]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_open.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #24 from qlyoung/fix-uninitialized-jump
[mirror_frr.git] / bgpd / bgp_open.c
1 /* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
3
4 This file is part of GNU Zebra.
5
6 GNU Zebra is free software; you can redistribute it and/or modify it
7 under the terms of the GNU General Public License as published by the
8 Free Software Foundation; either version 2, or (at your option) any
9 later version.
10
11 GNU Zebra is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with GNU Zebra; see the file COPYING. If not, write to the Free
18 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
19 02111-1307, USA. */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "stream.h"
26 #include "thread.h"
27 #include "log.h"
28 #include "command.h"
29 #include "memory.h"
30 #include "queue.h"
31 #include "filter.h"
32
33 #include "lib/json.h"
34 #include "bgpd/bgpd.h"
35 #include "bgpd/bgp_attr.h"
36 #include "bgpd/bgp_debug.h"
37 #include "bgpd/bgp_fsm.h"
38 #include "bgpd/bgp_packet.h"
39 #include "bgpd/bgp_open.h"
40 #include "bgpd/bgp_aspath.h"
41 #include "bgpd/bgp_vty.h"
42 #include "bgpd/bgp_memory.h"
43
44 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
45 negotiate remote peer supports extentions or not. But if
46 remote-peer doesn't supports negotiation process itself. We would
47 like to do manual configuration.
48
49 So there is many configurable point. First of all we want set each
50 peer whether we send capability negotiation to the peer or not.
51 Next, if we send capability to the peer we want to set my capabilty
52 inforation at each peer. */
53
54 void
55 bgp_capability_vty_out (struct vty *vty, struct peer *peer, u_char use_json, json_object *json_neigh)
56 {
57 char *pnt;
58 char *end;
59 struct capability_mp_data mpc;
60 struct capability_header *hdr;
61 json_object *json_cap = NULL;
62
63 if (use_json)
64 json_cap = json_object_new_object();
65
66 pnt = peer->notify.data;
67 end = pnt + peer->notify.length;
68
69 while (pnt < end)
70 {
71 if (pnt + sizeof (struct capability_mp_data) + 2 > end)
72 return;
73
74 hdr = (struct capability_header *)pnt;
75 if (pnt + hdr->length + 2 > end)
76 return;
77
78 memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
79
80 if (hdr->code == CAPABILITY_CODE_MP)
81 {
82 if (use_json)
83 {
84 switch (ntohs (mpc.afi))
85 {
86 case AFI_IP:
87 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv4");
88 break;
89 case AFI_IP6:
90 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv6");
91 break;
92 default:
93 json_object_int_add(json_cap, "capabilityErrorMultiProtocolAfiUnknown", ntohs (mpc.afi));
94 break;
95 }
96 switch (mpc.safi)
97 {
98 case SAFI_UNICAST:
99 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "unicast");
100 break;
101 case SAFI_MULTICAST:
102 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "multicast");
103 break;
104 case SAFI_MPLS_LABELED_VPN:
105 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "MPLS-labeled VPN");
106 break;
107 case SAFI_ENCAP:
108 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "encap");
109 break;
110 default:
111 json_object_int_add(json_cap, "capabilityErrorMultiProtocolSafiUnknown", mpc.safi);
112 break;
113 }
114 }
115 else
116 {
117 vty_out (vty, " Capability error for: Multi protocol ");
118 switch (ntohs (mpc.afi))
119 {
120 case AFI_IP:
121 vty_out (vty, "AFI IPv4, ");
122 break;
123 case AFI_IP6:
124 vty_out (vty, "AFI IPv6, ");
125 break;
126 default:
127 vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
128 break;
129 }
130 switch (mpc.safi)
131 {
132 case SAFI_UNICAST:
133 vty_out (vty, "SAFI Unicast");
134 break;
135 case SAFI_MULTICAST:
136 vty_out (vty, "SAFI Multicast");
137 break;
138 case SAFI_MPLS_LABELED_VPN:
139 vty_out (vty, "SAFI MPLS-labeled VPN");
140 break;
141 case SAFI_ENCAP:
142 vty_out (vty, "SAFI ENCAP");
143 break;
144 default:
145 vty_out (vty, "SAFI Unknown %d ", mpc.safi);
146 break;
147 }
148 vty_out (vty, "%s", VTY_NEWLINE);
149 }
150 }
151 else if (hdr->code >= 128)
152 {
153 if (use_json)
154 json_object_int_add(json_cap, "capabilityErrorVendorSpecificCapabilityCode", hdr->code);
155 else
156 vty_out (vty, " Capability error: vendor specific capability code %d",
157 hdr->code);
158 }
159 else
160 {
161 if (use_json)
162 json_object_int_add(json_cap, "capabilityErrorUnknownCapabilityCode", hdr->code);
163 else
164 vty_out (vty, " Capability error: unknown capability code %d",
165 hdr->code);
166 }
167 pnt += hdr->length + 2;
168 }
169 if (use_json)
170 json_object_object_add(json_neigh, "capabilityErrors", json_cap);
171 }
172
173 static void
174 bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
175 {
176 mpc->afi = stream_getw (s);
177 mpc->reserved = stream_getc (s);
178 mpc->safi = stream_getc (s);
179 }
180
181 int
182 bgp_afi_safi_valid_indices (afi_t afi, safi_t *safi)
183 {
184 switch (afi)
185 {
186 case AFI_IP:
187 case AFI_IP6:
188 switch (*safi)
189 {
190 /* BGP MPLS-labeled VPN SAFI isn't contigious with others, remap */
191 case SAFI_MPLS_LABELED_VPN:
192 *safi = SAFI_MPLS_VPN;
193 case SAFI_UNICAST:
194 case SAFI_MULTICAST:
195 case SAFI_MPLS_VPN:
196 case SAFI_ENCAP:
197 return 1;
198 }
199 break;
200 case AFI_ETHER:
201 default:
202 break;
203 }
204
205 zlog_debug ("unknown afi/safi (%u/%u)", afi, *safi);
