return BGP_ATTR_PARSE_PROCEED;
1148 }
1149
1150 static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1151 struct attr *const attr)
1152 {
1153 /* These checks were part of bgp_attr_aspath, but with
1154 * as4 we should to check aspath things when
1155 * aspath synthesizing with as4_path has already taken place.
1156 * Otherwise we check ASPATH and use the synthesized thing, and that is
1157 * not right.
1158 * So do the checks later, i.e. here
1159 */
1160 struct bgp *bgp = peer->bgp;
1161 struct aspath *aspath;
1162
1163 /* Confederation sanity check. */
1164 if ((peer->sort == BGP_PEER_CONFED
1165 && !aspath_left_confed_check(attr->aspath))
1166 || (peer->sort == BGP_PEER_EBGP
1167 && aspath_confed_check(attr->aspath))) {
1168 zlog_err("Malformed AS path from %s", peer->host);
1169 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1170 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1171 return BGP_ATTR_PARSE_ERROR;
1172 }
1173
1174 /* First AS check for EBGP. */
1175 if (bgp != NULL && bgp_flag_check(bgp, BGP_FLAG_ENFORCE_FIRST_AS)) {
1176 if (peer->sort == BGP_PEER_EBGP
1177 && !aspath_firstas_check(attr->aspath, peer->as)) {
1178 zlog_err("%s incorrect first AS (must be %u)",
1179 peer->host, peer->as);
1180 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1181 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1182 return BGP_ATTR_PARSE_ERROR;
1183 }
1184 }
1185
1186 /* local-as prepend */
1187 if (peer->change_local_as
1188 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1189 aspath = aspath_dup(attr->aspath);
1190 aspath = aspath_add_seq(aspath, peer->change_local_as);
1191 aspath_unintern(&attr->aspath);
1192 attr->aspath = aspath_intern(aspath);
1193 }
1194
1195 return BGP_ATTR_PARSE_PROCEED;
1196 }
1197
1198 /* Parse AS4 path information. This function is another wrapper of
1199 aspath_parse. */
1200 static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1201 struct aspath **as4_path)
1202 {
1203 struct peer *const peer = args->peer;
1204 struct attr *const attr = args->attr;
1205 const bgp_size_t length = args->length;
1206
1207 *as4_path = aspath_parse(peer->ibuf, length, 1);
1208
1209 /* In case of IBGP, length will be zero. */
1210 if (!*as4_path) {
1211 zlog_err("Malformed AS4 path from %s, length is %d", peer->host,
1212 length);
1213 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1214 0);
1215 }
1216
1217 /* Set aspath attribute flag. */
1218 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1219
1220 return BGP_ATTR_PARSE_PROCEED;
1221 }
1222
1223 /* Nexthop attribute. */
1224 static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1225 {
1226 struct peer *const peer = args->peer;
1227 struct attr *const attr = args->attr;
1228 const bgp_size_t length = args->length;
1229
1230 in_addr_t nexthop_h, nexthop_n;
1231
1232 /* Check nexthop attribute length. */
1233 if (length != 4) {
1234 zlog_err("Nexthop attribute length isn't four [%d]", length);
1235
1236 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1237 args->total);
1238 }
1239
1240 /* According to section 6.3 of RFC4271, syntactically incorrect NEXT_HOP
1241 attribute must result in a NOTIFICATION message (this is implemented
1242 below).
1243 At the same time, semantically incorrect NEXT_HOP is more likely to
1244 be just
1245 logged locally (this is implemented somewhere else). The UPDATE
1246 message
1247 gets ignored in any of these cases. */
1248 nexthop_n = stream_get_ipv4(peer->ibuf);
1249 nexthop_h = ntohl(nexthop_n);
1250 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1251 || IPV4_CLASS_DE(nexthop_h))
1252 && !BGP_DEBUG(
1253 allow_martians,
1254 ALLOW_MARTIANS)) /* loopbacks may be used in testing */
1255 {
1256 char buf[INET_ADDRSTRLEN];
1257 inet_ntop(AF_INET, &nexthop_n, buf, INET_ADDRSTRLEN);
1258 zlog_err("Martian nexthop %s", buf);
1259 return bgp_attr_malformed(
1260 args, BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP, args->total);
1261 }
1262
1263 attr->nexthop.s_addr = nexthop_n;
1264 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1265
1266 return BGP_ATTR_PARSE_PROCEED;
1267 }
1268
1269 /* MED atrribute. */
1270 static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
1271 {
1272 struct peer *const peer = args->peer;
1273 struct attr *const attr = args->attr;
1274 const bgp_size_t length = args->length;
1275
1276 /* Length check. */
1277 if (length != 4) {
1278 zlog_err("MED attribute length isn't four [%d]", length);
1279
1280 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1281 args->total);
1282 }
1283
1284 attr->med = stream_getl(peer->ibuf);
1285
1286 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
1287
1288 return BGP_ATTR_PARSE_PROCEED;
1289 }
1290
1291 /* Local preference attribute. */
1292 static bgp_attr_parse_ret_t
1293 bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1294 {
1295 struct peer *const peer = args->peer;
1296 struct attr *const attr = args->attr;
1297 const bgp_size_t length = args->length;
1298
1299 /* Length check. */
1300 if (length != 4) {
1301 zlog_err("LOCAL_PREF attribute length isn't 4 [%u]", length);
1302 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1303 args->total);
1304 }
1305
1306 /* If it is contained in an UPDATE message that is received from an
1307 external peer, then this attribute MUST be ignored by the
1308 receiving speaker. */
1309 if (peer->sort == BGP_PEER_EBGP) {
1310 stream_forward_getp(peer->ibuf, length);
1311 return BGP_ATTR_PARSE_PROCEED;
1312 }
1313
1314 attr->local_pref = stream_getl(peer->ibuf);
1315
1316 /* Set the local-pref flag. */
1317 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1318
1319 return BGP_ATTR_PARSE_PROCEED;
1320 }
1321
1322 /* Atomic aggregate. */
1323 static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
1324 {
1325 struct attr *const attr = args->attr;
1326 const bgp_size_t length = args->length;
1327
1328 /* Length check. */
1329 if (length != 0) {
1330 zlog_err("ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1331 length);
1332 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1333 args->total);
1334 }
1335
1336 /* Set atomic aggregate flag. */
1337 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
1338
1339 return BGP_ATTR_PARSE_PROCEED;
1340 }
1341
1342 /* Aggregator attribute */
1343 static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1344 {
1345 struct peer *const peer = args->peer;
1346 struct attr *const attr = args->attr;
1347 const bgp_size_t length = args->length;
1348
1349 int wantedlen = 6;
1350
1351 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1352 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1353 wantedlen = 8;
1354
1355 if (length != wantedlen) {
1356 zlog_err("AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1357 length);
1358 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1359 args->total);
1360 }
1361
1362 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1363 attr->aggregator_as = stream_getl(peer->ibuf);
1364 else
1365 attr->aggregator_as = stream_getw(peer->ibuf);
1366 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->ibuf);
1367
1368 /* Set atomic aggregate flag. */
1369 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1370
1371 return BGP_ATTR_PARSE_PROCEED;
1372 }
1373
1374 /* New Aggregator attribute */
1375 static bgp_attr_parse_ret_t
1376 bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1377 as_t *as4_aggregator_as,
1378 struct in_addr *as4_aggregator_addr)
1379 {
1380 struct peer *const peer = args->peer;
1381 struct attr *const attr = args->attr;
1382 const bgp_size_t length = args->length;
1383
1384 if (length != 8) {
1385 zlog_err("New Aggregator length is not 8 [%d]", length);
1386 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1387 0);
1388 }
1389
1390 *as4_aggregator_as = stream_getl(peer->ibuf);
1391 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->ibuf);
1392
1393 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1394
1395 return BGP_ATTR_PARSE_PROCEED;
1396 }
1397
1398 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1399 */
1400 static bgp_attr_parse_ret_t
1401 bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1402 struct aspath *as4_path, as_t as4_aggregator,
1403 struct in_addr *as4_aggregator_addr)
1404 {
1405 int ignore_as4_path = 0;
1406 struct aspath *newpath;
1407
1408 if (!attr->aspath) {
1409 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1410 * have
1411 * checked that all well-known, mandatory attributes were
1412 * present.
1413 *
1414 * Can only be a problem with peer itself - hard error
1415 */
1416 return BGP_ATTR_PARSE_ERROR;
1417 }
1418
1419 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1420 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1421 * if given.
1422 * It is worth a warning though, because the peer really
1423 * should not send them
1424 */
1425 if (BGP_DEBUG(as4, AS4)) {
1426 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1427 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1428 "AS4 capable peer, yet it sent");
1429
1430 if (attr->flag
1431 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1432 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1433 peer->host,
1434 "AS4 capable peer, yet it sent");
1435 }
1436
1437 return BGP_ATTR_PARSE_PROCEED;
1438 }
1439
1440 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1441 * because that may override AS4_PATH
1442 */
1443 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1444 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1445 /* received both.
