]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_open.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #538 from qlyoung/fix-stack-access-2
[mirror_frr.git] / bgpd / bgp_open.c
1 /* BGP open message handling
2 * Copyright (C) 1998, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "stream.h"
26 #include "thread.h"
27 #include "log.h"
28 #include "command.h"
29 #include "memory.h"
30 #include "queue.h"
31 #include "filter.h"
32
33 #include "lib/json.h"
34 #include "bgpd/bgpd.h"
35 #include "bgpd/bgp_attr.h"
36 #include "bgpd/bgp_debug.h"
37 #include "bgpd/bgp_fsm.h"
38 #include "bgpd/bgp_packet.h"
39 #include "bgpd/bgp_open.h"
40 #include "bgpd/bgp_aspath.h"
41 #include "bgpd/bgp_vty.h"
42 #include "bgpd/bgp_memory.h"
43
44 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
45 negotiate remote peer supports extentions or not. But if
46 remote-peer doesn't supports negotiation process itself. We would
47 like to do manual configuration.
48
49 So there is many configurable point. First of all we want set each
50 peer whether we send capability negotiation to the peer or not.
51 Next, if we send capability to the peer we want to set my capabilty
52 inforation at each peer. */
53
54 void
55 bgp_capability_vty_out (struct vty *vty, struct peer *peer, u_char use_json, json_object *json_neigh)
56 {
57 char *pnt;
58 char *end;
59 struct capability_mp_data mpc;
60 struct capability_header *hdr;
61 json_object *json_cap = NULL;
62
63 if (use_json)
64 json_cap = json_object_new_object();
65
66 pnt = peer->notify.data;
67 end = pnt + peer->notify.length;
68
69 while (pnt < end)
70 {
71 if (pnt + sizeof (struct capability_mp_data) + 2 > end)
72 return;
73
74 hdr = (struct capability_header *)pnt;
75 if (pnt + hdr->length + 2 > end)
76 return;
77
78 memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
79
80 if (hdr->code == CAPABILITY_CODE_MP)
81 {
82 afi_t afi;
83 safi_t safi;
84
85 bgp_map_afi_safi_iana2int (ntohs(mpc.afi), mpc.safi, &afi, &safi);
86 if (use_json)
87 {
88 switch (afi)
89 {
90 case AFI_IP:
91 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv4");
92 break;
93 case AFI_IP6:
94 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv6");
95 break;
96 case AFI_L2VPN:
97 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "L2VPN");
98 break;
99 default:
100 json_object_int_add(json_cap, "capabilityErrorMultiProtocolAfiUnknown", ntohs (mpc.afi));
101 break;
102 }
103 switch (safi)
104 {
105 case SAFI_UNICAST:
106 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "unicast");
107 break;
108 case SAFI_MULTICAST:
109 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "multicast");
110 break;
111 case SAFI_LABELED_UNICAST:
112 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "labeled-unicast");
113 break;
114 case SAFI_MPLS_VPN:
115 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "MPLS-labeled VPN");
116 break;
117 case SAFI_ENCAP:
118 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "encap");
119 break;
120 case SAFI_EVPN:
121 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "EVPN");
122 break;
123 default:
124 json_object_int_add(json_cap, "capabilityErrorMultiProtocolSafiUnknown", mpc.safi);
125 break;
126 }
127 }
128 else
129 {
130 vty_out (vty, " Capability error for: Multi protocol ");
131 switch (afi)
132 {
133 case AFI_IP:
134 vty_out (vty, "AFI IPv4, ");
135 break;
136 case AFI_IP6:
137 vty_out (vty, "AFI IPv6, ");
138 break;
139 case AFI_L2VPN:
140 vty_out (vty, "AFI L2VPN, ");
141 break;
142 default:
143 vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
144 break;
145 }
146 switch (safi)
147 {
148 case SAFI_UNICAST:
149 vty_out (vty, "SAFI Unicast");
150 break;
151 case SAFI_MULTICAST:
152 vty_out (vty, "SAFI Multicast");
153 break;
154 case SAFI_LABELED_UNICAST:
155 vty_out (vty, "SAFI Labeled-unicast");
156 break;
157 case SAFI_MPLS_VPN:
158 vty_out (vty, "SAFI MPLS-labeled VPN");
159 break;
160 case SAFI_ENCAP:
161 vty_out (vty, "SAFI ENCAP");
162 break;
163 case SAFI_EVPN:
164 vty_out (vty, "SAFI EVPN");
165 break;
166 default:
167 vty_out (vty, "SAFI Unknown %d ", mpc.safi);
168 break;
169 }
170 vty_out (vty, "%s", VTY_NEWLINE);
171 }
172 }
173 else if (hdr->code >= 128)
174 {
175 if (use_json)
176 json_object_int_add(json_cap, "capabilityErrorVendorSpecificCapabilityCode", hdr->code);
177 else
178 vty_out (vty, " Capability error: vendor specific capability code %d",
179 hdr->code);
180 }
181 else
182 {
183 if (use_json)
184 json_object_int_add(json_cap, "capabilityErrorUnknownCapabilityCode", hdr->code);
185 else
186 vty_out (vty, " Capability error: unknown capability code %d",
187 hdr->code);
188 }
189 pnt += hdr->length + 2;
190 }
191 if (use_json)
192 json_object_object_add(json_neigh, "capabilityErrors", json_cap);
193 }
194
195 static void
196 bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
197 {
198 mpc->afi = stream_getw (s);
199 mpc->reserved = stream_getc (s);
200 mpc->safi = stream_getc (s);
201 }
202
203 /* Set negotiated capability value. */
204 static int
205 bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
206 {
207 struct capability_mp_data mpc;
208 struct stream *s = BGP_INPUT (peer);
209 afi_t afi;
210 safi_t safi;
211
212 /* Verify length is 4 */
213 if (hdr->length != 4)
214 {
215 zlog_warn("MP Cap: Received invalid length %d, non-multiple of 4",
216 hdr->length);
217 return -1;
218 }
219
220 bgp_capability_mp_data (s, &mpc);
221