206
207 return 0;
208 }
209
210 /* Set negotiated capability value. */
211 static int
212 bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
213 {
214 struct capability_mp_data mpc;
215 struct stream *s = BGP_INPUT (peer);
216
217 /* Verify length is 4 */
218 if (hdr->length != 4)
219 {
220 zlog_warn("MP Cap: Received invalid length %d, non-multiple of 4",
221 hdr->length);
222 return -1;
223 }
224
225 bgp_capability_mp_data (s, &mpc);
226
227 if (bgp_debug_neighbor_events(peer))
228 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
229 peer->host, mpc.afi, mpc.safi);
230
231 if (!bgp_afi_safi_valid_indices (mpc.afi, &mpc.safi))
232 return -1;
233
234 /* Now safi remapped, and afi/safi are valid array indices */
235 peer->afc_recv[mpc.afi][mpc.safi] = 1;
236
237 if (peer->afc[mpc.afi][mpc.safi])
238 peer->afc_nego[mpc.afi][mpc.safi] = 1;
239 else
240 return -1;
241
242 return 0;
243 }
244
245 static void
246 bgp_capability_orf_not_support (struct peer *peer, afi_t afi, safi_t safi,
247 u_char type, u_char mode)
248 {
249 if (bgp_debug_neighbor_events(peer))
250 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
251 peer->host, afi, safi, type, mode);
252 }
253
254 static const struct message orf_type_str[] =
255 {
256 { ORF_TYPE_PREFIX, "Prefixlist" },
257 { ORF_TYPE_PREFIX_OLD, "Prefixlist (old)" },
258 };
259 static const int orf_type_str_max = array_size(orf_type_str);
260
261 static const struct message orf_mode_str[] =
262 {
263 { ORF_MODE_RECEIVE, "Receive" },
264 { ORF_MODE_SEND, "Send" },
265 { ORF_MODE_BOTH, "Both" },
266 };
267 static const int orf_mode_str_max = array_size(orf_mode_str);
268
269 static int
270 bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
271 {
272 struct stream *s = BGP_INPUT (peer);
273 struct capability_orf_entry entry;
274 afi_t afi;
275 safi_t safi;
276 u_char type;
277 u_char mode;
278 u_int16_t sm_cap = 0; /* capability send-mode receive */
279 u_int16_t rm_cap = 0; /* capability receive-mode receive */
280 int i;
281
282 /* ORF Entry header */
283 bgp_capability_mp_data (s, &entry.mpc);
284 entry.num = stream_getc (s);
285 afi = entry.mpc.afi;
286 safi = entry.mpc.safi;
287
288 if (bgp_debug_neighbor_events(peer))
289 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
290 peer->host, entry.mpc.afi, entry.mpc.safi);
291
292 /* Check AFI and SAFI. */
293 if (!bgp_afi_safi_valid_indices (entry.mpc.afi, &safi))
294 {
295 zlog_info ("%s Addr-family %d/%d not supported."
296 " Ignoring the ORF capability",
297 peer->host, entry.mpc.afi, entry.mpc.safi);
298 return 0;
299 }
300
301 /* validate number field */
302 if (CAPABILITY_CODE_ORF_LEN + (entry.num * 2) > hdr->length)
303 {
304 zlog_info ("%s ORF Capability entry length error,"
305 " Cap length %u, num %u",
306 peer->host, hdr->length, entry.num);
307 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
308 return -1;
309 }
310
311 for (i = 0 ; i < entry.num ; i++)
312 {
313 type = stream_getc(s);
314 mode = stream_getc(s);
315
316 /* ORF Mode error check */
317 switch (mode)
318 {
319 case ORF_MODE_BOTH:
320 case ORF_MODE_SEND:
321 case ORF_MODE_RECEIVE:
322 break;
323 default:
324 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
325 continue;
326 }
327 /* ORF Type and afi/safi error checks */
328 /* capcode versus type */
329 switch (hdr->code)
330 {
331 case CAPABILITY_CODE_ORF:
332 switch (type)
333 {
334 case ORF_TYPE_PREFIX:
335 break;
336 default:
337 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
338 continue;
339 }
340 break;
341 case CAPABILITY_CODE_ORF_OLD:
342 switch (type)
343 {
344 case ORF_TYPE_PREFIX_OLD:
345 break;
346 default:
347 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
348 continue;
349 }
350 break;
351 default:
352 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
353 continue;
354 }
355
356 /* AFI vs SAFI */
357 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
358 || (afi == AFI_IP && safi == SAFI_MULTICAST)
359 || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
360 {
361 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
362 continue;
363 }
364
365 if (bgp_debug_neighbor_events(peer))
366 zlog_debug ("%s OPEN has %s ORF capability"
367 " as %s for afi/safi: %d/%d",
368 peer->host, LOOKUP (orf_type_str, type),
369 LOOKUP (orf_mode_str, mode),
370 entry.mpc.afi, safi);
371
372 if (hdr->code == CAPABILITY_CODE_ORF)
373 {
374 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
375 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
376 }
377 else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
378 {
379 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
380 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
381 }
382 else
383 {
384 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
385 continue;
386 }
387
388 switch (mode)
389 {
390 case ORF_MODE_BOTH:
391 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
392 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
393 break;
394 case ORF_MODE_SEND:
395 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
396 break;
397 case ORF_MODE_RECEIVE:
398 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
399 break;
400 }
401 }
402 return 0;
403 }
404
405 static int
406 bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
407 {
408 struct stream *s = BGP_INPUT (peer);
409 u_int16_t restart_flag_time;
