]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_attr.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
*: Replace hash_cmp function return value to a bool
[mirror_frr.git] / bgpd / bgp_attr.c
1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "memory.h"
26 #include "vector.h"
27 #include "stream.h"
28 #include "log.h"
29 #include "hash.h"
30 #include "jhash.h"
31 #include "queue.h"
32 #include "table.h"
33 #include "filter.h"
34 #include "command.h"
35
36 #include "bgpd/bgpd.h"
37 #include "bgpd/bgp_attr.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_community.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_errors.h"
43 #include "bgpd/bgp_label.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_ecommunity.h"
46 #include "bgpd/bgp_lcommunity.h"
47 #include "bgpd/bgp_updgrp.h"
48 #include "bgpd/bgp_encap_types.h"
49 #if ENABLE_BGP_VNC
50 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
51 #include "bgp_encap_types.h"
52 #include "bgp_vnc_types.h"
53 #endif
54 #include "bgp_encap_types.h"
55 #include "bgp_evpn.h"
56 #include "bgp_flowspec_private.h"
57
58 /* Attribute strings for logging. */
59 static const struct message attr_str[] = {
60 {BGP_ATTR_ORIGIN, "ORIGIN"},
61 {BGP_ATTR_AS_PATH, "AS_PATH"},
62 {BGP_ATTR_NEXT_HOP, "NEXT_HOP"},
63 {BGP_ATTR_MULTI_EXIT_DISC, "MULTI_EXIT_DISC"},
64 {BGP_ATTR_LOCAL_PREF, "LOCAL_PREF"},
65 {BGP_ATTR_ATOMIC_AGGREGATE, "ATOMIC_AGGREGATE"},
66 {BGP_ATTR_AGGREGATOR, "AGGREGATOR"},
67 {BGP_ATTR_COMMUNITIES, "COMMUNITY"},
68 {BGP_ATTR_ORIGINATOR_ID, "ORIGINATOR_ID"},
69 {BGP_ATTR_CLUSTER_LIST, "CLUSTER_LIST"},
70 {BGP_ATTR_DPA, "DPA"},
71 {BGP_ATTR_ADVERTISER, "ADVERTISER"},
72 {BGP_ATTR_RCID_PATH, "RCID_PATH"},
73 {BGP_ATTR_MP_REACH_NLRI, "MP_REACH_NLRI"},
74 {BGP_ATTR_MP_UNREACH_NLRI, "MP_UNREACH_NLRI"},
75 {BGP_ATTR_EXT_COMMUNITIES, "EXT_COMMUNITIES"},
76 {BGP_ATTR_AS4_PATH, "AS4_PATH"},
77 {BGP_ATTR_AS4_AGGREGATOR, "AS4_AGGREGATOR"},
78 {BGP_ATTR_AS_PATHLIMIT, "AS_PATHLIMIT"},
79 {BGP_ATTR_PMSI_TUNNEL, "PMSI_TUNNEL_ATTRIBUTE"},
80 {BGP_ATTR_ENCAP, "ENCAP"},
81 #if ENABLE_BGP_VNC
82 {BGP_ATTR_VNC, "VNC"},
83 #endif
84 {BGP_ATTR_LARGE_COMMUNITIES, "LARGE_COMMUNITY"},
85 {BGP_ATTR_PREFIX_SID, "PREFIX_SID"},
86 {0}};
87
88 static const struct message attr_flag_str[] = {
89 {BGP_ATTR_FLAG_OPTIONAL, "Optional"},
90 {BGP_ATTR_FLAG_TRANS, "Transitive"},
91 {BGP_ATTR_FLAG_PARTIAL, "Partial"},
92 /* bgp_attr_flags_diagnose() relies on this bit being last in
93 this list */
94 {BGP_ATTR_FLAG_EXTLEN, "Extended Length"},
95 {0}};
96
97 static struct hash *cluster_hash;
98
99 static void *cluster_hash_alloc(void *p)
100 {
101 const struct cluster_list *val = (const struct cluster_list *)p;
102 struct cluster_list *cluster;
103
104 cluster = XMALLOC(MTYPE_CLUSTER, sizeof(struct cluster_list));
105 cluster->length = val->length;
106
107 if (cluster->length) {
108 cluster->list = XMALLOC(MTYPE_CLUSTER_VAL, val->length);
109 memcpy(cluster->list, val->list, val->length);
110 } else
111 cluster->list = NULL;
112
113 cluster->refcnt = 0;
114
115 return cluster;
116 }
117
118 /* Cluster list related functions. */
119 static struct cluster_list *cluster_parse(struct in_addr *pnt, int length)
120 {
121 struct cluster_list tmp;
122 struct cluster_list *cluster;
123
124 tmp.length = length;
125 tmp.list = pnt;
126
127 cluster = hash_get(cluster_hash, &tmp, cluster_hash_alloc);
128 cluster->refcnt++;
129 return cluster;
130 }
131
132 int cluster_loop_check(struct cluster_list *cluster, struct in_addr originator)
133 {
134 int i;
135
136 for (i = 0; i < cluster->length / 4; i++)
137 if (cluster->list[i].s_addr == originator.s_addr)
138 return 1;
139 return 0;
140 }
141
142 static unsigned int cluster_hash_key_make(void *p)
143 {
144 const struct cluster_list *cluster = p;
145
146 return jhash(cluster->list, cluster->length, 0);
147 }
148
149 static bool cluster_hash_cmp(const void *p1, const void *p2)
150 {
151 const struct cluster_list *cluster1 = p1;
152 const struct cluster_list *cluster2 = p2;
153
154 return (cluster1->length == cluster2->length
155 && memcmp(cluster1->list, cluster2->list, cluster1->length)
156 == 0);
157 }
158
159 static void cluster_free(struct cluster_list *cluster)
160 {
161 if (cluster->list)
162 XFREE(MTYPE_CLUSTER_VAL, cluster->list);
163 XFREE(MTYPE_CLUSTER, cluster);
164 }
165
166 static struct cluster_list *cluster_intern(struct cluster_list *cluster)
167 {
168 struct cluster_list *find;
169
170 find = hash_get(cluster_hash, cluster, cluster_hash_alloc);
171 find->refcnt++;
172
173 return find;
174 }
175
176 void cluster_unintern(struct cluster_list *cluster)
177 {
178 if (cluster->refcnt)
179 cluster->refcnt--;
180
181 if (cluster->refcnt == 0) {
182 hash_release(cluster_hash, cluster);
183 cluster_free(cluster);
184 }
185 }
186
187 static void cluster_init(void)
188 {
189 cluster_hash = hash_create(cluster_hash_key_make, cluster_hash_cmp,
190 "BGP Cluster");
191 }
192
193 static void cluster_finish(void)
194 {
195 hash_clean(cluster_hash, (void (*)(void *))cluster_free);
196 hash_free(cluster_hash);
197 cluster_hash = NULL;
198 }
199
200 static struct hash *encap_hash = NULL;
201 #if ENABLE_BGP_VNC
202 static struct hash *vnc_hash = NULL;
203 #endif
204
205 struct bgp_attr_encap_subtlv *encap_tlv_dup(struct bgp_attr_encap_subtlv *orig)
206 {
207 struct bgp_attr_encap_subtlv *new;
208 struct bgp_attr_encap_subtlv *tail;
209 struct bgp_attr_encap_subtlv *p;
210
211 for (p = orig, tail = new = NULL; p; p = p->next) {
212 int size = sizeof(struct bgp_attr_encap_subtlv) + p->length;
213 if (tail) {
214 tail->next = XCALLOC(MTYPE_ENCAP_TLV, size);
215 tail = tail->next;
216 } else {
217 tail = new = XCALLOC(MTYPE_ENCAP_TLV, size);
218 }
219 assert(tail);
220 memcpy(tail, p, size);
221 tail->next = NULL;
222 }
223
224 return new;
225 }
226
227 static void encap_free(struct bgp_attr_encap_subtlv *p)
228 {
229 struct bgp_attr_encap_subtlv *next;
230 while (p) {
231 next = p->next;
232 p->next = NULL;
233 XFREE(MTYPE_ENCAP_TLV, p);
234 p = next;
235 }
236 }
237
238 void bgp_attr_flush_encap(struct attr *attr)
239 {
240 if (!attr)
241 return;
242
243 if (attr->encap_subtlvs) {
244 encap_free(attr->encap_subtlvs);
245 attr->encap_subtlvs = NULL;
246 }
247 #if ENABLE_BGP_VNC
248 if (attr->vnc_subtlvs) {
249 encap_free(attr->vnc_subtlvs);
250 attr->vnc_subtlvs = NULL;
251 }
252 #endif
253 }
254
255 /*
256 * Compare encap sub-tlv chains
257 *
258 * 1 = equivalent
259 * 0 = not equivalent
260 *
261 * This algorithm could be made faster if needed
262 */
263 static int encap_same(const struct bgp_attr_encap_subtlv *h1,
264 const struct bgp_attr_encap_subtlv *h2)
265 {
266 const struct bgp_attr_encap_subtlv *p;
267 const struct bgp_attr_encap_subtlv *q;
268
269 if (h1 == h2)
270 return 1;
271 if (h1 == NULL || h2 == NULL)
272 return 0;
273
274 for (p = h1; p; p = p->next) {
275 for (q = h2; q; q = q->next) {
276 if ((p->type == q->type) && (p->length == q->length)
277 && !memcmp(p->value, q->value, p->length)) {
278
279 break;
280 }
281 }
282 if (!q)
283 return 0;
284 }
285
286 for (p = h2; p; p = p->next) {
287 for (q = h1; q; q = q->next) {
288 if ((p->type == q->type) && (p->length == q->length)
289 && !memcmp(p->value, q->value, p->length)) {
290
291 break;
292 }
293 }
294 if (!q)
295 return 0;
296 }
297
298 return 1;
299 }
300
301 static void *encap_hash_alloc(void *p)
302 {
303 /* Encap structure is already allocated. */
304 return p;
305 }
306
307 typedef enum {
308 ENCAP_SUBTLV_TYPE,
309 #if ENABLE_BGP_VNC
310 VNC_SUBTLV_TYPE
311 #endif
312 } encap_subtlv_type;
313
314 static struct bgp_attr_encap_subtlv *
315 encap_intern(struct bgp_attr_encap_subtlv *encap, encap_subtlv_type type)
316 {
317 struct bgp_attr_encap_subtlv *find;
318 struct hash *hash = encap_hash;
319 #if ENABLE_BGP_VNC
320 if (type == VNC_SUBTLV_TYPE)
321 hash = vnc_hash;
322 #endif
323
324 find = hash_get(hash, encap, encap_hash_alloc);
325 if (find != encap)
326 encap_free(encap);
327 find->refcnt++;
328
329 return find;
330 }
331
332 static void encap_unintern(struct bgp_attr_encap_subtlv **encapp,
333 encap_subtlv_type type)
334 {
335 struct bgp_attr_encap_subtlv *encap = *encapp;
336 if (encap->refcnt)
337 encap->refcnt--;
338
339 if (encap->refcnt == 0) {
340 struct hash *hash = encap_hash;
341 #if ENABLE_BGP_VNC
342 if (type == VNC_SUBTLV_TYPE)
343 hash = vnc_hash;
344 #endif
345 hash_release(hash, encap);
346 encap_free(encap);
347 *encapp = NULL;
348 }
349 }
350
351 static unsigned int encap_hash_key_make(void *p)
352 {
353 const struct bgp_attr_encap_subtlv *encap = p;
354
355 return jhash(encap->value, encap->length, 0);
356 }
357
358 static bool encap_hash_cmp(const void *p1, const void *p2)
359 {
360 return encap_same((const struct bgp_attr_encap_subtlv *)p1,
361 (const struct bgp_attr_encap_subtlv *)p2);
362 }
363
364 static void encap_init(void)
365 {
366 encap_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
367 "BGP Encap Hash");
368 #if ENABLE_BGP_VNC
369 vnc_hash = hash_create(encap_hash_key_make, encap_hash_cmp,
370 "BGP VNC Hash");
371 #endif
372 }
373
374 static void encap_finish(void)
375 {
376 hash_clean(encap_hash, (void (*)(void *))encap_free);
377 hash_free(encap_hash);
378 encap_hash = NULL;
379 #if ENABLE_BGP_VNC
380 hash_clean(vnc_hash, (void (*)(void *))encap_free);
381 hash_free(vnc_hash);
382 vnc_hash = NULL;
383 #endif
384 }
385
386 static bool overlay_index_same(const struct attr *a1, const struct attr *a2)
387 {
388 if (!a1 && a2)
389 return false;
390 if (!a2 && a1)
391 return false;
392 if (!a1 && !a2)
393 return true;
394 return !memcmp(&(a1->evpn_overlay), &(a2->evpn_overlay),
395 sizeof(struct overlay_index));
396 }
397
398 /* Unknown transit attribute. */
399 static struct hash *transit_hash;
400
401 static void transit_free(struct transit *transit)
402 {
403 if (transit->val)
404 XFREE(MTYPE_TRANSIT_VAL, transit->val);
405 XFREE(MTYPE_TRANSIT, transit);
406 }
407
408 static void *transit_hash_alloc(void *p)
409 {
410 /* Transit structure is already allocated. */
411 return p;
412 }
413
414 static struct transit *transit_intern(struct transit *transit)
415 {
416 struct transit *find;
417
418 find = hash_get(transit_hash, transit, transit_hash_alloc);
419 if (find != transit)
420 transit_free(transit);
421 find->refcnt++;
422
423 return find;
424 }
425
426 void transit_unintern(struct transit *transit)
427 {
428 if (transit->refcnt)
429 transit->refcnt--;
430
431 if (transit->refcnt == 0) {
432 hash_release(transit_hash, transit);
433 transit_free(transit);
434 }
435 }
436
437 static unsigned int transit_hash_key_make(void *p)
438 {
439 const struct transit *transit = p;
440
441 return jhash(transit->val, transit->length, 0);
442 }
443
444 static bool transit_hash_cmp(const void *p1, const void *p2)
445 {
446 const struct transit *transit1 = p1;
447 const struct transit *transit2 = p2;
448
449 return (transit1->length == transit2->length
450 && memcmp(transit1->val, transit2->val, transit1->length) == 0);
451 }
452
453 static void transit_init(void)
454 {
455 transit_hash = hash_create(transit_hash_key_make, transit_hash_cmp,
456 "BGP Transit Hash");
457 }
458
459 static void transit_finish(void)
460 {
461 hash_clean(transit_hash, (void (*)(void *))transit_free);
462 hash_free(transit_hash);
463 transit_hash = NULL;
464 }
465
466 /* Attribute hash routines. */
467 static struct hash *attrhash;
468
469 /* Shallow copy of an attribute
470 * Though, not so shallow that it doesn't copy the contents
471 * of the attr_extra pointed to by 'extra'
472 */
473 void bgp_attr_dup(struct attr *new, struct attr *orig)
474 {
475 *new = *orig;
476 }
477
478 unsigned long int attr_count(void)
479 {
480 return attrhash->count;
481 }
482
483 unsigned long int attr_unknown_count(void)
484 {
485 return transit_hash->count;
486 }
487
488 unsigned int attrhash_key_make(void *p)
489 {
490 const struct attr *attr = (struct attr *)p;
491 uint32_t key = 0;
492 #define MIX(val) key = jhash_1word(val, key)
493 #define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
494
495 MIX3(attr->origin, attr->nexthop.s_addr, attr->med);
496 MIX3(attr->local_pref, attr->aggregator_as,
497 attr->aggregator_addr.s_addr);
498 MIX3(attr->weight, attr->mp_nexthop_global_in.s_addr,
499 attr->originator_id.s_addr);
500 MIX3(attr->tag, attr->label, attr->label_index);
501
502 if (attr->aspath)
503 MIX(aspath_key_make(attr->aspath));
504 if (attr->community)
505 MIX(community_hash_make(attr->community));
506
507 if (attr->lcommunity)
508 MIX(lcommunity_hash_make(attr->lcommunity));
509 if (attr->ecommunity)
510 MIX(ecommunity_hash_make(attr->ecommunity));
511 if (attr->cluster)
512 MIX(cluster_hash_key_make(attr->cluster));
513 if (attr->transit)
514 MIX(transit_hash_key_make(attr->transit));
515 if (attr->encap_subtlvs)
516 MIX(encap_hash_key_make(attr->encap_subtlvs));
517 #if ENABLE_BGP_VNC
518 if (attr->vnc_subtlvs)
519 MIX(encap_hash_key_make(attr->vnc_subtlvs));
520 #endif
521 MIX(attr->mp_nexthop_len);
522 key = jhash(attr->mp_nexthop_global.s6_addr, IPV6_MAX_BYTELEN, key);
523 key = jhash(attr->mp_nexthop_local.s6_addr, IPV6_MAX_BYTELEN, key);
524 MIX(attr->nh_ifindex);
525 MIX(attr->nh_lla_ifindex);
526
527 return key;
528 }
529
530 bool attrhash_cmp(const void *p1, const void *p2)
531 {
532 const struct attr *attr1 = p1;
533 const struct attr *attr2 = p2;
534
535 if (attr1->flag == attr2->flag && attr1->origin == attr2->origin
536 && attr1->nexthop.s_addr == attr2->nexthop.s_addr
537 && attr1->aspath == attr2->aspath
538 && attr1->community == attr2->community && attr1->med == attr2->med
539 && attr1->local_pref == attr2->local_pref
540 && attr1->rmap_change_flags == attr2->rmap_change_flags) {
541 if (attr1->aggregator_as == attr2->aggregator_as
542 && attr1->aggregator_addr.s_addr
543 == attr2->aggregator_addr.s_addr
