]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_open.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
debianpkg: Add Debian 9 Package support
[mirror_frr.git] / bgpd / bgp_open.c
1 /* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
3
4 This file is part of GNU Zebra.
5
6 GNU Zebra is free software; you can redistribute it and/or modify it
7 under the terms of the GNU General Public License as published by the
8 Free Software Foundation; either version 2, or (at your option) any
9 later version.
10
11 GNU Zebra is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with GNU Zebra; see the file COPYING. If not, write to the Free
18 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
19 02111-1307, USA. */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "stream.h"
26 #include "thread.h"
27 #include "log.h"
28 #include "command.h"
29 #include "memory.h"
30 #include "queue.h"
31 #include "filter.h"
32
33 #include "lib/json.h"
34 #include "bgpd/bgpd.h"
35 #include "bgpd/bgp_attr.h"
36 #include "bgpd/bgp_debug.h"
37 #include "bgpd/bgp_fsm.h"
38 #include "bgpd/bgp_packet.h"
39 #include "bgpd/bgp_open.h"
40 #include "bgpd/bgp_aspath.h"
41 #include "bgpd/bgp_vty.h"
42 #include "bgpd/bgp_memory.h"
43
44 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
45 negotiate remote peer supports extentions or not. But if
46 remote-peer doesn't supports negotiation process itself. We would
47 like to do manual configuration.
48
49 So there is many configurable point. First of all we want set each
50 peer whether we send capability negotiation to the peer or not.
51 Next, if we send capability to the peer we want to set my capabilty
52 inforation at each peer. */
53
54 void bgp_capability_vty_out(struct vty *vty, struct peer *peer, u_char use_json,
55 json_object *json_neigh)
56 {
57 char *pnt;
58 char *end;
59 struct capability_mp_data mpc;
60 struct capability_header *hdr;
61 json_object *json_cap = NULL;
62
63 if (use_json)
64 json_cap = json_object_new_object();
65
66 pnt = peer->notify.data;
67 end = pnt + peer->notify.length;
68
69 while (pnt < end) {
70 if (pnt + sizeof(struct capability_mp_data) + 2 > end)
71 return;
72
73 hdr = (struct capability_header *)pnt;
74 if (pnt + hdr->length + 2 > end)
75 return;
76
77 memcpy(&mpc, pnt + 2, sizeof(struct capability_mp_data));
78
79 if (hdr->code == CAPABILITY_CODE_MP) {
80 afi_t afi;
81 safi_t safi;
82
83 bgp_map_afi_safi_iana2int(ntohs(mpc.afi), mpc.safi,
84 &afi, &safi);
85 if (use_json) {
86 switch (afi) {
87 case AFI_IP:
88 json_object_string_add(
89 json_cap,
90 "capabilityErrorMultiProtocolAfi",
91 "IPv4");
92 break;
93 case AFI_IP6:
94 json_object_string_add(
95 json_cap,
96 "capabilityErrorMultiProtocolAfi",
97 "IPv6");
98 break;
99 case AFI_L2VPN:
100 json_object_string_add(
101 json_cap,
102 "capabilityErrorMultiProtocolAfi",
103 "L2VPN");
104 break;
105 default:
106 json_object_int_add(
107 json_cap,
108 "capabilityErrorMultiProtocolAfiUnknown",
109 ntohs(mpc.afi));
110 break;
111 }
112 switch (safi) {
113 case SAFI_UNICAST:
114 json_object_string_add(
115 json_cap,
116 "capabilityErrorMultiProtocolSafi",
117 "unicast");
118 break;
119 case SAFI_MULTICAST:
120 json_object_string_add(
121 json_cap,
122 "capabilityErrorMultiProtocolSafi",
123 "multicast");
124 break;
125 case SAFI_MPLS_VPN:
126 json_object_string_add(
127 json_cap,
128 "capabilityErrorMultiProtocolSafi",
129 "MPLS-labeled VPN");
130 break;
131 case SAFI_ENCAP:
132 json_object_string_add(
133 json_cap,
134 "capabilityErrorMultiProtocolSafi",
135 "encap");
136 break;
137 case SAFI_EVPN:
138 json_object_string_add(
139 json_cap,
140 "capabilityErrorMultiProtocolSafi",
141 "EVPN");
142 break;
143 default:
144 json_object_int_add(
145 json_cap,
146 "capabilityErrorMultiProtocolSafiUnknown",
147 mpc.safi);
148 break;
149 }
150 } else {
151 vty_out(vty,
152 " Capability error for: Multi protocol ");
153 switch (afi) {
154 case AFI_IP:
155 vty_out(vty, "AFI IPv4, ");
156 break;
157 case AFI_IP6:
158 vty_out(vty, "AFI IPv6, ");
159 break;
160 case AFI_L2VPN:
161 vty_out(vty, "AFI L2VPN, ");
162 break;
163 default:
164 vty_out(vty, "AFI Unknown %d, ",
165 ntohs(mpc.afi));
166 break;
167 }
168 switch (safi) {
169 case SAFI_UNICAST:
170 vty_out(vty, "SAFI Unicast");
171 break;
172 case SAFI_MULTICAST:
173 vty_out(vty, "SAFI Multicast");
174 break;
175 case SAFI_MPLS_VPN:
176 vty_out(vty, "SAFI MPLS-labeled VPN");
177 break;
178 case SAFI_ENCAP:
179 vty_out(vty, "SAFI ENCAP");
180 break;
181 case SAFI_EVPN:
182 vty_out(vty, "SAFI EVPN");
183 break;
184 default:
185 vty_out(vty, "SAFI Unknown %d ",
186 mpc.safi);
187 break;
188 }
189 vty_out(vty, "%s", VTY_NEWLINE);
190 }
191 } else if (hdr->code >= 128) {
192 if (use_json)
193 json_object_int_add(
194 json_cap,
195 "capabilityErrorVendorSpecificCapabilityCode",
196 hdr->code);
197 else
198 vty_out(vty,
199 " Capability error: vendor specific capability code %d",
200 hdr->code);
201 } else {
202 if (use_json)
203 json_object_int_add(
204 json_cap,
205 "capabilityErrorUnknownCapabilityCode",
206 hdr->code);
207 else
208 vty_out(vty,
209 " Capability error: unknown capability code %d",
210 hdr->code);
211 }
212 pnt += hdr->length + 2;
213 }
214 if (use_json)
215 json_object_object_add(json_neigh, "capabilityErrors",
216 json_cap);
217 }
218
219 static void bgp_capability_mp_data(struct stream *s,
220 struct capability_mp_data *mpc)
221 {
222 mpc->afi = stream_getw(s);
223 mpc->reserved = stream_getc(s);
224 mpc->safi = stream_getc(s);
225 }
226
227 /* Set negotiated capability value. */
228 static int bgp_capability_mp(struct peer *peer, struct capability_header *hdr)
229 {
230 struct capability_mp_data mpc;
231 struct stream *s = BGP_INPUT(peer);
232 afi_t afi;
233 safi_t safi;
234
235 /* Verify length is 4 */
236 if (hdr->length != 4) {
237 zlog_warn(
238 "MP Cap: Received invalid length %d, non-multiple of 4",
239 hdr->length);
240 return -1;
241 }
242
243 bgp_capability_mp_data(s, &mpc);
244
245 if (bgp_debug_neighbor_events(peer))
246 zlog_debug("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
247 peer->host, mpc.afi, mpc.safi);
248