410 size_t end = stream_get_getp (s) + caphdr->length;
411
412 /* Verify length is a multiple of 4 */
413 if ((caphdr->length-2) % 4)
414 {
415 zlog_warn("Restart Cap: Received invalid length %d, non-multiple of 4",
416 caphdr->length);
417 return -1;
418 }
419
420 SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
421 restart_flag_time = stream_getw(s);
422 if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
423 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
424
425 UNSET_FLAG (restart_flag_time, 0xF000);
426 peer->v_gr_restart = restart_flag_time;
427
428 if (bgp_debug_neighbor_events(peer))
429 {
430 zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
431 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
432 peer->host,
433 CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " "
434 : " not ",
435 peer->v_gr_restart);
436 }
437
438 while (stream_get_getp (s) + 4 <= end)
439 {
440 afi_t afi = stream_getw (s);
441 safi_t safi = stream_getc (s);
442 u_char flag = stream_getc (s);
443
444 if (!bgp_afi_safi_valid_indices (afi, &safi))
445 {
446 if (bgp_debug_neighbor_events(peer))
447 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
448 " Ignore the Graceful Restart capability for this AFI/SAFI",
449 peer->host, afi, safi);
450 }
451 else if (!peer->afc[afi][safi])
452 {
453 if (bgp_debug_neighbor_events(peer))
454 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
455 " Ignore the Graceful Restart capability",
456 peer->host, afi, safi);
457 }
458 else
459 {
460 if (bgp_debug_neighbor_events(peer))
461 zlog_debug ("%s Address family %s is%spreserved", peer->host,
462 afi_safi_print (afi, safi),
463 CHECK_FLAG (peer->af_cap[afi][safi],
464 PEER_CAP_RESTART_AF_PRESERVE_RCV)
465 ? " " : " not ");
466
467 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
468 if (CHECK_FLAG (flag, RESTART_F_BIT))
469 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
470
471 }
472 }
473 return 0;
474 }
475
476 /* Unlike other capability parsing routines, this one returns 0 on error */
477 static as_t
478 bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
479 {
480 SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
481
482 if (hdr->length != CAPABILITY_CODE_AS4_LEN)
483 {
484 zlog_err ("%s AS4 capability has incorrect data length %d",
485 peer->host, hdr->length);
486 return 0;
487 }
488
489 as_t as4 = stream_getl (BGP_INPUT(peer));
490
491 if (BGP_DEBUG (as4, AS4))
492 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
493 peer->host, as4);
494 return as4;
495 }
496
497 static int
498 bgp_capability_addpath (struct peer *peer, struct capability_header *hdr)
499 {
500 struct stream *s = BGP_INPUT (peer);
501 size_t end = stream_get_getp (s) + hdr->length;
502
503 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_RCV);
504
505 /* Verify length is a multiple of 4 */
506 if (hdr->length % 4)
507 {
508 zlog_warn("Add Path: Received invalid length %d, non-multiple of 4",
509 hdr->length);
510 return -1;
511 }
512
513 while (stream_get_getp (s) + 4 <= end)
514 {
515 afi_t afi = stream_getw (s);
516 safi_t safi = stream_getc (s);
517 u_char send_receive = stream_getc (s);
518
519 if (bgp_debug_neighbor_events(peer))
520 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
521 peer->host, afi, safi,
522 (send_receive & BGP_ADDPATH_RX) ? ", receive" : "",
523 (send_receive & BGP_ADDPATH_TX) ? ", transmit" : "");
524
525 if (!bgp_afi_safi_valid_indices (afi, &safi))
526 {
527 if (bgp_debug_neighbor_events(peer))
528 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
529 " Ignore the Addpath Attribute for this AFI/SAFI",
530 peer->host, afi, safi);
531 continue;
532 }
533 else if (!peer->afc[afi][safi])
534 {
535 if (bgp_debug_neighbor_events(peer))
536 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
537 " Ignore the AddPath capability for this AFI/SAFI",
538 peer->host, afi, safi);
539 continue;
540 }
541
542 if (send_receive & BGP_ADDPATH_RX)
543 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_RCV);
544
545 if (send_receive & BGP_ADDPATH_TX)
546 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_RCV);
547 }
548
549 return 0;
550 }
551
552 static int
553 bgp_capability_enhe (struct peer *peer, struct capability_header *hdr)
554 {
555 struct stream *s = BGP_INPUT (peer);
556 size_t end = stream_get_getp (s) + hdr->length;
557
558 /* Verify length is a multiple of 4 */
559 if (hdr->length % 6)
560 {
561 zlog_warn("Extended NH: Received invalid length %d, non-multiple of 6",
562 hdr->length);
563 return -1;
564 }
565
566 while (stream_get_getp (s) + 6 <= end)
567 {
568 afi_t afi = stream_getw (s);
569 safi_t safi = stream_getw (s);
570 afi_t nh_afi = stream_getw (s);
571
572 if (bgp_debug_neighbor_events(peer))
573 zlog_debug ("%s Received with afi/safi/next-hop afi: %u/%u/%u",
574 peer->host, afi, safi, nh_afi);
575
576 if (!bgp_afi_safi_valid_indices (afi, &safi))
577 {
578 if (bgp_debug_neighbor_events(peer))
579 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
580 " Ignore the ENHE Attribute for this AFI/SAFI",
581 peer->host, afi, safi);
582 continue;
583 }
584
585 /* RFC 5549 specifies use of this capability only for IPv4 AFI, with
586 * the Nexthop AFI being IPv6. A future spec may introduce other
587 * possibilities, so we ignore other values with a log. Also, only
588 * Unicast SAFI is currently supported (and expected).