544 && attr1->weight == attr2->weight
545 && attr1->tag == attr2->tag
546 && attr1->label_index == attr2->label_index
547 && attr1->mp_nexthop_len == attr2->mp_nexthop_len
548 && attr1->ecommunity == attr2->ecommunity
549 && attr1->lcommunity == attr2->lcommunity
550 && attr1->cluster == attr2->cluster
551 && attr1->transit == attr2->transit
552 && (attr1->encap_tunneltype == attr2->encap_tunneltype)
553 && encap_same(attr1->encap_subtlvs, attr2->encap_subtlvs)
554 #if ENABLE_BGP_VNC
555 && encap_same(attr1->vnc_subtlvs, attr2->vnc_subtlvs)
556 #endif
557 && IPV6_ADDR_SAME(&attr1->mp_nexthop_global,
558 &attr2->mp_nexthop_global)
559 && IPV6_ADDR_SAME(&attr1->mp_nexthop_local,
560 &attr2->mp_nexthop_local)
561 && IPV4_ADDR_SAME(&attr1->mp_nexthop_global_in,
562 &attr2->mp_nexthop_global_in)
563 && IPV4_ADDR_SAME(&attr1->originator_id,
564 &attr2->originator_id)
565 && overlay_index_same(attr1, attr2)
566 && attr1->nh_ifindex == attr2->nh_ifindex
567 && attr1->nh_lla_ifindex == attr2->nh_lla_ifindex)
568 return true;
569 }
570
571 return false;
572 }
573
574 static void attrhash_init(void)
575 {
576 attrhash =
577 hash_create(attrhash_key_make, attrhash_cmp, "BGP Attributes");
578 }
579
580 /*
581 * special for hash_clean below
582 */
583 static void attr_vfree(void *attr)
584 {
585 XFREE(MTYPE_ATTR, attr);
586 }
587
588 static void attrhash_finish(void)
589 {
590 hash_clean(attrhash, attr_vfree);
591 hash_free(attrhash);
592 attrhash = NULL;
593 }
594
595 static void attr_show_all_iterator(struct hash_backet *backet, struct vty *vty)
596 {
597 struct attr *attr = backet->data;
598
599 vty_out(vty, "attr[%ld] nexthop %s\n", attr->refcnt,
600 inet_ntoa(attr->nexthop));
601 vty_out(vty, "\tflags: %" PRIu64 " med: %u local_pref: %u origin: %u weight: %u label: %u\n",
602 attr->flag, attr->med, attr->local_pref, attr->origin,
603 attr->weight, attr->label);
604 }
605
606 void attr_show_all(struct vty *vty)
607 {
608 hash_iterate(attrhash, (void (*)(struct hash_backet *,
609 void *))attr_show_all_iterator,
610 vty);
611 }
612
613 static void *bgp_attr_hash_alloc(void *p)
614 {
615 struct attr *val = (struct attr *)p;
616 struct attr *attr;
617
618 attr = XMALLOC(MTYPE_ATTR, sizeof(struct attr));
619 *attr = *val;
620 if (val->encap_subtlvs) {
621 val->encap_subtlvs = NULL;
622 }
623 #if ENABLE_BGP_VNC
624 if (val->vnc_subtlvs) {
625 val->vnc_subtlvs = NULL;
626 }
627 #endif
628 attr->refcnt = 0;
629 return attr;
630 }
631
632 /* Internet argument attribute. */
633 struct attr *bgp_attr_intern(struct attr *attr)
634 {
635 struct attr *find;
636
637 /* Intern referenced strucutre. */
638 if (attr->aspath) {
639 if (!attr->aspath->refcnt)
640 attr->aspath = aspath_intern(attr->aspath);
641 else
642 attr->aspath->refcnt++;
643 }
644 if (attr->community) {
645 if (!attr->community->refcnt)
646 attr->community = community_intern(attr->community);
647 else
648 attr->community->refcnt++;
649 }
650
651 if (attr->ecommunity) {
652 if (!attr->ecommunity->refcnt)
653 attr->ecommunity = ecommunity_intern(attr->ecommunity);
654 else
655 attr->ecommunity->refcnt++;
656 }
657 if (attr->lcommunity) {
658 if (!attr->lcommunity->refcnt)
659 attr->lcommunity = lcommunity_intern(attr->lcommunity);
660 else
661 attr->lcommunity->refcnt++;
662 }
663 if (attr->cluster) {
664 if (!attr->cluster->refcnt)
665 attr->cluster = cluster_intern(attr->cluster);
666 else
667 attr->cluster->refcnt++;
668 }
669 if (attr->transit) {
670 if (!attr->transit->refcnt)
671 attr->transit = transit_intern(attr->transit);
672 else
673 attr->transit->refcnt++;
674 }
675 if (attr->encap_subtlvs) {
676 if (!attr->encap_subtlvs->refcnt)
677 attr->encap_subtlvs = encap_intern(attr->encap_subtlvs,
678 ENCAP_SUBTLV_TYPE);
679 else
680 attr->encap_subtlvs->refcnt++;
681 }
682 #if ENABLE_BGP_VNC
683 if (attr->vnc_subtlvs) {
684 if (!attr->vnc_subtlvs->refcnt)
685 attr->vnc_subtlvs = encap_intern(attr->vnc_subtlvs,
686 VNC_SUBTLV_TYPE);
687 else
688 attr->vnc_subtlvs->refcnt++;
689 }
690 #endif
691
692 /* At this point, attr only contains intern'd pointers. that means
693 * if we find it in attrhash, it has all the same pointers and we
694 * correctly updated the refcounts on these.
695 * If we don't find it, we need to allocate a one because in all
696 * cases this returns a new reference to a hashed attr, but the input
697 * wasn't on hash. */
698 find = (struct attr *)hash_get(attrhash, attr, bgp_attr_hash_alloc);
699 find->refcnt++;
700
701 return find;
702 }
703
704 /* Make network statement's attribute. */
705 struct attr *bgp_attr_default_set(struct attr *attr, uint8_t origin)
706 {
707 memset(attr, 0, sizeof(struct attr));
708
709 attr->origin = origin;
710 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
711 attr->aspath = aspath_empty();
712 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
713 attr->weight = BGP_ATTR_DEFAULT_WEIGHT;
714 attr->tag = 0;
715 attr->label_index = BGP_INVALID_LABEL_INDEX;
716 attr->label = MPLS_INVALID_LABEL;
717 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
718 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
719
720 return attr;
721 }
722
723 /* Create the attributes for an aggregate */
724 struct attr *bgp_attr_aggregate_intern(struct bgp *bgp, uint8_t origin,
725 struct aspath *aspath,
726 struct community *community,
727 struct ecommunity *ecommunity,
728 struct lcommunity *lcommunity,
729 int as_set, uint8_t atomic_aggregate)
730 {
731 struct attr attr;
732 struct attr *new;
733
734 memset(&attr, 0, sizeof(struct attr));
735
736 /* Origin attribute. */
737 attr.origin = origin;
738 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
739
740 /* AS path attribute. */
741 if (aspath)
742 attr.aspath = aspath_intern(aspath);
743 else
744 attr.aspath = aspath_empty();
745 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
746
747 /* Next hop attribute. */
748 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
749
750 if (community) {
751 uint32_t gshut = COMMUNITY_GSHUT;
752
753 /* If we are not shutting down ourselves and we are
754 * aggregating a route that contains the GSHUT community we
755 * need to remove that community when creating the aggregate */
756 if (!bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)
757 && community_include(community, gshut)) {
758 community_del_val(community, &gshut);
759 }
760
761 attr.community = community;
762 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
763 }
764
765 if (ecommunity) {
766 attr.ecommunity = ecommunity;
767 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
768 }
769
770 if (lcommunity) {
771 attr.lcommunity = lcommunity;
772 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
773 }
774
775 if (bgp_flag_check(bgp, BGP_FLAG_GRACEFUL_SHUTDOWN)) {
776 bgp_attr_add_gshut_community(&attr);
777 }
778
779 attr.label_index = BGP_INVALID_LABEL_INDEX;
780 attr.label = MPLS_INVALID_LABEL;
781 attr.weight = BGP_ATTR_DEFAULT_WEIGHT;
782 attr.mp_nexthop_len = IPV6_MAX_BYTELEN;
783 if (!as_set || atomic_aggregate)
784 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
785 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
786 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION))
787 attr.aggregator_as = bgp->confed_id;
788 else
789 attr.aggregator_as = bgp->as;
790 attr.aggregator_addr = bgp->router_id;
791 attr.label_index = BGP_INVALID_LABEL_INDEX;
792 attr.label = MPLS_INVALID_LABEL;
793
794 new = bgp_attr_intern(&attr);
795
796 aspath_unintern(&new->aspath);
797 return new;
798 }
799
800 /* Unintern just the sub-components of the attr, but not the attr */
801 void bgp_attr_unintern_sub(struct attr *attr)
802 {
803 /* aspath refcount shoud be decrement. */
804 if (attr->aspath)
805 aspath_unintern(&attr->aspath);
806 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH));
807
808 if (attr->community)
809 community_unintern(&attr->community);
810 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES));
811
812 if (attr->ecommunity)
813 ecommunity_unintern(&attr->ecommunity);
814 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES));
815
816 if (attr->lcommunity)
817 lcommunity_unintern(&attr->lcommunity);
818 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES));
819
820 if (attr->cluster)
821 cluster_unintern(attr->cluster);
822 UNSET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST));
823
824 if (attr->transit)
825 transit_unintern(attr->transit);
826
827 if (attr->encap_subtlvs)
828 encap_unintern(&attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
829
830 #if ENABLE_BGP_VNC
831 if (attr->vnc_subtlvs)
832 encap_unintern(&attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
833 #endif
834 }
835
836 /*
837 * We have some show commands that let you experimentally
838 * apply a route-map. When we apply the route-map
839 * we are reseting values but not saving them for
840 * posterity via intern'ing( because route-maps don't
841 * do that) but at this point in time we need
842 * to compare the new attr to the old and if the
843 * routemap has changed it we need to, as Snoop Dog says,
844 * Drop it like it's hot
845 */
846 void bgp_attr_undup(struct attr *new, struct attr *old)
847 {
848 if (new->aspath != old->aspath)
849 aspath_free(new->aspath);
850
851 if (new->community != old->community)
852 community_free(new->community);
853
854 if (new->ecommunity != old->ecommunity)
855 ecommunity_free(&new->ecommunity);
856
857 if (new->lcommunity != old->lcommunity)
858 lcommunity_free(&new->lcommunity);
859 }
860
861 /* Free bgp attribute and aspath. */
862 void bgp_attr_unintern(struct attr **pattr)
863 {
864 struct attr *attr = *pattr;
865 struct attr *ret;
866 struct attr tmp;
867
868 /* Decrement attribute reference. */
869 attr->refcnt--;
870
871 tmp = *attr;
872
873 /* If reference becomes zero then free attribute object. */
874 if (attr->refcnt == 0) {
875 ret = hash_release(attrhash, attr);
876 assert(ret != NULL);
877 XFREE(MTYPE_ATTR, attr);
878 *pattr = NULL;
879 }
880
881 bgp_attr_unintern_sub(&tmp);
882 }
883
884 void bgp_attr_flush(struct attr *attr)
885 {
886 if (attr->aspath && !attr->aspath->refcnt) {
887 aspath_free(attr->aspath);
888 attr->aspath = NULL;
889 }
890 if (attr->community && !attr->community->refcnt) {
891 community_free(attr->community);
892 attr->community = NULL;
893 }
894
895 if (attr->ecommunity && !attr->ecommunity->refcnt)
896 ecommunity_free(&attr->ecommunity);
897 if (attr->lcommunity && !attr->lcommunity->refcnt)
898 lcommunity_free(&attr->lcommunity);
899 if (attr->cluster && !attr->cluster->refcnt) {
900 cluster_free(attr->cluster);
901 attr->cluster = NULL;
902 }
903 if (attr->transit && !attr->transit->refcnt) {
904 transit_free(attr->transit);
905 attr->transit = NULL;
906 }
907 if (attr->encap_subtlvs && !attr->encap_subtlvs->refcnt) {
908 encap_free(attr->encap_subtlvs);
909 attr->encap_subtlvs = NULL;
910 }
911 #if ENABLE_BGP_VNC
912 if (attr->vnc_subtlvs && !attr->vnc_subtlvs->refcnt) {
913 encap_free(attr->vnc_subtlvs);
914 attr->vnc_subtlvs = NULL;
915 }
916 #endif
917 }
918
919 /* Implement draft-scudder-idr-optional-transitive behaviour and
920 * avoid resetting sessions for malformed attributes which are
921 * are partial/optional and hence where the error likely was not
922 * introduced by the sending neighbour.
923 */
924 static bgp_attr_parse_ret_t
925 bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
926 bgp_size_t length)
927 {
928 struct peer *const peer = args->peer;
929 const uint8_t flags = args->flags;
930 /* startp and length must be special-cased, as whether or not to
931 * send the attribute data with the NOTIFY depends on the error,
932 * the caller therefore signals this with the seperate length argument
933 */
934 uint8_t *notify_datap = (length > 0 ? args->startp : NULL);
935
936 /* Only relax error handling for eBGP peers */
937 if (peer->sort != BGP_PEER_EBGP) {
938 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
939 notify_datap, length);
940 return BGP_ATTR_PARSE_ERROR;
941 }
942
943 /* Adjust the stream getp to the end of the attribute, in case we can
944 * still proceed but the caller hasn't read all the attribute.
945 */
946 stream_set_getp(BGP_INPUT(peer),
947 (args->startp - STREAM_DATA(BGP_INPUT(peer)))
948 + args->total);
949
950 switch (args->type) {
951 /* where an attribute is relatively inconsequential, e.g. it does not
952 * affect route selection, and can be safely ignored, then any such
953 * attributes which are malformed should just be ignored and the route
954 * processed as normal.
955 */
956 case BGP_ATTR_AS4_AGGREGATOR:
957 case BGP_ATTR_AGGREGATOR:
958 case BGP_ATTR_ATOMIC_AGGREGATE:
959 return BGP_ATTR_PARSE_PROCEED;
960
961 /* Core attributes, particularly ones which may influence route
962 * selection, should always cause session resets
963 */
964 case BGP_ATTR_ORIGIN:
965 case BGP_ATTR_AS_PATH:
966 case BGP_ATTR_NEXT_HOP:
967 case BGP_ATTR_MULTI_EXIT_DISC:
968 case BGP_ATTR_LOCAL_PREF:
969 case BGP_ATTR_COMMUNITIES:
970 case BGP_ATTR_ORIGINATOR_ID:
971 case BGP_ATTR_CLUSTER_LIST:
972 case BGP_ATTR_MP_REACH_NLRI:
973 case BGP_ATTR_MP_UNREACH_NLRI:
974 case BGP_ATTR_EXT_COMMUNITIES:
975 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, subcode,
976 notify_datap, length);
977 return BGP_ATTR_PARSE_ERROR;
978 }
979
980 /* Partial optional attributes that are malformed should not cause
981 * the whole session to be reset. Instead treat it as a withdrawal
982 * of the routes, if possible.
983 */
984 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
985 && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
986 && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
987 return BGP_ATTR_PARSE_WITHDRAW;
988
989 /* default to reset */
990 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
991 }
992
993 /* Find out what is wrong with the path attribute flag bits and log the error.