1446 * if the as_number in aggregator is not AS_TRANS,
1447 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1448 * and the Aggregator shall be taken as
1449 * info on the aggregating node, and the AS_PATH
1450 * shall be taken as the AS_PATH
1451 * otherwise
1452 * the Aggregator shall be ignored and the
1453 * AS4_AGGREGATOR shall be taken as the
1454 * Aggregating node and the AS_PATH is to be
1455 * constructed "as in all other cases"
1456 */
1457 if (attr->aggregator_as != BGP_AS_TRANS) {
1458 /* ignore */
1459 if (BGP_DEBUG(as4, AS4))
1460 zlog_debug(
1461 "[AS4] %s BGP not AS4 capable peer"
1462 " send AGGREGATOR != AS_TRANS and"
1463 " AS4_AGGREGATOR, so ignore"
1464 " AS4_AGGREGATOR and AS4_PATH",
1465 peer->host);
1466 ignore_as4_path = 1;
1467 } else {
1468 /* "New_aggregator shall be taken as aggregator"
1469 */
1470 attr->aggregator_as = as4_aggregator;
1471 attr->aggregator_addr.s_addr =
1472 as4_aggregator_addr->s_addr;
1473 }
1474 } else {
1475 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1476 * That is bogus - but reading the conditions
1477 * we have to handle AS4_AGGREGATOR as if it were
1478 * AGGREGATOR in that case
1479 */
1480 if (BGP_DEBUG(as4, AS4))
1481 zlog_debug(
1482 "[AS4] %s BGP not AS4 capable peer send"
1483 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1484 " it as if AGGREGATOR with AS_TRANS had been there",
1485 peer->host);
1486 attr->aggregator_as = as4_aggregator;
1487 /* sweep it under the carpet and simulate a "good"
1488 * AGGREGATOR */
1489 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1490 }
1491 }
1492
1493 /* need to reconcile NEW_AS_PATH and AS_PATH */
1494 if (!ignore_as4_path
1495 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1496 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
1497 aspath_unintern(&attr->aspath);
1498 attr->aspath = aspath_intern(newpath);
1499 }
1500 return BGP_ATTR_PARSE_PROCEED;
1501 }
1502
1503 /* Community attribute. */
1504 static bgp_attr_parse_ret_t
1505 bgp_attr_community(struct bgp_attr_parser_args *args)
1506 {
1507 struct peer *const peer = args->peer;
1508 struct attr *const attr = args->attr;
1509 const bgp_size_t length = args->length;
1510
1511 if (length == 0) {
1512 attr->community = NULL;
1513 return BGP_ATTR_PARSE_PROCEED;
1514 }
1515
1516 attr->community =
1517 community_parse((u_int32_t *)stream_pnt(peer->ibuf), length);
1518
1519 /* XXX: fix community_parse to use stream API and remove this */
1520 stream_forward_getp(peer->ibuf, length);
1521
1522 if (!attr->community)
1523 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1524 args->total);
1525
1526 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1527
1528 return BGP_ATTR_PARSE_PROCEED;
1529 }
1530
1531 /* Originator ID attribute. */
1532 static bgp_attr_parse_ret_t
1533 bgp_attr_originator_id(struct bgp_attr_parser_args *args)
1534 {
1535 struct peer *const peer = args->peer;
1536 struct attr *const attr = args->attr;
1537 const bgp_size_t length = args->length;
1538
1539 /* Length check. */
1540 if (length != 4) {
1541 zlog_err("Bad originator ID length %d", length);
1542
1543 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1544 args->total);
1545 }
1546
1547 attr->originator_id.s_addr = stream_get_ipv4(peer->ibuf);
1548
1549 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
1550
1551 return BGP_ATTR_PARSE_PROCEED;
1552 }
1553
1554 /* Cluster list attribute. */
1555 static bgp_attr_parse_ret_t
1556 bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
1557 {
1558 struct peer *const peer = args->peer;
1559 struct attr *const attr = args->attr;
1560 const bgp_size_t length = args->length;
1561
1562 /* Check length. */
1563 if (length % 4) {
1564 zlog_err("Bad cluster list length %d", length);
1565
1566 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1567 args->total);
1568 }
1569
1570 attr->cluster =
1571 cluster_parse((struct in_addr *)stream_pnt(peer->ibuf), length);
1572
1573 /* XXX: Fix cluster_parse to use stream API and then remove this */
1574 stream_forward_getp(peer->ibuf, length);
1575
1576 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
1577
1578 return BGP_ATTR_PARSE_PROCEED;
1579 }
1580
1581 /* Multiprotocol reachability information parse. */
1582 int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1583 struct bgp_nlri *mp_update)
1584 {
1585 iana_afi_t pkt_afi;
1586 afi_t afi;
1587 iana_safi_t pkt_safi;
1588 safi_t safi;
1589 bgp_size_t nlri_len;
1590 size_t start;
1591 struct stream *s;
1592 struct peer *const peer = args->peer;
1593 struct attr *const attr = args->attr;
1594 const bgp_size_t length = args->length;
1595
1596 /* Set end of packet. */
1597 s = BGP_INPUT(peer);
1598 start = stream_get_getp(s);
1599
1600 /* safe to read statically sized header? */
1601 #define BGP_MP_REACH_MIN_SIZE 5
1602 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1603 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1604 zlog_info("%s: %s sent invalid length, %lu", __func__,
1605 peer->host, (unsigned long)length);
1606 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1607 }
1608
1609 /* Load AFI, SAFI. */
1610 pkt_afi = stream_getw(s);
1611 pkt_safi = stream_getc(s);
1612
1613 /* Convert AFI, SAFI to internal values, check. */
1614 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1615 /* Log if AFI or SAFI is unrecognized. This is not an error
1616 * unless
1617 * the attribute is otherwise malformed.
1618 */
1619 if (bgp_debug_update(peer, NULL, NULL, 0))
1620 zlog_debug(
1621 "%s: MP_REACH received AFI %u or SAFI %u is unrecognized",
1622 peer->host, pkt_afi, pkt_safi);
1623 return BGP_ATTR_PARSE_ERROR;
1624 }
1625
1626 /* Get nexthop length. */
1627 attr->mp_nexthop_len = stream_getc(s);
1628
1629 if (LEN_LEFT < attr->mp_nexthop_len) {
1630 zlog_info(
1631 "%s: %s, MP nexthop length, %u, goes past end of attribute",
1632 __func__, peer->host, attr->mp_nexthop_len);
1633 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1634 }
1635
1636 /* Nexthop length check. */
1637 switch (attr->mp_nexthop_len) {
1638 case BGP_ATTR_NHLEN_IPV4:
1639 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1640 /* Probably needed for RFC 2283 */
1641 if (attr->nexthop.s_addr == 0)
1642 memcpy(&attr->nexthop.s_addr,
1643 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1644 break;
1645 case BGP_ATTR_NHLEN_VPNV4:
1646 stream_getl(s); /* RD high */
1647 stream_getl(s); /* RD low */
1648 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1649 break;
1650 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1651 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1652 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1653 stream_getl(s); /* RD high */
1654 stream_getl(s); /* RD low */
1655 }
1656 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1657 break;
1658 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1659 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1660 if (attr->mp_nexthop_len
1661 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1662 stream_getl(s); /* RD high */
1663 stream_getl(s); /* RD low */
1664 }
1665 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1666 if (attr->mp_nexthop_len
1667 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1668 stream_getl(s); /* RD high */
1669 stream_getl(s); /* RD low */
1670 }
1671 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1672 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1673 char buf1[INET6_ADDRSTRLEN];
1674 char buf2[INET6_ADDRSTRLEN];
1675
1676 if (bgp_debug_update(peer, NULL, NULL, 1))
1677 zlog_debug(
1678 "%s rcvd nexthops %s, %s -- ignoring non-LL value",
1679 peer->host,
1680 inet_ntop(AF_INET6,
1681 &attr->mp_nexthop_global,
1682 buf1, INET6_ADDRSTRLEN),
1683 inet_ntop(AF_INET6,
1684 &attr->mp_nexthop_local, buf2,
1685 INET6_ADDRSTRLEN));
1686
1687 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1688 }
1689 break;
1690 default:
1691 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1692 __func__, peer->host, attr->mp_nexthop_len);
1693 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1694 }
1695
1696 if (!LEN_LEFT) {
1697 zlog_info("%s: (%s) Failed to read SNPA and NLRI(s)", __func__,
1698 peer->host);
1699 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1700 }
1701
1702 {
1703 u_char val;
1704 if ((val = stream_getc(s)))
1705 zlog_warn(
1706 "%s sent non-zero value, %u, for defunct SNPA-length field",
1707 peer->host, val);
1708 }
1709
1710 /* must have nrli_len, what is left of the attribute */
1711 nlri_len = LEN_LEFT;
1712 if (nlri_len > STREAM_READABLE(s)) {
1713 zlog_info("%s: (%s) Failed to read NLRI", __func__, peer->host);
1714 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1715 }
1716
1717 if (!nlri_len) {
1718 zlog_info("%s: (%s) No Reachability, Treating as a EOR marker",
1719 __func__, peer->host);
1720
1721 mp_update->afi = afi;
1722 mp_update->safi = safi;
1723 return BGP_ATTR_PARSE_EOR;
1724 }
1725
1726 mp_update->afi = afi;
1727 mp_update->safi = safi;
1728 mp_update->nlri = stream_pnt(s);
1729 mp_update->length = nlri_len;
1730
1731 stream_forward_getp(s, nlri_len);
1732
1733 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1734
1735 return BGP_ATTR_PARSE_PROCEED;
1736 #undef LEN_LEFT
1737 }
1738
1739 /* Multiprotocol unreachable parse */
1740 int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1741 struct bgp_nlri *mp_withdraw)
1742 {
1743 struct stream *s;
1744 iana_afi_t pkt_afi;
1745 afi_t afi;
1746 iana_safi_t pkt_safi;
1747 safi_t safi;
1748 u_int16_t withdraw_len;
1749 struct peer *const peer = args->peer;
1750 struct attr *const attr = args->attr;
1751 const bgp_size_t length = args->length;
1752
1753 s = peer->ibuf;
1754
1755 #define BGP_MP_UNREACH_MIN_SIZE 3
1756 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1757 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1758
1759 pkt_afi = stream_getw(s);
1760 pkt_safi = stream_getc(s);
1761
1762 /* Convert AFI, SAFI to internal values, check. */
1763 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1764 /* Log if AFI or SAFI is unrecognized. This is not an error
1765 * unless
1766 * the attribute is otherwise malformed.