589 */
590 if (afi != AFI_IP || safi != SAFI_UNICAST || nh_afi != AFI_IP6)
591 {
592 zlog_warn ("%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
593 "in Extended Next-hop capability, ignoring",
594 peer->host, afi, safi, nh_afi);
595 continue;
596 }
597
598 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
599
600 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
601 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
602 }
603
604 SET_FLAG (peer->cap, PEER_CAP_ENHE_RCV);
605
606 return 0;
607 }
608
609 static int
610 bgp_capability_hostname (struct peer *peer, struct capability_header *hdr)
611 {
612 struct stream *s = BGP_INPUT (peer);
613 char str[BGP_MAX_HOSTNAME+1];
614 size_t end = stream_get_getp (s) + hdr->length;
615 u_char len;
616
617 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
618
619 len = stream_getc(s);
620 if (stream_get_getp(s) + len > end)
621 {
622 zlog_warn("%s: Received malformed hostname capability from peer %s",
623 __FUNCTION__, peer->host);
624 return -1;
625 }
626
627 if (len > BGP_MAX_HOSTNAME)
628 {
629 stream_get(str, s, BGP_MAX_HOSTNAME);
630 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
631 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
632 }
633 else if (len)
634 stream_get(str, s, len);
635
636 if (len)
637 {
638 str[len] = '\0';
639
640 if (peer->hostname != NULL)
641 {
642 XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
643 peer->hostname = NULL;
644 }
645
646 if (peer->domainname != NULL)
647 {
648 XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
649 peer->domainname = NULL;
650 }
651
652 peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
653 }
654
655 if (stream_get_getp(s) +1 > end)
656 {
657 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
658 __FUNCTION__, peer->host);
659 return -1;
660 }
661
662 len = stream_getc(s);
663 if (stream_get_getp(s) + len > end)
664 {
665 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
666 __FUNCTION__, peer->host);
667 return -1;
668 }
669
670 if (len > BGP_MAX_HOSTNAME)
671 {
672 stream_get(str, s, BGP_MAX_HOSTNAME);
673 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
674 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
675 }
676 else if (len)
677 stream_get(str, s, len);
678
679 if (len)
680 {
681 str[len] = '\0';
682 peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
683 }
684
685 if (bgp_debug_neighbor_events(peer))
686 {
687 zlog_debug("%s received hostname %s, domainname %s",
688 peer->host, peer->hostname, peer->domainname);
689 }
690
691 return 0;
692 }
693
694 static const struct message capcode_str[] =
695 {
696 { CAPABILITY_CODE_MP, "MultiProtocol Extensions" },
697 { CAPABILITY_CODE_REFRESH, "Route Refresh" },
698 { CAPABILITY_CODE_ORF, "Cooperative Route Filtering" },
699 { CAPABILITY_CODE_RESTART, "Graceful Restart" },
700 { CAPABILITY_CODE_AS4, "4-octet AS number" },
701 { CAPABILITY_CODE_ADDPATH, "AddPath" },
702 { CAPABILITY_CODE_DYNAMIC, "Dynamic" },
703 { CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding" },
704 { CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)" },
705 { CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)" },
706 { CAPABILITY_CODE_ORF_OLD, "ORF (Old)" },
707 { CAPABILITY_CODE_FQDN, "FQDN" },
708 };
709 static const int capcode_str_max = array_size(capcode_str);
710
711 /* Minimum sizes for length field of each cap (so not inc. the header) */
712 static const size_t cap_minsizes[] =
713 {
714 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
715 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
716 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
717 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
718 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
719 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
720 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
721 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
722 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
723 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
724 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
725 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
726 };
727
728 /* value the capability must be a multiple of.
729 * 0-data capabilities won't be checked against this.
730 * Other capabilities whose data doesn't fall on convenient boundaries for this
731 * table should be set to 1.
732 */
733 static const size_t cap_modsizes[] =
734 {
735 [CAPABILITY_CODE_MP] = 4,
736 [CAPABILITY_CODE_REFRESH] = 1,
737 [CAPABILITY_CODE_ORF] = 1,
738 [CAPABILITY_CODE_RESTART] = 1,
739 [CAPABILITY_CODE_AS4] = 4,
740 [CAPABILITY_CODE_ADDPATH] = 4,
741 [CAPABILITY_CODE_DYNAMIC] = 1,
742 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
743 [CAPABILITY_CODE_ENHE] = 6,
744 [CAPABILITY_CODE_REFRESH_OLD] = 1,
745 [CAPABILITY_CODE_ORF_OLD] = 1,
746 [CAPABILITY_CODE_FQDN] = 1,
747 };
748
749 /**
750 * Parse given capability.
751 * XXX: This is reading into a stream, but not using stream API
752 *
753 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
754 * capabilities were encountered.
755 */
756 static int
757 bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
758 u_char **error)
759 {
760 int ret;
761 struct stream *s = BGP_INPUT (peer);
762 size_t end = stream_get_getp (s) + length;
763
764 assert (STREAM_READABLE (s) >= length);
765
766 while (stream_get_getp (s) < end)
767 {
768 size_t start;
769 u_char *sp = stream_pnt (s);
770 struct capability_header caphdr;
771
772 ret = 0;
773 /* We need at least capability code and capability length. */
774 if (stream_get_getp(s) + 2 > end)
775 {
776 zlog_info ("%s Capability length error (< header)", peer->host);
777 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
778 return -1;
779 }
780
781 caphdr.code = stream_getc (s);
782 caphdr.length = stream_getc (s);
783 start = stream_get_getp (s);
784
785 /* Capability length check sanity check. */
786 if (start + caphdr.length > end)
787 {
788 zlog_info ("%s Capability length error (< length)", peer->host);
789 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
790 return -1;
791 }
792
793 if (bgp_debug_neighbor_events(peer))
794 zlog_debug ("%s OPEN has %s capability (%u), length %u",
795 peer->host,
796 LOOKUP (capcode_str, caphdr.code),
797 caphdr.code, caphdr.length);
798