994 "Flag bits" here stand for Optional, Transitive and Partial, but not for
995 Extended Length. Checking O/T/P bits at once implies, that the attribute
996 being diagnosed is defined by RFC as either a "well-known" or an "optional,
997 non-transitive" attribute. */
998 static void
999 bgp_attr_flags_diagnose(struct bgp_attr_parser_args *args,
1000 uint8_t desired_flags /* how RFC says it must be */
1001 )
1002 {
1003 uint8_t seen = 0, i;
1004 uint8_t real_flags = args->flags;
1005 const uint8_t attr_code = args->type;
1006
1007 desired_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1008 real_flags &= ~BGP_ATTR_FLAG_EXTLEN;
1009 for (i = 0; i <= 2; i++) /* O,T,P, but not E */
1010 if (CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1011 != CHECK_FLAG(real_flags, attr_flag_str[i].key)) {
1012 flog_err(EC_BGP_ATTR_FLAG,
1013 "%s attribute must%s be flagged as \"%s\"",
1014 lookup_msg(attr_str, attr_code, NULL),
1015 CHECK_FLAG(desired_flags, attr_flag_str[i].key)
1016 ? ""
1017 : " not",
1018 attr_flag_str[i].str);
1019 seen = 1;
1020 }
1021 if (!seen) {
1022 zlog_debug(
1023 "Strange, %s called for attr %s, but no problem found with flags"
1024 " (real flags 0x%x, desired 0x%x)",
1025 __func__, lookup_msg(attr_str, attr_code, NULL),
1026 real_flags, desired_flags);
1027 }
1028 }
1029
1030 /* Required flags for attributes. EXTLEN will be masked off when testing,
1031 * as will PARTIAL for optional+transitive attributes.
1032 */
1033 const uint8_t attr_flags_values[] = {
1034 [BGP_ATTR_ORIGIN] = BGP_ATTR_FLAG_TRANS,
1035 [BGP_ATTR_AS_PATH] = BGP_ATTR_FLAG_TRANS,
1036 [BGP_ATTR_NEXT_HOP] = BGP_ATTR_FLAG_TRANS,
1037 [BGP_ATTR_MULTI_EXIT_DISC] = BGP_ATTR_FLAG_OPTIONAL,
1038 [BGP_ATTR_LOCAL_PREF] = BGP_ATTR_FLAG_TRANS,
1039 [BGP_ATTR_ATOMIC_AGGREGATE] = BGP_ATTR_FLAG_TRANS,
1040 [BGP_ATTR_AGGREGATOR] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1041 [BGP_ATTR_COMMUNITIES] = BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL,
1042 [BGP_ATTR_ORIGINATOR_ID] = BGP_ATTR_FLAG_OPTIONAL,
1043 [BGP_ATTR_CLUSTER_LIST] = BGP_ATTR_FLAG_OPTIONAL,
1044 [BGP_ATTR_MP_REACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1045 [BGP_ATTR_MP_UNREACH_NLRI] = BGP_ATTR_FLAG_OPTIONAL,
1046 [BGP_ATTR_EXT_COMMUNITIES] =
1047 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1048 [BGP_ATTR_AS4_PATH] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1049 [BGP_ATTR_AS4_AGGREGATOR] =
1050 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1051 [BGP_ATTR_PMSI_TUNNEL] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1052 [BGP_ATTR_LARGE_COMMUNITIES] =
1053 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1054 [BGP_ATTR_PREFIX_SID] = BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS,
1055 };
1056 static const size_t attr_flags_values_max = array_size(attr_flags_values) - 1;
1057
1058 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args *args)
1059 {
1060 uint8_t mask = BGP_ATTR_FLAG_EXTLEN;
1061 const uint8_t flags = args->flags;
1062 const uint8_t attr_code = args->type;
1063
1064 /* there may be attributes we don't know about */
1065 if (attr_code > attr_flags_values_max)
1066 return 0;
1067 if (attr_flags_values[attr_code] == 0)
1068 return 0;
1069
1070 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1071 * to
1072 * 1."
1073 */
1074 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL, flags)
1075 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS, flags)) {
1076 flog_err(
1077 EC_BGP_ATTR_FLAG,
1078 "%s well-known attributes must have transitive flag set (%x)",
1079 lookup_msg(attr_str, attr_code, NULL), flags);
1080 return 1;
1081 }
1082
1083 /* "For well-known attributes and for optional non-transitive
1084 * attributes,
1085 * the Partial bit MUST be set to 0."
1086 */
1087 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL)) {
1088 if (!CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)) {
1089 flog_err(EC_BGP_ATTR_FLAG,
1090 "%s well-known attribute "
1091 "must NOT have the partial flag set (%x)",
1092 lookup_msg(attr_str, attr_code, NULL), flags);
1093 return 1;
1094 }
1095 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1096 && !CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)) {
1097 flog_err(EC_BGP_ATTR_FLAG,
1098 "%s optional + transitive attribute "
1099 "must NOT have the partial flag set (%x)",
1100 lookup_msg(attr_str, attr_code, NULL), flags);
1101 return 1;
1102 }
1103 }
1104
1105 /* Optional transitive attributes may go through speakers that don't
1106 * reocgnise them and set the Partial bit.
1107 */
1108 if (CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
1109 && CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS))
1110 SET_FLAG(mask, BGP_ATTR_FLAG_PARTIAL);
1111
1112 if ((flags & ~mask) == attr_flags_values[attr_code])
1113 return 0;
1114
1115 bgp_attr_flags_diagnose(args, attr_flags_values[attr_code]);
1116 return 1;
1117 }
1118
1119 /* Get origin attribute of the update message. */
1120 static bgp_attr_parse_ret_t bgp_attr_origin(struct bgp_attr_parser_args *args)
1121 {
1122 struct peer *const peer = args->peer;
1123 struct attr *const attr = args->attr;
1124 const bgp_size_t length = args->length;
1125
1126 /* If any recognized attribute has Attribute Length that conflicts
1127 with the expected length (based on the attribute type code), then
1128 the Error Subcode is set to Attribute Length Error. The Data
1129 field contains the erroneous attribute (type, length and
1130 value). */
1131 if (length != 1) {
1132 flog_err(EC_BGP_ATTR_LEN,
1133 "Origin attribute length is not one %d", length);
1134 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1135 args->total);
1136 }
1137
1138 /* Fetch origin attribute. */
1139 attr->origin = stream_getc(BGP_INPUT(peer));
1140
1141 /* If the ORIGIN attribute has an undefined value, then the Error
1142 Subcode is set to Invalid Origin Attribute. The Data field
1143 contains the unrecognized attribute (type, length and value). */
1144 if ((attr->origin != BGP_ORIGIN_IGP) && (attr->origin != BGP_ORIGIN_EGP)
1145 && (attr->origin != BGP_ORIGIN_INCOMPLETE)) {
1146 flog_err(EC_BGP_ATTR_ORIGIN,
1147 "Origin attribute value is invalid %d", attr->origin);
1148 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_INVAL_ORIGIN,
1149 args->total);
1150 }
1151
1152 /* Set oring attribute flag. */
1153 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN);
1154
1155 return 0;
1156 }
1157
1158 /* Parse AS path information. This function is wrapper of
1159 aspath_parse. */
1160 static int bgp_attr_aspath(struct bgp_attr_parser_args *args)
1161 {
1162 struct attr *const attr = args->attr;
1163 struct peer *const peer = args->peer;
1164 const bgp_size_t length = args->length;
1165
1166 /*
1167 * peer with AS4 => will get 4Byte ASnums
1168 * otherwise, will get 16 Bit
1169 */
1170 attr->aspath = aspath_parse(peer->curr, length,
1171 CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV));
1172
1173 /* In case of IBGP, length will be zero. */
1174 if (!attr->aspath) {
1175 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1176 "Malformed AS path from %s, length is %d", peer->host,
1177 length);
1178 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1179 0);
1180 }
1181
1182 /* Set aspath attribute flag. */
1183 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH);
1184
1185 return BGP_ATTR_PARSE_PROCEED;
1186 }
1187
1188 static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer,
1189 struct attr *const attr)
1190 {
1191 /* These checks were part of bgp_attr_aspath, but with
1192 * as4 we should to check aspath things when
1193 * aspath synthesizing with as4_path has already taken place.
1194 * Otherwise we check ASPATH and use the synthesized thing, and that is
1195 * not right.
1196 * So do the checks later, i.e. here
1197 */
1198 struct aspath *aspath;
1199
1200 /* Confederation sanity check. */
1201 if ((peer->sort == BGP_PEER_CONFED
1202 && !aspath_left_confed_check(attr->aspath))
1203 || (peer->sort == BGP_PEER_EBGP
1204 && aspath_confed_check(attr->aspath))) {
1205 flog_err(EC_BGP_ATTR_MAL_AS_PATH, "Malformed AS path from %s",
1206 peer->host);
1207 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1208 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1209 return BGP_ATTR_PARSE_ERROR;
1210 }
1211
1212 /* First AS check for EBGP. */
1213 if (CHECK_FLAG(peer->flags, PEER_FLAG_ENFORCE_FIRST_AS)) {
1214 if (peer->sort == BGP_PEER_EBGP
1215 && !aspath_firstas_check(attr->aspath, peer->as)) {
1216 flog_err(EC_BGP_ATTR_FIRST_AS,
1217 "%s incorrect first AS (must be %u)",
1218 peer->host, peer->as);
1219 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1220 BGP_NOTIFY_UPDATE_MAL_AS_PATH);
1221 return BGP_ATTR_PARSE_ERROR;
1222 }
1223 }
1224
1225 /* local-as prepend */
1226 if (peer->change_local_as
1227 && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) {
1228 aspath = aspath_dup(attr->aspath);
1229 aspath = aspath_add_seq(aspath, peer->change_local_as);
1230 aspath_unintern(&attr->aspath);
1231 attr->aspath = aspath_intern(aspath);
1232 }
1233
1234 return BGP_ATTR_PARSE_PROCEED;
1235 }
1236
1237 /* Parse AS4 path information. This function is another wrapper of
1238 aspath_parse. */
1239 static int bgp_attr_as4_path(struct bgp_attr_parser_args *args,
1240 struct aspath **as4_path)
1241 {
1242 struct peer *const peer = args->peer;
1243 struct attr *const attr = args->attr;
1244 const bgp_size_t length = args->length;
1245
1246 *as4_path = aspath_parse(peer->curr, length, 1);
1247
1248 /* In case of IBGP, length will be zero. */
1249 if (!*as4_path) {
1250 flog_err(EC_BGP_ATTR_MAL_AS_PATH,
1251 "Malformed AS4 path from %s, length is %d", peer->host,
1252 length);
1253 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH,
1254 0);
1255 }
1256
1257 /* Set aspath attribute flag. */
1258 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH);
1259
1260 return BGP_ATTR_PARSE_PROCEED;
1261 }
1262
1263 /* Nexthop attribute. */
1264 static bgp_attr_parse_ret_t bgp_attr_nexthop(struct bgp_attr_parser_args *args)
1265 {
1266 struct peer *const peer = args->peer;
1267 struct attr *const attr = args->attr;
1268 const bgp_size_t length = args->length;
1269
1270 in_addr_t nexthop_h, nexthop_n;
1271
1272 /* Check nexthop attribute length. */
1273 if (length != 4) {
1274 flog_err(EC_BGP_ATTR_LEN,
1275 "Nexthop attribute length isn't four [%d]", length);
1276
1277 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1278 args->total);
1279 }
1280
1281 /* According to section 6.3 of RFC4271, syntactically incorrect NEXT_HOP
1282 attribute must result in a NOTIFICATION message (this is implemented
1283 below).
1284 At the same time, semantically incorrect NEXT_HOP is more likely to
1285 be just
1286 logged locally (this is implemented somewhere else). The UPDATE
1287 message
1288 gets ignored in any of these cases. */
1289 nexthop_n = stream_get_ipv4(peer->curr);
1290 nexthop_h = ntohl(nexthop_n);
1291 if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
1292 || IPV4_CLASS_DE(nexthop_h))
1293 && !BGP_DEBUG(
1294 allow_martians,
1295 ALLOW_MARTIANS)) /* loopbacks may be used in testing */
1296 {
1297 char buf[INET_ADDRSTRLEN];
1298 inet_ntop(AF_INET, &nexthop_n, buf, INET_ADDRSTRLEN);
1299 flog_err(EC_BGP_ATTR_MARTIAN_NH, "Martian nexthop %s", buf);
1300 return bgp_attr_malformed(
1301 args, BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP, args->total);
1302 }
1303
1304 attr->nexthop.s_addr = nexthop_n;
1305 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
1306
1307 return BGP_ATTR_PARSE_PROCEED;
1308 }
1309
1310 /* MED atrribute. */
1311 static bgp_attr_parse_ret_t bgp_attr_med(struct bgp_attr_parser_args *args)
1312 {
1313 struct peer *const peer = args->peer;
1314 struct attr *const attr = args->attr;
1315 const bgp_size_t length = args->length;
1316
1317 /* Length check. */
1318 if (length != 4) {
1319 flog_err(EC_BGP_ATTR_LEN,
1320 "MED attribute length isn't four [%d]", length);
1321
1322 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1323 args->total);
1324 }
1325
1326 attr->med = stream_getl(peer->curr);
1327
1328 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC);
1329
1330 return BGP_ATTR_PARSE_PROCEED;
1331 }
1332
1333 /* Local preference attribute. */
1334 static bgp_attr_parse_ret_t
1335 bgp_attr_local_pref(struct bgp_attr_parser_args *args)
1336 {
1337 struct peer *const peer = args->peer;
1338 struct attr *const attr = args->attr;
1339 const bgp_size_t length = args->length;
1340
1341 /* Length check. */
1342 if (length != 4) {
1343 flog_err(EC_BGP_ATTR_LEN,
1344 "LOCAL_PREF attribute length isn't 4 [%u]", length);
1345 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1346 args->total);
1347 }
1348
1349 /* If it is contained in an UPDATE message that is received from an
1350 external peer, then this attribute MUST be ignored by the
1351 receiving speaker. */
1352 if (peer->sort == BGP_PEER_EBGP) {
1353 stream_forward_getp(peer->curr, length);
1354 return BGP_ATTR_PARSE_PROCEED;
1355 }
1356
1357 attr->local_pref = stream_getl(peer->curr);
1358
1359 /* Set the local-pref flag. */
1360 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF);
1361
1362 return BGP_ATTR_PARSE_PROCEED;
1363 }
1364
1365 /* Atomic aggregate. */
1366 static int bgp_attr_atomic(struct bgp_attr_parser_args *args)
1367 {
1368 struct attr *const attr = args->attr;
1369 const bgp_size_t length = args->length;
1370
1371 /* Length check. */
1372 if (length != 0) {
1373 flog_err(EC_BGP_ATTR_LEN,
1374 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1375 length);
1376 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1377 args->total);
1378 }
1379
1380 /* Set atomic aggregate flag. */
1381 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE);
1382
1383 return BGP_ATTR_PARSE_PROCEED;
1384 }
1385
1386 /* Aggregator attribute */
1387 static int bgp_attr_aggregator(struct bgp_attr_parser_args *args)
1388 {
1389 struct peer *const peer = args->peer;
1390 struct attr *const attr = args->attr;
1391 const bgp_size_t length = args->length;
1392
1393 int wantedlen = 6;
1394
1395 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1396 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1397 wantedlen = 8;
1398
1399 if (length != wantedlen) {
1400 flog_err(EC_BGP_ATTR_LEN,
1401 "AGGREGATOR attribute length isn't %u [%u]", wantedlen,
1402 length);
1403 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1404 args->total);
1405 }
1406
1407 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV))
1408 attr->aggregator_as = stream_getl(peer->curr);
1409 else
1410 attr->aggregator_as = stream_getw(peer->curr);
1411 attr->aggregator_addr.s_addr = stream_get_ipv4(peer->curr);
1412
1413 /* Set atomic aggregate flag. */
1414 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR);
1415
1416 return BGP_ATTR_PARSE_PROCEED;
1417 }
1418
1419 /* New Aggregator attribute */
1420 static bgp_attr_parse_ret_t
1421 bgp_attr_as4_aggregator(struct bgp_attr_parser_args *args,
1422 as_t *as4_aggregator_as,
1423 struct in_addr *as4_aggregator_addr)
1424 {
1425 struct peer *const peer = args->peer;
1426 struct attr *const attr = args->attr;
1427 const bgp_size_t length = args->length;
1428
1429 if (length != 8) {
1430 flog_err(EC_BGP_ATTR_LEN, "New Aggregator length is not 8 [%d]",
1431 length);
1432 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1433 0);
1434 }
1435
1436 *as4_aggregator_as = stream_getl(peer->curr);
1437 as4_aggregator_addr->s_addr = stream_get_ipv4(peer->curr);
1438
1439 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR);
1440
1441 return BGP_ATTR_PARSE_PROCEED;
1442 }
1443
1444 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1445 */
1446 static bgp_attr_parse_ret_t
1447 bgp_attr_munge_as4_attrs(struct peer *const peer, struct attr *const attr,
1448 struct aspath *as4_path, as_t as4_aggregator,
1449 struct in_addr *as4_aggregator_addr)
1450 {
1451 int ignore_as4_path = 0;
1452 struct aspath *newpath;
1453
1454 if (!attr->aspath) {
1455 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1456 * have
1457 * checked that all well-known, mandatory attributes were
1458 * present.