222 if (bgp_debug_neighbor_events(peer))
223 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
224 peer->host, mpc.afi, mpc.safi);
225
226 /* Convert AFI, SAFI to internal values, check. */
227 if (bgp_map_afi_safi_iana2int (mpc.afi, mpc.safi, &afi, &safi))
228 return -1;
229
230 /* Now safi remapped, and afi/safi are valid array indices */
231 peer->afc_recv[afi][safi] = 1;
232
233 if (peer->afc[afi][safi])
234 peer->afc_nego[afi][safi] = 1;
235 else
236 return -1;
237
238 return 0;
239 }
240
241 static void
242 bgp_capability_orf_not_support (struct peer *peer, iana_afi_t afi, safi_t safi,
243 u_char type, u_char mode)
244 {
245 if (bgp_debug_neighbor_events(peer))
246 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
247 peer->host, afi, safi, type, mode);
248 }
249
250 static const struct message orf_type_str[] =
251 {
252 { ORF_TYPE_PREFIX, "Prefixlist" },
253 { ORF_TYPE_PREFIX_OLD, "Prefixlist (old)" },
254 };
255 static const int orf_type_str_max = array_size(orf_type_str);
256
257 static const struct message orf_mode_str[] =
258 {
259 { ORF_MODE_RECEIVE, "Receive" },
260 { ORF_MODE_SEND, "Send" },
261 { ORF_MODE_BOTH, "Both" },
262 };
263 static const int orf_mode_str_max = array_size(orf_mode_str);
264
265 static int
266 bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
267 {
268 struct stream *s = BGP_INPUT (peer);
269 struct capability_orf_entry entry;
270 iana_afi_t pkt_afi;
271 afi_t afi;
272 safi_t pkt_safi, safi;
273 u_char type;
274 u_char mode;
275 u_int16_t sm_cap = 0; /* capability send-mode receive */
276 u_int16_t rm_cap = 0; /* capability receive-mode receive */
277 int i;
278
279 /* ORF Entry header */
280 bgp_capability_mp_data (s, &entry.mpc);
281 entry.num = stream_getc (s);
282 pkt_afi = entry.mpc.afi;
283 pkt_safi = entry.mpc.safi;
284
285 if (bgp_debug_neighbor_events(peer))
286 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
287 peer->host, entry.mpc.afi, entry.mpc.safi);
288
289 /* Convert AFI, SAFI to internal values, check. */
290 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
291 {
292 zlog_info ("%s Addr-family %d/%d not supported."
293 " Ignoring the ORF capability",
294 peer->host, pkt_afi, pkt_safi);
295 return 0;
296 }
297
298 entry.mpc.afi = pkt_afi;
299 entry.mpc.safi = safi;
300
301 /* validate number field */
302 if (CAPABILITY_CODE_ORF_LEN + (entry.num * 2) > hdr->length)
303 {
304 zlog_info ("%s ORF Capability entry length error,"
305 " Cap length %u, num %u",
306 peer->host, hdr->length, entry.num);
307 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
308 return -1;
309 }
310
311 for (i = 0 ; i < entry.num ; i++)
312 {
313 type = stream_getc(s);
314 mode = stream_getc(s);
315
316 /* ORF Mode error check */
317 switch (mode)
318 {
319 case ORF_MODE_BOTH:
320 case ORF_MODE_SEND:
321 case ORF_MODE_RECEIVE:
322 break;
323 default:
324 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
325 continue;
326 }
327 /* ORF Type and afi/safi error checks */
328 /* capcode versus type */
329 switch (hdr->code)
330 {
331 case CAPABILITY_CODE_ORF:
332 switch (type)
333 {
334 case ORF_TYPE_PREFIX:
335 break;
336 default:
337 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
338 continue;
339 }
340 break;
341 case CAPABILITY_CODE_ORF_OLD:
342 switch (type)
343 {
344 case ORF_TYPE_PREFIX_OLD:
345 break;
346 default:
347 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
348 continue;
349 }
350 break;
351 default:
352 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
353 continue;
354 }
355
356 /* AFI vs SAFI */
357 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
358 || (afi == AFI_IP && safi == SAFI_MULTICAST)
359 || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
360 {
361 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
362 continue;
363 }
364
365 if (bgp_debug_neighbor_events(peer))
366 zlog_debug ("%s OPEN has %s ORF capability"
367 " as %s for afi/safi: %d/%d",
368 peer->host, LOOKUP (orf_type_str, type),
369 LOOKUP (orf_mode_str, mode),
370 pkt_afi, pkt_safi);
371
372 if (hdr->code == CAPABILITY_CODE_ORF)
373 {
374 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
375 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
376 }
377 else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
378 {
379 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
380 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
381 }
382 else
383 {
384 bgp_capability_orf_not_support (peer, pkt_afi, pkt_safi, type, mode);
385 continue;
386 }
387
388 switch (mode)
389 {
390 case ORF_MODE_BOTH:
391 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
392 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
393 break;
394 case ORF_MODE_SEND:
395 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
396 break;
397 case ORF_MODE_RECEIVE:
398 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
399 break;
400 }
401 }
402 return 0;
403 }
404
405 static int
406 bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
407 {
408 struct stream *s = BGP_INPUT (peer);
409 u_int16_t restart_flag_time;
410 size_t end = stream_get_getp (s) + caphdr->length;
411
412 /* Verify length is a multiple of 4 */
413 if ((caphdr->length-2) % 4)
414 {
415 zlog_warn("Restart Cap: Received invalid length %d, non-multiple of 4",
416 caphdr->length);
417 return -1;
418 }
419
420 SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
421 restart_flag_time = stream_getw(s);