799 /* Length sanity check, type-specific, for known capabilities */
800 switch (caphdr.code)
801 {
802 case CAPABILITY_CODE_MP:
803 case CAPABILITY_CODE_REFRESH:
804 case CAPABILITY_CODE_REFRESH_OLD:
805 case CAPABILITY_CODE_ORF:
806 case CAPABILITY_CODE_ORF_OLD:
807 case CAPABILITY_CODE_RESTART:
808 case CAPABILITY_CODE_AS4:
809 case CAPABILITY_CODE_ADDPATH:
810 case CAPABILITY_CODE_DYNAMIC:
811 case CAPABILITY_CODE_DYNAMIC_OLD:
812 case CAPABILITY_CODE_ENHE:
813 case CAPABILITY_CODE_FQDN:
814 /* Check length. */
815 if (caphdr.length < cap_minsizes[caphdr.code])
816 {
817 zlog_info ("%s %s Capability length error: got %u,"
818 " expected at least %u",
819 peer->host,
820 LOOKUP (capcode_str, caphdr.code),
821 caphdr.length,
822 (unsigned) cap_minsizes[caphdr.code]);
823 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
824 return -1;
825 }
826 if (caphdr.length
827 && caphdr.length % cap_modsizes[caphdr.code] != 0)
828 {
829 zlog_info ("%s %s Capability length error: got %u,"
830 " expected a multiple of %u",
831 peer->host,
832 LOOKUP (capcode_str, caphdr.code),
833 caphdr.length,
834 (unsigned) cap_modsizes[caphdr.code]);
835 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
836 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
837 return -1;
838 }
839 /* we deliberately ignore unknown codes, see below */
840 default:
841 break;
842 }
843
844 switch (caphdr.code)
845 {
846 case CAPABILITY_CODE_MP:
847 {
848 *mp_capability = 1;
849
850 /* Ignore capability when override-capability is set. */
851 if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
852 {
853 /* Set negotiated value. */
854 ret = bgp_capability_mp (peer, &caphdr);
855
856 /* Unsupported Capability. */
857 if (ret < 0)
858 {
859 /* Store return data. */
860 memcpy (*error, sp, caphdr.length + 2);
861 *error += caphdr.length + 2;
862 }
863 ret = 0; /* Don't return error for this */
864 }
865 }
866 break;
867 case CAPABILITY_CODE_REFRESH:
868 case CAPABILITY_CODE_REFRESH_OLD:
869 {
870 /* BGP refresh capability */
871 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
872 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
873 else
874 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
875 }
876 break;
877 case CAPABILITY_CODE_ORF:
878 case CAPABILITY_CODE_ORF_OLD:
879 ret = bgp_capability_orf_entry (peer, &caphdr);
880 break;
881 case CAPABILITY_CODE_RESTART:
882 ret = bgp_capability_restart (peer, &caphdr);
883 break;
884 case CAPABILITY_CODE_DYNAMIC:
885 case CAPABILITY_CODE_DYNAMIC_OLD:
886 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
887 break;
888 case CAPABILITY_CODE_AS4:
889 /* Already handled as a special-case parsing of the capabilities
890 * at the beginning of OPEN processing. So we care not a jot
891 * for the value really, only error case.
892 */
893 if (!bgp_capability_as4 (peer, &caphdr))
894 ret = -1;
895 break;
896 case CAPABILITY_CODE_ADDPATH:
897 ret = bgp_capability_addpath (peer, &caphdr);
898 break;
899 case CAPABILITY_CODE_ENHE:
900 ret = bgp_capability_enhe (peer, &caphdr);
901 break;
902 case CAPABILITY_CODE_FQDN:
903 ret = bgp_capability_hostname (peer, &caphdr);
904 break;
905 default:
906 if (caphdr.code > 128)
907 {
908 /* We don't send Notification for unknown vendor specific
909 capabilities. It seems reasonable for now... */
910 zlog_warn ("%s Vendor specific capability %d",
911 peer->host, caphdr.code);
912 }
913 else
914 {
915 zlog_warn ("%s unrecognized capability code: %d - ignored",
916 peer->host, caphdr.code);
917 memcpy (*error, sp, caphdr.length + 2);
918 *error += caphdr.length + 2;
919 }
920 }
921
922 if (ret < 0)
923 {
924 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
925 return -1;
926 }
927 if (stream_get_getp(s) != (start + caphdr.length))
928 {
929 if (stream_get_getp(s) > (start + caphdr.length))
930 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
931 peer->host, LOOKUP (capcode_str, caphdr.code),
932 caphdr.length);
933 stream_set_getp (s, start + caphdr.length);
934 }
935 }
936 return 0;
937 }
938
939 static int
940 bgp_auth_parse (struct peer *peer, size_t length)
941 {
942 bgp_notify_send (peer,
943 BGP_NOTIFY_OPEN_ERR,
944 BGP_NOTIFY_OPEN_AUTH_FAILURE);
945 return -1;
946 }
947
948 static int
949 strict_capability_same (struct peer *peer)
950 {
951 int i, j;
952
953 for (i = AFI_IP; i < AFI_MAX; i++)
954 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
955 if (peer->afc[i][j] != peer->afc_nego[i][j])
956 return 0;
957 return 1;
958 }
959
960 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
961 * Returns 0 if no as4 found, as4cap value otherwise.
962 */
963 as_t
964 peek_for_as4_capability (struct peer *peer, u_char length)
965 {
966 struct stream *s = BGP_INPUT (peer);
967 size_t orig_getp = stream_get_getp (s);
968 size_t end = orig_getp + length;
969 as_t as4 = 0;
970
971 if (BGP_DEBUG (as4, AS4))
972 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
973 " peeking for as4",
974 peer->host, length);
975 /* the error cases we DONT handle, we ONLY try to read as4 out of
976 * correctly formatted options.
977 */
978 while (stream_get_getp(s) < end)
979 {
980 u_char opt_type;
981 u_char opt_length;
982
983 /* Check the length. */
984 if (stream_get_getp (s) + 2 > end)
985 goto end;
986
987 /* Fetch option type and length. */
988 opt_type = stream_getc (s);
989 opt_length = stream_getc (s);
990
991 /* Option length check. */
992 if (stream_get_getp (s) + opt_length > end)
993 goto end;
994
995 if (opt_type == BGP_OPEN_OPT_CAP)
996 {
997 unsigned long capd_start = stream_get_getp (s);
998 unsigned long capd_end = capd_start + opt_length;
999
1000 assert (capd_end <= end);
1001
1002 while (stream_get_getp (s) < capd_end)
1003 {
1004 struct capability_header hdr;
1005
1006 if (stream_get_getp (s) + 2 > capd_end)
1007 goto end;
1008
1009 hdr.code = stream_getc (s);
1010 hdr.length = stream_getc (s);
1011
1012 if ((stream_get_getp(s) + hdr.length) > capd_end)
1013 goto end;
1014
1015 if (hdr.code == CAPABILITY_CODE_AS4)
1016 {
1017 if (BGP_DEBUG (as4, AS4))
1018 zlog_info ("[AS4] found AS4 capability, about to parse");
1019 as4 = bgp_capability_as4 (peer, &hdr);
1020
1021 goto end;
1022 }
1023 stream_forward_getp (s, hdr.length);
1024 }
1025 }
1026 }
1027
1028 end:
1029 stream_set_getp (s, orig_getp);
1030 return as4;
1031 }
1032
1033 /**
1034 * Parse open option.