249 /* Convert AFI, SAFI to internal values, check. */
250 if (bgp_map_afi_safi_iana2int(mpc.afi, mpc.safi, &afi, &safi))
251 return -1;
252
253 /* Now safi remapped, and afi/safi are valid array indices */
254 peer->afc_recv[afi][safi] = 1;
255
256 if (peer->afc[afi][safi])
257 peer->afc_nego[afi][safi] = 1;
258 else
259 return -1;
260
261 return 0;
262 }
263
264 static void bgp_capability_orf_not_support(struct peer *peer, iana_afi_t afi,
265 safi_t safi, u_char type,
266 u_char mode)
267 {
268 if (bgp_debug_neighbor_events(peer))
269 zlog_debug(
270 "%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
271 peer->host, afi, safi, type, mode);
272 }
273
274 static const struct message orf_type_str[] = {
275 {ORF_TYPE_PREFIX, "Prefixlist"},
276 {ORF_TYPE_PREFIX_OLD, "Prefixlist (old)"},
277 {0}};
278
279 static const struct message orf_mode_str[] = {{ORF_MODE_RECEIVE, "Receive"},
280 {ORF_MODE_SEND, "Send"},
281 {ORF_MODE_BOTH, "Both"},
282 {0}};
283
284 static int bgp_capability_orf_entry(struct peer *peer,
285 struct capability_header *hdr)
286 {
287 struct stream *s = BGP_INPUT(peer);
288 struct capability_orf_entry entry;
289 iana_afi_t pkt_afi;
290 afi_t afi;
291 safi_t pkt_safi, safi;
292 u_char type;
293 u_char mode;
294 u_int16_t sm_cap = 0; /* capability send-mode receive */
295 u_int16_t rm_cap = 0; /* capability receive-mode receive */
296 int i;
297
298 /* ORF Entry header */
299 bgp_capability_mp_data(s, &entry.mpc);
300 entry.num = stream_getc(s);
301 pkt_afi = entry.mpc.afi;
302 pkt_safi = entry.mpc.safi;
303
304 if (bgp_debug_neighbor_events(peer))
305 zlog_debug("%s ORF Cap entry for afi/safi: %u/%u", peer->host,
306 entry.mpc.afi, entry.mpc.safi);
307
308 /* Convert AFI, SAFI to internal values, check. */
309 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
310 zlog_info(
311 "%s Addr-family %d/%d not supported."
312 " Ignoring the ORF capability",
313 peer->host, pkt_afi, pkt_safi);
314 return 0;
315 }
316
317 entry.mpc.afi = pkt_afi;
318 entry.mpc.safi = safi;
319
320 /* validate number field */
321 if (CAPABILITY_CODE_ORF_LEN + (entry.num * 2) > hdr->length) {
322 zlog_info(
323 "%s ORF Capability entry length error,"
324 " Cap length %u, num %u",
325 peer->host, hdr->length, entry.num);
326 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
327 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
328 return -1;
329 }
330
331 for (i = 0; i < entry.num; i++) {
332 type = stream_getc(s);
333 mode = stream_getc(s);
334
335 /* ORF Mode error check */
336 switch (mode) {
337 case ORF_MODE_BOTH:
338 case ORF_MODE_SEND:
339 case ORF_MODE_RECEIVE:
340 break;
341 default:
342 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
343 type, mode);
344 continue;
345 }
346 /* ORF Type and afi/safi error checks */
347 /* capcode versus type */
348 switch (hdr->code) {
349 case CAPABILITY_CODE_ORF:
350 switch (type) {
351 case ORF_TYPE_PREFIX:
352 break;
353 default:
354 bgp_capability_orf_not_support(
355 peer, pkt_afi, pkt_safi, type, mode);
356 continue;
357 }
358 break;
359 case CAPABILITY_CODE_ORF_OLD:
360 switch (type) {
361 case ORF_TYPE_PREFIX_OLD:
362 break;
363 default:
364 bgp_capability_orf_not_support(
365 peer, pkt_afi, pkt_safi, type, mode);
366 continue;
367 }
368 break;
369 default:
370 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
371 type, mode);
372 continue;
373 }
374
375 /* AFI vs SAFI */
376 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
377 || (afi == AFI_IP && safi == SAFI_MULTICAST)
378 || (afi == AFI_IP6 && safi == SAFI_UNICAST))) {
379 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
380 type, mode);
381 continue;
382 }
383
384 if (bgp_debug_neighbor_events(peer))
385 zlog_debug(
386 "%s OPEN has %s ORF capability"
387 " as %s for afi/safi: %d/%d",
388 peer->host,
389 lookup_msg(orf_type_str, type, NULL),
390 lookup_msg(orf_mode_str, mode, NULL), pkt_afi,
391 pkt_safi);
392
393 if (hdr->code == CAPABILITY_CODE_ORF) {
394 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
395 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
396 } else if (hdr->code == CAPABILITY_CODE_ORF_OLD) {
397 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
398 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
399 } else {
400 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
401 type, mode);
402 continue;
403 }
404
405 switch (mode) {
406 case ORF_MODE_BOTH:
407 SET_FLAG(peer->af_cap[afi][safi], sm_cap);
408 SET_FLAG(peer->af_cap[afi][safi], rm_cap);
409 break;
410 case ORF_MODE_SEND:
411 SET_FLAG(peer->af_cap[afi][safi], sm_cap);
412 break;
413 case ORF_MODE_RECEIVE:
414 SET_FLAG(peer->af_cap[afi][safi], rm_cap);
415 break;
416 }
417 }
418 return 0;
419 }
420
421 static int bgp_capability_restart(struct peer *peer,
422 struct capability_header *caphdr)
423 {
424 struct stream *s = BGP_INPUT(peer);
425 u_int16_t restart_flag_time;
426 size_t end = stream_get_getp(s) + caphdr->length;
427
428 /* Verify length is a multiple of 4 */
429 if ((caphdr->length - 2) % 4) {
430 zlog_warn(
431 "Restart Cap: Received invalid length %d, non-multiple of 4",
432 caphdr->length);
433 return -1;
434 }
435
436 SET_FLAG(peer->cap, PEER_CAP_RESTART_RCV);
437 restart_flag_time = stream_getw(s);
438 if (CHECK_FLAG(restart_flag_time, RESTART_R_BIT))
439 SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV);
440
441 UNSET_FLAG(restart_flag_time, 0xF000);
442 peer->v_gr_restart = restart_flag_time;
443
444 if (bgp_debug_neighbor_events(peer)) {
445 zlog_debug("%s OPEN has Graceful Restart capability",
446 peer->host);
447 zlog_debug("%s Peer has%srestarted. Restart Time : %d",
448 peer->host,
449 CHECK_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV)
450 ? " "
451 : " not ",
452 peer->v_gr_restart);
453 }
454
455 while (stream_get_getp(s) + 4 <= end) {
456 afi_t afi;
457 safi_t safi;
458 iana_afi_t pkt_afi = stream_getw(s);
459 safi_t pkt_safi = stream_getc(s);
460 u_char flag = stream_getc(s);
461
462 /* Convert AFI, SAFI to internal values, check. */
463 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
464 if (bgp_debug_neighbor_events(peer))
465 zlog_debug(
466 "%s Addr-family %d/%d(afi/safi) not supported."