1767 */
1768 if (bgp_debug_update(peer, NULL, NULL, 0))
1769 zlog_debug(
1770 "%s: MP_UNREACH received AFI %u or SAFI %u is unrecognized",
1771 peer->host, pkt_afi, pkt_safi);
1772 return BGP_ATTR_PARSE_ERROR;
1773 }
1774
1775 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
1776
1777 mp_withdraw->afi = afi;
1778 mp_withdraw->safi = safi;
1779 mp_withdraw->nlri = stream_pnt(s);
1780 mp_withdraw->length = withdraw_len;
1781
1782 stream_forward_getp(s, withdraw_len);
1783
1784 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1785
1786 return BGP_ATTR_PARSE_PROCEED;
1787 }
1788
1789 /* Large Community attribute. */
1790 static bgp_attr_parse_ret_t
1791 bgp_attr_large_community(struct bgp_attr_parser_args *args)
1792 {
1793 struct peer *const peer = args->peer;
1794 struct attr *const attr = args->attr;
1795 const bgp_size_t length = args->length;
1796
1797 /*
1798 * Large community follows new attribute format.
1799 */
1800 if (length == 0) {
1801 attr->lcommunity = NULL;
1802 /* Empty extcomm doesn't seem to be invalid per se */
1803 return BGP_ATTR_PARSE_PROCEED;
1804 }
1805
1806 attr->lcommunity =
1807 lcommunity_parse((u_int8_t *)stream_pnt(peer->ibuf), length);
1808 /* XXX: fix ecommunity_parse to use stream API */
1809 stream_forward_getp(peer->ibuf, length);
1810
1811 if (!attr->lcommunity)
1812 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1813 args->total);
1814
1815 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
1816
1817 return BGP_ATTR_PARSE_PROCEED;
1818 }
1819
1820 /* Extended Community attribute. */
1821 static bgp_attr_parse_ret_t
1822 bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1823 {
1824 struct peer *const peer = args->peer;
1825 struct attr *const attr = args->attr;
1826 const bgp_size_t length = args->length;
1827 u_char sticky = 0;
1828
1829 if (length == 0) {
1830 attr->ecommunity = NULL;
1831 /* Empty extcomm doesn't seem to be invalid per se */
1832 return BGP_ATTR_PARSE_PROCEED;
1833 }
1834
1835 attr->ecommunity =
1836 ecommunity_parse((u_int8_t *)stream_pnt(peer->ibuf), length);
1837 /* XXX: fix ecommunity_parse to use stream API */
1838 stream_forward_getp(peer->ibuf, length);
1839
1840 if (!attr->ecommunity)
1841 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1842 args->total);
1843
1844 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1845
1846 /* Extract MAC mobility sequence number, if any. */
1847 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1848 attr->sticky = sticky;
1849
1850 return BGP_ATTR_PARSE_PROCEED;
1851 }
1852
1853 /* Parse Tunnel Encap attribute in an UPDATE */
1854 static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
1855 bgp_size_t length, /* IN: attr's length field */
1856 struct attr *attr, /* IN: caller already allocated */
1857 u_char flag, /* IN: attr's flags field */
1858 u_char *startp)
1859 {
1860 bgp_size_t total;
1861 uint16_t tunneltype = 0;
1862
1863 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
1864
1865 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
1866 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
1867 zlog_info(
1868 "Tunnel Encap attribute flag isn't optional and transitive %d",
1869 flag);
1870 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1871 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
1872 startp, total);
1873 return -1;
1874 }
1875
1876 if (BGP_ATTR_ENCAP == type) {
1877 /* read outer TLV type and length */
1878 uint16_t tlv_length;
1879
1880 if (length < 4) {
1881 zlog_info(
1882 "Tunnel Encap attribute not long enough to contain outer T,L");
1883 bgp_notify_send_with_data(
1884 peer, BGP_NOTIFY_UPDATE_ERR,
1885 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1886 return -1;
1887 }
1888 tunneltype = stream_getw(BGP_INPUT(peer));
1889 tlv_length = stream_getw(BGP_INPUT(peer));
1890 length -= 4;
1891
1892 if (tlv_length != length) {
1893 zlog_info("%s: tlv_length(%d) != length(%d)", __func__,
1894 tlv_length, length);
1895 }
1896 }
1897
1898 while (length >= 4) {
1899 uint16_t subtype = 0;
1900 uint16_t sublength = 0;
1901 struct bgp_attr_encap_subtlv *tlv;
1902
1903 if (BGP_ATTR_ENCAP == type) {
1904 subtype = stream_getc(BGP_INPUT(peer));
1905 sublength = stream_getc(BGP_INPUT(peer));
1906 length -= 2;
1907 #if ENABLE_BGP_VNC
1908 } else {
1909 subtype = stream_getw(BGP_INPUT(peer));
1910 sublength = stream_getw(BGP_INPUT(peer));
1911 length -= 4;
1912 #endif
1913 }
1914
1915 if (sublength > length) {
1916 zlog_info(
1917 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
1918 sublength, length);
1919 bgp_notify_send_with_data(
1920 peer, BGP_NOTIFY_UPDATE_ERR,
1921 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1922 return -1;
1923 }
1924
1925 /* alloc and copy sub-tlv */
1926 /* TBD make sure these are freed when attributes are released */
1927 tlv = XCALLOC(MTYPE_ENCAP_TLV,
1928 sizeof(struct bgp_attr_encap_subtlv)
1929 + sublength);
1930 tlv->type = subtype;
1931 tlv->length = sublength;
1932 stream_get(tlv->value, peer->ibuf, sublength);
1933 length -= sublength;
1934
1935 /* attach tlv to encap chain */
1936 if (BGP_ATTR_ENCAP == type) {
1937 struct bgp_attr_encap_subtlv *stlv_last;
1938 for (stlv_last = attr->encap_subtlvs;
1939 stlv_last && stlv_last->next;
1940 stlv_last = stlv_last->next)
1941 ;
1942 if (stlv_last) {
1943 stlv_last->next = tlv;
1944 } else {
1945 attr->encap_subtlvs = tlv;
1946 }
1947 #if ENABLE_BGP_VNC
1948 } else {
1949 struct bgp_attr_encap_subtlv *stlv_last;
1950 for (stlv_last = attr->vnc_subtlvs;
1951 stlv_last && stlv_last->next;
1952 stlv_last = stlv_last->next)
1953 ;
1954 if (stlv_last) {
1955 stlv_last->next = tlv;
1956 } else {
1957 attr->vnc_subtlvs = tlv;
1958 }
1959 #endif
1960 }
1961 }
1962
1963 if (BGP_ATTR_ENCAP == type) {
1964 attr->encap_tunneltype = tunneltype;
1965 }
1966
1967 if (length) {
1968 /* spurious leftover data */
1969 zlog_info(
1970 "Tunnel Encap attribute length is bad: %d leftover octets",
1971 length);
1972 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1973 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1974 startp, total);
1975 return -1;
1976 }
1977
1978 return 0;
1979 }
1980
1981 /* Prefix SID attribute
1982 * draft-ietf-idr-bgp-prefix-sid-05
1983 */
1984 static bgp_attr_parse_ret_t
1985 bgp_attr_prefix_sid(struct bgp_attr_parser_args *args,
1986 struct bgp_nlri *mp_update)
1987 {
1988 struct peer *const peer = args->peer;
1989 struct attr *const attr = args->attr;
1990 int type;
1991 int length;
1992 u_int32_t label_index;
1993 struct in6_addr ipv6_sid;
1994 u_int32_t srgb_base;
1995 u_int32_t srgb_range;
1996 int srgb_count;
1997
1998 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
1999
2000 type = stream_getc(peer->ibuf);
2001 length = stream_getw(peer->ibuf);
2002
2003 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2004 if (length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
2005 zlog_err(
2006 "Prefix SID label index length is %d instead of %d",
2007 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
2008 return bgp_attr_malformed(
2009 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2010 args->total);
2011 }
2012
2013 /* Ignore flags and reserved */
2014 stream_getc(peer->ibuf);
2015 stream_getw(peer->ibuf);
2016
2017 /* Fetch the label index and see if it is valid. */
2018 label_index = stream_getl(peer->ibuf);
2019 if (label_index == BGP_INVALID_LABEL_INDEX)
2020 return bgp_attr_malformed(
2021 args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2022 args->total);
2023
2024 /* Store label index; subsequently, we'll check on
2025 * address-family */
2026 attr->label_index = label_index;
2027
2028 /*
2029 * Ignore the Label index attribute unless received for
2030 * labeled-unicast
2031 * SAFI.