1459 *
1460 * Can only be a problem with peer itself - hard error
1461 */
1462 return BGP_ATTR_PARSE_ERROR;
1463 }
1464
1465 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) {
1466 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1467 * if given.
1468 * It is worth a warning though, because the peer really
1469 * should not send them
1470 */
1471 if (BGP_DEBUG(as4, AS4)) {
1472 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))
1473 zlog_debug("[AS4] %s %s AS4_PATH", peer->host,
1474 "AS4 capable peer, yet it sent");
1475
1476 if (attr->flag
1477 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR)))
1478 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1479 peer->host,
1480 "AS4 capable peer, yet it sent");
1481 }
1482
1483 return BGP_ATTR_PARSE_PROCEED;
1484 }
1485
1486 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1487 * because that may override AS4_PATH
1488 */
1489 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR))) {
1490 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR))) {
1491 /* received both.
1492 * if the as_number in aggregator is not AS_TRANS,
1493 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1494 * and the Aggregator shall be taken as
1495 * info on the aggregating node, and the AS_PATH
1496 * shall be taken as the AS_PATH
1497 * otherwise
1498 * the Aggregator shall be ignored and the
1499 * AS4_AGGREGATOR shall be taken as the
1500 * Aggregating node and the AS_PATH is to be
1501 * constructed "as in all other cases"
1502 */
1503 if (attr->aggregator_as != BGP_AS_TRANS) {
1504 /* ignore */
1505 if (BGP_DEBUG(as4, AS4))
1506 zlog_debug(
1507 "[AS4] %s BGP not AS4 capable peer"
1508 " send AGGREGATOR != AS_TRANS and"
1509 " AS4_AGGREGATOR, so ignore"
1510 " AS4_AGGREGATOR and AS4_PATH",
1511 peer->host);
1512 ignore_as4_path = 1;
1513 } else {
1514 /* "New_aggregator shall be taken as aggregator"
1515 */
1516 attr->aggregator_as = as4_aggregator;
1517 attr->aggregator_addr.s_addr =
1518 as4_aggregator_addr->s_addr;
1519 }
1520 } else {
1521 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1522 * That is bogus - but reading the conditions
1523 * we have to handle AS4_AGGREGATOR as if it were
1524 * AGGREGATOR in that case
1525 */
1526 if (BGP_DEBUG(as4, AS4))
1527 zlog_debug(
1528 "[AS4] %s BGP not AS4 capable peer send"
1529 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1530 " it as if AGGREGATOR with AS_TRANS had been there",
1531 peer->host);
1532 attr->aggregator_as = as4_aggregator;
1533 /* sweep it under the carpet and simulate a "good"
1534 * AGGREGATOR */
1535 attr->flag |= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR));
1536 }
1537 }
1538
1539 /* need to reconcile NEW_AS_PATH and AS_PATH */
1540 if (!ignore_as4_path
1541 && (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH)))) {
1542 newpath = aspath_reconcile_as4(attr->aspath, as4_path);
1543 if (!newpath)
1544 return BGP_ATTR_PARSE_ERROR;
1545
1546 aspath_unintern(&attr->aspath);
1547 attr->aspath = aspath_intern(newpath);
1548 }
1549 return BGP_ATTR_PARSE_PROCEED;
1550 }
1551
1552 /* Community attribute. */
1553 static bgp_attr_parse_ret_t
1554 bgp_attr_community(struct bgp_attr_parser_args *args)
1555 {
1556 struct peer *const peer = args->peer;
1557 struct attr *const attr = args->attr;
1558 const bgp_size_t length = args->length;
1559
1560 if (length == 0) {
1561 attr->community = NULL;
1562 return BGP_ATTR_PARSE_PROCEED;
1563 }
1564
1565 attr->community =
1566 community_parse((uint32_t *)stream_pnt(peer->curr), length);
1567
1568 /* XXX: fix community_parse to use stream API and remove this */
1569 stream_forward_getp(peer->curr, length);
1570
1571 if (!attr->community)
1572 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1573 args->total);
1574
1575 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES);
1576
1577 return BGP_ATTR_PARSE_PROCEED;
1578 }
1579
1580 /* Originator ID attribute. */
1581 static bgp_attr_parse_ret_t
1582 bgp_attr_originator_id(struct bgp_attr_parser_args *args)
1583 {
1584 struct peer *const peer = args->peer;
1585 struct attr *const attr = args->attr;
1586 const bgp_size_t length = args->length;
1587
1588 /* Length check. */
1589 if (length != 4) {
1590 flog_err(EC_BGP_ATTR_LEN, "Bad originator ID length %d",
1591 length);
1592
1593 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1594 args->total);
1595 }
1596
1597 attr->originator_id.s_addr = stream_get_ipv4(peer->curr);
1598
1599 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID);
1600
1601 return BGP_ATTR_PARSE_PROCEED;
1602 }
1603
1604 /* Cluster list attribute. */
1605 static bgp_attr_parse_ret_t
1606 bgp_attr_cluster_list(struct bgp_attr_parser_args *args)
1607 {
1608 struct peer *const peer = args->peer;
1609 struct attr *const attr = args->attr;
1610 const bgp_size_t length = args->length;
1611
1612 /* Check length. */
1613 if (length % 4) {
1614 flog_err(EC_BGP_ATTR_LEN, "Bad cluster list length %d", length);
1615
1616 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
1617 args->total);
1618 }
1619
1620 attr->cluster =
1621 cluster_parse((struct in_addr *)stream_pnt(peer->curr), length);
1622
1623 /* XXX: Fix cluster_parse to use stream API and then remove this */
1624 stream_forward_getp(peer->curr, length);
1625
1626 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST);
1627
1628 return BGP_ATTR_PARSE_PROCEED;
1629 }
1630
1631 /* Multiprotocol reachability information parse. */
1632 int bgp_mp_reach_parse(struct bgp_attr_parser_args *args,
1633 struct bgp_nlri *mp_update)
1634 {
1635 iana_afi_t pkt_afi;
1636 afi_t afi;
1637 iana_safi_t pkt_safi;
1638 safi_t safi;
1639 bgp_size_t nlri_len;
1640 size_t start;
1641 struct stream *s;
1642 struct peer *const peer = args->peer;
1643 struct attr *const attr = args->attr;
1644 const bgp_size_t length = args->length;
1645
1646 /* Set end of packet. */
1647 s = BGP_INPUT(peer);
1648 start = stream_get_getp(s);
1649
1650 /* safe to read statically sized header? */
1651 #define BGP_MP_REACH_MIN_SIZE 5
1652 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1653 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) {
1654 zlog_info("%s: %s sent invalid length, %lu", __func__,
1655 peer->host, (unsigned long)length);
1656 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1657 }
1658
1659 /* Load AFI, SAFI. */
1660 pkt_afi = stream_getw(s);
1661 pkt_safi = stream_getc(s);
1662
1663 /* Convert AFI, SAFI to internal values, check. */
1664 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1665 /* Log if AFI or SAFI is unrecognized. This is not an error
1666 * unless
1667 * the attribute is otherwise malformed.
1668 */
1669 if (bgp_debug_update(peer, NULL, NULL, 0))
1670 zlog_debug(
1671 "%s: MP_REACH received AFI %u or SAFI %u is unrecognized",
1672 peer->host, pkt_afi, pkt_safi);
1673 return BGP_ATTR_PARSE_ERROR;
1674 }
1675
1676 /* Get nexthop length. */
1677 attr->mp_nexthop_len = stream_getc(s);
1678
1679 if (LEN_LEFT < attr->mp_nexthop_len) {
1680 zlog_info(
1681 "%s: %s, MP nexthop length, %u, goes past end of attribute",
1682 __func__, peer->host, attr->mp_nexthop_len);
1683 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1684 }
1685
1686 /* Nexthop length check. */
1687 switch (attr->mp_nexthop_len) {
1688 case 0:
1689 if (safi != SAFI_FLOWSPEC) {
1690 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1691 __func__, peer->host, attr->mp_nexthop_len);
1692 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1693 }
1694 break;
1695 case BGP_ATTR_NHLEN_VPNV4:
1696 stream_getl(s); /* RD high */
1697 stream_getl(s); /* RD low */
1698 /*
1699 * NOTE: intentional fall through
1700 * - for consistency in rx processing
1701 *
1702 * The following comment is to signal GCC this intention
1703 * and supress the warning
1704 */
1705 /* FALLTHRU */
1706 case BGP_ATTR_NHLEN_IPV4:
1707 stream_get(&attr->mp_nexthop_global_in, s, IPV4_MAX_BYTELEN);
1708 /* Probably needed for RFC 2283 */
1709 if (attr->nexthop.s_addr == 0)
1710 memcpy(&attr->nexthop.s_addr,
1711 &attr->mp_nexthop_global_in, IPV4_MAX_BYTELEN);
1712 break;
1713 case BGP_ATTR_NHLEN_IPV6_GLOBAL:
1714 case BGP_ATTR_NHLEN_VPNV6_GLOBAL:
1715 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_VPNV6_GLOBAL) {
1716 stream_getl(s); /* RD high */
1717 stream_getl(s); /* RD low */
1718 }
1719 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1720 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1721 if (!peer->nexthop.ifp) {
1722 zlog_warn("%s: interface not set appropriately to handle some attributes",
1723 peer->host);
1724 return BGP_ATTR_PARSE_WITHDRAW;
1725 }
1726 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1727 }
1728 break;
1729 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
1730 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
1731 if (attr->mp_nexthop_len
1732 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1733 stream_getl(s); /* RD high */
1734 stream_getl(s); /* RD low */
1735 }
1736 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN);
1737 if (IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_global)) {
1738 if (!peer->nexthop.ifp) {
1739 zlog_warn("%s: interface not set appropriately to handle some attributes",
1740 peer->host);
1741 return BGP_ATTR_PARSE_WITHDRAW;
1742 }
1743 attr->nh_ifindex = peer->nexthop.ifp->ifindex;
1744 }
1745 if (attr->mp_nexthop_len
1746 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL) {
1747 stream_getl(s); /* RD high */
1748 stream_getl(s); /* RD low */
1749 }
1750 stream_get(&attr->mp_nexthop_local, s, IPV6_MAX_BYTELEN);
1751 if (!IN6_IS_ADDR_LINKLOCAL(&attr->mp_nexthop_local)) {
1752 char buf1[INET6_ADDRSTRLEN];
1753 char buf2[INET6_ADDRSTRLEN];
1754
1755 if (bgp_debug_update(peer, NULL, NULL, 1))
1756 zlog_debug(
1757 "%s rcvd nexthops %s, %s -- ignoring non-LL value",
1758 peer->host,
1759 inet_ntop(AF_INET6,
1760 &attr->mp_nexthop_global,
1761 buf1, INET6_ADDRSTRLEN),
1762 inet_ntop(AF_INET6,
1763 &attr->mp_nexthop_local, buf2,
1764 INET6_ADDRSTRLEN));
1765
1766 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
1767 }
1768 if (!peer->nexthop.ifp) {
1769 zlog_warn("%s: Interface not set appropriately to handle this some attributes",
1770 peer->host);
1771 return BGP_ATTR_PARSE_WITHDRAW;
1772 }
1773 attr->nh_lla_ifindex = peer->nexthop.ifp->ifindex;
1774 break;
1775 default:
1776 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1777 __func__, peer->host, attr->mp_nexthop_len);
1778 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1779 }
1780
1781 if (!LEN_LEFT) {
1782 zlog_info("%s: (%s) Failed to read SNPA and NLRI(s)", __func__,
1783 peer->host);
1784 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1785 }
1786
1787 {
1788 uint8_t val;
1789 if ((val = stream_getc(s)))
1790 flog_warn(
1791 EC_BGP_DEFUNCT_SNPA_LEN,
1792 "%s sent non-zero value, %u, for defunct SNPA-length field",
1793 peer->host, val);
1794 }
1795
1796 /* must have nrli_len, what is left of the attribute */
1797 nlri_len = LEN_LEFT;
1798 if (nlri_len > STREAM_READABLE(s)) {
1799 zlog_info("%s: (%s) Failed to read NLRI", __func__, peer->host);
1800 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1801 }
1802
1803 if (!nlri_len) {
1804 zlog_info("%s: (%s) No Reachability, Treating as a EOR marker",
1805 __func__, peer->host);
1806
1807 mp_update->afi = afi;
1808 mp_update->safi = safi;
1809 return BGP_ATTR_PARSE_EOR;
1810 }
1811
1812 mp_update->afi = afi;
1813 mp_update->safi = safi;
1814 mp_update->nlri = stream_pnt(s);
1815 mp_update->length = nlri_len;
1816
1817 stream_forward_getp(s, nlri_len);
1818
1819 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI);
1820
1821 return BGP_ATTR_PARSE_PROCEED;
1822 #undef LEN_LEFT
1823 }
1824
1825 /* Multiprotocol unreachable parse */
1826 int bgp_mp_unreach_parse(struct bgp_attr_parser_args *args,
1827 struct bgp_nlri *mp_withdraw)
1828 {
1829 struct stream *s;
1830 iana_afi_t pkt_afi;
1831 afi_t afi;
1832 iana_safi_t pkt_safi;
1833 safi_t safi;
1834 uint16_t withdraw_len;
1835 struct peer *const peer = args->peer;
1836 struct attr *const attr = args->attr;
1837 const bgp_size_t length = args->length;
1838
1839 s = peer->curr;
1840
1841 #define BGP_MP_UNREACH_MIN_SIZE 3
1842 if ((length > STREAM_READABLE(s)) || (length < BGP_MP_UNREACH_MIN_SIZE))
1843 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
1844
1845 pkt_afi = stream_getw(s);
1846 pkt_safi = stream_getc(s);
1847
1848 /* Convert AFI, SAFI to internal values, check. */
1849 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1850 /* Log if AFI or SAFI is unrecognized. This is not an error
1851 * unless
1852 * the attribute is otherwise malformed.
1853 */
1854 if (bgp_debug_update(peer, NULL, NULL, 0))
1855 zlog_debug(
1856 "%s: MP_UNREACH received AFI %u or SAFI %u is unrecognized",
1857 peer->host, pkt_afi, pkt_safi);
1858 return BGP_ATTR_PARSE_ERROR;
1859 }
1860
1861 withdraw_len = length - BGP_MP_UNREACH_MIN_SIZE;
1862
1863 mp_withdraw->afi = afi;
1864 mp_withdraw->safi = safi;
1865 mp_withdraw->nlri = stream_pnt(s);
1866 mp_withdraw->length = withdraw_len;
1867
1868 stream_forward_getp(s, withdraw_len);
1869
1870 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI);
1871
1872 return BGP_ATTR_PARSE_PROCEED;
1873 }
1874
1875 /* Large Community attribute. */
1876 static bgp_attr_parse_ret_t
1877 bgp_attr_large_community(struct bgp_attr_parser_args *args)
1878 {
1879 struct peer *const peer = args->peer;
1880 struct attr *const attr = args->attr;
1881 const bgp_size_t length = args->length;
1882
1883 /*
1884 * Large community follows new attribute format.