467 " Ignore the Graceful Restart capability for this AFI/SAFI",
468 peer->host, pkt_afi, pkt_safi);
469 } else if (!peer->afc[afi][safi]) {
470 if (bgp_debug_neighbor_events(peer))
471 zlog_debug(
472 "%s Addr-family %d/%d(afi/safi) not enabled."
473 " Ignore the Graceful Restart capability",
474 peer->host, pkt_afi, pkt_safi);
475 } else {
476 if (bgp_debug_neighbor_events(peer))
477 zlog_debug(
478 "%s Address family %s is%spreserved",
479 peer->host, afi_safi_print(afi, safi),
480 CHECK_FLAG(
481 peer->af_cap[afi][safi],
482 PEER_CAP_RESTART_AF_PRESERVE_RCV)
483 ? " "
484 : " not ");
485
486 SET_FLAG(peer->af_cap[afi][safi],
487 PEER_CAP_RESTART_AF_RCV);
488 if (CHECK_FLAG(flag, RESTART_F_BIT))
489 SET_FLAG(peer->af_cap[afi][safi],
490 PEER_CAP_RESTART_AF_PRESERVE_RCV);
491 }
492 }
493 return 0;
494 }
495
496 /* Unlike other capability parsing routines, this one returns 0 on error */
497 static as_t bgp_capability_as4(struct peer *peer, struct capability_header *hdr)
498 {
499 SET_FLAG(peer->cap, PEER_CAP_AS4_RCV);
500
501 if (hdr->length != CAPABILITY_CODE_AS4_LEN) {
502 zlog_err("%s AS4 capability has incorrect data length %d",
503 peer->host, hdr->length);
504 return 0;
505 }
506
507 as_t as4 = stream_getl(BGP_INPUT(peer));
508
509 if (BGP_DEBUG(as4, AS4))
510 zlog_debug(
511 "%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
512 peer->host, as4);
513 return as4;
514 }
515
516 static int bgp_capability_addpath(struct peer *peer,
517 struct capability_header *hdr)
518 {
519 struct stream *s = BGP_INPUT(peer);
520 size_t end = stream_get_getp(s) + hdr->length;
521
522 SET_FLAG(peer->cap, PEER_CAP_ADDPATH_RCV);
523
524 /* Verify length is a multiple of 4 */
525 if (hdr->length % 4) {
526 zlog_warn(
527 "Add Path: Received invalid length %d, non-multiple of 4",
528 hdr->length);
529 return -1;
530 }
531
532 while (stream_get_getp(s) + 4 <= end) {
533 afi_t afi;
534 safi_t safi;
535 iana_afi_t pkt_afi = stream_getw(s);
536 safi_t pkt_safi = stream_getc(s);
537 u_char send_receive = stream_getc(s);
538
539 if (bgp_debug_neighbor_events(peer))
540 zlog_debug(
541 "%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
542 peer->host, pkt_afi, pkt_safi,
543 (send_receive & BGP_ADDPATH_RX) ? ", receive"
544 : "",
545 (send_receive & BGP_ADDPATH_TX) ? ", transmit"
546 : "");
547
548 /* Convert AFI, SAFI to internal values, check. */
549 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
550 if (bgp_debug_neighbor_events(peer))
551 zlog_debug(
552 "%s Addr-family %d/%d(afi/safi) not supported."
553 " Ignore the Addpath Attribute for this AFI/SAFI",
554 peer->host, pkt_afi, pkt_safi);
555 continue;
556 } else if (!peer->afc[afi][safi]) {
557 if (bgp_debug_neighbor_events(peer))
558 zlog_debug(
559 "%s Addr-family %d/%d(afi/safi) not enabled."
560 " Ignore the AddPath capability for this AFI/SAFI",
561 peer->host, pkt_afi, pkt_safi);
562 continue;
563 }
564
565 if (send_receive & BGP_ADDPATH_RX)
566 SET_FLAG(peer->af_cap[afi][safi],
567 PEER_CAP_ADDPATH_AF_RX_RCV);
568
569 if (send_receive & BGP_ADDPATH_TX)
570 SET_FLAG(peer->af_cap[afi][safi],
571 PEER_CAP_ADDPATH_AF_TX_RCV);
572 }
573
574 return 0;
575 }
576
577 static int bgp_capability_enhe(struct peer *peer, struct capability_header *hdr)
578 {
579 struct stream *s = BGP_INPUT(peer);
580 size_t end = stream_get_getp(s) + hdr->length;
581
582 /* Verify length is a multiple of 4 */
583 if (hdr->length % 6) {
584 zlog_warn(
585 "Extended NH: Received invalid length %d, non-multiple of 6",
586 hdr->length);
587 return -1;
588 }
589
590 while (stream_get_getp(s) + 6 <= end) {
591 iana_afi_t pkt_afi = stream_getw(s);
592 afi_t afi;
593 safi_t safi, pkt_safi = stream_getw(s);
594 iana_afi_t pkt_nh_afi = stream_getw(s);
595 afi_t nh_afi;
596
597 if (bgp_debug_neighbor_events(peer))
598 zlog_debug(
599 "%s Received with afi/safi/next-hop afi: %u/%u/%u",
600 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
601
602 /* Convert AFI, SAFI to internal values, check. */
603 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
604 if (bgp_debug_neighbor_events(peer))
605 zlog_debug(
606 "%s Addr-family %d/%d(afi/safi) not supported."