2032 */
2033 if (!mp_update->length
2034 || mp_update->safi != SAFI_LABELED_UNICAST)
2035 attr->label_index = BGP_INVALID_LABEL_INDEX;
2036 }
2037
2038 /* Placeholder code for the IPv6 SID type */
2039 else if (type == BGP_PREFIX_SID_IPV6) {
2040 if (length != BGP_PREFIX_SID_IPV6_LENGTH) {
2041 zlog_err("Prefix SID IPv6 length is %d instead of %d",
2042 length, BGP_PREFIX_SID_IPV6_LENGTH);
2043 return bgp_attr_malformed(
2044 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2045 args->total);
2046 }
2047
2048 /* Ignore reserved */
2049 stream_getc(peer->ibuf);
2050 stream_getw(peer->ibuf);
2051
2052 stream_get(&ipv6_sid, peer->ibuf, 16);
2053 }
2054
2055 /* Placeholder code for the Originator SRGB type */
2056 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2057 /* Ignore flags */
2058 stream_getw(peer->ibuf);
2059
2060 length -= 2;
2061
2062 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
2063 zlog_err(
2064 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2065 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2066 return bgp_attr_malformed(
2067 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2068 args->total);
2069 }
2070
2071 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2072
2073 for (int i = 0; i < srgb_count; i++) {
2074 stream_get(&srgb_base, peer->ibuf, 3);
2075 stream_get(&srgb_range, peer->ibuf, 3);
2076 }
2077 }
2078
2079 return BGP_ATTR_PARSE_PROCEED;
2080 }
2081
2082 /* BGP unknown attribute treatment. */
2083 static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2084 {
2085 bgp_size_t total = args->total;
2086 struct transit *transit;
2087 struct peer *const peer = args->peer;
2088 struct attr *const attr = args->attr;
2089 u_char *const startp = args->startp;
2090 const u_char type = args->type;
2091 const u_char flag = args->flags;
2092 const bgp_size_t length = args->length;
2093
2094 if (bgp_debug_update(peer, NULL, NULL, 1))
2095 zlog_debug(
2096 "%s Unknown attribute is received (type %d, length %d)",
2097 peer->host, type, length);
2098
2099 /* Forward read pointer of input stream. */
2100 stream_forward_getp(peer->ibuf, length);
2101
2102 /* If any of the mandatory well-known attributes are not recognized,
2103 then the Error Subcode is set to Unrecognized Well-known
2104 Attribute. The Data field contains the unrecognized attribute
2105 (type, length and value). */
2106 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2107 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2108 args->total);
2109 }
2110
2111 /* Unrecognized non-transitive optional attributes must be quietly
2112 ignored and not passed along to other BGP peers. */
2113 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2114 return BGP_ATTR_PARSE_PROCEED;
2115
2116 /* If a path with recognized transitive optional attribute is
2117 accepted and passed along to other BGP peers and the Partial bit
2118 in the Attribute Flags octet is set to 1 by some previous AS, it
2119 is not set back to 0 by the current AS. */
2120 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2121
2122 /* Store transitive attribute to the end of attr->transit. */
2123 if (!attr->transit)
2124 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2125
2126 transit = attr->transit;
2127
2128 if (transit->val)
2129 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2130 transit->length + total);
2131 else
2132 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2133
2134 memcpy(transit->val + transit->length, startp, total);
2135 transit->length += total;
2136
2137 return BGP_ATTR_PARSE_PROCEED;
2138 }
2139
2140 /* Well-known attribute check. */
2141 static int bgp_attr_check(struct peer *peer, struct attr *attr)
2142 {
2143 u_char type = 0;
2144
2145 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2146 * empty UPDATE. */
2147 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2148 return BGP_ATTR_PARSE_PROCEED;
2149
2150 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2151 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2152 are present, it should. Check for any other attribute being present
2153 instead.
2154 */
2155 if (attr->flag == ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))
2156 return BGP_ATTR_PARSE_PROCEED;
2157
2158 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2159 type = BGP_ATTR_ORIGIN;
2160
2161 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2162 type = BGP_ATTR_AS_PATH;
2163
2164 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2165 * and
2166 * NLRI is empty. We can't easily check NLRI empty here though.
2167 */
2168 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2169 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2170 type = BGP_ATTR_NEXT_HOP;
2171
2172 if (peer->sort == BGP_PEER_IBGP
2173 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2174 type = BGP_ATTR_LOCAL_PREF;
2175
2176 if (type) {
2177 zlog_warn("%s Missing well-known attribute %s.", peer->host,
2178 lookup_msg(attr_str, type, NULL));
2179 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2180 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2181 1);
2182 return BGP_ATTR_PARSE_ERROR;
2183 }
2184 return BGP_ATTR_PARSE_PROCEED;
2185 }
2186
2187 /* Read attribute of update packet. This function is called from
2188 bgp_update_receive() in bgp_packet.c. */
2189 bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2190 bgp_size_t size, struct bgp_nlri *mp_update,
2191 struct bgp_nlri *mp_withdraw)
2192 {
2193 int ret;
2194 u_char flag = 0;
2195 u_char type = 0;
2196 bgp_size_t length;
2197 u_char *startp, *endp;
2198 u_char *attr_endp;
2199 u_char seen[BGP_ATTR_BITMAP_SIZE];
2200 /* we need the as4_path only until we have synthesized the as_path with
2201 * it */
2202 /* same goes for as4_aggregator */
2203 struct aspath *as4_path = NULL;
2204 as_t as4_aggregator = 0;
2205 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2206
2207 /* Initialize bitmap. */
2208 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2209
2210 /* End pointer of BGP attribute. */
2211 endp = BGP_INPUT_PNT(peer) + size;
2212
2213 /* Get attributes to the end of attribute length. */
2214 while (BGP_INPUT_PNT(peer) < endp) {
2215 /* Check remaining length check.*/
2216 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2217 /* XXX warning: long int format, int arg (arg 5) */
2218 zlog_warn(
2219 "%s: error BGP attribute length %lu is smaller than min len",
2220 peer->host,
2221 (unsigned long)(endp
2222 - STREAM_PNT(BGP_INPUT(peer))));
2223
2224 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2225 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2226 return BGP_ATTR_PARSE_ERROR;
2227 }
2228
2229 /* Fetch attribute flag and type. */
2230 startp = BGP_INPUT_PNT(peer);
2231 /* "The lower-order four bits of the Attribute Flags octet are
2232 unused. They MUST be zero when sent and MUST be ignored when
2233 received." */
2234 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2235 type = stream_getc(BGP_INPUT(peer));
2236
2237 /* Check whether Extended-Length applies and is in bounds */
2238 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2239 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
2240 zlog_warn(
2241 "%s: Extended length set, but just %lu bytes of attr header",
2242 peer->host,
2243 (unsigned long)(endp
2244 - STREAM_PNT(BGP_INPUT(peer))));
2245
2246 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2247 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2248 return BGP_ATTR_PARSE_ERROR;
2249 }
2250
2251 /* Check extended attribue length bit. */
2252 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2253 length = stream_getw(BGP_INPUT(peer));
2254 else
2255 length = stream_getc(BGP_INPUT(peer));
2256
2257 /* If any attribute appears more than once in the UPDATE
2258 message, then the Error Subcode is set to Malformed Attribute
2259 List. */
2260
2261 if (CHECK_BITMAP(seen, type)) {
2262 zlog_warn(
2263 "%s: error BGP attribute type %d appears twice in a message",
2264 peer->host, type);
2265
2266 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2267 BGP_NOTIFY_UPDATE_MAL_ATTR);
2268 return BGP_ATTR_PARSE_ERROR;
2269 }
2270
2271 /* Set type to bitmap to check duplicate attribute. `type' is
2272 unsigned char so it never overflow bitmap range. */
2273
2274 SET_BITMAP(seen, type);
2275
2276 /* Overflow check. */
2277 attr_endp = BGP_INPUT_PNT(peer) + length;
2278
2279 if (attr_endp > endp) {
2280 zlog_warn(
2281 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2282 peer->host, type, length, size, attr_endp,
2283 endp);
2284 /*
2285 * RFC 4271 6.3
2286 * If any recognized attribute has an Attribute
2287 * Length that conflicts with the expected length
2288 * (based on the attribute type code), then the
2289 * Error Subcode MUST be set to Attribute Length
2290 * Error. The Data field MUST contain the erroneous
2291 * attribute (type, length, and value).
2292 * ----------
2293 * We do not currently have a good way to determine the
2294 * length of the attribute independent of the length
2295 * received in the message. Instead we send the
2296 * minimum between the amount of data we have and the
2297 * amount specified by the attribute length field.
2298 *
2299 * Instead of directly passing in the packet buffer and
2300 * offset we use the stream_get* functions to read into
2301 * a stack buffer, since they perform bounds checking
2302 * and we are working with untrusted data.