1885 */
1886 if (length == 0) {
1887 attr->lcommunity = NULL;
1888 /* Empty extcomm doesn't seem to be invalid per se */
1889 return BGP_ATTR_PARSE_PROCEED;
1890 }
1891
1892 attr->lcommunity =
1893 lcommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1894 /* XXX: fix ecommunity_parse to use stream API */
1895 stream_forward_getp(peer->curr, length);
1896
1897 if (!attr->lcommunity)
1898 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1899 args->total);
1900
1901 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES);
1902
1903 return BGP_ATTR_PARSE_PROCEED;
1904 }
1905
1906 /* Extended Community attribute. */
1907 static bgp_attr_parse_ret_t
1908 bgp_attr_ext_communities(struct bgp_attr_parser_args *args)
1909 {
1910 struct peer *const peer = args->peer;
1911 struct attr *const attr = args->attr;
1912 const bgp_size_t length = args->length;
1913 uint8_t sticky = 0;
1914
1915 if (length == 0) {
1916 attr->ecommunity = NULL;
1917 /* Empty extcomm doesn't seem to be invalid per se */
1918 return BGP_ATTR_PARSE_PROCEED;
1919 }
1920
1921 attr->ecommunity =
1922 ecommunity_parse((uint8_t *)stream_pnt(peer->curr), length);
1923 /* XXX: fix ecommunity_parse to use stream API */
1924 stream_forward_getp(peer->curr, length);
1925
1926 if (!attr->ecommunity)
1927 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
1928 args->total);
1929
1930 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
1931
1932 /* Extract MAC mobility sequence number, if any. */
1933 attr->mm_seqnum = bgp_attr_mac_mobility_seqnum(attr, &sticky);
1934 attr->sticky = sticky;
1935
1936 /* Check if this is a Gateway MAC-IP advertisement */
1937 attr->default_gw = bgp_attr_default_gw(attr);
1938
1939 /* Handle scenario where router flag ecommunity is not
1940 * set but default gw ext community is present.
1941 * Use default gateway, set and propogate R-bit.
1942 */
1943 if (attr->default_gw)
1944 attr->router_flag = 1;
1945
1946 /* Check EVPN Neighbor advertisement flags, R-bit */
1947 bgp_attr_evpn_na_flag(attr, &attr->router_flag);
1948
1949 /* Extract the Rmac, if any */
1950 bgp_attr_rmac(attr, &attr->rmac);
1951
1952 return BGP_ATTR_PARSE_PROCEED;
1953 }
1954
1955 /* Parse Tunnel Encap attribute in an UPDATE */
1956 static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
1957 bgp_size_t length, /* IN: attr's length field */
1958 struct attr *attr, /* IN: caller already allocated */
1959 uint8_t flag, /* IN: attr's flags field */
1960 uint8_t *startp)
1961 {
1962 bgp_size_t total;
1963 uint16_t tunneltype = 0;
1964
1965 total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
1966
1967 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
1968 || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
1969 zlog_info(
1970 "Tunnel Encap attribute flag isn't optional and transitive %d",
1971 flag);
1972 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
1973 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
1974 startp, total);
1975 return -1;
1976 }
1977
1978 if (BGP_ATTR_ENCAP == type) {
1979 /* read outer TLV type and length */
1980 uint16_t tlv_length;
1981
1982 if (length < 4) {
1983 zlog_info(
1984 "Tunnel Encap attribute not long enough to contain outer T,L");
1985 bgp_notify_send_with_data(
1986 peer, BGP_NOTIFY_UPDATE_ERR,
1987 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
1988 return -1;
1989 }
1990 tunneltype = stream_getw(BGP_INPUT(peer));
1991 tlv_length = stream_getw(BGP_INPUT(peer));
1992 length -= 4;
1993
1994 if (tlv_length != length) {
1995 zlog_info("%s: tlv_length(%d) != length(%d)", __func__,
1996 tlv_length, length);
1997 }
1998 }
1999
2000 while (length >= 4) {
2001 uint16_t subtype = 0;
2002 uint16_t sublength = 0;
2003 struct bgp_attr_encap_subtlv *tlv;
2004
2005 if (BGP_ATTR_ENCAP == type) {
2006 subtype = stream_getc(BGP_INPUT(peer));
2007 sublength = stream_getc(BGP_INPUT(peer));
2008 length -= 2;
2009 #if ENABLE_BGP_VNC
2010 } else {
2011 subtype = stream_getw(BGP_INPUT(peer));
2012 sublength = stream_getw(BGP_INPUT(peer));
2013 length -= 4;
2014 #endif
2015 }
2016
2017 if (sublength > length) {
2018 zlog_info(
2019 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2020 sublength, length);
2021 bgp_notify_send_with_data(
2022 peer, BGP_NOTIFY_UPDATE_ERR,
2023 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
2024 return -1;
2025 }
2026
2027 /* alloc and copy sub-tlv */
2028 /* TBD make sure these are freed when attributes are released */
2029 tlv = XCALLOC(MTYPE_ENCAP_TLV,
2030 sizeof(struct bgp_attr_encap_subtlv) + sublength);
2031 tlv->type = subtype;
2032 tlv->length = sublength;
2033 stream_get(tlv->value, peer->curr, sublength);
2034 length -= sublength;
2035
2036 /* attach tlv to encap chain */
2037 if (BGP_ATTR_ENCAP == type) {
2038 struct bgp_attr_encap_subtlv *stlv_last;
2039 for (stlv_last = attr->encap_subtlvs;
2040 stlv_last && stlv_last->next;
2041 stlv_last = stlv_last->next)
2042 ;
2043 if (stlv_last) {
2044 stlv_last->next = tlv;
2045 } else {
2046 attr->encap_subtlvs = tlv;
2047 }
2048 #if ENABLE_BGP_VNC
2049 } else {
2050 struct bgp_attr_encap_subtlv *stlv_last;
2051 for (stlv_last = attr->vnc_subtlvs;
2052 stlv_last && stlv_last->next;
2053 stlv_last = stlv_last->next)
2054 ;
2055 if (stlv_last) {
2056 stlv_last->next = tlv;
2057 } else {
2058 attr->vnc_subtlvs = tlv;
2059 }
2060 #endif
2061 }
2062 }
2063
2064 if (BGP_ATTR_ENCAP == type) {
2065 attr->encap_tunneltype = tunneltype;
2066 }
2067
2068 if (length) {
2069 /* spurious leftover data */
2070 zlog_info(
2071 "Tunnel Encap attribute length is bad: %d leftover octets",
2072 length);
2073 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2074 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2075 startp, total);
2076 return -1;
2077 }
2078
2079 return 0;
2080 }
2081
2082 /*
2083 * Read an individual SID value returning how much data we have read
2084 * Returns 0 if there was an error that needs to be passed up the stack
2085 */
2086 static bgp_attr_parse_ret_t bgp_attr_psid_sub(int32_t type,
2087 int32_t length,
2088 struct bgp_attr_parser_args *args,
2089 struct bgp_nlri *mp_update)
2090 {
2091 struct peer *const peer = args->peer;
2092 struct attr *const attr = args->attr;
2093 uint32_t label_index;
2094 struct in6_addr ipv6_sid;
2095 uint32_t srgb_base;
2096 uint32_t srgb_range;
2097 int srgb_count;
2098
2099 if (type == BGP_PREFIX_SID_LABEL_INDEX) {
2100 if (length != BGP_PREFIX_SID_LABEL_INDEX_LENGTH) {
2101 flog_err(
2102 EC_BGP_ATTR_LEN,
2103 "Prefix SID label index length is %d instead of %d",
2104 length, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
2105 return bgp_attr_malformed(args,
2106 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2107 args->total);
2108 }
2109
2110 /* Ignore flags and reserved */
2111 stream_getc(peer->curr);
2112 stream_getw(peer->curr);
2113
2114 /* Fetch the label index and see if it is valid. */
2115 label_index = stream_getl(peer->curr);
2116 if (label_index == BGP_INVALID_LABEL_INDEX)
2117 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2118 args->total);
2119
2120 /* Store label index; subsequently, we'll check on
2121 * address-family */
2122 attr->label_index = label_index;
2123
2124 /*
2125 * Ignore the Label index attribute unless received for
2126 * labeled-unicast
2127 * SAFI.
2128 */
2129 if (!mp_update->length
2130 || mp_update->safi != SAFI_LABELED_UNICAST)
2131 attr->label_index = BGP_INVALID_LABEL_INDEX;
2132 }
2133
2134 /* Placeholder code for the IPv6 SID type */
2135 else if (type == BGP_PREFIX_SID_IPV6) {
2136 if (length != BGP_PREFIX_SID_IPV6_LENGTH) {
2137 flog_err(EC_BGP_ATTR_LEN,
2138 "Prefix SID IPv6 length is %d instead of %d",
2139 length, BGP_PREFIX_SID_IPV6_LENGTH);
2140 return bgp_attr_malformed(args,
2141 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2142 args->total);
2143 }
2144
2145 /* Ignore reserved */
2146 stream_getc(peer->curr);
2147 stream_getw(peer->curr);
2148
2149 stream_get(&ipv6_sid, peer->curr, 16);
2150 }
2151
2152 /* Placeholder code for the Originator SRGB type */
2153 else if (type == BGP_PREFIX_SID_ORIGINATOR_SRGB) {
2154 /* Ignore flags */
2155 stream_getw(peer->curr);
2156
2157 length -= 2;
2158
2159 if (length % BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH) {
2160 flog_err(
2161 EC_BGP_ATTR_LEN,
2162 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2163 length, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH);
2164 return bgp_attr_malformed(
2165 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2166 args->total);
2167 }
2168
2169 srgb_count = length / BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH;
2170
2171 for (int i = 0; i < srgb_count; i++) {
2172 stream_get(&srgb_base, peer->curr, 3);
2173 stream_get(&srgb_range, peer->curr, 3);
2174 }
2175 }
2176
2177 return BGP_ATTR_PARSE_PROCEED;
2178 }
2179
2180 /* Prefix SID attribute
2181 * draft-ietf-idr-bgp-prefix-sid-05
2182 */
2183 bgp_attr_parse_ret_t
2184 bgp_attr_prefix_sid(int32_t tlength, struct bgp_attr_parser_args *args,
2185 struct bgp_nlri *mp_update)
2186 {
2187 struct peer *const peer = args->peer;
2188 struct attr *const attr = args->attr;
2189 bgp_attr_parse_ret_t ret;
2190
2191 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
2192
2193 while (tlength) {
2194 int32_t type, length;
2195
2196 type = stream_getc(peer->curr);
2197 length = stream_getw(peer->curr);
2198
2199 ret = bgp_attr_psid_sub(type, length, args, mp_update);
2200
2201 if (ret != BGP_ATTR_PARSE_PROCEED)
2202 return ret;
2203 /*
2204 * Subtract length + the T and the L
2205 * since length is the Vector portion
2206 */
2207 tlength -= length + 3;
2208
2209 if (tlength < 0) {
2210 flog_err(
2211 EC_BGP_ATTR_LEN,
2212 "Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2213 length);
2214 return bgp_attr_malformed(args,
2215 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2216 args->total);
2217 }
2218 }
2219
2220 return BGP_ATTR_PARSE_PROCEED;
2221 }
2222
2223 /* PMSI tunnel attribute (RFC 6514)
2224 * Basic validation checks done here.
2225 */
2226 static bgp_attr_parse_ret_t
2227 bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
2228 {
2229 struct peer *const peer = args->peer;
2230 struct attr *const attr = args->attr;
2231 const bgp_size_t length = args->length;
2232 uint8_t tnl_type;
2233
2234 /* Verify that the receiver is expecting "ingress replication" as we
2235 * can only support that.
2236 */
2237 if (length < 2) {
2238 flog_err(EC_BGP_ATTR_LEN, "Bad PMSI tunnel attribute length %d",
2239 length);
2240 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2241 args->total);
2242 }
2243 stream_getc(peer->curr); /* Flags */
2244 tnl_type = stream_getc(peer->curr);
2245 if (tnl_type > PMSI_TNLTYPE_MAX) {
2246 flog_err(EC_BGP_ATTR_PMSI_TYPE,
2247 "Invalid PMSI tunnel attribute type %d", tnl_type);
2248 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
2249 args->total);
2250 }
2251 if (tnl_type == PMSI_TNLTYPE_INGR_REPL) {
2252 if (length != 9) {
2253 flog_err(EC_BGP_ATTR_PMSI_LEN,
2254 "Bad PMSI tunnel attribute length %d for IR",
2255 length);
2256 return bgp_attr_malformed(
2257 args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
2258 args->total);
2259 }
2260 }
2261
2262 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
2263 attr->pmsi_tnl_type = tnl_type;
2264
2265 /* Forward read pointer of input stream. */
2266 stream_forward_getp(peer->curr, length - 2);
2267
2268 return BGP_ATTR_PARSE_PROCEED;
2269 }
2270
2271 /* BGP unknown attribute treatment. */
2272 static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args)
2273 {
2274 bgp_size_t total = args->total;
2275 struct transit *transit;
2276 struct peer *const peer = args->peer;
2277 struct attr *const attr = args->attr;
2278 uint8_t *const startp = args->startp;
2279 const uint8_t type = args->type;
2280 const uint8_t flag = args->flags;
2281 const bgp_size_t length = args->length;
2282
2283 if (bgp_debug_update(peer, NULL, NULL, 1))
2284 zlog_debug(
2285 "%s Unknown attribute is received (type %d, length %d)",
2286 peer->host, type, length);
2287
2288 /* Forward read pointer of input stream. */
2289 stream_forward_getp(peer->curr, length);
2290
2291 /* If any of the mandatory well-known attributes are not recognized,
2292 then the Error Subcode is set to Unrecognized Well-known
2293 Attribute. The Data field contains the unrecognized attribute
2294 (type, length and value). */
2295 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
2296 return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_UNREC_ATTR,
2297 args->total);
2298 }
2299
2300 /* Unrecognized non-transitive optional attributes must be quietly
2301 ignored and not passed along to other BGP peers. */
2302 if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS))
2303 return BGP_ATTR_PARSE_PROCEED;
2304
2305 /* If a path with recognized transitive optional attribute is
2306 accepted and passed along to other BGP peers and the Partial bit
2307 in the Attribute Flags octet is set to 1 by some previous AS, it
2308 is not set back to 0 by the current AS. */
2309 SET_FLAG(*startp, BGP_ATTR_FLAG_PARTIAL);
2310
2311 /* Store transitive attribute to the end of attr->transit. */
2312 if (!attr->transit)
2313 attr->transit = XCALLOC(MTYPE_TRANSIT, sizeof(struct transit));
2314
2315 transit = attr->transit;
2316
2317 if (transit->val)
2318 transit->val = XREALLOC(MTYPE_TRANSIT_VAL, transit->val,
2319 transit->length + total);
2320 else
2321 transit->val = XMALLOC(MTYPE_TRANSIT_VAL, total);
2322
2323 memcpy(transit->val + transit->length, startp, total);
2324 transit->length += total;
2325
2326 return BGP_ATTR_PARSE_PROCEED;
2327 }
2328
2329 /* Well-known attribute check. */
2330 static int bgp_attr_check(struct peer *peer, struct attr *attr)
2331 {
2332 uint8_t type = 0;
2333
2334 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2335 * empty UPDATE. */
2336 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
2337 return BGP_ATTR_PARSE_PROCEED;
2338
2339 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2340 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2341 are present, it should. Check for any other attribute being present
2342 instead.
2343 */
2344 if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
2345 CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
2346 return BGP_ATTR_PARSE_PROCEED;
2347
2348 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
2349 type = BGP_ATTR_ORIGIN;
2350
2351 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH)))
2352 type = BGP_ATTR_AS_PATH;
2353
2354 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2355 * and
2356 * NLRI is empty. We can't easily check NLRI empty here though.