607 " Ignore the ENHE Attribute for this AFI/SAFI",
608 peer->host, pkt_afi, pkt_safi);
609 continue;
610 }
611
612 /* RFC 5549 specifies use of this capability only for IPv4 AFI,
613 * with
614 * the Nexthop AFI being IPv6. A future spec may introduce other
615 * possibilities, so we ignore other values with a log. Also,
616 * only
617 * Unicast SAFI is currently supported (and expected).
618 */
619 nh_afi = afi_iana2int(pkt_nh_afi);
620
621 if (afi != AFI_IP || safi != SAFI_UNICAST
622 || nh_afi != AFI_IP6) {
623 zlog_warn(
624 "%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
625 "in Extended Next-hop capability, ignoring",
626 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
627 continue;
628 }
629
630 SET_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
631
632 if (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
633 SET_FLAG(peer->af_cap[afi][safi],
634 PEER_CAP_ENHE_AF_NEGO);
635 }
636
637 SET_FLAG(peer->cap, PEER_CAP_ENHE_RCV);
638
639 return 0;
640 }
641
642 static int bgp_capability_hostname(struct peer *peer,
643 struct capability_header *hdr)
644 {
645 struct stream *s = BGP_INPUT(peer);
646 char str[BGP_MAX_HOSTNAME + 1];
647 size_t end = stream_get_getp(s) + hdr->length;
648 u_char len;
649
650 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
651
652 len = stream_getc(s);
653 if (stream_get_getp(s) + len > end) {
654 zlog_warn(
655 "%s: Received malformed hostname capability from peer %s",
656 __FUNCTION__, peer->host);
657 return -1;
658 }
659
660 if (len > BGP_MAX_HOSTNAME) {
661 stream_get(str, s, BGP_MAX_HOSTNAME);
662 stream_forward_getp(s, len - BGP_MAX_HOSTNAME);
663 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
664 } else if (len)
665 stream_get(str, s, len);
666
667 if (len) {
668 str[len] = '\0';
669
670 if (peer->hostname != NULL) {
671 XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
672 peer->hostname = NULL;
673 }
674
675 if (peer->domainname != NULL) {
676 XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
677 peer->domainname = NULL;
678 }
679
680 peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
681 }
682
683 if (stream_get_getp(s) + 1 > end) {
684 zlog_warn(
685 "%s: Received invalid domain name len (hostname capability) from peer %s",
686 __FUNCTION__, peer->host);
687 return -1;
688 }
689
690 len = stream_getc(s);
691 if (stream_get_getp(s) + len > end) {
692 zlog_warn(
693 "%s: Received runt domain name (hostname capability) from peer %s",
694 __FUNCTION__, peer->host);
695 return -1;
696 }
697
698 if (len > BGP_MAX_HOSTNAME) {
699 stream_get(str, s, BGP_MAX_HOSTNAME);
700 stream_forward_getp(s, len - BGP_MAX_HOSTNAME);
701 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
702 } else if (len)
703 stream_get(str, s, len);
704
705 if (len) {
706 str[len] = '\0';
707 peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
708 }
709
710 if (bgp_debug_neighbor_events(peer)) {
711 zlog_debug("%s received hostname %s, domainname %s", peer->host,
712 peer->hostname, peer->domainname);
713 }
714
715 return 0;
716 }
717
718 static const struct message capcode_str[] = {
719 {CAPABILITY_CODE_MP, "MultiProtocol Extensions"},
720 {CAPABILITY_CODE_REFRESH, "Route Refresh"},
721 {CAPABILITY_CODE_ORF, "Cooperative Route Filtering"},
722 {CAPABILITY_CODE_RESTART, "Graceful Restart"},
723 {CAPABILITY_CODE_AS4, "4-octet AS number"},
724 {CAPABILITY_CODE_ADDPATH, "AddPath"},
725 {CAPABILITY_CODE_DYNAMIC, "Dynamic"},
726 {CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding"},
727 {CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)"},
728 {CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)"},
729 {CAPABILITY_CODE_ORF_OLD, "ORF (Old)"},
730 {CAPABILITY_CODE_FQDN, "FQDN"},
731 {0}};
732
733 /* Minimum sizes for length field of each cap (so not inc. the header) */
734 static const size_t cap_minsizes[] = {
735 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
736 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
737 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
738 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
739 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
740 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
741 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
742 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
743 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
744 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
745 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
746 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
747 };
748
749 /* value the capability must be a multiple of.
750 * 0-data capabilities won't be checked against this.
751 * Other capabilities whose data doesn't fall on convenient boundaries for this
752 * table should be set to 1.
753 */
754 static const size_t cap_modsizes[] = {
755 [CAPABILITY_CODE_MP] = 4,
756 [CAPABILITY_CODE_REFRESH] = 1,
757 [CAPABILITY_CODE_ORF] = 1,
758 [CAPABILITY_CODE_RESTART] = 1,
759 [CAPABILITY_CODE_AS4] = 4,
760 [CAPABILITY_CODE_ADDPATH] = 4,
761 [CAPABILITY_CODE_DYNAMIC] = 1,
762 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
763 [CAPABILITY_CODE_ENHE] = 6,
764 [CAPABILITY_CODE_REFRESH_OLD] = 1,
765 [CAPABILITY_CODE_ORF_OLD] = 1,
766 [CAPABILITY_CODE_FQDN] = 1,
767 };
768
769 /**
770 * Parse given capability.
771 * XXX: This is reading into a stream, but not using stream API
772 *
773 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
774 * capabilities were encountered.