422 if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
423 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
424
425 UNSET_FLAG (restart_flag_time, 0xF000);
426 peer->v_gr_restart = restart_flag_time;
427
428 if (bgp_debug_neighbor_events(peer))
429 {
430 zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
431 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
432 peer->host,
433 CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " "
434 : " not ",
435 peer->v_gr_restart);
436 }
437
438 while (stream_get_getp (s) + 4 <= end)
439 {
440 afi_t afi;
441 safi_t safi;
442 iana_afi_t pkt_afi = stream_getw (s);
443 safi_t pkt_safi = stream_getc (s);
444 u_char flag = stream_getc (s);
445
446 /* Convert AFI, SAFI to internal values, check. */
447 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
448 {
449 if (bgp_debug_neighbor_events(peer))
450 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
451 " Ignore the Graceful Restart capability for this AFI/SAFI",
452 peer->host, pkt_afi, pkt_safi);
453 }
454 else if (!peer->afc[afi][safi])
455 {
456 if (bgp_debug_neighbor_events(peer))
457 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
458 " Ignore the Graceful Restart capability",
459 peer->host, pkt_afi, pkt_safi);
460 }
461 else
462 {
463 if (bgp_debug_neighbor_events(peer))
464 zlog_debug ("%s Address family %s is%spreserved", peer->host,
465 afi_safi_print (afi, safi),
466 CHECK_FLAG (peer->af_cap[afi][safi],
467 PEER_CAP_RESTART_AF_PRESERVE_RCV)
468 ? " " : " not ");
469
470 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
471 if (CHECK_FLAG (flag, RESTART_F_BIT))
472 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
473
474 }
475 }
476 return 0;
477 }
478
479 /* Unlike other capability parsing routines, this one returns 0 on error */
480 static as_t
481 bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
482 {
483 SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
484
485 if (hdr->length != CAPABILITY_CODE_AS4_LEN)
486 {
487 zlog_err ("%s AS4 capability has incorrect data length %d",
488 peer->host, hdr->length);
489 return 0;
490 }
491
492 as_t as4 = stream_getl (BGP_INPUT(peer));
493
494 if (BGP_DEBUG (as4, AS4))
495 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
496 peer->host, as4);
497 return as4;
498 }
499
500 static int
501 bgp_capability_addpath (struct peer *peer, struct capability_header *hdr)
502 {
503 struct stream *s = BGP_INPUT (peer);
504 size_t end = stream_get_getp (s) + hdr->length;
505
506 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_RCV);
507
508 /* Verify length is a multiple of 4 */
509 if (hdr->length % 4)
510 {
511 zlog_warn("Add Path: Received invalid length %d, non-multiple of 4",
512 hdr->length);
513 return -1;
514 }
515
516 while (stream_get_getp (s) + 4 <= end)
517 {
518 afi_t afi;
519 safi_t safi;
520 iana_afi_t pkt_afi = stream_getw (s);
521 safi_t pkt_safi = stream_getc (s);
522 u_char send_receive = stream_getc (s);
523
524 if (bgp_debug_neighbor_events(peer))
525 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
526 peer->host, pkt_afi, pkt_safi,
527 (send_receive & BGP_ADDPATH_RX) ? ", receive" : "",
528 (send_receive & BGP_ADDPATH_TX) ? ", transmit" : "");
529
530 /* Convert AFI, SAFI to internal values, check. */
531 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
532 {
533 if (bgp_debug_neighbor_events(peer))
534 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
535 " Ignore the Addpath Attribute for this AFI/SAFI",
536 peer->host, pkt_afi, pkt_safi);
537 continue;
538 }
539 else if (!peer->afc[afi][safi])
540 {
541 if (bgp_debug_neighbor_events(peer))
542 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
543 " Ignore the AddPath capability for this AFI/SAFI",
544 peer->host, pkt_afi, pkt_safi);
545 continue;
546 }
547
548 if (send_receive & BGP_ADDPATH_RX)
549 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_RCV);
550
551 if (send_receive & BGP_ADDPATH_TX)
552 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_RCV);
553 }
554
555 return 0;
556 }
557
558 static int
559 bgp_capability_enhe (struct peer *peer, struct capability_header *hdr)
560 {
561 struct stream *s = BGP_INPUT (peer);
562 size_t end = stream_get_getp (s) + hdr->length;
563
564 /* Verify length is a multiple of 4 */
565 if (hdr->length % 6)
566 {
567 zlog_warn("Extended NH: Received invalid length %d, non-multiple of 6",
568 hdr->length);
569 return -1;
570 }
571
572 while (stream_get_getp (s) + 6 <= end)
573 {
574 iana_afi_t pkt_afi = stream_getw (s);
575 afi_t afi;
576 safi_t safi, pkt_safi = stream_getw (s);
577 iana_afi_t pkt_nh_afi = stream_getw (s);
578 afi_t nh_afi;
579
580 if (bgp_debug_neighbor_events(peer))
581 zlog_debug ("%s Received with afi/safi/next-hop afi: %u/%u/%u",
582 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
583
584 /* Convert AFI, SAFI to internal values, check. */
585 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
586 {
587 if (bgp_debug_neighbor_events(peer))
588 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
589 " Ignore the ENHE Attribute for this AFI/SAFI",
590 peer->host, pkt_afi, pkt_safi);
591 continue;
592 }
593
594 /* RFC 5549 specifies use of this capability only for IPv4 AFI, with
595 * the Nexthop AFI being IPv6. A future spec may introduce other
596 * possibilities, so we ignore other values with a log. Also, only
597 * SAFI_UNICAST and SAFI_LABELED_UNICAST are currently supported (and expected).