2357 */
2358 if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP))
2359 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)))
2360 type = BGP_ATTR_NEXT_HOP;
2361
2362 if (peer->sort == BGP_PEER_IBGP
2363 && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
2364 type = BGP_ATTR_LOCAL_PREF;
2365
2366 if (type) {
2367 flog_warn(EC_BGP_MISSING_ATTRIBUTE,
2368 "%s Missing well-known attribute %s.", peer->host,
2369 lookup_msg(attr_str, type, NULL));
2370 bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
2371 BGP_NOTIFY_UPDATE_MISS_ATTR, &type,
2372 1);
2373 return BGP_ATTR_PARSE_ERROR;
2374 }
2375 return BGP_ATTR_PARSE_PROCEED;
2376 }
2377
2378 /* Read attribute of update packet. This function is called from
2379 bgp_update_receive() in bgp_packet.c. */
2380 bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr,
2381 bgp_size_t size, struct bgp_nlri *mp_update,
2382 struct bgp_nlri *mp_withdraw)
2383 {
2384 bgp_attr_parse_ret_t ret;
2385 uint8_t flag = 0;
2386 uint8_t type = 0;
2387 bgp_size_t length;
2388 uint8_t *startp, *endp;
2389 uint8_t *attr_endp;
2390 uint8_t seen[BGP_ATTR_BITMAP_SIZE];
2391 /* we need the as4_path only until we have synthesized the as_path with
2392 * it */
2393 /* same goes for as4_aggregator */
2394 struct aspath *as4_path = NULL;
2395 as_t as4_aggregator = 0;
2396 struct in_addr as4_aggregator_addr = {.s_addr = 0};
2397
2398 /* Initialize bitmap. */
2399 memset(seen, 0, BGP_ATTR_BITMAP_SIZE);
2400
2401 /* End pointer of BGP attribute. */
2402 endp = BGP_INPUT_PNT(peer) + size;
2403
2404 /* Get attributes to the end of attribute length. */
2405 while (BGP_INPUT_PNT(peer) < endp) {
2406 /* Check remaining length check.*/
2407 if (endp - BGP_INPUT_PNT(peer) < BGP_ATTR_MIN_LEN) {
2408 /* XXX warning: long int format, int arg (arg 5) */
2409 flog_warn(
2410 EC_BGP_ATTRIBUTE_TOO_SMALL,
2411 "%s: error BGP attribute length %lu is smaller than min len",
2412 peer->host,
2413 (unsigned long)(endp
2414 - stream_pnt(BGP_INPUT(peer))));
2415
2416 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2417 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2418 return BGP_ATTR_PARSE_ERROR;
2419 }
2420
2421 /* Fetch attribute flag and type. */
2422 startp = BGP_INPUT_PNT(peer);
2423 /* "The lower-order four bits of the Attribute Flags octet are
2424 unused. They MUST be zero when sent and MUST be ignored when
2425 received." */
2426 flag = 0xF0 & stream_getc(BGP_INPUT(peer));
2427 type = stream_getc(BGP_INPUT(peer));
2428
2429 /* Check whether Extended-Length applies and is in bounds */
2430 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN)
2431 && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) {
2432 flog_warn(
2433 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL,
2434 "%s: Extended length set, but just %lu bytes of attr header",
2435 peer->host,
2436 (unsigned long)(endp
2437 - stream_pnt(BGP_INPUT(peer))));
2438
2439 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2440 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2441 return BGP_ATTR_PARSE_ERROR;
2442 }
2443
2444 /* Check extended attribue length bit. */
2445 if (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN))
2446 length = stream_getw(BGP_INPUT(peer));
2447 else
2448 length = stream_getc(BGP_INPUT(peer));
2449
2450 /* If any attribute appears more than once in the UPDATE
2451 message, then the Error Subcode is set to Malformed Attribute
2452 List. */
2453
2454 if (CHECK_BITMAP(seen, type)) {
2455 flog_warn(
2456 EC_BGP_ATTRIBUTE_REPEATED,
2457 "%s: error BGP attribute type %d appears twice in a message",
2458 peer->host, type);
2459
2460 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2461 BGP_NOTIFY_UPDATE_MAL_ATTR);
2462 return BGP_ATTR_PARSE_ERROR;
2463 }
2464
2465 /* Set type to bitmap to check duplicate attribute. `type' is
2466 unsigned char so it never overflow bitmap range. */
2467
2468 SET_BITMAP(seen, type);
2469
2470 /* Overflow check. */
2471 attr_endp = BGP_INPUT_PNT(peer) + length;
2472
2473 if (attr_endp > endp) {
2474 flog_warn(
2475 EC_BGP_ATTRIBUTE_TOO_LARGE,
2476 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2477 peer->host, type, length, size, attr_endp,
2478 endp);
2479 /*
2480 * RFC 4271 6.3
2481 * If any recognized attribute has an Attribute
2482 * Length that conflicts with the expected length
2483 * (based on the attribute type code), then the
2484 * Error Subcode MUST be set to Attribute Length
2485 * Error. The Data field MUST contain the erroneous
2486 * attribute (type, length, and value).
2487 * ----------
2488 * We do not currently have a good way to determine the
2489 * length of the attribute independent of the length
2490 * received in the message. Instead we send the
2491 * minimum between the amount of data we have and the
2492 * amount specified by the attribute length field.
2493 *
2494 * Instead of directly passing in the packet buffer and
2495 * offset we use the stream_get* functions to read into
2496 * a stack buffer, since they perform bounds checking
2497 * and we are working with untrusted data.
2498 */
2499 unsigned char ndata[BGP_MAX_PACKET_SIZE];
2500 memset(ndata, 0x00, sizeof(ndata));
2501 size_t lfl =
2502 CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 2 : 1;
2503 /* Rewind to end of flag field */
2504 stream_forward_getp(BGP_INPUT(peer), -(1 + lfl));
2505 /* Type */
2506 stream_get(&ndata[0], BGP_INPUT(peer), 1);
2507 /* Length */
2508 stream_get(&ndata[1], BGP_INPUT(peer), lfl);
2509 /* Value */
2510 size_t atl = attr_endp - startp;
2511 size_t ndl = MIN(atl, STREAM_READABLE(BGP_INPUT(peer)));
2512 stream_get(&ndata[lfl + 1], BGP_INPUT(peer), ndl);
2513
2514 bgp_notify_send_with_data(
2515 peer, BGP_NOTIFY_UPDATE_ERR,
2516 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, ndata,
2517 ndl + lfl + 1);
2518
2519 return BGP_ATTR_PARSE_ERROR;
2520 }
2521
2522 struct bgp_attr_parser_args attr_args = {
2523 .peer = peer,
2524 .length = length,
2525 .attr = attr,
2526 .type = type,
2527 .flags = flag,
2528 .startp = startp,
2529 .total = attr_endp - startp,
2530 };
2531
2532
2533 /* If any recognized attribute has Attribute Flags that conflict
2534 with the Attribute Type Code, then the Error Subcode is set
2535 to
2536 Attribute Flags Error. The Data field contains the erroneous
2537 attribute (type, length and value). */
2538 if (bgp_attr_flag_invalid(&attr_args)) {
2539 ret = bgp_attr_malformed(
2540 &attr_args, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
2541 attr_args.total);
2542 if (ret == BGP_ATTR_PARSE_PROCEED)
2543 continue;
2544 return ret;
2545 }
2546
2547 /* OK check attribute and store it's value. */
2548 switch (type) {
2549 case BGP_ATTR_ORIGIN:
2550 ret = bgp_attr_origin(&attr_args);
2551 break;
2552 case BGP_ATTR_AS_PATH:
2553 ret = bgp_attr_aspath(&attr_args);
2554 break;
2555 case BGP_ATTR_AS4_PATH:
2556 ret = bgp_attr_as4_path(&attr_args, &as4_path);
2557 break;
2558 case BGP_ATTR_NEXT_HOP:
2559 ret = bgp_attr_nexthop(&attr_args);
2560 break;
2561 case BGP_ATTR_MULTI_EXIT_DISC:
2562 ret = bgp_attr_med(&attr_args);
2563 break;
2564 case BGP_ATTR_LOCAL_PREF:
2565 ret = bgp_attr_local_pref(&attr_args);
2566 break;
2567 case BGP_ATTR_ATOMIC_AGGREGATE:
2568 ret = bgp_attr_atomic(&attr_args);
2569 break;
2570 case BGP_ATTR_AGGREGATOR:
2571 ret = bgp_attr_aggregator(&attr_args);
2572 break;
2573 case BGP_ATTR_AS4_AGGREGATOR:
2574 ret = bgp_attr_as4_aggregator(&attr_args,
2575 &as4_aggregator,
2576 &as4_aggregator_addr);
2577 break;
2578 case BGP_ATTR_COMMUNITIES:
2579 ret = bgp_attr_community(&attr_args);
2580 break;
2581 case BGP_ATTR_LARGE_COMMUNITIES:
2582 ret = bgp_attr_large_community(&attr_args);
2583 break;
2584 case BGP_ATTR_ORIGINATOR_ID:
2585 ret = bgp_attr_originator_id(&attr_args);
2586 break;
2587 case BGP_ATTR_CLUSTER_LIST:
2588 ret = bgp_attr_cluster_list(&attr_args);
2589 break;
2590 case BGP_ATTR_MP_REACH_NLRI:
2591 ret = bgp_mp_reach_parse(&attr_args, mp_update);
2592 break;
2593 case BGP_ATTR_MP_UNREACH_NLRI:
2594 ret = bgp_mp_unreach_parse(&attr_args, mp_withdraw);
2595 break;
2596 case BGP_ATTR_EXT_COMMUNITIES:
2597 ret = bgp_attr_ext_communities(&attr_args);
2598 break;
2599 #if ENABLE_BGP_VNC
2600 case BGP_ATTR_VNC:
2601 #endif
2602 case BGP_ATTR_ENCAP:
2603 ret = bgp_attr_encap(type, peer, length, attr, flag,
2604 startp);
2605 break;
2606 case BGP_ATTR_PREFIX_SID:
2607 ret = bgp_attr_prefix_sid(length,
2608 &attr_args, mp_update);
2609 break;
2610 case BGP_ATTR_PMSI_TUNNEL:
2611 ret = bgp_attr_pmsi_tunnel(&attr_args);
2612 break;
2613 default:
2614 ret = bgp_attr_unknown(&attr_args);
2615 break;
2616 }
2617
2618 if (ret == BGP_ATTR_PARSE_ERROR_NOTIFYPLS) {
2619 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2620 BGP_NOTIFY_UPDATE_MAL_ATTR);
2621 ret = BGP_ATTR_PARSE_ERROR;
2622 }
2623
2624 if (ret == BGP_ATTR_PARSE_EOR) {
2625 if (as4_path)
2626 aspath_unintern(&as4_path);
2627 return ret;
2628 }
2629
2630 /* If hard error occured immediately return to the caller. */
2631 if (ret == BGP_ATTR_PARSE_ERROR) {
2632 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR,
2633 "%s: Attribute %s, parse error", peer->host,
2634 lookup_msg(attr_str, type, NULL));
2635 if (as4_path)
2636 aspath_unintern(&as4_path);
2637 return ret;
2638 }
2639 if (ret == BGP_ATTR_PARSE_WITHDRAW) {
2640
2641 flog_warn(
2642 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW,
2643 "%s: Attribute %s, parse error - treating as withdrawal",
2644 peer->host, lookup_msg(attr_str, type, NULL));
2645 if (as4_path)
2646 aspath_unintern(&as4_path);
2647 return ret;
2648 }
2649
2650 /* Check the fetched length. */
2651 if (BGP_INPUT_PNT(peer) != attr_endp) {
2652 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR,
2653 "%s: BGP attribute %s, fetch error",
2654 peer->host, lookup_msg(attr_str, type, NULL));
2655 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2656 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2657 if (as4_path)
2658 aspath_unintern(&as4_path);
2659 return BGP_ATTR_PARSE_ERROR;
2660 }
2661 }
2662
2663 /* Check final read pointer is same as end pointer. */
2664 if (BGP_INPUT_PNT(peer) != endp) {
2665 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH,
2666 "%s: BGP attribute %s, length mismatch", peer->host,
2667 lookup_msg(attr_str, type, NULL));
2668 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2669 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
2670 if (as4_path)
2671 aspath_unintern(&as4_path);
2672 return BGP_ATTR_PARSE_ERROR;
2673 }
2674
2675 /* Check all mandatory well-known attributes are present */
2676 if ((ret = bgp_attr_check(peer, attr)) < 0) {
2677 if (as4_path)
2678 aspath_unintern(&as4_path);
2679 return ret;
2680 }
2681
2682 /*
2683 * At this place we can see whether we got AS4_PATH and/or
2684 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2685 * We can not do this before we've read all attributes because
2686 * the as4 handling does not say whether AS4_PATH has to be sent
2687 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2688 * in relationship to AGGREGATOR.
2689 * So, to be defensive, we are not relying on any order and read
2690 * all attributes first, including these 32bit ones, and now,
2691 * afterwards, we look what and if something is to be done for as4.
2692 *
2693 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2694 * MP_UNREACH_NLRI.
2695 */
2696 /* actually... this doesn't ever return failure currently, but
2697 * better safe than sorry */
2698 if (CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))
2699 && bgp_attr_munge_as4_attrs(peer, attr, as4_path, as4_aggregator,
2700 &as4_aggregator_addr)) {
2701 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
2702 BGP_NOTIFY_UPDATE_MAL_ATTR);
2703 if (as4_path)
2704 aspath_unintern(&as4_path);
2705 return BGP_ATTR_PARSE_ERROR;
2706 }
2707
2708 /* At this stage, we have done all fiddling with as4, and the
2709 * resulting info is in attr->aggregator resp. attr->aspath
2710 * so we can chuck as4_aggregator and as4_path alltogether in
2711 * order to save memory
2712 */
2713 if (as4_path) {
2714 aspath_unintern(&as4_path); /* unintern - it is in the hash */
2715 /* The flag that we got this is still there, but that does not
2716 * do any trouble
2717 */
2718 }
2719 /*
2720 * The "rest" of the code does nothing with as4_aggregator.
2721 * there is no memory attached specifically which is not part
2722 * of the attr.
2723 * so ignoring just means do nothing.
2724 */
2725 /*
2726 * Finally do the checks on the aspath we did not do yet
2727 * because we waited for a potentially synthesized aspath.