2303 */
2304 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2305 memset(ndata, 0x00, sizeof(ndata));
2306 size_t lfl =
2307 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2308 /* Rewind to end of flag field */
2309 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2310 /* Type */
2311 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2312 /* Length */
2313 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2314 /* Value */
2315 size_t atl = attr_endp - startp;
2316 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2317 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2318
2319 bgp_notify_send_with_data(
2320 peer, BGP_NOTIFY_UPDATE_ERR,
2321 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2322 ndl + lfl + 1);
2323
2324 return BGP_ATTR_PARSE_ERROR;
2325 }
2326
2327 struct bgp_attr_parser_args attr_args = {
2328 .peer = peer,
2329 .length = length,
2330 .attr = attr,
2331 .type = type,
2332 .flags = flag,
2333 .startp = startp,
2334 .total = attr_endp - startp,
2335 };
2336
2337
2338 /* If any recognized attribute has Attribute Flags that conflict
2339 with the Attribute Type Code, then the Error Subcode is set
2340 to
2341 Attribute Flags Error. The Data field contains the erroneous
2342 attribute (type, length and value). */
2343 if (bgp_attr_flag_invalid(&attr_args)) {
2344 bgp_attr_parse_ret_t ret;
2345 ret = bgp_attr_malformed(
2346 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2347 attr_args.total);
2348 if (ret == BGP_ATTR_PARSE_PROCEED)
2349 continue;
2350 return ret;
2351 }
2352
2353 /* OK check attribute and store it's value. */
2354 switch (type) {
2355 case BGP_ATTR_ORIGIN:
2356 ret = bgp_attr_origin(&attr_args);
2357 break;
2358 case BGP_ATTR_AS_PATH:
2359 ret = bgp_attr_aspath(&attr_args);
2360 break;
2361 case BGP_ATTR_AS4_PATH:
2362 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2363 break;
2364 case BGP_ATTR_NEXT_HOP:
2365 ret = bgp_attr_nexthop(&attr_args);
2366 break;
2367 case BGP_ATTR_MULTI_EXIT_DISC:
2368 ret = bgp_attr_med(&attr_args);
2369 break;
2370 case BGP_ATTR_LOCAL_PREF:
2371 ret = bgp_attr_local_pref(&attr_args);
2372 break;
2373 case BGP_ATTR_ATOMIC_AGGREGATE:
2374 ret = bgp_attr_atomic(&attr_args);
2375 break;
2376 case BGP_ATTR_AGGREGATOR:
2377 ret = bgp_attr_aggregator(&attr_args);
2378 break;
2379 case BGP_ATTR_AS4_AGGREGATOR:
2380 ret = bgp_attr_as4_aggregator(&attr_args,
2381 &as4_aggregator,
2382 &as4_aggregator_addr);
2383 break;
2384 case BGP_ATTR_COMMUNITIES:
2385 ret = bgp_attr_community(&attr_args);
2386 break;
2387 case BGP_ATTR_LARGE_COMMUNITIES:
2388 ret = bgp_attr_large_community(&attr_args);
2389 break;
2390 case BGP_ATTR_ORIGINATOR_ID:
2391 ret = bgp_attr_originator_id(&attr_args);
2392 break;
2393 case BGP_ATTR_CLUSTER_LIST:
2394 ret = bgp_attr_cluster_list(&attr_args);
2395 break;
2396 case BGP_ATTR_MP_REACH_NLRI:
2397 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2398 break;
2399 case BGP_ATTR_MP_UNREACH_NLRI:
2400 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2401 break;
2402 case BGP_ATTR_EXT_COMMUNITIES:
2403 ret = bgp_attr_ext_communities(&attr_args);
2404 break;
2405 #if ENABLE_BGP_VNC
2406 case BGP_ATTR_VNC:
2407 #endif
2408 case BGP_ATTR_ENCAP:
2409 ret = bgp_attr_encap(type, peer, length, attr, flag,
2410 startp);
2411 break;
2412 case BGP_ATTR_PREFIX_SID:
2413 ret = bgp_attr_prefix_sid(&attr_args, mp_update);
2414 break;
2415 default:
2416 ret = bgp_attr_unknown(&attr_args);
2417 break;
2418 }
2419
2420 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2421 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2422 BGP_NOTIFY_UPDATE_MAL_ATTR);
2423 ret = BGP_ATTR_PARSE_ERROR;
2424 }
2425
2426 if (ret == BGP_ATTR_PARSE_EOR) {
2427 if (as4_path)
2428 aspath_unintern(&as4_path);
2429 return ret;
2430 }
2431
2432 /* If hard error occured immediately return to the caller. */
2433 if (ret == BGP_ATTR_PARSE_ERROR) {
2434 zlog_warn("%s: Attribute %s, parse error", peer->host,
2435 lookup_msg(attr_str, type, NULL));
2436 if (as4_path)
2437 aspath_unintern(&as4_path);
2438 return ret;
2439 }
2440 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2441
2442 zlog_warn(
2443 "%s: Attribute %s, parse error - treating as withdrawal",
2444 peer->host, lookup_msg(attr_str, type, NULL));
2445 if (as4_path)
2446 aspath_unintern(&as4_path);
2447 return ret;
2448 }
2449
2450 /* Check the fetched length. */
2451 if (BGP_INPUT_PNT(peer) != attr_endp) {
2452 zlog_warn("%s: BGP attribute %s, fetch error",
2453 peer->host, lookup_msg(attr_str, type, NULL));
2454 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2455 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2456 if (as4_path)
2457 aspath_unintern(&as4_path);
2458 return BGP_ATTR_PARSE_ERROR;
2459 }
2460 }
2461
2462 /* Check final read pointer is same as end pointer. */
2463 if (BGP_INPUT_PNT(peer) != endp) {
2464 zlog_warn("%s: BGP attribute %s, length mismatch", peer->host,
2465 lookup_msg(attr_str, type, NULL));
2466 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2467 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2468 if (as4_path)
2469 aspath_unintern(&as4_path);
2470 return BGP_ATTR_PARSE_ERROR;
2471 }
2472
2473 /* Check all mandatory well-known attributes are present */
2474 {
2475 bgp_attr_parse_ret_t ret;
2476 if ((ret = bgp_attr_check(peer, attr)) < 0) {
2477 if (as4_path)
2478 aspath_unintern(&as4_path);
2479 return ret;
2480 }
2481 }
2482
2483 /*
2484 * At this place we can see whether we got AS4_PATH and/or
2485 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2486 * We can not do this before we've read all attributes because
2487 * the as4 handling does not say whether AS4_PATH has to be sent
2488 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2489 * in relationship to AGGREGATOR.
2490 * So, to be defensive, we are not relying on any order and read
2491 * all attributes first, including these 32bit ones, and now,
2492 * afterwards, we look what and if something is to be done for as4.
2493 *
2494 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2495 * MP_UNREACH_NLRI.
2496 */
2497 /* actually... this doesn't ever return failure currently, but
2498 * better safe than sorry */
2499 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2500 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2501 &as4_aggregator_addr)) {
2502 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2503 BGP_NOTIFY_UPDATE_MAL_ATTR);
2504 if (as4_path)
2505 aspath_unintern(&as4_path);
2506 return BGP_ATTR_PARSE_ERROR;
2507 }
2508
2509 /* At this stage, we have done all fiddling with as4, and the
2510 * resulting info is in attr->aggregator resp. attr->aspath
2511 * so we can chuck as4_aggregator and as4_path alltogether in
2512 * order to save memory
2513 */
2514 if (as4_path) {
2515 aspath_unintern(&as4_path); /* unintern - it is in the hash */
2516 /* The flag that we got this is still there, but that does not
2517 * do any trouble
2518 */
2519 }
2520 /*
2521 * The "rest" of the code does nothing with as4_aggregator.
2522 * there is no memory attached specifically which is not part
2523 * of the attr.
2524 * so ignoring just means do nothing.
2525 */
2526 /*
2527 * Finally do the checks on the aspath we did not do yet
2528 * because we waited for a potentially synthesized aspath.