598 */
599 nh_afi = afi_iana2int (pkt_nh_afi);
600
601 if (afi != AFI_IP || nh_afi != AFI_IP6 || !(safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
602 {
603 zlog_warn ("%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
604 "in Extended Next-hop capability, ignoring",
605 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
606 continue;
607 }
608
609 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
610
611 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
612 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
613 }
614
615 SET_FLAG (peer->cap, PEER_CAP_ENHE_RCV);
616
617 return 0;
618 }
619
620 static int
621 bgp_capability_hostname (struct peer *peer, struct capability_header *hdr)
622 {
623 struct stream *s = BGP_INPUT (peer);
624 char str[BGP_MAX_HOSTNAME+1];
625 size_t end = stream_get_getp (s) + hdr->length;
626 u_char len;
627
628 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
629
630 len = stream_getc(s);
631 if (stream_get_getp(s) + len > end)
632 {
633 zlog_warn("%s: Received malformed hostname capability from peer %s",
634 __FUNCTION__, peer->host);
635 return -1;
636 }
637
638 if (len > BGP_MAX_HOSTNAME)
639 {
640 stream_get(str, s, BGP_MAX_HOSTNAME);
641 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
642 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
643 }
644 else if (len)
645 stream_get(str, s, len);
646
647 if (len)
648 {
649 str[len] = '\0';
650
651 if (peer->hostname != NULL)
652 {
653 XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
654 peer->hostname = NULL;
655 }
656
657 if (peer->domainname != NULL)
658 {
659 XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
660 peer->domainname = NULL;
661 }
662
663 peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
664 }
665
666 if (stream_get_getp(s) +1 > end)
667 {
668 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
669 __FUNCTION__, peer->host);
670 return -1;
671 }
672
673 len = stream_getc(s);
674 if (stream_get_getp(s) + len > end)
675 {
676 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
677 __FUNCTION__, peer->host);
678 return -1;
679 }
680
681 if (len > BGP_MAX_HOSTNAME)
682 {
683 stream_get(str, s, BGP_MAX_HOSTNAME);
684 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
685 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
686 }
687 else if (len)
688 stream_get(str, s, len);
689
690 if (len)
691 {
692 str[len] = '\0';
693 peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
694 }
695
696 if (bgp_debug_neighbor_events(peer))
697 {
698 zlog_debug("%s received hostname %s, domainname %s",
699 peer->host, peer->hostname, peer->domainname);
700 }
701
702 return 0;
703 }
704
705 static const struct message capcode_str[] =
706 {
707 { CAPABILITY_CODE_MP, "MultiProtocol Extensions" },
708 { CAPABILITY_CODE_REFRESH, "Route Refresh" },
709 { CAPABILITY_CODE_ORF, "Cooperative Route Filtering" },
710 { CAPABILITY_CODE_RESTART, "Graceful Restart" },
711 { CAPABILITY_CODE_AS4, "4-octet AS number" },
712 { CAPABILITY_CODE_ADDPATH, "AddPath" },
713 { CAPABILITY_CODE_DYNAMIC, "Dynamic" },
714 { CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding" },
715 { CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)" },
716 { CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)" },
717 { CAPABILITY_CODE_ORF_OLD, "ORF (Old)" },
718 { CAPABILITY_CODE_FQDN, "FQDN" },
719 };
720 static const int capcode_str_max = array_size(capcode_str);
721
722 /* Minimum sizes for length field of each cap (so not inc. the header) */
723 static const size_t cap_minsizes[] =
724 {
725 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
726 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
727 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
728 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
729 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
730 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
731 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
732 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
733 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
734 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
735 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
736 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
737 };
738
739 /* value the capability must be a multiple of.
740 * 0-data capabilities won't be checked against this.
741 * Other capabilities whose data doesn't fall on convenient boundaries for this
742 * table should be set to 1.
743 */
744 static const size_t cap_modsizes[] =
745 {
746 [CAPABILITY_CODE_MP] = 4,
747 [CAPABILITY_CODE_REFRESH] = 1,
748 [CAPABILITY_CODE_ORF] = 1,
749 [CAPABILITY_CODE_RESTART] = 1,
750 [CAPABILITY_CODE_AS4] = 4,
751 [CAPABILITY_CODE_ADDPATH] = 4,
752 [CAPABILITY_CODE_DYNAMIC] = 1,
753 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
754 [CAPABILITY_CODE_ENHE] = 6,
755 [CAPABILITY_CODE_REFRESH_OLD] = 1,
756 [CAPABILITY_CODE_ORF_OLD] = 1,
757 [CAPABILITY_CODE_FQDN] = 1,
758 };
759
760 /**
761 * Parse given capability.
762 * XXX: This is reading into a stream, but not using stream API
763 *
764 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
765 * capabilities were encountered.