1035 *
1036 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1037 */
1038 int
1039 bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
1040 {
1041 int ret = 0;
1042 u_char *error;
1043 u_char error_data[BGP_MAX_PACKET_SIZE];
1044 struct stream *s = BGP_INPUT(peer);
1045 size_t end = stream_get_getp (s) + length;
1046
1047 error = error_data;
1048
1049 if (bgp_debug_neighbor_events(peer))
1050 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
1051 peer->host, length);
1052
1053 while (stream_get_getp(s) < end)
1054 {
1055 u_char opt_type;
1056 u_char opt_length;
1057
1058 /* Must have at least an OPEN option header */
1059 if (STREAM_READABLE(s) < 2)
1060 {
1061 zlog_info ("%s Option length error", peer->host);
1062 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1063 return -1;
1064 }
1065
1066 /* Fetch option type and length. */
1067 opt_type = stream_getc (s);
1068 opt_length = stream_getc (s);
1069
1070 /* Option length check. */
1071 if (STREAM_READABLE (s) < opt_length)
1072 {
1073 zlog_info ("%s Option length error", peer->host);
1074 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1075 return -1;
1076 }
1077
1078 if (bgp_debug_neighbor_events(peer))
1079 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
1080 peer->host, opt_type,
1081 opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
1082 opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
1083 opt_length);
1084
1085 switch (opt_type)
1086 {
1087 case BGP_OPEN_OPT_AUTH:
1088 ret = bgp_auth_parse (peer, opt_length);
1089 break;
1090 case BGP_OPEN_OPT_CAP:
1091 ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
1092 break;
1093 default:
1094 bgp_notify_send (peer,
1095 BGP_NOTIFY_OPEN_ERR,
1096 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1097 ret = -1;
1098 break;
1099 }
1100
1101 /* Parse error. To accumulate all unsupported capability codes,
1102 bgp_capability_parse does not return -1 when encounter
1103 unsupported capability code. To detect that, please check
1104 error and erro_data pointer, like below. */
1105 if (ret < 0)
1106 return -1;
1107 }
1108
1109 /* All OPEN option is parsed. Check capability when strict compare
1110 flag is enabled.*/
1111 if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
1112 {
1113 /* If Unsupported Capability exists. */
1114 if (error != error_data)
1115 {
1116 bgp_notify_send_with_data (peer,
1117 BGP_NOTIFY_OPEN_ERR,
1118 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1119 error_data, error - error_data);
1120 return -1;
1121 }
1122
1123 /* Check local capability does not negotiated with remote
1124 peer. */
1125 if (! strict_capability_same (peer))
1126 {
1127 bgp_notify_send (peer,
1128 BGP_NOTIFY_OPEN_ERR,
1129 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1130 return -1;
1131 }
1132 }
1133
1134 /* Check there are no common AFI/SAFIs and send Unsupported Capability
1135 error. */
1136 if (*mp_capability &&
1137 ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
1138 {
1139 if (! peer->afc_nego[AFI_IP][SAFI_UNICAST]
1140 && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1141 && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1142 && ! peer->afc_nego[AFI_IP][SAFI_ENCAP]
1143 && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1144 && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1145 && ! peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1146 && ! peer->afc_nego[AFI_IP6][SAFI_ENCAP])
1147 {
1148 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
1149 "overlap with received MP capabilities",
1150 peer->host);
1151
1152 if (error != error_data)
1153 bgp_notify_send_with_data (peer,
1154 BGP_NOTIFY_OPEN_ERR,
1155 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1156 error_data, error - error_data);
1157 else
1158 bgp_notify_send (peer,
1159 BGP_NOTIFY_OPEN_ERR,
1160 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1161 return -1;
1162 }
1163 }
1164 return 0;
1165 }
1166
1167 static void
1168 bgp_open_capability_orf (struct stream *s, struct peer *peer,
1169 afi_t afi, safi_t safi, u_char code)
1170 {
1171 u_char cap_len;
1172 u_char orf_len;
1173 unsigned long capp;
1174 unsigned long orfp;
1175 unsigned long numberp;
1176 int number_of_orfs = 0;
1177
1178 if (safi == SAFI_MPLS_VPN)
1179 safi = SAFI_MPLS_LABELED_VPN;
1180
1181 stream_putc (s, BGP_OPEN_OPT_CAP);
1182 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1183 stream_putc (s, 0); /* Capability Length */
1184 stream_putc (s, code); /* Capability Code */
1185 orfp = stream_get_endp (s); /* Set ORF Len Pointer */
1186 stream_putc (s, 0); /* ORF Length */
1187 stream_putw (s, afi);
1188 stream_putc (s, 0);
1189 stream_putc (s, safi);
1190 numberp = stream_get_endp (s); /* Set Number Pointer */
1191 stream_putc (s, 0); /* Number of ORFs */
1192
1193 /* Address Prefix ORF */
1194 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1195 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1196 {
1197 stream_putc (s, (code == CAPABILITY_CODE_ORF ?