2529 */
2530 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2531 ret = bgp_attr_aspath_check(peer, attr);
2532 if (ret != BGP_ATTR_PARSE_PROCEED)
2533 return ret;
2534 }
2535 /* Finally intern unknown attribute. */
2536 if (attr->transit)
2537 attr->transit = transit_intern(attr->transit);
2538 if (attr->encap_subtlvs)
2539 attr->encap_subtlvs =
2540 encap_intern(attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
2541 #if ENABLE_BGP_VNC
2542 if (attr->vnc_subtlvs)
2543 attr->vnc_subtlvs =
2544 encap_intern(attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
2545 #endif
2546
2547 return BGP_ATTR_PARSE_PROCEED;
2548 }
2549
2550 size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2551 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2552 struct attr *attr)
2553 {
2554 size_t sizep;
2555 iana_afi_t pkt_afi;
2556 iana_safi_t pkt_safi;
2557 afi_t nh_afi;
2558
2559 /* Set extended bit always to encode the attribute length as 2 bytes */
2560 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2561 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2562 sizep = stream_get_endp(s);
2563 stream_putw(s, 0); /* Marker: Attribute length. */
2564
2565
2566 /* Convert AFI, SAFI to values for packet. */
2567 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2568
2569 stream_putw(s, pkt_afi); /* AFI */
2570 stream_putc(s, pkt_safi); /* SAFI */
2571
2572 /* Nexthop AFI */
2573 if (afi == AFI_IP
2574 && (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
2575 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
2576 else
2577 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2578
2579 /* Nexthop */
2580 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2581 switch (nh_afi) {
2582 case AFI_IP:
2583 switch (safi) {
2584 case SAFI_UNICAST:
2585 case SAFI_MULTICAST:
2586 case SAFI_LABELED_UNICAST:
2587 stream_putc(s, 4);
2588 stream_put_ipv4(s, attr->nexthop.s_addr);
2589 break;
2590 case SAFI_MPLS_VPN:
2591 stream_putc(s, 12);
2592 stream_putl(s, 0); /* RD = 0, per RFC */
2593 stream_putl(s, 0);
2594 stream_put(s, &attr->mp_nexthop_global_in, 4);
2595 break;
2596 case SAFI_ENCAP:
2597 case SAFI_EVPN:
2598 stream_putc(s, 4);
2599 stream_put(s, &attr->mp_nexthop_global_in, 4);
2600 break;
2601 default:
2602 break;
2603 }
2604 break;
2605 case AFI_IP6:
2606 switch (safi) {
2607 case SAFI_UNICAST:
2608 case SAFI_MULTICAST:
2609 case SAFI_LABELED_UNICAST:
2610 case SAFI_EVPN: {
2611 if (attr->mp_nexthop_len
2612 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2613 stream_putc(s,
2614 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
2615 stream_put(s, &attr->mp_nexthop_global,
2616 IPV6_MAX_BYTELEN);
2617 stream_put(s, &attr->mp_nexthop_local,
2618 IPV6_MAX_BYTELEN);
2619 } else {
2620 stream_putc(s, IPV6_MAX_BYTELEN);
2621 stream_put(s, &attr->mp_nexthop_global,
2622 IPV6_MAX_BYTELEN);
2623 }
2624 } break;
2625 case SAFI_MPLS_VPN: {
2626 if (attr->mp_nexthop_len
2627 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
2628 stream_putc(s, 24);
2629 stream_putl(s, 0); /* RD = 0, per RFC */
2630 stream_putl(s, 0);
2631 stream_put(s, &attr->mp_nexthop_global,
2632 IPV6_MAX_BYTELEN);
2633 } else if (attr->mp_nexthop_len
2634 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2635 stream_putc(s, 48);
2636 stream_putl(s, 0); /* RD = 0, per RFC */
2637 stream_putl(s, 0);
2638 stream_put(s, &attr->mp_nexthop_global,
2639 IPV6_MAX_BYTELEN);
2640 stream_putl(s, 0); /* RD = 0, per RFC */
2641 stream_putl(s, 0);
2642 stream_put(s, &attr->mp_nexthop_local,
2643 IPV6_MAX_BYTELEN);
2644 }
2645 } break;
2646 case SAFI_ENCAP:
2647 stream_putc(s, IPV6_MAX_BYTELEN);
2648 stream_put(s, &attr->mp_nexthop_global,
2649 IPV6_MAX_BYTELEN);
2650 break;
2651 default:
2652 break;
2653 }
2654 break;
2655 default:
2656 zlog_err(
2657 "Bad nexthop when sening to %s, AFI %u SAFI %u nhlen %d",
2658 peer->host, afi, safi, attr->mp_nexthop_len);
2659 break;
2660 }
2661
2662 /* SNPA */
2663 stream_putc(s, 0);
2664 return sizep;
2665 }
2666
2667 void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
2668 struct prefix *p, struct prefix_rd *prd,
2669 mpls_label_t *label, int addpath_encode,
2670 u_int32_t addpath_tx_id, struct attr *attr)
2671 {
2672 if (safi == SAFI_MPLS_VPN) {
2673 if (addpath_encode)
2674 stream_putl(s, addpath_tx_id);
2675 /* Label, RD, Prefix write. */
2676 stream_putc(s, p->prefixlen + 88);
2677 stream_put(s, label, BGP_LABEL_BYTES);
2678 stream_put(s, prd->val, 8);
2679 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
2680 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
2681 /* EVPN prefix - contents depend on type */
2682 bgp_evpn_encode_prefix(s, p, prd, label, attr, addpath_encode,
2683 addpath_tx_id);
2684 } else if (safi == SAFI_LABELED_UNICAST) {
2685 /* Prefix write with label. */
2686 stream_put_labeled_prefix(s, p, label);
2687 } else
2688 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
2689 }
2690
2691 size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
2692 {
2693 int size = PSIZE(p->prefixlen);
2694 if (safi == SAFI_MPLS_VPN)
2695 size += 88;
2696 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
2697 size += 232; // TODO: Maximum possible for type-2, type-3 and
2698 // type-5
2699 return size;
2700 }
2701
2702 /*
2703 * Encodes the tunnel encapsulation attribute,
2704 * and with ENABLE_BGP_VNC the VNC attribute which uses
2705 * almost the same TLV format
2706 */
2707 static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
2708 struct stream *s, struct attr *attr,
2709 uint8_t attrtype)
2710 {
2711 unsigned int attrlenfield = 0;
2712 unsigned int attrhdrlen = 0;
2713 struct bgp_attr_encap_subtlv *subtlvs;
2714 struct bgp_attr_encap_subtlv *st;
2715 const char *attrname;
2716
2717 if (!attr || (attrtype == BGP_ATTR_ENCAP
2718 && (!attr->encap_tunneltype
2719 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
2720 return;
2721
2722 switch (attrtype) {
2723 case BGP_ATTR_ENCAP:
2724 attrname = "Tunnel Encap";
2725 subtlvs = attr->encap_subtlvs;
2726 if (subtlvs == NULL) /* nothing to do */
2727 return;
2728 /*
2729 * The tunnel encap attr has an "outer" tlv.
2730 * T = tunneltype,
2731 * L = total length of subtlvs,
2732 * V = concatenated subtlvs.
2733 */
2734 attrlenfield = 2 + 2; /* T + L */
2735 attrhdrlen = 1 + 1; /* subTLV T + L */
2736 break;
2737
2738 #if ENABLE_BGP_VNC
2739 case BGP_ATTR_VNC:
2740 attrname = "VNC";
2741 subtlvs = attr->vnc_subtlvs;
2742 if (subtlvs == NULL) /* nothing to do */
2743 return;
2744 attrlenfield = 0; /* no outer T + L */
2745 attrhdrlen = 2 + 2; /* subTLV T + L */
2746 break;
2747 #endif
2748
2749 default:
2750 assert(0);
2751 }
2752
2753 /* compute attr length */
2754 for (st = subtlvs; st; st = st->next) {
2755 attrlenfield += (attrhdrlen + st->length);
2756 }
2757
2758 if (attrlenfield > 0xffff) {
2759 zlog_info("%s attribute is too long (length=%d), can't send it",
2760 attrname, attrlenfield);
2761 return;
2762 }
2763
2764 if (attrlenfield > 0xff) {
2765 /* 2-octet length field */
2766 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
2767 | BGP_ATTR_FLAG_EXTLEN);
2768 stream_putc(s, attrtype);
2769 stream_putw(s, attrlenfield & 0xffff);
2770 } else {
2771 /* 1-octet length field */
2772 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
2773 stream_putc(s, attrtype);
2774 stream_putc(s, attrlenfield & 0xff);
2775 }
2776
2777 if (attrtype == BGP_ATTR_ENCAP) {
2778 /* write outer T+L */
2779 stream_putw(s, attr->encap_tunneltype);
2780 stream_putw(s, attrlenfield - 4);
2781 }
2782
2783 /* write each sub-tlv */
2784 for (st = subtlvs; st; st = st->next) {
2785 if (attrtype == BGP_ATTR_ENCAP) {
2786 stream_putc(s, st->type);
2787 stream_putc(s, st->length);
2788 #if ENABLE_BGP_VNC
2789 } else {
2790 stream_putw(s, st->type);
2791 stream_putw(s, st->length);
2792 #endif
2793 }
2794 stream_put(s, st->value, st->length);
2795 }
2796 }
2797
2798 void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
2799 {
2800 /* Set MP attribute length. Don't count the (2) bytes used to encode
2801 the attr length */
2802 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
2803 }
2804
2805 /* Make attribute packet. */
2806 bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
2807 struct stream *s, struct attr *attr,
2808 struct bpacket_attr_vec_arr *vecarr,
2809 struct prefix *p, afi_t afi, safi_t safi,
2810 struct peer *from, struct prefix_rd *prd,
2811 mpls_label_t *label, int addpath_encode,
2812 u_int32_t addpath_tx_id)
2813 {
2814 size_t cp;
2815 size_t aspath_sizep;
2816 struct aspath *aspath;
2817 int send_as4_path = 0;
2818 int send_as4_aggregator = 0;
2819 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
2820
2821 if (!bgp)
2822 bgp = peer->bgp;
2823
2824 /* Remember current pointer. */
2825 cp = stream_get_endp(s);
2826
2827 if (p
2828 && !((afi == AFI_IP && safi == SAFI_UNICAST)
2829 && !peer_cap_enhe(peer, afi, safi))) {
2830 size_t mpattrlen_pos = 0;
2831
2832 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
2833 vecarr, attr);
2834 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
2835 addpath_encode, addpath_tx_id, attr);
2836 bgp_packet_mpattr_end(s, mpattrlen_pos);
2837 }
2838
2839 /* Origin attribute. */
2840 stream_putc(s, BGP_ATTR_FLAG_TRANS);
2841 stream_putc(s, BGP_ATTR_ORIGIN);
2842 stream_putc(s, 1);
2843 stream_putc(s, attr->origin);
2844
2845 /* AS path attribute. */
2846
2847 /* If remote-peer is EBGP */
2848 if (peer->sort == BGP_PEER_EBGP
2849 && (!CHECK_FLAG(peer->af_flags[afi][safi],
2850 PEER_FLAG_AS_PATH_UNCHANGED)
2851 || attr->aspath->segments == NULL)
2852 && (!CHECK_FLAG(peer->af_flags[afi][safi],
2853 PEER_FLAG_RSERVER_CLIENT))) {
2854 aspath = aspath_dup(attr->aspath);
2855
2856 /* Even though we may not be configured for confederations we
2857 * may have
2858 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
2859 aspath = aspath_delete_confed_seq(aspath);
2860
2861 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
2862 /* Stuff our path CONFED_ID on the front */
2863 aspath = aspath_add_seq(aspath, bgp->confed_id);
2864 } else {
2865 if (peer->change_local_as) {
2866 /* If replace-as is specified, we only use the
2867 change_local_as when
2868 advertising routes. */
2869 if (!CHECK_FLAG(
2870 peer->flags,
2871 PEER_FLAG_LOCAL_AS_REPLACE_AS)) {
2872 aspath = aspath_add_seq(aspath,
2873 peer->local_as);
2874 }
2875 aspath = aspath_add_seq(aspath,
2876 peer->change_local_as);
2877 } else {
2878 aspath = aspath_add_seq(aspath, peer->local_as);
2879 }
2880 }
2881 } else if (peer->sort == BGP_PEER_CONFED) {
2882 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
2883 * thing */
2884 aspath = aspath_dup(attr->aspath);
2885 aspath = aspath_add_confed_seq(aspath, peer->local_as);
2886 } else
2887 aspath = attr->aspath;
2888
2889 /* If peer is not AS4 capable, then:
2890 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
2891 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
2892 * segment
2893 * types are in it (i.e. exclude them if they are there)
2894 * AND do this only if there is at least one asnum > 65535 in the
2895 * path!