766 */
767 static int
768 bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
769 u_char **error)
770 {
771 int ret;
772 struct stream *s = BGP_INPUT (peer);
773 size_t end = stream_get_getp (s) + length;
774
775 assert (STREAM_READABLE (s) >= length);
776
777 while (stream_get_getp (s) < end)
778 {
779 size_t start;
780 u_char *sp = stream_pnt (s);
781 struct capability_header caphdr;
782
783 ret = 0;
784 /* We need at least capability code and capability length. */
785 if (stream_get_getp(s) + 2 > end)
786 {
787 zlog_info ("%s Capability length error (< header)", peer->host);
788 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
789 return -1;
790 }
791
792 caphdr.code = stream_getc (s);
793 caphdr.length = stream_getc (s);
794 start = stream_get_getp (s);
795
796 /* Capability length check sanity check. */
797 if (start + caphdr.length > end)
798 {
799 zlog_info ("%s Capability length error (< length)", peer->host);
800 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
801 return -1;
802 }
803
804 if (bgp_debug_neighbor_events(peer))
805 zlog_debug ("%s OPEN has %s capability (%u), length %u",
806 peer->host,
807 LOOKUP (capcode_str, caphdr.code),
808 caphdr.code, caphdr.length);
809
810 /* Length sanity check, type-specific, for known capabilities */
811 switch (caphdr.code)
812 {
813 case CAPABILITY_CODE_MP:
814 case CAPABILITY_CODE_REFRESH:
815 case CAPABILITY_CODE_REFRESH_OLD:
816 case CAPABILITY_CODE_ORF:
817 case CAPABILITY_CODE_ORF_OLD:
818 case CAPABILITY_CODE_RESTART:
819 case CAPABILITY_CODE_AS4:
820 case CAPABILITY_CODE_ADDPATH:
821 case CAPABILITY_CODE_DYNAMIC:
822 case CAPABILITY_CODE_DYNAMIC_OLD:
823 case CAPABILITY_CODE_ENHE:
824 case CAPABILITY_CODE_FQDN:
825 /* Check length. */
826 if (caphdr.length < cap_minsizes[caphdr.code])
827 {
828 zlog_info ("%s %s Capability length error: got %u,"
829 " expected at least %u",
830 peer->host,
831 LOOKUP (capcode_str, caphdr.code),
832 caphdr.length,
833 (unsigned) cap_minsizes[caphdr.code]);
834 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
835 return -1;
836 }
837 if (caphdr.length
838 && caphdr.length % cap_modsizes[caphdr.code] != 0)
839 {
840 zlog_info ("%s %s Capability length error: got %u,"
841 " expected a multiple of %u",
842 peer->host,
843 LOOKUP (capcode_str, caphdr.code),
844 caphdr.length,
845 (unsigned) cap_modsizes[caphdr.code]);
846 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
847 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
848 return -1;
849 }
850 /* we deliberately ignore unknown codes, see below */
851 default:
852 break;
853 }
854
855 switch (caphdr.code)
856 {
857 case CAPABILITY_CODE_MP:
858 {
859 *mp_capability = 1;
860
861 /* Ignore capability when override-capability is set. */
862 if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
863 {
864 /* Set negotiated value. */
865 ret = bgp_capability_mp (peer, &caphdr);
866
867 /* Unsupported Capability. */
868 if (ret < 0)
869 {
870 /* Store return data. */
871 memcpy (*error, sp, caphdr.length + 2);
872 *error += caphdr.length + 2;
873 }
874 ret = 0; /* Don't return error for this */
875 }
876 }
877 break;
878 case CAPABILITY_CODE_REFRESH:
879 case CAPABILITY_CODE_REFRESH_OLD:
880 {
881 /* BGP refresh capability */
882 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
883 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
884 else
885 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
886 }
887 break;
888 case CAPABILITY_CODE_ORF:
889 case CAPABILITY_CODE_ORF_OLD:
890 ret = bgp_capability_orf_entry (peer, &caphdr);
891 break;
892 case CAPABILITY_CODE_RESTART:
893 ret = bgp_capability_restart (peer, &caphdr);
894 break;
895 case CAPABILITY_CODE_DYNAMIC:
896 case CAPABILITY_CODE_DYNAMIC_OLD:
897 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
898 break;
899 case CAPABILITY_CODE_AS4:
900 /* Already handled as a special-case parsing of the capabilities
901 * at the beginning of OPEN processing. So we care not a jot
902 * for the value really, only error case.
903 */
904 if (!bgp_capability_as4 (peer, &caphdr))
905 ret = -1;
906 break;
907 case CAPABILITY_CODE_ADDPATH:
908 ret = bgp_capability_addpath (peer, &caphdr);
909 break;
910 case CAPABILITY_CODE_ENHE:
911 ret = bgp_capability_enhe (peer, &caphdr);
912 break;
913 case CAPABILITY_CODE_FQDN:
914 ret = bgp_capability_hostname (peer, &caphdr);
915 break;
916 default:
917 if (caphdr.code > 128)
918 {
919 /* We don't send Notification for unknown vendor specific
920 capabilities. It seems reasonable for now... */
921 zlog_warn ("%s Vendor specific capability %d",
922 peer->host, caphdr.code);
923 }
924 else
925 {
926 zlog_warn ("%s unrecognized capability code: %d - ignored",
927 peer->host, caphdr.code);
928 memcpy (*error, sp, caphdr.length + 2);
929 *error += caphdr.length + 2;
930 }
931 }
932
933 if (ret < 0)
934 {
935 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
936 return -1;
937 }
938 if (stream_get_getp(s) != (start + caphdr.length))
939 {
940 if (stream_get_getp(s) > (start + caphdr.length))
941 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
942 peer->host, LOOKUP (capcode_str, caphdr.code),
943 caphdr.length);
944 stream_set_getp (s, start + caphdr.length);
945 }
946 }
947 return 0;
948 }
949
950 static int
951 bgp_auth_parse (struct peer *peer, size_t length)
952 {
953 bgp_notify_send (peer,
954 BGP_NOTIFY_OPEN_ERR,
955 BGP_NOTIFY_OPEN_AUTH_FAILURE);
956 return -1;
957 }
958
959 static int
960 strict_capability_same (struct peer *peer)
961 {
962 int i, j;
963
964 for (i = AFI_IP; i < AFI_MAX; i++)
965 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
966 if (peer->afc[i][j] != peer->afc_nego[i][j])
967 return 0;
968 return 1;
969 }
970
971 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
972 * Returns 0 if no as4 found, as4cap value otherwise.