1198 ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
1199
1200 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1201 && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1202 {
1203 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1204 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1205 stream_putc (s, ORF_MODE_BOTH);
1206 }
1207 else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
1208 {
1209 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1210 stream_putc (s, ORF_MODE_SEND);
1211 }
1212 else
1213 {
1214 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1215 stream_putc (s, ORF_MODE_RECEIVE);
1216 }
1217 number_of_orfs++;
1218 }
1219
1220 /* Total Number of ORFs. */
1221 stream_putc_at (s, numberp, number_of_orfs);
1222
1223 /* Total ORF Len. */
1224 orf_len = stream_get_endp (s) - orfp - 1;
1225 stream_putc_at (s, orfp, orf_len);
1226
1227 /* Total Capability Len. */
1228 cap_len = stream_get_endp (s) - capp - 1;
1229 stream_putc_at (s, capp, cap_len);
1230 }
1231
1232 /* Fill in capability open option to the packet. */
1233 void
1234 bgp_open_capability (struct stream *s, struct peer *peer)
1235 {
1236 u_char len;
1237 unsigned long cp, capp, rcapp;
1238 afi_t afi;
1239 safi_t safi;
1240 as_t local_as;
1241 u_int32_t restart_time;
1242 u_char afi_safi_count = 0;
1243 struct utsname names;
1244 int adv_addpath_tx = 0;
1245
1246 /* Remember current pointer for Opt Parm Len. */
1247 cp = stream_get_endp (s);
1248
1249 /* Opt Parm Len. */
1250 stream_putc (s, 0);
1251
1252 /* Do not send capability. */
1253 if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1254 || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
1255 return;
1256
1257 /* IPv4 unicast. */
1258 if (peer->afc[AFI_IP][SAFI_UNICAST])
1259 {
1260 peer->afc_adv[AFI_IP][SAFI_UNICAST] = 1;
1261 stream_putc (s, BGP_OPEN_OPT_CAP);
1262 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1263 stream_putc (s, CAPABILITY_CODE_MP);
1264 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1265 stream_putw (s, AFI_IP);
1266 stream_putc (s, 0);
1267 stream_putc (s, SAFI_UNICAST);
1268 }
1269 /* IPv4 multicast. */
1270 if (peer->afc[AFI_IP][SAFI_MULTICAST])
1271 {
1272 peer->afc_adv[AFI_IP][SAFI_MULTICAST] = 1;
1273 stream_putc (s, BGP_OPEN_OPT_CAP);
1274 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1275 stream_putc (s, CAPABILITY_CODE_MP);
1276 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1277 stream_putw (s, AFI_IP);
1278 stream_putc (s, 0);
1279 stream_putc (s, SAFI_MULTICAST);
1280 }
1281 /* IPv4 VPN */
1282 if (peer->afc[AFI_IP][SAFI_MPLS_VPN])
1283 {
1284 peer->afc_adv[AFI_IP][SAFI_MPLS_VPN] = 1;
1285 stream_putc (s, BGP_OPEN_OPT_CAP);
1286 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1287 stream_putc (s, CAPABILITY_CODE_MP);
1288 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1289 stream_putw (s, AFI_IP);
1290 stream_putc (s, 0);
1291 stream_putc (s, SAFI_MPLS_LABELED_VPN);
1292 }
1293 /* ENCAP */
1294 if (peer->afc[AFI_IP][SAFI_ENCAP])
1295 {
1296 peer->afc_adv[AFI_IP][SAFI_ENCAP] = 1;
1297 stream_putc (s, BGP_OPEN_OPT_CAP);
1298 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1299 stream_putc (s, CAPABILITY_CODE_MP);
1300 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1301 stream_putw (s, AFI_IP);
1302 stream_putc (s, 0);
1303 stream_putc (s, SAFI_ENCAP);
1304 }
1305 #ifdef HAVE_IPV6
1306 /* Currently supporting RFC-5549 for Link-Local peering only */
1307 if (CHECK_FLAG (peer->flags, PEER_FLAG_CAPABILITY_ENHE) &&
1308 peer->su.sa.sa_family == AF_INET6 &&
1309 IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr))
1310 {
1311 /* RFC 5549 Extended Next Hop Encoding */
1312 SET_FLAG (peer->cap, PEER_CAP_ENHE_ADV);
1313 stream_putc (s, BGP_OPEN_OPT_CAP);
1314 stream_putc (s, CAPABILITY_CODE_ENHE_LEN + 2);
1315 stream_putc (s, CAPABILITY_CODE_ENHE);
1316 stream_putc (s, CAPABILITY_CODE_ENHE_LEN);
1317 /* Currently supporting for SAFI_UNICAST only */
1318 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_ADV);
1319 stream_putw (s, AFI_IP);
1320 stream_putw (s, SAFI_UNICAST);
1321 stream_putw (s, AFI_IP6);
1322
1323 if (CHECK_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_RCV))
1324 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_NEGO);
1325 }
1326 /* IPv6 unicast. */
1327 if (peer->afc[AFI_IP6][SAFI_UNICAST])
1328 {
1329 peer->afc_adv[AFI_IP6][SAFI_UNICAST] = 1;
1330 stream_putc (s, BGP_OPEN_OPT_CAP);
1331 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1332 stream_putc (s, CAPABILITY_CODE_MP);
1333 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1334 stream_putw (s, AFI_IP6);
1335 stream_putc (s, 0);
1336 stream_putc (s, SAFI_UNICAST);
1337 }
1338 /* IPv6 multicast. */
1339 if (peer->afc[AFI_IP6][SAFI_MULTICAST])
1340 {
1341 peer->afc_adv[AFI_IP6][SAFI_MULTICAST] = 1;
1342 stream_putc (s, BGP_OPEN_OPT_CAP);
1343 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1344 stream_putc (s, CAPABILITY_CODE_MP);
1345 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1346 stream_putw (s, AFI_IP6);
1347 stream_putc (s, 0);
1348 stream_putc (s, SAFI_MULTICAST);
1349 }
1350 /* IPv6 VPN. */
1351 if (peer->afc[AFI_IP6][SAFI_MPLS_VPN])
1352 {
1353 peer->afc_adv[AFI_IP6][SAFI_MPLS_VPN] = 1;
1354 stream_putc (s, BGP_OPEN_OPT_CAP);
1355 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1356 stream_putc (s, CAPABILITY_CODE_MP);
1357 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1358 stream_putw (s, AFI_IP6);
1359 stream_putc (s, 0);
1360 stream_putc (s, SAFI_MPLS_LABELED_VPN);
1361 }
1362 /* IPv6 ENCAP. */
1363 if (peer->afc[AFI_IP6][SAFI_ENCAP])
1364 {
1365 peer->afc_adv[AFI_IP6][SAFI_ENCAP] = 1;
1366 stream_putc (s, BGP_OPEN_OPT_CAP);
1367 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1368 stream_putc (s, CAPABILITY_CODE_MP);
1369 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1370 stream_putw (s, AFI_IP6);
1371 stream_putc (s, 0);
1372 stream_putc (s, SAFI_ENCAP);
1373 }
1374 #endif /* HAVE_IPV6 */
1375
1376 /* Route refresh. */
1377 SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
1378 stream_putc (s, BGP_OPEN_OPT_CAP);
1379 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1380 stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