2896 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
2897 * change
2898 * all ASnums > 65535 to BGP_AS_TRANS
2899 */
2900
2901 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
2902 stream_putc(s, BGP_ATTR_AS_PATH);
2903 aspath_sizep = stream_get_endp(s);
2904 stream_putw(s, 0);
2905 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
2906
2907 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
2908 * in the path
2909 */
2910 if (!use32bit && aspath_has_as4(aspath))
2911 send_as4_path =
2912 1; /* we'll do this later, at the correct place */
2913
2914 /* Nexthop attribute. */
2915 if (afi == AFI_IP && safi == SAFI_UNICAST
2916 && !peer_cap_enhe(peer, afi, safi)) {
2917 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
2918 stream_putc(s, BGP_ATTR_FLAG_TRANS);
2919 stream_putc(s, BGP_ATTR_NEXT_HOP);
2920 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
2921 attr);
2922 stream_putc(s, 4);
2923 stream_put_ipv4(s, attr->nexthop.s_addr);
2924 } else if (peer_cap_enhe(from, afi, safi)) {
2925 /*
2926 * Likely this is the case when an IPv4 prefix was
2927 * received with
2928 * Extended Next-hop capability and now being advertised
2929 * to
2930 * non-ENHE peers.
2931 * Setting the mandatory (ipv4) next-hop attribute here
2932 * to enable
2933 * implicit next-hop self with correct (ipv4 address
2934 * family).
2935 */
2936 stream_putc(s, BGP_ATTR_FLAG_TRANS);
2937 stream_putc(s, BGP_ATTR_NEXT_HOP);
2938 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
2939 NULL);
2940 stream_putc(s, 4);
2941 stream_put_ipv4(s, 0);
2942 }
2943 }
2944
2945 /* MED attribute. */
2946 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
2947 || bgp->maxmed_active) {
2948 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
2949 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
2950 stream_putc(s, 4);
2951 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
2952 : attr->med));
2953 }
2954
2955 /* Local preference. */
2956 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
2957 stream_putc(s, BGP_ATTR_FLAG_TRANS);
2958 stream_putc(s, BGP_ATTR_LOCAL_PREF);
2959 stream_putc(s, 4);
2960 stream_putl(s, attr->local_pref);
2961 }
2962
2963 /* Atomic aggregate. */
2964 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
2965 stream_putc(s, BGP_ATTR_FLAG_TRANS);
2966 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
2967 stream_putc(s, 0);
2968 }
2969
2970 /* Aggregator. */
2971 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
2972 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
2973 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
2974 stream_putc(s, BGP_ATTR_AGGREGATOR);
2975
2976 if (use32bit) {
2977 /* AS4 capable peer */
2978 stream_putc(s, 8);
2979 stream_putl(s, attr->aggregator_as);
2980 } else {
2981 /* 2-byte AS peer */
2982 stream_putc(s, 6);
2983
2984 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
2985 * used? */
2986 if (attr->aggregator_as > 65535) {
2987 stream_putw(s, BGP_AS_TRANS);
2988
2989 /* we have to send AS4_AGGREGATOR, too.
2990 * we'll do that later in order to send
2991 * attributes in ascending
2992 * order.
2993 */
2994 send_as4_aggregator = 1;
2995 } else
2996 stream_putw(s, (u_int16_t)attr->aggregator_as);
2997 }
2998 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
2999 }
3000
3001 /* Community attribute. */
3002 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3003 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3004 if (attr->community->size * 4 > 255) {
3005 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3006 | BGP_ATTR_FLAG_TRANS
3007 | BGP_ATTR_FLAG_EXTLEN);
3008 stream_putc(s, BGP_ATTR_COMMUNITIES);
3009 stream_putw(s, attr->community->size * 4);
3010 } else {
3011 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3012 | BGP_ATTR_FLAG_TRANS);
3013 stream_putc(s, BGP_ATTR_COMMUNITIES);
3014 stream_putc(s, attr->community->size * 4);
3015 }
3016 stream_put(s, attr->community->val, attr->community->size * 4);
3017 }
3018
3019 /*
3020 * Large Community attribute.
3021 */
3022 if (CHECK_FLAG(peer->af_flags[afi][safi],
3023 PEER_FLAG_SEND_LARGE_COMMUNITY)
3024 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
3025 if (lcom_length(attr->lcommunity) > 255) {
3026 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3027 | BGP_ATTR_FLAG_TRANS
3028 | BGP_ATTR_FLAG_EXTLEN);
3029 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3030 stream_putw(s, lcom_length(attr->lcommunity));
3031 } else {
3032 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3033 | BGP_ATTR_FLAG_TRANS);
3034 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3035 stream_putc(s, lcom_length(attr->lcommunity));
3036 }
3037 stream_put(s, attr->lcommunity->val,
3038 lcom_length(attr->lcommunity));
3039 }
3040
3041 /* Route Reflector. */
3042 if (peer->sort == BGP_PEER_IBGP && from
3043 && from->sort == BGP_PEER_IBGP) {
3044 /* Originator ID. */
3045 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3046 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3047 stream_putc(s, 4);
3048
3049 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3050 stream_put_in_addr(s, &attr->originator_id);
3051 else
3052 stream_put_in_addr(s, &from->remote_id);
3053
3054 /* Cluster list. */
3055 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3056 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3057
3058 if (attr->cluster) {
3059 stream_putc(s, attr->cluster->length + 4);
3060 /* If this peer configuration's parent BGP has
3061 * cluster_id. */
3062 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3063 stream_put_in_addr(s, &bgp->cluster_id);
3064 else
3065 stream_put_in_addr(s, &bgp->router_id);
3066 stream_put(s, attr->cluster->list,
3067 attr->cluster->length);
3068 } else {
3069 stream_putc(s, 4);
3070 /* If this peer configuration's parent BGP has
3071 * cluster_id. */
3072 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3073 stream_put_in_addr(s, &bgp->cluster_id);
3074 else
3075 stream_put_in_addr(s, &bgp->router_id);
3076 }
3077 }
3078
3079 /* Extended Communities attribute. */
3080 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3081 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3082 if (peer->sort == BGP_PEER_IBGP
3083 || peer->sort == BGP_PEER_CONFED) {
3084 if (attr->ecommunity->size * 8 > 255) {
3085 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3086 | BGP_ATTR_FLAG_TRANS
3087 | BGP_ATTR_FLAG_EXTLEN);
3088 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3089 stream_putw(s, attr->ecommunity->size * 8);
3090 } else {
3091 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3092 | BGP_ATTR_FLAG_TRANS);
3093 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3094 stream_putc(s, attr->ecommunity->size * 8);
3095 }
3096 stream_put(s, attr->ecommunity->val,
3097 attr->ecommunity->size * 8);
3098 } else {
3099 u_int8_t *pnt;
3100 int tbit;
3101 int ecom_tr_size = 0;
3102 int i;
3103
3104 for (i = 0; i < attr->ecommunity->size; i++) {
3105 pnt = attr->ecommunity->val + (i * 8);
3106 tbit = *pnt;
3107
3108 if (CHECK_FLAG(tbit,
3109 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3110 continue;
3111
3112 ecom_tr_size++;
3113 }
3114
3115 if (ecom_tr_size) {
3116 if (ecom_tr_size * 8 > 255) {
3117 stream_putc(
3118 s,
3119 BGP_ATTR_FLAG_OPTIONAL
3120 | BGP_ATTR_FLAG_TRANS
3121 | BGP_ATTR_FLAG_EXTLEN);
3122 stream_putc(s,
3123 BGP_ATTR_EXT_COMMUNITIES);
3124 stream_putw(s, ecom_tr_size * 8);
3125 } else {
3126 stream_putc(
3127 s,
3128 BGP_ATTR_FLAG_OPTIONAL
3129 | BGP_ATTR_FLAG_TRANS);
3130 stream_putc(s,
3131 BGP_ATTR_EXT_COMMUNITIES);
3132 stream_putc(s, ecom_tr_size * 8);
3133 }
3134
3135 for (i = 0; i < attr->ecommunity->size; i++) {
3136 pnt = attr->ecommunity->val + (i * 8);
3137 tbit = *pnt;
3138
3139 if (CHECK_FLAG(
3140 tbit,
3141 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3142 continue;
3143
3144 stream_put(s, pnt, 8);
3145 }
3146 }
3147 }
3148 }
3149
3150 /* Label index attribute. */
3151 if (safi == SAFI_LABELED_UNICAST) {
3152 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3153 u_int32_t label_index;
3154
3155 label_index = attr->label_index;
3156
3157 if (label_index != BGP_INVALID_LABEL_INDEX) {
3158 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3159 | BGP_ATTR_FLAG_TRANS);
3160 stream_putc(s, BGP_ATTR_PREFIX_SID);
3161 stream_putc(s, 10);
3162 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3163 stream_putw(s,
3164 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3165 stream_putc(s, 0); // reserved
3166 stream_putw(s, 0); // flags
3167 stream_putl(s, label_index);
3168 }
3169 }
3170 }
3171
3172 if (send_as4_path) {
3173 /* If the peer is NOT As4 capable, AND */
3174 /* there are ASnums > 65535 in path THEN
3175 * give out AS4_PATH */
3176
3177 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3178 * path segments!