973 */
974 as_t
975 peek_for_as4_capability (struct peer *peer, u_char length)
976 {
977 struct stream *s = BGP_INPUT (peer);
978 size_t orig_getp = stream_get_getp (s);
979 size_t end = orig_getp + length;
980 as_t as4 = 0;
981
982 if (BGP_DEBUG (as4, AS4))
983 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
984 " peeking for as4",
985 peer->host, length);
986 /* the error cases we DONT handle, we ONLY try to read as4 out of
987 * correctly formatted options.
988 */
989 while (stream_get_getp(s) < end)
990 {
991 u_char opt_type;
992 u_char opt_length;
993
994 /* Check the length. */
995 if (stream_get_getp (s) + 2 > end)
996 goto end;
997
998 /* Fetch option type and length. */
999 opt_type = stream_getc (s);
1000 opt_length = stream_getc (s);
1001
1002 /* Option length check. */
1003 if (stream_get_getp (s) + opt_length > end)
1004 goto end;
1005
1006 if (opt_type == BGP_OPEN_OPT_CAP)
1007 {
1008 unsigned long capd_start = stream_get_getp (s);
1009 unsigned long capd_end = capd_start + opt_length;
1010
1011 assert (capd_end <= end);
1012
1013 while (stream_get_getp (s) < capd_end)
1014 {
1015 struct capability_header hdr;
1016
1017 if (stream_get_getp (s) + 2 > capd_end)
1018 goto end;
1019
1020 hdr.code = stream_getc (s);
1021 hdr.length = stream_getc (s);
1022
1023 if ((stream_get_getp(s) + hdr.length) > capd_end)
1024 goto end;
1025
1026 if (hdr.code == CAPABILITY_CODE_AS4)
1027 {
1028 if (BGP_DEBUG (as4, AS4))
1029 zlog_info ("[AS4] found AS4 capability, about to parse");
1030 as4 = bgp_capability_as4 (peer, &hdr);
1031
1032 goto end;
1033 }
1034 stream_forward_getp (s, hdr.length);
1035 }
1036 }
1037 }
1038
1039 end:
1040 stream_set_getp (s, orig_getp);
1041 return as4;
1042 }
1043
1044 /**
1045 * Parse open option.
1046 *
1047 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1048 */
1049 int
1050 bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
1051 {
1052 int ret = 0;
1053 u_char *error;
1054 u_char error_data[BGP_MAX_PACKET_SIZE];
1055 struct stream *s = BGP_INPUT(peer);
1056 size_t end = stream_get_getp (s) + length;
1057
1058 error = error_data;
1059
1060 if (bgp_debug_neighbor_events(peer))
1061 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
1062 peer->host, length);
1063
1064 while (stream_get_getp(s) < end)
1065 {
1066 u_char opt_type;
1067 u_char opt_length;
1068
1069 /* Must have at least an OPEN option header */
1070 if (STREAM_READABLE(s) < 2)
1071 {
1072 zlog_info ("%s Option length error", peer->host);
1073 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1074 return -1;
1075 }
1076
1077 /* Fetch option type and length. */
1078 opt_type = stream_getc (s);
1079 opt_length = stream_getc (s);
1080
1081 /* Option length check. */
1082 if (STREAM_READABLE (s) < opt_length)
1083 {
1084 zlog_info ("%s Option length error", peer->host);
1085 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1086 return -1;
1087 }
1088
1089 if (bgp_debug_neighbor_events(peer))
1090 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
1091 peer->host, opt_type,
1092 opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
1093 opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
1094 opt_length);
1095
1096 switch (opt_type)
1097 {
1098 case BGP_OPEN_OPT_AUTH:
1099 ret = bgp_auth_parse (peer, opt_length);
1100 break;
1101 case BGP_OPEN_OPT_CAP:
1102 ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
1103 break;
1104 default:
1105 bgp_notify_send (peer,
1106 BGP_NOTIFY_OPEN_ERR,
1107 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1108 ret = -1;
1109 break;
1110 }
1111
1112 /* Parse error. To accumulate all unsupported capability codes,
1113 bgp_capability_parse does not return -1 when encounter
1114 unsupported capability code. To detect that, please check
1115 error and erro_data pointer, like below. */
1116 if (ret < 0)
1117 return -1;
1118 }
1119
1120 /* All OPEN option is parsed. Check capability when strict compare
1121 flag is enabled.*/
1122 if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
1123 {
1124 /* If Unsupported Capability exists. */
1125 if (error != error_data)
1126 {
1127 bgp_notify_send_with_data (peer,
1128 BGP_NOTIFY_OPEN_ERR,
1129 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1130 error_data, error - error_data);
1131 return -1;
1132 }
1133
1134 /* Check local capability does not negotiated with remote
1135 peer. */
1136 if (! strict_capability_same (peer))
1137 {
1138 bgp_notify_send (peer,
1139 BGP_NOTIFY_OPEN_ERR,
1140 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1141 return -1;
1142 }
1143 }
1144
1145 /* Check there are no common AFI/SAFIs and send Unsupported Capability
1146 error. */
1147 if (*mp_capability &&
1148 ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
1149 {
1150 if (! peer->afc_nego[AFI_IP][SAFI_UNICAST]
1151 && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1152 && ! peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
1153 && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1154 && ! peer->afc_nego[AFI_IP][SAFI_ENCAP]
1155 && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1156 && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1157 && ! peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
1158 && ! peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1159 && ! peer->afc_nego[AFI_IP6][SAFI_ENCAP]
1160 && ! peer->afc_nego[AFI_L2VPN][SAFI_EVPN])
1161 {
1162 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
1163 "overlap with received MP capabilities",
1164 peer->host);
1165
1166 if (error != error_data)
1167 bgp_notify_send_with_data (peer,
1168 BGP_NOTIFY_OPEN_ERR,
1169 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1170 error_data, error - error_data);