775 */
776 static int bgp_capability_parse(struct peer *peer, size_t length,
777 int *mp_capability, u_char **error)
778 {
779 int ret;
780 struct stream *s = BGP_INPUT(peer);
781 size_t end = stream_get_getp(s) + length;
782
783 assert(STREAM_READABLE(s) >= length);
784
785 while (stream_get_getp(s) < end) {
786 size_t start;
787 u_char *sp = stream_pnt(s);
788 struct capability_header caphdr;
789
790 ret = 0;
791 /* We need at least capability code and capability length. */
792 if (stream_get_getp(s) + 2 > end) {
793 zlog_info("%s Capability length error (< header)",
794 peer->host);
795 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
796 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
797 return -1;
798 }
799
800 caphdr.code = stream_getc(s);
801 caphdr.length = stream_getc(s);
802 start = stream_get_getp(s);
803
804 /* Capability length check sanity check. */
805 if (start + caphdr.length > end) {
806 zlog_info("%s Capability length error (< length)",
807 peer->host);
808 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
809 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
810 return -1;
811 }
812
813 if (bgp_debug_neighbor_events(peer))
814 zlog_debug("%s OPEN has %s capability (%u), length %u",
815 peer->host,
816 lookup_msg(capcode_str, caphdr.code, NULL),
817 caphdr.code, caphdr.length);
818
819 /* Length sanity check, type-specific, for known capabilities */
820 switch (caphdr.code) {
821 case CAPABILITY_CODE_MP:
822 case CAPABILITY_CODE_REFRESH:
823 case CAPABILITY_CODE_REFRESH_OLD:
824 case CAPABILITY_CODE_ORF:
825 case CAPABILITY_CODE_ORF_OLD:
826 case CAPABILITY_CODE_RESTART:
827 case CAPABILITY_CODE_AS4:
828 case CAPABILITY_CODE_ADDPATH:
829 case CAPABILITY_CODE_DYNAMIC:
830 case CAPABILITY_CODE_DYNAMIC_OLD:
831 case CAPABILITY_CODE_ENHE:
832 case CAPABILITY_CODE_FQDN:
833 /* Check length. */
834 if (caphdr.length < cap_minsizes[caphdr.code]) {
835 zlog_info(
836 "%s %s Capability length error: got %u,"
837 " expected at least %u",
838 peer->host,
839 lookup_msg(capcode_str, caphdr.code,
840 NULL),
841 caphdr.length,
842 (unsigned)cap_minsizes[caphdr.code]);
843 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
844 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
845 return -1;
846 }
847 if (caphdr.length
848 && caphdr.length % cap_modsizes[caphdr.code] != 0) {
849 zlog_info(
850 "%s %s Capability length error: got %u,"
851 " expected a multiple of %u",
852 peer->host,
853 lookup_msg(capcode_str, caphdr.code,
854 NULL),
855 caphdr.length,
856 (unsigned)cap_modsizes[caphdr.code]);
857 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
858 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
859 return -1;
860 }
861 /* we deliberately ignore unknown codes, see below */
862 default:
863 break;
864 }
865
866 switch (caphdr.code) {
867 case CAPABILITY_CODE_MP: {
868 *mp_capability = 1;
869
870 /* Ignore capability when override-capability is set. */
871 if (!CHECK_FLAG(peer->flags,
872 PEER_FLAG_OVERRIDE_CAPABILITY)) {
873 /* Set negotiated value. */
874 ret = bgp_capability_mp(peer, &caphdr);
875
876 /* Unsupported Capability. */
877 if (ret < 0) {
878 /* Store return data. */
879 memcpy(*error, sp, caphdr.length + 2);
880 *error += caphdr.length + 2;
881 }
882 ret = 0; /* Don't return error for this */
883 }
884 } break;
885 case CAPABILITY_CODE_REFRESH:
886 case CAPABILITY_CODE_REFRESH_OLD: {
887 /* BGP refresh capability */
888 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
889 SET_FLAG(peer->cap, PEER_CAP_REFRESH_OLD_RCV);
890 else
891 SET_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV);
892 } break;
893 case CAPABILITY_CODE_ORF:
894 case CAPABILITY_CODE_ORF_OLD:
895 ret = bgp_capability_orf_entry(peer, &caphdr);
896 break;
897 case CAPABILITY_CODE_RESTART:
898 ret = bgp_capability_restart(peer, &caphdr);
899 break;
900 case CAPABILITY_CODE_DYNAMIC:
901 case CAPABILITY_CODE_DYNAMIC_OLD:
902 SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV);
903 break;
904 case CAPABILITY_CODE_AS4:
905 /* Already handled as a special-case parsing of the
906 * capabilities
907 * at the beginning of OPEN processing. So we care not a
908 * jot
909 * for the value really, only error case.
910 */
911 if (!bgp_capability_as4(peer, &caphdr))
912 ret = -1;
913 break;
914 case CAPABILITY_CODE_ADDPATH:
915 ret = bgp_capability_addpath(peer, &caphdr);
916 break;
917 case CAPABILITY_CODE_ENHE:
918 ret = bgp_capability_enhe(peer, &caphdr);
919 break;
920 case CAPABILITY_CODE_FQDN:
921 ret = bgp_capability_hostname(peer, &caphdr);
922 break;
923 default:
924 if (caphdr.code > 128) {
925 /* We don't send Notification for unknown vendor
926 specific
927 capabilities. It seems reasonable for now...
928 */
929 zlog_warn("%s Vendor specific capability %d",
930 peer->host, caphdr.code);
931 } else {
932 zlog_warn(
933 "%s unrecognized capability code: %d - ignored",
934 peer->host, caphdr.code);
935 memcpy(*error, sp, caphdr.length + 2);
936 *error += caphdr.length + 2;
937 }
938 }
939
940 if (ret < 0) {
941 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
942 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
943 return -1;
944 }
945 if (stream_get_getp(s) != (start + caphdr.length)) {
946 if (stream_get_getp(s) > (start + caphdr.length))
947 zlog_warn(
948 "%s Cap-parser for %s read past cap-length, %u!",
949 peer->host,
950 lookup_msg(capcode_str, caphdr.code,
951 NULL),
952 caphdr.length);
953 stream_set_getp(s, start + caphdr.length);
954 }
955 }
956 return 0;
957 }
958
959 static int bgp_auth_parse(struct peer *peer, size_t length)
960 {
961 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
962 BGP_NOTIFY_OPEN_AUTH_FAILURE);
963 return -1;
964 }
965
966 static int strict_capability_same(struct peer *peer)
967 {
968 int i, j;
969
970 for (i = AFI_IP; i < AFI_MAX; i++)
971 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
972 if (peer->afc[i][j] != peer->afc_nego[i][j])
973 return 0;
974 return 1;
975 }
976
977 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
978 * Returns 0 if no as4 found, as4cap value otherwise.
979 */
980 as_t peek_for_as4_capability(struct peer *peer, u_char length)
981 {
982 struct stream *s = BGP_INPUT(peer);
983 size_t orig_getp = stream_get_getp(s);
984 size_t end = orig_getp + length;
985 as_t as4 = 0;
986
987 if (BGP_DEBUG(as4, AS4))
988 zlog_info(
989 "%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
990 " peeking for as4",
991 peer->host, length);
992 /* the error cases we DONT handle, we ONLY try to read as4 out of
993 * correctly formatted options.