3179 * Hm, I wonder... confederation things *should* only be at
3180 * the beginning of an aspath, right? Then we should use
3181 * aspath_delete_confed_seq for this, because it is already
3182 * there! (JK)
3183 * Folks, talk to me: what is reasonable here!?
3184 */
3185 aspath = aspath_delete_confed_seq(aspath);
3186
3187 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3188 | BGP_ATTR_FLAG_EXTLEN);
3189 stream_putc(s, BGP_ATTR_AS4_PATH);
3190 aspath_sizep = stream_get_endp(s);
3191 stream_putw(s, 0);
3192 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3193 }
3194
3195 if (aspath != attr->aspath)
3196 aspath_free(aspath);
3197
3198 if (send_as4_aggregator) {
3199 /* send AS4_AGGREGATOR, at this place */
3200 /* this section of code moved here in order to ensure the
3201 * correct
3202 * *ascending* order of attributes
3203 */
3204 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3205 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3206 stream_putc(s, 8);
3207 stream_putl(s, attr->aggregator_as);
3208 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3209 }
3210
3211 if (((afi == AFI_IP || afi == AFI_IP6)
3212 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3213 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3214 /* Tunnel Encap attribute */
3215 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
3216
3217 #if ENABLE_BGP_VNC
3218 /* VNC attribute */
3219 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
3220 #endif
3221 }
3222
3223 /* Unknown transit attribute. */
3224 if (attr->transit)
3225 stream_put(s, attr->transit->val, attr->transit->length);
3226
3227 /* Return total size of attribute. */
3228 return stream_get_endp(s) - cp;
3229 }
3230
3231 size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
3232 {
3233 unsigned long attrlen_pnt;
3234 iana_afi_t pkt_afi;
3235 iana_safi_t pkt_safi;
3236
3237 /* Set extended bit always to encode the attribute length as 2 bytes */
3238 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3239 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
3240
3241 attrlen_pnt = stream_get_endp(s);
3242 stream_putw(s, 0); /* Length of this attribute. */
3243
3244 /* Convert AFI, SAFI to values for packet. */
3245 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
3246
3247 stream_putw(s, pkt_afi);
3248 stream_putc(s, pkt_safi);
3249
3250 return attrlen_pnt;
3251 }
3252
3253 void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3254 safi_t safi, struct prefix_rd *prd,
3255 mpls_label_t *label, int addpath_encode,
3256 u_int32_t addpath_tx_id, struct attr *attr)
3257 {
3258 u_char wlabel[3] = {0x80, 0x00, 0x00};
3259
3260 if (safi == SAFI_LABELED_UNICAST)
3261 label = (mpls_label_t *)wlabel;
3262
3263 return bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3264 addpath_encode, addpath_tx_id, attr);
3265 }
3266
3267 void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
3268 {
3269 bgp_packet_mpattr_end(s, attrlen_pnt);
3270 }
3271
3272 /* Initialization of attribute. */
3273 void bgp_attr_init(void)
3274 {
3275 aspath_init();
3276 attrhash_init();
3277 community_init();
3278 ecommunity_init();
3279 lcommunity_init();
3280 cluster_init();
3281 transit_init();
3282 encap_init();
3283 }
3284
3285 void bgp_attr_finish(void)
3286 {
3287 aspath_finish();
3288 attrhash_finish();
3289 community_finish();
3290 ecommunity_finish();
3291 lcommunity_finish();
3292 cluster_finish();
3293 transit_finish();
3294 encap_finish();
3295 }
3296
3297 /* Make attribute packet. */
3298 void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3299 struct prefix *prefix)
3300 {
3301 unsigned long cp;
3302 unsigned long len;
3303 size_t aspath_lenp;
3304 struct aspath *aspath;
3305 int addpath_encode = 0;
3306 u_int32_t addpath_tx_id = 0;
3307
3308 /* Remember current pointer. */
3309 cp = stream_get_endp(s);
3310
3311 /* Place holder of length. */
3312 stream_putw(s, 0);
3313
3314 /* Origin attribute. */
3315 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3316 stream_putc(s, BGP_ATTR_ORIGIN);
3317 stream_putc(s, 1);
3318 stream_putc(s, attr->origin);
3319
3320 aspath = attr->aspath;
3321
3322 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3323 stream_putc(s, BGP_ATTR_AS_PATH);
3324 aspath_lenp = stream_get_endp(s);
3325 stream_putw(s, 0);
3326
3327 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3328
3329 /* Nexthop attribute. */
3330 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3331 if (prefix != NULL && prefix->family != AF_INET6) {
3332 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3333 stream_putc(s, BGP_ATTR_NEXT_HOP);
3334 stream_putc(s, 4);
3335 stream_put_ipv4(s, attr->nexthop.s_addr);
3336 }
3337
3338 /* MED attribute. */
3339 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3340 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3341 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3342 stream_putc(s, 4);
3343 stream_putl(s, attr->med);
3344 }
3345
3346 /* Local preference. */
3347 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3348 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3349 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3350 stream_putc(s, 4);
3351 stream_putl(s, attr->local_pref);
3352 }
3353
3354 /* Atomic aggregate. */
3355 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3356 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3357 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3358 stream_putc(s, 0);
3359 }
3360
3361 /* Aggregator. */
3362 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3363 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3364 stream_putc(s, BGP_ATTR_AGGREGATOR);
3365 stream_putc(s, 8);
3366 stream_putl(s, attr->aggregator_as);
3367 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3368 }
3369
3370 /* Community attribute. */
3371 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3372 if (attr->community->size * 4 > 255) {
3373 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3374 | BGP_ATTR_FLAG_TRANS
3375 | BGP_ATTR_FLAG_EXTLEN);
3376 stream_putc(s, BGP_ATTR_COMMUNITIES);
3377 stream_putw(s, attr->community->size * 4);
3378 } else {
3379 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3380 | BGP_ATTR_FLAG_TRANS);
3381 stream_putc(s, BGP_ATTR_COMMUNITIES);
3382 stream_putc(s, attr->community->size * 4);
3383 }
3384 stream_put(s, attr->community->val, attr->community->size * 4);
3385 }
3386
3387 /* Large Community attribute. */
3388 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
3389 if (lcom_length(attr->lcommunity) > 255) {
3390 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3391 | BGP_ATTR_FLAG_TRANS
3392 | BGP_ATTR_FLAG_EXTLEN);
3393 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3394 stream_putw(s, lcom_length(attr->lcommunity));
3395 } else {
3396 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3397 | BGP_ATTR_FLAG_TRANS);
3398 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3399 stream_putc(s, lcom_length(attr->lcommunity));
3400 }
3401
3402 stream_put(s, attr->lcommunity->val, lcom_length(attr->lcommunity));
3403 }
3404
3405 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3406 if (prefix != NULL && prefix->family == AF_INET6
3407 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3408 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3409 int sizep;
3410
3411 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3412 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3413 sizep = stream_get_endp(s);
3414
3415 /* MP header */
3416 stream_putc(s, 0); /* Marker: Attribute length. */
3417 stream_putw(s, AFI_IP6); /* AFI */
3418 stream_putc(s, SAFI_UNICAST); /* SAFI */
3419
3420 /* Next hop */
3421 stream_putc(s, attr->mp_nexthop_len);
3422 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3423 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3424 stream_put(s, &attr->mp_nexthop_local,
3425 IPV6_MAX_BYTELEN);
3426
3427 /* SNPA */
3428 stream_putc(s, 0);
3429
3430 /* Prefix */
3431 stream_put_prefix_addpath(s, prefix, addpath_encode,
3432 addpath_tx_id);
3433
3434 /* Set MP attribute length. */
3435 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3436 }
3437
3438 /* Prefix SID */
3439 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3440 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
3441 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL
3442 | BGP_ATTR_FLAG_TRANS);
3443 stream_putc(s, BGP_ATTR_PREFIX_SID);
3444 stream_putc(s, 10);
3445 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3446 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3447 stream_putc(s, 0); // reserved
3448 stream_putw(s, 0); // flags
3449 stream_putl(s, attr->label_index);
3450 }
3451 }
3452
3453 /* Return total size of attribute. */
3454 len = stream_get_endp(s) - cp - 2;
3455 stream_putw_at(s, cp, len);
3456 }
FRRouting mirror