1171 else
1172 bgp_notify_send (peer,
1173 BGP_NOTIFY_OPEN_ERR,
1174 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1175 return -1;
1176 }
1177 }
1178 return 0;
1179 }
1180
1181 static void
1182 bgp_open_capability_orf (struct stream *s, struct peer *peer,
1183 afi_t afi, safi_t safi, u_char code)
1184 {
1185 u_char cap_len;
1186 u_char orf_len;
1187 unsigned long capp;
1188 unsigned long orfp;
1189 unsigned long numberp;
1190 int number_of_orfs = 0;
1191 iana_afi_t pkt_afi;
1192 safi_t pkt_safi;
1193
1194 /* Convert AFI, SAFI to values for packet. */
1195 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1196
1197 stream_putc (s, BGP_OPEN_OPT_CAP);
1198 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1199 stream_putc (s, 0); /* Capability Length */
1200 stream_putc (s, code); /* Capability Code */
1201 orfp = stream_get_endp (s); /* Set ORF Len Pointer */
1202 stream_putc (s, 0); /* ORF Length */
1203 stream_putw (s, pkt_afi);
1204 stream_putc (s, 0);
1205 stream_putc (s, pkt_safi);
1206 numberp = stream_get_endp (s); /* Set Number Pointer */
1207 stream_putc (s, 0); /* Number of ORFs */
1208
1209 /* Address Prefix ORF */
1210 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1211 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1212 {
1213 stream_putc (s, (code == CAPABILITY_CODE_ORF ?
1214 ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
1215
1216 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1217 && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1218 {
1219 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1220 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1221 stream_putc (s, ORF_MODE_BOTH);
1222 }
1223 else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
1224 {
1225 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1226 stream_putc (s, ORF_MODE_SEND);
1227 }
1228 else
1229 {
1230 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1231 stream_putc (s, ORF_MODE_RECEIVE);
1232 }
1233 number_of_orfs++;
1234 }
1235
1236 /* Total Number of ORFs. */
1237 stream_putc_at (s, numberp, number_of_orfs);
1238
1239 /* Total ORF Len. */
1240 orf_len = stream_get_endp (s) - orfp - 1;
1241 stream_putc_at (s, orfp, orf_len);
1242
1243 /* Total Capability Len. */
1244 cap_len = stream_get_endp (s) - capp - 1;
1245 stream_putc_at (s, capp, cap_len);
1246 }
1247
1248 /* Fill in capability open option to the packet. */
1249 void
1250 bgp_open_capability (struct stream *s, struct peer *peer)
1251 {
1252 u_char len;
1253 unsigned long cp, capp, rcapp;
1254 iana_afi_t pkt_afi;
1255 afi_t afi;
1256 safi_t safi, pkt_safi;
1257 as_t local_as;
1258 u_int32_t restart_time;
1259 u_char afi_safi_count = 0;
1260 struct utsname names;
1261 int adv_addpath_tx = 0;
1262
1263 /* Remember current pointer for Opt Parm Len. */
1264 cp = stream_get_endp (s);
1265
1266 /* Opt Parm Len. */
1267 stream_putc (s, 0);
1268
1269 /* Do not send capability. */
1270 if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1271 || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
1272 return;
1273
1274 /* MP capability for configured AFI, SAFI */
1275 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1276 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1277 {
1278 if (peer->afc[afi][safi])
1279 {
1280 /* Convert AFI, SAFI to values for packet. */
1281 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1282
1283 peer->afc_adv[afi][safi] = 1;
1284 stream_putc (s, BGP_OPEN_OPT_CAP);
1285 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1286 stream_putc (s, CAPABILITY_CODE_MP);
1287 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1288 stream_putw (s, pkt_afi);
1289 stream_putc (s, 0);
1290 stream_putc (s, pkt_safi);
1291
1292 /* Extended nexthop capability - currently supporting RFC-5549 for
1293 * Link-Local peering only
1294 */
1295 if (CHECK_FLAG (peer->flags, PEER_FLAG_CAPABILITY_ENHE) &&
1296 peer->su.sa.sa_family == AF_INET6 &&
1297 IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr) &&
1298 afi == AFI_IP &&
1299 (safi == SAFI_UNICAST || safi == SAFI_LABELED_UNICAST))
1300 {
1301 /* RFC 5549 Extended Next Hop Encoding */
1302 SET_FLAG (peer->cap, PEER_CAP_ENHE_ADV);
1303 stream_putc (s, BGP_OPEN_OPT_CAP);
1304 stream_putc (s, CAPABILITY_CODE_ENHE_LEN + 2);
1305 stream_putc (s, CAPABILITY_CODE_ENHE);
1306 stream_putc (s, CAPABILITY_CODE_ENHE_LEN);
1307
1308 SET_FLAG (peer->af_cap[AFI_IP][safi], PEER_CAP_ENHE_AF_ADV);
1309 stream_putw (s, pkt_afi);
1310 stream_putw (s, pkt_safi);
1311 stream_putw (s, afi_int2iana(AFI_IP6));
1312
1313 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV))
1314 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
1315 }
1316 }
1317 }
1318
1319 /* Route refresh. */
1320 SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
1321 stream_putc (s, BGP_OPEN_OPT_CAP);
1322 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1323 stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
1324 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1325 stream_putc (s, BGP_OPEN_OPT_CAP);
1326 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1327 stream_putc (s, CAPABILITY_CODE_REFRESH);
1328 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1329
1330 /* AS4 */
1331 SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
1332 stream_putc (s, BGP_OPEN_OPT_CAP);
1333 stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
1334 stream_putc (s, CAPABILITY_CODE_AS4);
1335 stream_putc (s, CAPABILITY_CODE_AS4_LEN);
1336 if ( peer->change_local_as )
1337 local_as = peer->change_local_as;
1338 else
1339 local_as = peer->local_as;
1340 stream_putl (s, local_as );
1341
1342 /* AddPath */