1381 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1382 stream_putc (s, BGP_OPEN_OPT_CAP);
1383 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1384 stream_putc (s, CAPABILITY_CODE_REFRESH);
1385 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1386
1387 /* AS4 */
1388 SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
1389 stream_putc (s, BGP_OPEN_OPT_CAP);
1390 stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
1391 stream_putc (s, CAPABILITY_CODE_AS4);
1392 stream_putc (s, CAPABILITY_CODE_AS4_LEN);
1393 if ( peer->change_local_as )
1394 local_as = peer->change_local_as;
1395 else
1396 local_as = peer->local_as;
1397 stream_putl (s, local_as );
1398
1399 /* AddPath */
1400 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1401 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1402 if (peer->afc[afi][safi])
1403 {
1404 afi_safi_count++;
1405
1406 /* Only advertise addpath TX if a feature that will use it is
1407 * configured */
1408 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_ALL_PATHS) ||
1409 CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
1410 adv_addpath_tx = 1;
1411 }
1412
1413 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_ADV);
1414 stream_putc (s, BGP_OPEN_OPT_CAP);
1415 stream_putc (s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1416 stream_putc (s, CAPABILITY_CODE_ADDPATH);
1417 stream_putc (s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1418
1419 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1420 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1421 if (peer->afc[afi][safi])
1422 {
1423 stream_putw (s, afi);
1424 stream_putc (s, safi);
1425
1426 if (adv_addpath_tx)
1427 {
1428 stream_putc (s, BGP_ADDPATH_RX|BGP_ADDPATH_TX);
1429 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1430 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1431 }
1432 else
1433 {
1434 stream_putc (s, BGP_ADDPATH_RX);
1435 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1436 UNSET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1437 }
1438 }
1439
1440 /* ORF capability. */
1441 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1442 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1443 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1444 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1445 {
1446 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
1447 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
1448 }
1449
1450 /* Dynamic capability. */
1451 if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
1452 {
1453 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
1454 stream_putc (s, BGP_OPEN_OPT_CAP);
1455 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1456 stream_putc (s, CAPABILITY_CODE_DYNAMIC_OLD);
1457 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1458 stream_putc (s, BGP_OPEN_OPT_CAP);
1459 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1460 stream_putc (s, CAPABILITY_CODE_DYNAMIC);
1461 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1462 }
1463
1464 /* Hostname capability */
1465 uname(&names);
1466 if (names.nodename[0] != '\0')
1467 {
1468 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1469 stream_putc (s, BGP_OPEN_OPT_CAP);
1470 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1471 stream_putc(s, 0); /* dummy len for now */
1472 stream_putc (s, CAPABILITY_CODE_FQDN);
1473 capp = stream_get_endp(s);
1474 stream_putc(s, 0); /* dummy len for now */
1475 len = strlen(names.nodename);
1476 if (len > BGP_MAX_HOSTNAME)
1477 len = BGP_MAX_HOSTNAME;
1478
1479 stream_putc(s, len);
1480 stream_put(s, names.nodename, len);
1481 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1482 if ((names.domainname[0] != '\0') &&
1483 (strcmp(names.domainname, "(none)") != 0))
1484 {
1485 len = strlen(names.domainname);
1486 if (len > BGP_MAX_HOSTNAME)
1487 len = BGP_MAX_HOSTNAME;
1488
1489 stream_putc(s, len);
1490 stream_put(s, names.domainname, len);
1491 }
1492 else
1493 #endif
1494 {
1495 stream_putc(s, 0); /* 0 length */
1496 }
1497
1498 /* Set the lengths straight */
1499 len = stream_get_endp(s) - rcapp - 1;
1500 stream_putc_at(s, rcapp, len);
1501 len = stream_get_endp(s) - capp - 1;
1502 stream_putc_at(s, capp, len);
1503
1504 if (bgp_debug_neighbor_events(peer))
1505 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1506 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1507 peer->host, names.nodename, names.domainname);
1508 #else
1509 zlog_debug("%s Sending hostname cap with hn = %s", peer->host,
1510 names.nodename);
1511 #endif
1512 }
1513
1514 /* Sending base graceful-restart capability irrespective of the config */
1515 SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
1516 stream_putc (s, BGP_OPEN_OPT_CAP);
1517 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1518 stream_putc (s, 0); /* Capability Length */
1519 stream_putc (s, CAPABILITY_CODE_RESTART);
1520 rcapp = stream_get_endp (s); /* Set Restart Capability Len Pointer */
1521 stream_putc (s, 0);
1522 restart_time = peer->bgp->restart_time;
1523 if (peer->bgp->t_startup)
1524 {
1525 SET_FLAG (restart_time, RESTART_R_BIT);
1526 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
1527 }
1528 stream_putw (s, restart_time);
1529
1530 /* Send address-family specific graceful-restart capability only when GR config
1531 is present */
1532 if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
1533 {
1534 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1535 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1536 if (peer->afc[afi][safi])
1537 {
1538 stream_putw (s, afi);
1539 stream_putc (s, (safi == SAFI_MPLS_VPN) ? SAFI_MPLS_LABELED_VPN : safi);
1540 if (bgp_flag_check(peer->bgp, BGP_FLAG_GR_PRESERVE_FWD))
1541 stream_putc (s, RESTART_F_BIT);
1542 else
1543 stream_putc (s, 0);
1544 }
1545 }
1546
1547 /* Total Graceful restart capability Len. */
1548 len = stream_get_endp (s) - rcapp - 1;
1549 stream_putc_at (s, rcapp, len);
1550
1551 /* Total Capability Len. */
1552 len = stream_get_endp (s) - capp - 1;
1553 stream_putc_at (s, capp, len);
1554
1555 /* Total Opt Parm Len. */
1556 len = stream_get_endp (s) - cp - 1;
1557 stream_putc_at (s, cp, len);
1558 }
FRRouting mirror