2728 */
2729 if (attr->flag & (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH))) {
2730 ret = bgp_attr_aspath_check(peer, attr);
2731 if (ret != BGP_ATTR_PARSE_PROCEED)
2732 return ret;
2733 }
2734 /* Finally intern unknown attribute. */
2735 if (attr->transit)
2736 attr->transit = transit_intern(attr->transit);
2737 if (attr->encap_subtlvs)
2738 attr->encap_subtlvs =
2739 encap_intern(attr->encap_subtlvs, ENCAP_SUBTLV_TYPE);
2740 #if ENABLE_BGP_VNC
2741 if (attr->vnc_subtlvs)
2742 attr->vnc_subtlvs =
2743 encap_intern(attr->vnc_subtlvs, VNC_SUBTLV_TYPE);
2744 #endif
2745
2746 return BGP_ATTR_PARSE_PROCEED;
2747 }
2748
2749 size_t bgp_packet_mpattr_start(struct stream *s, struct peer *peer, afi_t afi,
2750 safi_t safi, struct bpacket_attr_vec_arr *vecarr,
2751 struct attr *attr)
2752 {
2753 size_t sizep;
2754 iana_afi_t pkt_afi;
2755 iana_safi_t pkt_safi;
2756 afi_t nh_afi;
2757
2758 /* Set extended bit always to encode the attribute length as 2 bytes */
2759 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
2760 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
2761 sizep = stream_get_endp(s);
2762 stream_putw(s, 0); /* Marker: Attribute length. */
2763
2764
2765 /* Convert AFI, SAFI to values for packet. */
2766 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
2767
2768 stream_putw(s, pkt_afi); /* AFI */
2769 stream_putc(s, pkt_safi); /* SAFI */
2770
2771 /* Nexthop AFI */
2772 if (afi == AFI_IP
2773 && (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
2774 nh_afi = peer_cap_enhe(peer, afi, safi) ? AFI_IP6 : AFI_IP;
2775 else
2776 nh_afi = BGP_NEXTHOP_AFI_FROM_NHLEN(attr->mp_nexthop_len);
2777
2778 /* Nexthop */
2779 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s, attr);
2780 switch (nh_afi) {
2781 case AFI_IP:
2782 switch (safi) {
2783 case SAFI_UNICAST:
2784 case SAFI_MULTICAST:
2785 case SAFI_LABELED_UNICAST:
2786 stream_putc(s, 4);
2787 stream_put_ipv4(s, attr->nexthop.s_addr);
2788 break;
2789 case SAFI_MPLS_VPN:
2790 stream_putc(s, 12);
2791 stream_putl(s, 0); /* RD = 0, per RFC */
2792 stream_putl(s, 0);
2793 stream_put(s, &attr->mp_nexthop_global_in, 4);
2794 break;
2795 case SAFI_ENCAP:
2796 case SAFI_EVPN:
2797 stream_putc(s, 4);
2798 stream_put(s, &attr->mp_nexthop_global_in, 4);
2799 break;
2800 case SAFI_FLOWSPEC:
2801 stream_putc(s, 0); /* no nexthop for flowspec */
2802 default:
2803 break;
2804 }
2805 break;
2806 case AFI_IP6:
2807 switch (safi) {
2808 case SAFI_UNICAST:
2809 case SAFI_MULTICAST:
2810 case SAFI_LABELED_UNICAST:
2811 case SAFI_EVPN: {
2812 if (attr->mp_nexthop_len
2813 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2814 stream_putc(s,
2815 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL);
2816 stream_put(s, &attr->mp_nexthop_global,
2817 IPV6_MAX_BYTELEN);
2818 stream_put(s, &attr->mp_nexthop_local,
2819 IPV6_MAX_BYTELEN);
2820 } else {
2821 stream_putc(s, IPV6_MAX_BYTELEN);
2822 stream_put(s, &attr->mp_nexthop_global,
2823 IPV6_MAX_BYTELEN);
2824 }
2825 } break;
2826 case SAFI_MPLS_VPN: {
2827 if (attr->mp_nexthop_len
2828 == BGP_ATTR_NHLEN_IPV6_GLOBAL) {
2829 stream_putc(s, 24);
2830 stream_putl(s, 0); /* RD = 0, per RFC */
2831 stream_putl(s, 0);
2832 stream_put(s, &attr->mp_nexthop_global,
2833 IPV6_MAX_BYTELEN);
2834 } else if (attr->mp_nexthop_len
2835 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) {
2836 stream_putc(s, 48);
2837 stream_putl(s, 0); /* RD = 0, per RFC */
2838 stream_putl(s, 0);
2839 stream_put(s, &attr->mp_nexthop_global,
2840 IPV6_MAX_BYTELEN);
2841 stream_putl(s, 0); /* RD = 0, per RFC */
2842 stream_putl(s, 0);
2843 stream_put(s, &attr->mp_nexthop_local,
2844 IPV6_MAX_BYTELEN);
2845 }
2846 } break;
2847 case SAFI_ENCAP:
2848 stream_putc(s, IPV6_MAX_BYTELEN);
2849 stream_put(s, &attr->mp_nexthop_global,
2850 IPV6_MAX_BYTELEN);
2851 break;
2852 case SAFI_FLOWSPEC:
2853 stream_putc(s, 0); /* no nexthop for flowspec */
2854 default:
2855 break;
2856 }
2857 break;
2858 default:
2859 if (safi != SAFI_FLOWSPEC)
2860 flog_err(
2861 EC_BGP_ATTR_NH_SEND_LEN,
2862 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
2863 peer->host, afi, safi, attr->mp_nexthop_len);
2864 break;
2865 }
2866
2867 /* SNPA */
2868 stream_putc(s, 0);
2869 return sizep;
2870 }
2871
2872 void bgp_packet_mpattr_prefix(struct stream *s, afi_t afi, safi_t safi,
2873 struct prefix *p, struct prefix_rd *prd,
2874 mpls_label_t *label, uint32_t num_labels,
2875 int addpath_encode, uint32_t addpath_tx_id,
2876 struct attr *attr)
2877 {
2878 if (safi == SAFI_MPLS_VPN) {
2879 if (addpath_encode)
2880 stream_putl(s, addpath_tx_id);
2881 /* Label, RD, Prefix write. */
2882 stream_putc(s, p->prefixlen + 88);
2883 stream_put(s, label, BGP_LABEL_BYTES);
2884 stream_put(s, prd->val, 8);
2885 stream_put(s, &p->u.prefix, PSIZE(p->prefixlen));
2886 } else if (afi == AFI_L2VPN && safi == SAFI_EVPN) {
2887 /* EVPN prefix - contents depend on type */
2888 bgp_evpn_encode_prefix(s, p, prd, label, num_labels, attr,
2889 addpath_encode, addpath_tx_id);
2890 } else if (safi == SAFI_LABELED_UNICAST) {
2891 /* Prefix write with label. */
2892 stream_put_labeled_prefix(s, p, label);
2893 } else if (safi == SAFI_FLOWSPEC) {
2894 if (PSIZE (p->prefixlen)+2 < FLOWSPEC_NLRI_SIZELIMIT)
2895 stream_putc(s, PSIZE (p->prefixlen)+2);
2896 else
2897 stream_putw(s, (PSIZE (p->prefixlen)+2)|(0xf<<12));
2898 stream_putc(s, 2);/* Filter type */
2899 stream_putc(s, p->prefixlen);/* Prefix length */
2900 stream_put(s, &p->u.prefix, PSIZE (p->prefixlen));
2901 } else
2902 stream_put_prefix_addpath(s, p, addpath_encode, addpath_tx_id);
2903 }
2904
2905 size_t bgp_packet_mpattr_prefix_size(afi_t afi, safi_t safi, struct prefix *p)
2906 {
2907 int size = PSIZE(p->prefixlen);
2908 if (safi == SAFI_MPLS_VPN)
2909 size += 88;
2910 else if (afi == AFI_L2VPN && safi == SAFI_EVPN)
2911 size += 232; // TODO: Maximum possible for type-2, type-3 and
2912 // type-5
2913 return size;
2914 }
2915
2916 /*
2917 * Encodes the tunnel encapsulation attribute,
2918 * and with ENABLE_BGP_VNC the VNC attribute which uses
2919 * almost the same TLV format
2920 */
2921 static void bgp_packet_mpattr_tea(struct bgp *bgp, struct peer *peer,
2922 struct stream *s, struct attr *attr,
2923 uint8_t attrtype)
2924 {
2925 unsigned int attrlenfield = 0;
2926 unsigned int attrhdrlen = 0;
2927 struct bgp_attr_encap_subtlv *subtlvs;
2928 struct bgp_attr_encap_subtlv *st;
2929 const char *attrname;
2930
2931 if (!attr || (attrtype == BGP_ATTR_ENCAP
2932 && (!attr->encap_tunneltype
2933 || attr->encap_tunneltype == BGP_ENCAP_TYPE_MPLS)))
2934 return;
2935
2936 switch (attrtype) {
2937 case BGP_ATTR_ENCAP:
2938 attrname = "Tunnel Encap";
2939 subtlvs = attr->encap_subtlvs;
2940 if (subtlvs == NULL) /* nothing to do */
2941 return;
2942 /*
2943 * The tunnel encap attr has an "outer" tlv.
2944 * T = tunneltype,
2945 * L = total length of subtlvs,
2946 * V = concatenated subtlvs.
2947 */
2948 attrlenfield = 2 + 2; /* T + L */
2949 attrhdrlen = 1 + 1; /* subTLV T + L */
2950 break;
2951
2952 #if ENABLE_BGP_VNC
2953 case BGP_ATTR_VNC:
2954 attrname = "VNC";
2955 subtlvs = attr->vnc_subtlvs;
2956 if (subtlvs == NULL) /* nothing to do */
2957 return;
2958 attrlenfield = 0; /* no outer T + L */
2959 attrhdrlen = 2 + 2; /* subTLV T + L */
2960 break;
2961 #endif
2962
2963 default:
2964 assert(0);
2965 }
2966
2967 /* compute attr length */
2968 for (st = subtlvs; st; st = st->next) {
2969 attrlenfield += (attrhdrlen + st->length);
2970 }
2971
2972 if (attrlenfield > 0xffff) {
2973 zlog_info("%s attribute is too long (length=%d), can't send it",
2974 attrname, attrlenfield);
2975 return;
2976 }
2977
2978 if (attrlenfield > 0xff) {
2979 /* 2-octet length field */
2980 stream_putc(s,
2981 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
2982 | BGP_ATTR_FLAG_EXTLEN);
2983 stream_putc(s, attrtype);
2984 stream_putw(s, attrlenfield & 0xffff);
2985 } else {
2986 /* 1-octet length field */
2987 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL);
2988 stream_putc(s, attrtype);
2989 stream_putc(s, attrlenfield & 0xff);
2990 }
2991
2992 if (attrtype == BGP_ATTR_ENCAP) {
2993 /* write outer T+L */
2994 stream_putw(s, attr->encap_tunneltype);
2995 stream_putw(s, attrlenfield - 4);
2996 }
2997
2998 /* write each sub-tlv */
2999 for (st = subtlvs; st; st = st->next) {
3000 if (attrtype == BGP_ATTR_ENCAP) {
3001 stream_putc(s, st->type);
3002 stream_putc(s, st->length);
3003 #if ENABLE_BGP_VNC
3004 } else {
3005 stream_putw(s, st->type);
3006 stream_putw(s, st->length);
3007 #endif
3008 }
3009 stream_put(s, st->value, st->length);
3010 }
3011 }
3012
3013 void bgp_packet_mpattr_end(struct stream *s, size_t sizep)
3014 {
3015 /* Set MP attribute length. Don't count the (2) bytes used to encode
3016 the attr length */
3017 stream_putw_at(s, sizep, (stream_get_endp(s) - sizep) - 2);
3018 }
3019
3020 /* Make attribute packet. */
3021 bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer,
3022 struct stream *s, struct attr *attr,
3023 struct bpacket_attr_vec_arr *vecarr,
3024 struct prefix *p, afi_t afi, safi_t safi,
3025 struct peer *from, struct prefix_rd *prd,
3026 mpls_label_t *label, uint32_t num_labels,
3027 int addpath_encode, uint32_t addpath_tx_id)
3028 {
3029 size_t cp;
3030 size_t aspath_sizep;
3031 struct aspath *aspath;
3032 int send_as4_path = 0;
3033 int send_as4_aggregator = 0;
3034 int use32bit = (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)) ? 1 : 0;
3035
3036 if (!bgp)
3037 bgp = peer->bgp;
3038
3039 /* Remember current pointer. */
3040 cp = stream_get_endp(s);
3041
3042 if (p
3043 && !((afi == AFI_IP && safi == SAFI_UNICAST)
3044 && !peer_cap_enhe(peer, afi, safi))) {
3045 size_t mpattrlen_pos = 0;
3046
3047 mpattrlen_pos = bgp_packet_mpattr_start(s, peer, afi, safi,
3048 vecarr, attr);
3049 bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label,
3050 num_labels, addpath_encode,
3051 addpath_tx_id, attr);
3052 bgp_packet_mpattr_end(s, mpattrlen_pos);
3053 }
3054
3055 /* Origin attribute. */
3056 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3057 stream_putc(s, BGP_ATTR_ORIGIN);
3058 stream_putc(s, 1);
3059 stream_putc(s, attr->origin);
3060
3061 /* AS path attribute. */
3062
3063 /* If remote-peer is EBGP */
3064 if (peer->sort == BGP_PEER_EBGP
3065 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3066 PEER_FLAG_AS_PATH_UNCHANGED)
3067 || attr->aspath->segments == NULL)
3068 && (!CHECK_FLAG(peer->af_flags[afi][safi],
3069 PEER_FLAG_RSERVER_CLIENT))) {
3070 aspath = aspath_dup(attr->aspath);
3071
3072 /* Even though we may not be configured for confederations we
3073 * may have
3074 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3075 aspath = aspath_delete_confed_seq(aspath);
3076
3077 if (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
3078 /* Stuff our path CONFED_ID on the front */
3079 aspath = aspath_add_seq(aspath, bgp->confed_id);
3080 } else {
3081 if (peer->change_local_as) {
3082 /* If replace-as is specified, we only use the
3083 change_local_as when
3084 advertising routes. */
3085 if (!CHECK_FLAG(
3086 peer->flags,
3087 PEER_FLAG_LOCAL_AS_REPLACE_AS)) {
3088 aspath = aspath_add_seq(aspath,
3089 peer->local_as);
3090 }
3091 aspath = aspath_add_seq(aspath,
3092 peer->change_local_as);
3093 } else {
3094 aspath = aspath_add_seq(aspath, peer->local_as);
3095 }
3096 }
3097 } else if (peer->sort == BGP_PEER_CONFED) {
3098 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3099 * thing */
3100 aspath = aspath_dup(attr->aspath);
3101 aspath = aspath_add_confed_seq(aspath, peer->local_as);
3102 } else
3103 aspath = attr->aspath;
3104
3105 /* If peer is not AS4 capable, then:
3106 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3107 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3108 * segment
3109 * types are in it (i.e. exclude them if they are there)
3110 * AND do this only if there is at least one asnum > 65535 in the
3111 * path!
3112 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3113 * change
3114 * all ASnums > 65535 to BGP_AS_TRANS
3115 */
3116
3117 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3118 stream_putc(s, BGP_ATTR_AS_PATH);
3119 aspath_sizep = stream_get_endp(s);
3120 stream_putw(s, 0);
3121 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, use32bit));
3122
3123 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3124 * in the path
3125 */
3126 if (!use32bit && aspath_has_as4(aspath))
3127 send_as4_path =
3128 1; /* we'll do this later, at the correct place */
3129
3130 /* Nexthop attribute. */
3131 if (afi == AFI_IP && safi == SAFI_UNICAST
3132 && !peer_cap_enhe(peer, afi, safi)) {
3133 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP)) {
3134 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3135 stream_putc(s, BGP_ATTR_NEXT_HOP);
3136 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3137 attr);
3138 stream_putc(s, 4);
3139 stream_put_ipv4(s, attr->nexthop.s_addr);
3140 } else if (peer_cap_enhe(from, afi, safi)) {
3141 /*
3142 * Likely this is the case when an IPv4 prefix was
3143 * received with
3144 * Extended Next-hop capability and now being advertised
3145 * to
3146 * non-ENHE peers.
3147 * Setting the mandatory (ipv4) next-hop attribute here
3148 * to enable
3149 * implicit next-hop self with correct (ipv4 address
3150 * family).
3151 */
3152 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3153 stream_putc(s, BGP_ATTR_NEXT_HOP);
3154 bpacket_attr_vec_arr_set_vec(vecarr, BGP_ATTR_VEC_NH, s,
3155 NULL);
3156 stream_putc(s, 4);
3157 stream_put_ipv4(s, 0);
3158 }
3159 }
3160
3161 /* MED attribute. */
3162 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)
3163 || bgp->maxmed_active) {
3164 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3165 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3166 stream_putc(s, 4);
3167 stream_putl(s, (bgp->maxmed_active ? bgp->maxmed_value
3168 : attr->med));
3169 }
3170
3171 /* Local preference. */
3172 if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) {
3173 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3174 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3175 stream_putc(s, 4);
3176 stream_putl(s, attr->local_pref);
3177 }
3178
3179 /* Atomic aggregate. */
3180 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3181 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3182 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3183 stream_putc(s, 0);
3184 }
3185
3186 /* Aggregator. */
3187 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3188 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3189 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3190 stream_putc(s, BGP_ATTR_AGGREGATOR);
3191
3192 if (use32bit) {
3193 /* AS4 capable peer */
3194 stream_putc(s, 8);
3195 stream_putl(s, attr->aggregator_as);
3196 } else {
3197 /* 2-byte AS peer */
3198 stream_putc(s, 6);
3199
3200 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3201 * used? */
3202 if (attr->aggregator_as > 65535) {
3203 stream_putw(s, BGP_AS_TRANS);
3204
3205 /* we have to send AS4_AGGREGATOR, too.
3206 * we'll do that later in order to send
3207 * attributes in ascending
3208 * order.
3209 */
3210 send_as4_aggregator = 1;
3211 } else
3212 stream_putw(s, (uint16_t)attr->aggregator_as);
3213 }
3214 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3215 }
3216
3217 /* Community attribute. */
3218 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY)
3219 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES))) {
3220 if (attr->community->size * 4 > 255) {
3221 stream_putc(s,
3222 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3223 | BGP_ATTR_FLAG_EXTLEN);
3224 stream_putc(s, BGP_ATTR_COMMUNITIES);
3225 stream_putw(s, attr->community->size * 4);
3226 } else {
3227 stream_putc(s,
3228 BGP_ATTR_FLAG_OPTIONAL
3229 | BGP_ATTR_FLAG_TRANS);
3230 stream_putc(s, BGP_ATTR_COMMUNITIES);
3231 stream_putc(s, attr->community->size * 4);
3232 }
3233 stream_put(s, attr->community->val, attr->community->size * 4);
3234 }
3235
3236 /*
3237 * Large Community attribute.