994 */
995 while (stream_get_getp(s) < end) {
996 u_char opt_type;
997 u_char opt_length;
998
999 /* Check the length. */
1000 if (stream_get_getp(s) + 2 > end)
1001 goto end;
1002
1003 /* Fetch option type and length. */
1004 opt_type = stream_getc(s);
1005 opt_length = stream_getc(s);
1006
1007 /* Option length check. */
1008 if (stream_get_getp(s) + opt_length > end)
1009 goto end;
1010
1011 if (opt_type == BGP_OPEN_OPT_CAP) {
1012 unsigned long capd_start = stream_get_getp(s);
1013 unsigned long capd_end = capd_start + opt_length;
1014
1015 assert(capd_end <= end);
1016
1017 while (stream_get_getp(s) < capd_end) {
1018 struct capability_header hdr;
1019
1020 if (stream_get_getp(s) + 2 > capd_end)
1021 goto end;
1022
1023 hdr.code = stream_getc(s);
1024 hdr.length = stream_getc(s);
1025
1026 if ((stream_get_getp(s) + hdr.length)
1027 > capd_end)
1028 goto end;
1029
1030 if (hdr.code == CAPABILITY_CODE_AS4) {
1031 if (BGP_DEBUG(as4, AS4))
1032 zlog_info(
1033 "[AS4] found AS4 capability, about to parse");
1034 as4 = bgp_capability_as4(peer, &hdr);
1035
1036 goto end;
1037 }
1038 stream_forward_getp(s, hdr.length);
1039 }
1040 }
1041 }
1042
1043 end:
1044 stream_set_getp(s, orig_getp);
1045 return as4;
1046 }
1047
1048 /**
1049 * Parse open option.
1050 *
1051 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1052 */
1053 int bgp_open_option_parse(struct peer *peer, u_char length, int *mp_capability)
1054 {
1055 int ret = 0;
1056 u_char *error;
1057 u_char error_data[BGP_MAX_PACKET_SIZE];
1058 struct stream *s = BGP_INPUT(peer);
1059 size_t end = stream_get_getp(s) + length;
1060
1061 error = error_data;
1062
1063 if (bgp_debug_neighbor_events(peer))
1064 zlog_debug("%s rcv OPEN w/ OPTION parameter len: %u",
1065 peer->host, length);
1066
1067 while (stream_get_getp(s) < end) {
1068 u_char opt_type;
1069 u_char opt_length;
1070
1071 /* Must have at least an OPEN option header */
1072 if (STREAM_READABLE(s) < 2) {
1073 zlog_info("%s Option length error", peer->host);
1074 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1075 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1076 return -1;
1077 }
1078
1079 /* Fetch option type and length. */
1080 opt_type = stream_getc(s);
1081 opt_length = stream_getc(s);
1082
1083 /* Option length check. */
1084 if (STREAM_READABLE(s) < opt_length) {
1085 zlog_info("%s Option length error", peer->host);
1086 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1087 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1088 return -1;
1089 }
1090
1091 if (bgp_debug_neighbor_events(peer))
1092 zlog_debug(
1093 "%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
1094 peer->host, opt_type,
1095 opt_type == BGP_OPEN_OPT_AUTH
1096 ? "Authentication"
1097 : opt_type == BGP_OPEN_OPT_CAP
1098 ? "Capability"
1099 : "Unknown",
1100 opt_length);
1101
1102 switch (opt_type) {
1103 case BGP_OPEN_OPT_AUTH:
1104 ret = bgp_auth_parse(peer, opt_length);
1105 break;
1106 case BGP_OPEN_OPT_CAP:
1107 ret = bgp_capability_parse(peer, opt_length,
1108 mp_capability, &error);
1109 break;
1110 default:
1111 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1112 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1113 ret = -1;
1114 break;
1115 }
1116
1117 /* Parse error. To accumulate all unsupported capability codes,
1118 bgp_capability_parse does not return -1 when encounter
1119 unsupported capability code. To detect that, please check
1120 error and erro_data pointer, like below. */
1121 if (ret < 0)
1122 return -1;
1123 }
1124
1125 /* All OPEN option is parsed. Check capability when strict compare
1126 flag is enabled.*/
1127 if (CHECK_FLAG(peer->flags, PEER_FLAG_STRICT_CAP_MATCH)) {
1128 /* If Unsupported Capability exists. */
1129 if (error != error_data) {
1130 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1131 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1132 error_data,
1133 error - error_data);
1134 return -1;
1135 }
1136
1137 /* Check local capability does not negotiated with remote
1138 peer. */
1139 if (!strict_capability_same(peer)) {
1140 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1141 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1142 return -1;
1143 }
1144 }
1145
1146 /* Check there are no common AFI/SAFIs and send Unsupported Capability
1147 error. */
1148 if (*mp_capability
1149 && !CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1150 if (!peer->afc_nego[AFI_IP][SAFI_UNICAST]
1151 && !peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1152 && !peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1153 && !peer->afc_nego[AFI_IP][SAFI_ENCAP]
1154 && !peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1155 && !peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1156 && !peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1157 && !peer->afc_nego[AFI_IP6][SAFI_ENCAP]
1158 && !peer->afc_nego[AFI_L2VPN][SAFI_EVPN]) {
1159 zlog_err(
1160 "%s [Error] Configured AFI/SAFIs do not "
1161 "overlap with received MP capabilities",
1162 peer->host);
1163
1164 if (error != error_data)
1165 bgp_notify_send_with_data(
1166 peer, BGP_NOTIFY_OPEN_ERR,
1167 BGP_NOTIFY_OPEN_UNSUP_CAPBL, error_data,
1168 error - error_data);
1169 else
1170 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1171 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1172 return -1;
1173 }
1174 }
1175 return 0;
1176 }
1177
1178 static void bgp_open_capability_orf(struct stream *s, struct peer *peer,
1179 afi_t afi, safi_t safi, u_char code)
1180 {
1181 u_char cap_len;
1182 u_char orf_len;
1183 unsigned long capp;