1343 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1344 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1345 if (peer->afc[afi][safi])
1346 {
1347 afi_safi_count++;
1348
1349 /* Only advertise addpath TX if a feature that will use it is
1350 * configured */
1351 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_ALL_PATHS) ||
1352 CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
1353 adv_addpath_tx = 1;
1354 }
1355
1356 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_ADV);
1357 stream_putc (s, BGP_OPEN_OPT_CAP);
1358 stream_putc (s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1359 stream_putc (s, CAPABILITY_CODE_ADDPATH);
1360 stream_putc (s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1361
1362 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1363 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1364 if (peer->afc[afi][safi])
1365 {
1366 /* Convert AFI, SAFI to values for packet. */
1367 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1368
1369 stream_putw (s, pkt_afi);
1370 stream_putc (s, pkt_safi);
1371
1372 if (adv_addpath_tx)
1373 {
1374 stream_putc (s, BGP_ADDPATH_RX|BGP_ADDPATH_TX);
1375 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1376 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1377 }
1378 else
1379 {
1380 stream_putc (s, BGP_ADDPATH_RX);
1381 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1382 UNSET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1383 }
1384 }
1385
1386 /* ORF capability. */
1387 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1388 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1389 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1390 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1391 {
1392 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
1393 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
1394 }
1395
1396 /* Dynamic capability. */
1397 if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
1398 {
1399 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
1400 stream_putc (s, BGP_OPEN_OPT_CAP);
1401 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1402 stream_putc (s, CAPABILITY_CODE_DYNAMIC_OLD);
1403 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1404 stream_putc (s, BGP_OPEN_OPT_CAP);
1405 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1406 stream_putc (s, CAPABILITY_CODE_DYNAMIC);
1407 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1408 }
1409
1410 /* Hostname capability */
1411 uname(&names);
1412 if (names.nodename[0] != '\0')
1413 {
1414 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1415 stream_putc (s, BGP_OPEN_OPT_CAP);
1416 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1417 stream_putc(s, 0); /* dummy len for now */
1418 stream_putc (s, CAPABILITY_CODE_FQDN);
1419 capp = stream_get_endp(s);
1420 stream_putc(s, 0); /* dummy len for now */
1421 len = strlen(names.nodename);
1422 if (len > BGP_MAX_HOSTNAME)
1423 len = BGP_MAX_HOSTNAME;
1424
1425 stream_putc(s, len);
1426 stream_put(s, names.nodename, len);
1427 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1428 if ((names.domainname[0] != '\0') &&
1429 (strcmp(names.domainname, "(none)") != 0))
1430 {
1431 len = strlen(names.domainname);
1432 if (len > BGP_MAX_HOSTNAME)
1433 len = BGP_MAX_HOSTNAME;
1434
1435 stream_putc(s, len);
1436 stream_put(s, names.domainname, len);
1437 }
1438 else
1439 #endif
1440 {
1441 stream_putc(s, 0); /* 0 length */
1442 }
1443
1444 /* Set the lengths straight */
1445 len = stream_get_endp(s) - rcapp - 1;
1446 stream_putc_at(s, rcapp, len);
1447 len = stream_get_endp(s) - capp - 1;
1448 stream_putc_at(s, capp, len);
1449
1450 if (bgp_debug_neighbor_events(peer))
1451 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1452 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1453 peer->host, names.nodename, names.domainname);
1454 #else
1455 zlog_debug("%s Sending hostname cap with hn = %s", peer->host,
1456 names.nodename);
1457 #endif
1458 }
1459
1460 /* Sending base graceful-restart capability irrespective of the config */
1461 SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
1462 stream_putc (s, BGP_OPEN_OPT_CAP);
1463 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1464 stream_putc (s, 0); /* Capability Length */
1465 stream_putc (s, CAPABILITY_CODE_RESTART);
1466 rcapp = stream_get_endp (s); /* Set Restart Capability Len Pointer */
1467 stream_putc (s, 0);
1468 restart_time = peer->bgp->restart_time;
1469 if (peer->bgp->t_startup)
1470 {
1471 SET_FLAG (restart_time, RESTART_R_BIT);
1472 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
1473 }
1474 stream_putw (s, restart_time);
1475
1476 /* Send address-family specific graceful-restart capability only when GR config
1477 is present */
1478 if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
1479 {
1480 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1481 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1482 if (peer->afc[afi][safi])
1483 {
1484 /* Convert AFI, SAFI to values for packet. */
1485 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
1486 stream_putw (s, pkt_afi);
1487 stream_putc (s, pkt_safi);
1488 if (bgp_flag_check(peer->bgp, BGP_FLAG_GR_PRESERVE_FWD))
1489 stream_putc (s, RESTART_F_BIT);
1490 else
1491 stream_putc (s, 0);
1492 }
1493 }
1494
1495 /* Total Graceful restart capability Len. */
1496 len = stream_get_endp (s) - rcapp - 1;
1497 stream_putc_at (s, rcapp, len);
1498
1499 /* Total Capability Len. */
1500 len = stream_get_endp (s) - capp - 1;
1501 stream_putc_at (s, capp, len);
1502
1503 /* Total Opt Parm Len. */
1504 len = stream_get_endp (s) - cp - 1;
1505 stream_putc_at (s, cp, len);
1506 }
FRRouting mirror