3238 */
3239 if (CHECK_FLAG(peer->af_flags[afi][safi],
3240 PEER_FLAG_SEND_LARGE_COMMUNITY)
3241 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES))) {
3242 if (lcom_length(attr->lcommunity) > 255) {
3243 stream_putc(s,
3244 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3245 | BGP_ATTR_FLAG_EXTLEN);
3246 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3247 stream_putw(s, lcom_length(attr->lcommunity));
3248 } else {
3249 stream_putc(s,
3250 BGP_ATTR_FLAG_OPTIONAL
3251 | BGP_ATTR_FLAG_TRANS);
3252 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3253 stream_putc(s, lcom_length(attr->lcommunity));
3254 }
3255 stream_put(s, attr->lcommunity->val,
3256 lcom_length(attr->lcommunity));
3257 }
3258
3259 /* Route Reflector. */
3260 if (peer->sort == BGP_PEER_IBGP && from
3261 && from->sort == BGP_PEER_IBGP) {
3262 /* Originator ID. */
3263 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3264 stream_putc(s, BGP_ATTR_ORIGINATOR_ID);
3265 stream_putc(s, 4);
3266
3267 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID))
3268 stream_put_in_addr(s, &attr->originator_id);
3269 else
3270 stream_put_in_addr(s, &from->remote_id);
3271
3272 /* Cluster list. */
3273 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3274 stream_putc(s, BGP_ATTR_CLUSTER_LIST);
3275
3276 if (attr->cluster) {
3277 stream_putc(s, attr->cluster->length + 4);
3278 /* If this peer configuration's parent BGP has
3279 * cluster_id. */
3280 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3281 stream_put_in_addr(s, &bgp->cluster_id);
3282 else
3283 stream_put_in_addr(s, &bgp->router_id);
3284 stream_put(s, attr->cluster->list,
3285 attr->cluster->length);
3286 } else {
3287 stream_putc(s, 4);
3288 /* If this peer configuration's parent BGP has
3289 * cluster_id. */
3290 if (bgp->config & BGP_CONFIG_CLUSTER_ID)
3291 stream_put_in_addr(s, &bgp->cluster_id);
3292 else
3293 stream_put_in_addr(s, &bgp->router_id);
3294 }
3295 }
3296
3297 /* Extended Communities attribute. */
3298 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY)
3299 && (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES))) {
3300 if (peer->sort == BGP_PEER_IBGP
3301 || peer->sort == BGP_PEER_CONFED) {
3302 if (attr->ecommunity->size * 8 > 255) {
3303 stream_putc(s,
3304 BGP_ATTR_FLAG_OPTIONAL
3305 | BGP_ATTR_FLAG_TRANS
3306 | BGP_ATTR_FLAG_EXTLEN);
3307 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3308 stream_putw(s, attr->ecommunity->size * 8);
3309 } else {
3310 stream_putc(s,
3311 BGP_ATTR_FLAG_OPTIONAL
3312 | BGP_ATTR_FLAG_TRANS);
3313 stream_putc(s, BGP_ATTR_EXT_COMMUNITIES);
3314 stream_putc(s, attr->ecommunity->size * 8);
3315 }
3316 stream_put(s, attr->ecommunity->val,
3317 attr->ecommunity->size * 8);
3318 } else {
3319 uint8_t *pnt;
3320 int tbit;
3321 int ecom_tr_size = 0;
3322 int i;
3323
3324 for (i = 0; i < attr->ecommunity->size; i++) {
3325 pnt = attr->ecommunity->val + (i * 8);
3326 tbit = *pnt;
3327
3328 if (CHECK_FLAG(tbit,
3329 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3330 continue;
3331
3332 ecom_tr_size++;
3333 }
3334
3335 if (ecom_tr_size) {
3336 if (ecom_tr_size * 8 > 255) {
3337 stream_putc(
3338 s,
3339 BGP_ATTR_FLAG_OPTIONAL
3340 | BGP_ATTR_FLAG_TRANS
3341 | BGP_ATTR_FLAG_EXTLEN);
3342 stream_putc(s,
3343 BGP_ATTR_EXT_COMMUNITIES);
3344 stream_putw(s, ecom_tr_size * 8);
3345 } else {
3346 stream_putc(
3347 s,
3348 BGP_ATTR_FLAG_OPTIONAL
3349 | BGP_ATTR_FLAG_TRANS);
3350 stream_putc(s,
3351 BGP_ATTR_EXT_COMMUNITIES);
3352 stream_putc(s, ecom_tr_size * 8);
3353 }
3354
3355 for (i = 0; i < attr->ecommunity->size; i++) {
3356 pnt = attr->ecommunity->val + (i * 8);
3357 tbit = *pnt;
3358
3359 if (CHECK_FLAG(
3360 tbit,
3361 ECOMMUNITY_FLAG_NON_TRANSITIVE))
3362 continue;
3363
3364 stream_put(s, pnt, 8);
3365 }
3366 }
3367 }
3368 }
3369
3370 /* Label index attribute. */
3371 if (safi == SAFI_LABELED_UNICAST) {
3372 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3373 uint32_t label_index;
3374
3375 label_index = attr->label_index;
3376
3377 if (label_index != BGP_INVALID_LABEL_INDEX) {
3378 stream_putc(s,
3379 BGP_ATTR_FLAG_OPTIONAL
3380 | BGP_ATTR_FLAG_TRANS);
3381 stream_putc(s, BGP_ATTR_PREFIX_SID);
3382 stream_putc(s, 10);
3383 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3384 stream_putw(s,
3385 BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3386 stream_putc(s, 0); // reserved
3387 stream_putw(s, 0); // flags
3388 stream_putl(s, label_index);
3389 }
3390 }
3391 }
3392
3393 if (send_as4_path) {
3394 /* If the peer is NOT As4 capable, AND */
3395 /* there are ASnums > 65535 in path THEN
3396 * give out AS4_PATH */
3397
3398 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3399 * path segments!
3400 * Hm, I wonder... confederation things *should* only be at
3401 * the beginning of an aspath, right? Then we should use
3402 * aspath_delete_confed_seq for this, because it is already
3403 * there! (JK)
3404 * Folks, talk to me: what is reasonable here!?
3405 */
3406 aspath = aspath_delete_confed_seq(aspath);
3407
3408 stream_putc(s,
3409 BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL
3410 | BGP_ATTR_FLAG_EXTLEN);
3411 stream_putc(s, BGP_ATTR_AS4_PATH);
3412 aspath_sizep = stream_get_endp(s);
3413 stream_putw(s, 0);
3414 stream_putw_at(s, aspath_sizep, aspath_put(s, aspath, 1));
3415 }
3416
3417 if (aspath != attr->aspath)
3418 aspath_free(aspath);
3419
3420 if (send_as4_aggregator) {
3421 /* send AS4_AGGREGATOR, at this place */
3422 /* this section of code moved here in order to ensure the
3423 * correct
3424 * *ascending* order of attributes
3425 */
3426 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3427 stream_putc(s, BGP_ATTR_AS4_AGGREGATOR);
3428 stream_putc(s, 8);
3429 stream_putl(s, attr->aggregator_as);
3430 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3431 }
3432
3433 if (((afi == AFI_IP || afi == AFI_IP6)
3434 && (safi == SAFI_ENCAP || safi == SAFI_MPLS_VPN))
3435 || (afi == AFI_L2VPN && safi == SAFI_EVPN)) {
3436 /* Tunnel Encap attribute */
3437 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_ENCAP);
3438
3439 #if ENABLE_BGP_VNC
3440 /* VNC attribute */
3441 bgp_packet_mpattr_tea(bgp, peer, s, attr, BGP_ATTR_VNC);
3442 #endif
3443 }
3444
3445 /* PMSI Tunnel */
3446 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL)) {
3447 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3448 stream_putc(s, BGP_ATTR_PMSI_TUNNEL);
3449 stream_putc(s, 9); // Length
3450 stream_putc(s, 0); // Flags
3451 stream_putc(s, PMSI_TNLTYPE_INGR_REPL); // IR (6)
3452 stream_put(s, &(attr->label),
3453 BGP_LABEL_BYTES); // MPLS Label / VXLAN VNI
3454 stream_put_ipv4(s, attr->nexthop.s_addr);
3455 // Unicast tunnel endpoint IP address
3456 }
3457
3458 /* Unknown transit attribute. */
3459 if (attr->transit)
3460 stream_put(s, attr->transit->val, attr->transit->length);
3461
3462 /* Return total size of attribute. */
3463 return stream_get_endp(s) - cp;
3464 }
3465
3466 size_t bgp_packet_mpunreach_start(struct stream *s, afi_t afi, safi_t safi)
3467 {
3468 unsigned long attrlen_pnt;
3469 iana_afi_t pkt_afi;
3470 iana_safi_t pkt_safi;
3471
3472 /* Set extended bit always to encode the attribute length as 2 bytes */
3473 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
3474 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
3475
3476 attrlen_pnt = stream_get_endp(s);
3477 stream_putw(s, 0); /* Length of this attribute. */
3478
3479 /* Convert AFI, SAFI to values for packet. */
3480 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
3481
3482 stream_putw(s, pkt_afi);
3483 stream_putc(s, pkt_safi);
3484
3485 return attrlen_pnt;
3486 }
3487
3488 void bgp_packet_mpunreach_prefix(struct stream *s, struct prefix *p, afi_t afi,
3489 safi_t safi, struct prefix_rd *prd,
3490 mpls_label_t *label, uint32_t num_labels,
3491 int addpath_encode, uint32_t addpath_tx_id,
3492 struct attr *attr)
3493 {
3494 uint8_t wlabel[3] = {0x80, 0x00, 0x00};
3495
3496 if (safi == SAFI_LABELED_UNICAST) {
3497 label = (mpls_label_t *)wlabel;
3498 num_labels = 1;
3499 }
3500
3501 return bgp_packet_mpattr_prefix(s, afi, safi, p, prd, label, num_labels,
3502 addpath_encode, addpath_tx_id, attr);
3503 }
3504
3505 void bgp_packet_mpunreach_end(struct stream *s, size_t attrlen_pnt)
3506 {
3507 bgp_packet_mpattr_end(s, attrlen_pnt);
3508 }
3509
3510 /* Initialization of attribute. */
3511 void bgp_attr_init(void)
3512 {
3513 aspath_init();
3514 attrhash_init();
3515 community_init();
3516 ecommunity_init();
3517 lcommunity_init();
3518 cluster_init();
3519 transit_init();
3520 encap_init();
3521 }
3522
3523 void bgp_attr_finish(void)
3524 {
3525 aspath_finish();
3526 attrhash_finish();
3527 community_finish();
3528 ecommunity_finish();
3529 lcommunity_finish();
3530 cluster_finish();
3531 transit_finish();
3532 encap_finish();
3533 }
3534
3535 /* Make attribute packet. */
3536 void bgp_dump_routes_attr(struct stream *s, struct attr *attr,
3537 struct prefix *prefix)
3538 {
3539 unsigned long cp;
3540 unsigned long len;
3541 size_t aspath_lenp;
3542 struct aspath *aspath;
3543 int addpath_encode = 0;
3544 uint32_t addpath_tx_id = 0;
3545
3546 /* Remember current pointer. */
3547 cp = stream_get_endp(s);
3548
3549 /* Place holder of length. */
3550 stream_putw(s, 0);
3551
3552 /* Origin attribute. */
3553 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3554 stream_putc(s, BGP_ATTR_ORIGIN);
3555 stream_putc(s, 1);
3556 stream_putc(s, attr->origin);
3557
3558 aspath = attr->aspath;
3559
3560 stream_putc(s, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_EXTLEN);
3561 stream_putc(s, BGP_ATTR_AS_PATH);
3562 aspath_lenp = stream_get_endp(s);
3563 stream_putw(s, 0);
3564
3565 stream_putw_at(s, aspath_lenp, aspath_put(s, aspath, 1));
3566
3567 /* Nexthop attribute. */
3568 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3569 if (prefix != NULL && prefix->family != AF_INET6) {
3570 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3571 stream_putc(s, BGP_ATTR_NEXT_HOP);
3572 stream_putc(s, 4);
3573 stream_put_ipv4(s, attr->nexthop.s_addr);
3574 }
3575
3576 /* MED attribute. */
3577 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {
3578 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3579 stream_putc(s, BGP_ATTR_MULTI_EXIT_DISC);
3580 stream_putc(s, 4);
3581 stream_putl(s, attr->med);
3582 }
3583
3584 /* Local preference. */
3585 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {
3586 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3587 stream_putc(s, BGP_ATTR_LOCAL_PREF);
3588 stream_putc(s, 4);
3589 stream_putl(s, attr->local_pref);
3590 }
3591
3592 /* Atomic aggregate. */
3593 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE)) {
3594 stream_putc(s, BGP_ATTR_FLAG_TRANS);
3595 stream_putc(s, BGP_ATTR_ATOMIC_AGGREGATE);
3596 stream_putc(s, 0);
3597 }
3598
3599 /* Aggregator. */
3600 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR)) {
3601 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS);
3602 stream_putc(s, BGP_ATTR_AGGREGATOR);
3603 stream_putc(s, 8);
3604 stream_putl(s, attr->aggregator_as);
3605 stream_put_ipv4(s, attr->aggregator_addr.s_addr);
3606 }
3607
3608 /* Community attribute. */
3609 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES)) {
3610 if (attr->community->size * 4 > 255) {
3611 stream_putc(s,
3612 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3613 | BGP_ATTR_FLAG_EXTLEN);
3614 stream_putc(s, BGP_ATTR_COMMUNITIES);
3615 stream_putw(s, attr->community->size * 4);
3616 } else {
3617 stream_putc(s,
3618 BGP_ATTR_FLAG_OPTIONAL
3619 | BGP_ATTR_FLAG_TRANS);
3620 stream_putc(s, BGP_ATTR_COMMUNITIES);
3621 stream_putc(s, attr->community->size * 4);
3622 }
3623 stream_put(s, attr->community->val, attr->community->size * 4);
3624 }
3625
3626 /* Large Community attribute. */
3627 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES)) {
3628 if (lcom_length(attr->lcommunity) > 255) {
3629 stream_putc(s,
3630 BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_TRANS
3631 | BGP_ATTR_FLAG_EXTLEN);
3632 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3633 stream_putw(s, lcom_length(attr->lcommunity));
3634 } else {
3635 stream_putc(s,
3636 BGP_ATTR_FLAG_OPTIONAL
3637 | BGP_ATTR_FLAG_TRANS);
3638 stream_putc(s, BGP_ATTR_LARGE_COMMUNITIES);
3639 stream_putc(s, lcom_length(attr->lcommunity));
3640 }
3641
3642 stream_put(s, attr->lcommunity->val,
3643 lcom_length(attr->lcommunity));
3644 }
3645
3646 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3647 if (prefix != NULL && prefix->family == AF_INET6
3648 && (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL
3649 || attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)) {
3650 int sizep;
3651
3652 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
3653 stream_putc(s, BGP_ATTR_MP_REACH_NLRI);
3654 sizep = stream_get_endp(s);
3655
3656 /* MP header */
3657 stream_putc(s, 0); /* Marker: Attribute length. */
3658 stream_putw(s, AFI_IP6); /* AFI */
3659 stream_putc(s, SAFI_UNICAST); /* SAFI */
3660
3661 /* Next hop */
3662 stream_putc(s, attr->mp_nexthop_len);
3663 stream_put(s, &attr->mp_nexthop_global, IPV6_MAX_BYTELEN);
3664 if (attr->mp_nexthop_len == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL)
3665 stream_put(s, &attr->mp_nexthop_local,
3666 IPV6_MAX_BYTELEN);
3667
3668 /* SNPA */
3669 stream_putc(s, 0);
3670
3671 /* Prefix */
3672 stream_put_prefix_addpath(s, prefix, addpath_encode,
3673 addpath_tx_id);
3674
3675 /* Set MP attribute length. */
3676 stream_putc_at(s, sizep, (stream_get_endp(s) - sizep) - 1);
3677 }
3678
3679 /* Prefix SID */
3680 if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID)) {
3681 if (attr->label_index != BGP_INVALID_LABEL_INDEX) {
3682 stream_putc(s,
3683 BGP_ATTR_FLAG_OPTIONAL
3684 | BGP_ATTR_FLAG_TRANS);
3685 stream_putc(s, BGP_ATTR_PREFIX_SID);
3686 stream_putc(s, 10);
3687 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX);
3688 stream_putc(s, BGP_PREFIX_SID_LABEL_INDEX_LENGTH);
3689 stream_putc(s, 0); // reserved
3690 stream_putw(s, 0); // flags
3691 stream_putl(s, attr->label_index);
3692 }
3693 }
3694
3695 /* Return total size of attribute. */
3696 len = stream_get_endp(s) - cp - 2;
3697 stream_putw_at(s, cp, len);
3698 }
FRRouting mirror