1184 unsigned long orfp;
1185 unsigned long numberp;
1186 int number_of_orfs = 0;
1187 iana_afi_t pkt_afi;
1188 safi_t pkt_safi;
1189
1190 /* Convert AFI, SAFI to values for packet. */
1191 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
1192
1193 stream_putc(s, BGP_OPEN_OPT_CAP);
1194 capp = stream_get_endp(s); /* Set Capability Len Pointer */
1195 stream_putc(s, 0); /* Capability Length */
1196 stream_putc(s, code); /* Capability Code */
1197 orfp = stream_get_endp(s); /* Set ORF Len Pointer */
1198 stream_putc(s, 0); /* ORF Length */
1199 stream_putw(s, pkt_afi);
1200 stream_putc(s, 0);
1201 stream_putc(s, pkt_safi);
1202 numberp = stream_get_endp(s); /* Set Number Pointer */
1203 stream_putc(s, 0); /* Number of ORFs */
1204
1205 /* Address Prefix ORF */
1206 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1207 || CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM)) {
1208 stream_putc(s, (code == CAPABILITY_CODE_ORF
1209 ? ORF_TYPE_PREFIX
1210 : ORF_TYPE_PREFIX_OLD));
1211
1212 if (CHECK_FLAG(peer->af_flags[afi][safi],
1213 PEER_FLAG_ORF_PREFIX_SM)
1214 && CHECK_FLAG(peer->af_flags[afi][safi],
1215 PEER_FLAG_ORF_PREFIX_RM)) {
1216 SET_FLAG(peer->af_cap[afi][safi],
1217 PEER_CAP_ORF_PREFIX_SM_ADV);
1218 SET_FLAG(peer->af_cap[afi][safi],
1219 PEER_CAP_ORF_PREFIX_RM_ADV);
1220 stream_putc(s, ORF_MODE_BOTH);
1221 } else if (CHECK_FLAG(peer->af_flags[afi][safi],
1222 PEER_FLAG_ORF_PREFIX_SM)) {
1223 SET_FLAG(peer->af_cap[afi][safi],
1224 PEER_CAP_ORF_PREFIX_SM_ADV);
1225 stream_putc(s, ORF_MODE_SEND);
1226 } else {
1227 SET_FLAG(peer->af_cap[afi][safi],
1228 PEER_CAP_ORF_PREFIX_RM_ADV);
1229 stream_putc(s, ORF_MODE_RECEIVE);
1230 }
1231 number_of_orfs++;
1232 }
1233
1234 /* Total Number of ORFs. */
1235 stream_putc_at(s, numberp, number_of_orfs);
1236
1237 /* Total ORF Len. */
1238 orf_len = stream_get_endp(s) - orfp - 1;
1239 stream_putc_at(s, orfp, orf_len);
1240
1241 /* Total Capability Len. */
1242 cap_len = stream_get_endp(s) - capp - 1;
1243 stream_putc_at(s, capp, cap_len);
1244 }
1245
1246 /* Fill in capability open option to the packet. */
1247 void bgp_open_capability(struct stream *s, struct peer *peer)
1248 {
1249 u_char len;
1250 unsigned long cp, capp, rcapp;
1251 iana_afi_t pkt_afi;
1252 afi_t afi;
1253 safi_t safi, pkt_safi;
1254 as_t local_as;
1255 u_int32_t restart_time;
1256 u_char afi_safi_count = 0;
1257 struct utsname names;
1258 int adv_addpath_tx = 0;
1259
1260 /* Remember current pointer for Opt Parm Len. */
1261 cp = stream_get_endp(s);
1262
1263 /* Opt Parm Len. */
1264 stream_putc(s, 0);
1265
1266 /* Do not send capability. */
1267 if (!CHECK_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1268 || CHECK_FLAG(peer->flags, PEER_FLAG_DONT_CAPABILITY))
1269 return;
1270
1271 /* MP capability for configured AFI, SAFI */
1272 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1273 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
1274 if (peer->afc[afi][safi]) {
1275 /* Convert AFI, SAFI to values for packet. */
1276 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
1277 &pkt_safi);
1278
1279 peer->afc_adv[afi][safi] = 1;
1280 stream_putc(s, BGP_OPEN_OPT_CAP);
1281 stream_putc(s, CAPABILITY_CODE_MP_LEN + 2);
1282 stream_putc(s, CAPABILITY_CODE_MP);
1283 stream_putc(s, CAPABILITY_CODE_MP_LEN);
1284 stream_putw(s, pkt_afi);
1285 stream_putc(s, 0);
1286 stream_putc(s, pkt_safi);
1287 }
1288 }
1289
1290 /* Extended nexthop capability - currently supporting RFC-5549 for
1291 * Link-Local peering only
1292 */
1293 if (CHECK_FLAG(peer->flags, PEER_FLAG_CAPABILITY_ENHE)
1294 && peer->su.sa.sa_family == AF_INET6
1295 && IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr)) {
1296 /* RFC 5549 Extended Next Hop Encoding */
1297 SET_FLAG(peer->cap, PEER_CAP_ENHE_ADV);
1298 stream_putc(s, BGP_OPEN_OPT_CAP);
1299 stream_putc(s, CAPABILITY_CODE_ENHE_LEN + 2);
1300 stream_putc(s, CAPABILITY_CODE_ENHE);
1301 stream_putc(s, CAPABILITY_CODE_ENHE_LEN);
1302 /* Currently supporting for SAFI_UNICAST only */
1303 SET_FLAG(peer->af_cap[AFI_IP][SAFI_UNICAST],
1304 PEER_CAP_ENHE_AF_ADV);
1305 stream_putw(s, AFI_IP);
1306 stream_putw(s, SAFI_UNICAST);
1307 stream_putw(s, AFI_IP6);
1308
1309 if (CHECK_FLAG(peer->af_cap[AFI_IP][SAFI_UNICAST],
1310 PEER_CAP_ENHE_AF_RCV))
1311 SET_FLAG(peer->af_cap[AFI_IP][SAFI_UNICAST],
1312 PEER_CAP_ENHE_AF_NEGO);
1313 }
1314
1315 /* Route refresh. */
1316 SET_FLAG(peer->cap, PEER_CAP_REFRESH_ADV);
1317 stream_putc(s, BGP_OPEN_OPT_CAP);
1318 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2);
1319 stream_putc(s, CAPABILITY_CODE_REFRESH_OLD);
1320 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN);
1321 stream_putc(s, BGP_OPEN_OPT_CAP);
1322 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2);
1323 stream_putc(s, CAPABILITY_CODE_REFRESH);
1324 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN);
1325
1326 /* AS4 */
1327 SET_FLAG(peer->cap, PEER_CAP_AS4_ADV);
1328 stream_putc(s, BGP_OPEN_OPT_CAP);
1329 stream_putc(s, CAPABILITY_CODE_AS4_LEN + 2);
1330 stream_putc(s, CAPABILITY_CODE_AS4);
1331 stream_putc(s, CAPABILITY_CODE_AS4_LEN);
1332 if (peer->change_local_as)
1333 local_as = peer->change_local_as;
1334 else
1335 local_as = peer->local_as;
1336 stream_putl(s, local_as);
1337
1338 /* AddPath */
1339 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1340 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1341 if (peer->afc[afi][safi]) {
1342 afi_safi_count++;
1343
1344 /* Only advertise addpath TX if a feature that
1345 * will use it is
1346 * configured */
1347 if (CHECK_FLAG(peer->af_flags[afi][safi],
1348 PEER_FLAG_ADDPATH_TX_ALL_PATHS)
1349 || CHECK_FLAG(
1350 peer->af_flags[afi][safi],
1351 PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
1352 adv_addpath_tx = 1;
1353 }
1354
1355 SET_FLAG(peer->cap, PEER_CAP_ADDPATH_ADV);
1356 stream_putc(s, BGP_OPEN_OPT_CAP);
1357 stream_putc(s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1358 stream_putc(s, CAPABILITY_CODE_ADDPATH);
1359 stream_putc(s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1360
1361 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1362 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1363 if (peer->afc[afi][safi]) {
1364 /* Convert AFI, SAFI to values for packet. */
1365 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
1366 &pkt_safi);
1367
1368 stream_putw(s, pkt_afi);
1369 stream_putc(s, pkt_safi);
1370
1371 if (adv_addpath_tx) {
1372 stream_putc(s,
1373 BGP_ADDPATH_RX
1374 | BGP_ADDPATH_TX);
1375 SET_FLAG(peer->af_cap[afi][safi],
1376 PEER_CAP_ADDPATH_AF_RX_ADV);
1377 SET_FLAG(peer->af_cap[afi][safi],
1378 PEER_CAP_ADDPATH_AF_TX_ADV);
1379 } else {
1380 stream_putc(s, BGP_ADDPATH_RX);
1381 SET_FLAG(peer->af_cap[afi][safi],
1382 PEER_CAP_ADDPATH_AF_RX_ADV);
1383 UNSET_FLAG(peer->af_cap[afi][safi],
1384 PEER_CAP_ADDPATH_AF_TX_ADV);
1385 }
1386 }
1387
1388 /* ORF capability. */
1389 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1390 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1391 if (CHECK_FLAG(peer->af_flags[afi][safi],
1392 PEER_FLAG_ORF_PREFIX_SM)
1393 || CHECK_FLAG(peer->af_flags[afi][safi],
1394 PEER_FLAG_ORF_PREFIX_RM)) {
1395 bgp_open_capability_orf(
1396 s, peer, afi, safi,
1397 CAPABILITY_CODE_ORF_OLD);
1398 bgp_open_capability_orf(s, peer, afi, safi,
1399 CAPABILITY_CODE_ORF);
1400 }
1401
1402 /* Dynamic capability. */
1403 if (CHECK_FLAG(peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY)) {
1404 SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV);
1405 stream_putc(s, BGP_OPEN_OPT_CAP);
1406 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1407 stream_putc(s, CAPABILITY_CODE_DYNAMIC_OLD);
1408 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN);
1409 stream_putc(s, BGP_OPEN_OPT_CAP);
1410 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1411 stream_putc(s, CAPABILITY_CODE_DYNAMIC);
1412 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN);
1413 }
1414
1415 /* Hostname capability */
1416 uname(&names);
1417 if (names.nodename[0] != '\0') {
1418 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1419 stream_putc(s, BGP_OPEN_OPT_CAP);
1420 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1421 stream_putc(s, 0); /* dummy len for now */
1422 stream_putc(s, CAPABILITY_CODE_FQDN);
1423 capp = stream_get_endp(s);
1424 stream_putc(s, 0); /* dummy len for now */
1425 len = strlen(names.nodename);
1426 if (len > BGP_MAX_HOSTNAME)
1427 len = BGP_MAX_HOSTNAME;
1428
1429 stream_putc(s, len);
1430 stream_put(s, names.nodename, len);
1431 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1432 if ((names.domainname[0] != '\0')
1433 && (strcmp(names.domainname, "(none)") != 0)) {
1434 len = strlen(names.domainname);
1435 if (len > BGP_MAX_HOSTNAME)
1436 len = BGP_MAX_HOSTNAME;
1437
1438 stream_putc(s, len);
1439 stream_put(s, names.domainname, len);
1440 } else
1441 #endif
1442 {
1443 stream_putc(s, 0); /* 0 length */
1444 }
1445
1446 /* Set the lengths straight */
1447 len = stream_get_endp(s) - rcapp - 1;
1448 stream_putc_at(s, rcapp, len);
1449 len = stream_get_endp(s) - capp - 1;
1450 stream_putc_at(s, capp, len);
1451
1452 if (bgp_debug_neighbor_events(peer))
1453 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1454 zlog_debug(
1455 "%s Sending hostname cap with hn = %s, dn = %s",
1456 peer->host, names.nodename, names.domainname);
1457 #else
1458 zlog_debug("%s Sending hostname cap with hn = %s",
1459 peer->host, names.nodename);
1460 #endif
1461 }
1462
1463 /* Sending base graceful-restart capability irrespective of the config
1464 */
1465 SET_FLAG(peer->cap, PEER_CAP_RESTART_ADV);
1466 stream_putc(s, BGP_OPEN_OPT_CAP);
1467 capp = stream_get_endp(s); /* Set Capability Len Pointer */
1468 stream_putc(s, 0); /* Capability Length */
1469 stream_putc(s, CAPABILITY_CODE_RESTART);
1470 rcapp = stream_get_endp(s); /* Set Restart Capability Len Pointer */
1471 stream_putc(s, 0);
1472 restart_time = peer->bgp->restart_time;
1473 if (peer->bgp->t_startup) {
1474 SET_FLAG(restart_time, RESTART_R_BIT);
1475 SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_ADV);
1476 }
1477 stream_putw(s, restart_time);
1478
1479 /* Send address-family specific graceful-restart capability only when GR
1480 config
1481 is present */
1482 if (bgp_flag_check(peer->bgp, BGP_FLAG_GRACEFUL_RESTART)) {
1483 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1484 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1485 if (peer->afc[afi][safi]) {
1486 /* Convert AFI, SAFI to values for
1487 * packet. */
1488 bgp_map_afi_safi_int2iana(
1489 afi, safi, &pkt_afi, &pkt_safi);
1490 stream_putw(s, pkt_afi);
1491 stream_putc(s, pkt_safi);
1492 if (bgp_flag_check(
1493 peer->bgp,
1494 BGP_FLAG_GR_PRESERVE_FWD))
1495 stream_putc(s, RESTART_F_BIT);
1496 else
1497 stream_putc(s, 0);
1498 }
1499 }
1500
1501 /* Total Graceful restart capability Len. */
1502 len = stream_get_endp(s) - rcapp - 1;
1503 stream_putc_at(s, rcapp, len);
1504
1505 /* Total Capability Len. */
1506 len = stream_get_endp(s) - capp - 1;
1507 stream_putc_at(s, capp, len);
1508
1509 /* Total Opt Parm Len. */
1510 len = stream_get_endp(s) - cp - 1;
1511 stream_putc_at(s, cp, len);
1512 }
FRRouting mirror