#include "lib/network.h"
#include "lib/thread.h"
-#ifndef VTYSH_EXTRACT_PL
#include "rtrlib/rtrlib.h"
-#endif
#include "hook.h"
#include "libfrr.h"
#include "lib/version.h"
-#ifndef VTYSH_EXTRACT_PL
#include "bgpd/bgp_rpki_clippy.c"
-#endif
DEFINE_MTYPE_STATIC(BGPD, BGP_RPKI_CACHE, "BGP RPKI Cache server");
DEFINE_MTYPE_STATIC(BGPD, BGP_RPKI_CACHE_GROUP, "BGP RPKI Cache server group");
#if defined(FOUND_SSH)
static int add_ssh_cache(const char *host, const unsigned int port,
const char *username, const char *client_privkey_path,
- const char *client_pubkey_path,
const char *server_pubkey_path,
const uint8_t preference, const char *bindaddr);
#endif
static struct rtr_socket *create_rtr_socket(struct tr_socket *tr_socket);
static struct cache *find_cache(const uint8_t preference);
+static void rpki_delete_all_cache_nodes(void);
static int add_tcp_cache(const char *host, const char *port,
const uint8_t preference, const char *bindaddr);
static void print_record(const struct pfx_record *record, struct vty *vty,
return NULL;
}
+static void rpki_delete_all_cache_nodes(void)
+{
+ struct listnode *cache_node, *cache_next;
+ struct cache *cache;
+
+ for (ALL_LIST_ELEMENTS(cache_list, cache_node, cache_next, cache)) {
+ rtr_mgr_remove_group(rtr_config, cache->preference);
+ listnode_delete(cache_list, cache);
+ }
+}
+
static void print_record(const struct pfx_record *record, struct vty *vty,
json_object *json)
{
safi_t safi;
for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
- if (!bgp->rib[afi][safi])
+ struct bgp_table *table = bgp->rib[afi][safi];
+
+ if (!table)
continue;
struct bgp_dest *match;
struct bgp_dest *node;
- match = bgp_table_subtree_lookup(bgp->rib[afi][safi],
- prefix);
+ match = bgp_table_subtree_lookup(table, prefix);
node = match;
while (node) {
node = bgp_route_next_until(node, match);
}
+
+ if (match)
+ bgp_dest_unlock_node(match);
}
}
hook_register(bgp_rpki_prefix_status, rpki_validate_prefix);
hook_register(frr_late_init, bgp_rpki_init);
- hook_register(frr_early_fini, &bgp_rpki_fini);
+ hook_register(frr_early_fini, bgp_rpki_fini);
return 0;
}
#if defined(FOUND_SSH)
static int add_ssh_cache(const char *host, const unsigned int port,
const char *username, const char *client_privkey_path,
- const char *client_pubkey_path,
const char *server_pubkey_path,
const uint8_t preference, const char *bindaddr)
{
struct listnode *cache_node;
struct cache *cache;
- if (!listcount(cache_list))
- return 0;
-
if (rpki_debug)
vty_out(vty, "debug rpki\n");
vty_out(vty, "!\n");
vty_out(vty, "rpki\n");
- vty_out(vty, " rpki polling_period %d\n", polling_period);
+ if (polling_period != POLLING_PERIOD_DEFAULT)
+ vty_out(vty, " rpki polling_period %d\n", polling_period);
if (retry_interval != RETRY_INTERVAL_DEFAULT)
vty_out(vty, " rpki retry_interval %d\n", retry_interval);
if (expire_interval != EXPIRE_INTERVAL_DEFAULT)
return CMD_SUCCESS;
}
+DEFPY (no_rpki,
+ no_rpki_cmd,
+ "no rpki",
+ NO_STR
+ "Enable rpki and enter rpki configuration mode\n")
+{
+ rpki_delete_all_cache_nodes();
+ stop();
+ return CMD_SUCCESS;
+}
+
DEFUN (bgp_rpki_start,
bgp_rpki_start_cmd,
"rpki start",
}
DEFPY(rpki_cache, rpki_cache_cmd,
- "rpki cache <A.B.C.D|WORD> <TCPPORT|(1-65535)$sshport SSH_UNAME SSH_PRIVKEY SSH_PUBKEY [SERVER_PUBKEY]> [source <A.B.C.D>$bindaddr] preference (1-255)",
+ "rpki cache <A.B.C.D|WORD> <TCPPORT|(1-65535)$sshport SSH_UNAME SSH_PRIVKEY [SERVER_PUBKEY]> [source <A.B.C.D>$bindaddr] preference (1-255)",
RPKI_OUTPUT_STRING
"Install a cache server to current group\n"
- "IP address of cache server\n Hostname of cache server\n"
+ "IP address of cache server\n"
+ "Hostname of cache server\n"
"TCP port number\n"
"SSH port number\n"
"SSH user name\n"
"Path to own SSH private key\n"
- "Path to own SSH public key\n"
"Path to Public key of cache server\n"
"Configure source IP address of RPKI connection\n"
"Define a Source IP Address\n"
// use ssh connection
if (ssh_uname) {
#if defined(FOUND_SSH)
- return_value = add_ssh_cache(
- cache, sshport, ssh_uname, ssh_privkey, ssh_pubkey,
- server_pubkey, preference, bindaddr_str);
+ return_value =
+ add_ssh_cache(cache, sshport, ssh_uname, ssh_privkey,
+ server_pubkey, preference, bindaddr_str);
#else
return_value = SUCCESS;
vty_out(vty,
DEFPY (no_rpki_cache,
no_rpki_cache_cmd,
- "no rpki cache <A.B.C.D|WORD> <TCPPORT|(1-65535)$sshport> preference (1-255)$preference",
+ "no rpki cache <A.B.C.D|WORD> <TCPPORT|(1-65535)$sshport SSH_UNAME SSH_PRIVKEY [SERVER_PUBKEY]> [source <A.B.C.D>$bindaddr] preference (1-255)",
NO_STR
RPKI_OUTPUT_STRING
- "Remove a cache server\n"
- "IP address of cache server\n Hostname of cache server\n"
+ "Install a cache server to current group\n"
+ "IP address of cache server\n"
+ "Hostname of cache server\n"
"TCP port number\n"
"SSH port number\n"
+ "SSH user name\n"
+ "Path to own SSH private key\n"
+ "Path to Public key of cache server\n"
+ "Configure source IP address of RPKI connection\n"
+ "Define a Source IP Address\n"
"Preference of the cache server\n"
"Preference value\n")
{
struct cache *cache_p = find_cache(preference);
if (!cache_p) {
- vty_out(vty, "Could not find cache %ld\n", preference);
+ vty_out(vty, "Could not find cache with preference %ld\n",
+ preference);
return CMD_WARNING;
}
stop();
} else if (is_running()) {
if (rtr_mgr_remove_group(rtr_config, preference) == RTR_ERROR) {
- vty_out(vty, "Could not remove cache %ld", preference);
-
- vty_out(vty, "\n");
+ vty_out(vty,
+ "Could not remove cache with preference %ld\n",
+ preference);
return CMD_WARNING;
}
}
for (ALL_LIST_ELEMENTS_RO(cache_list, cache_node, cache)) {
if (cache->type == TCP) {
if (!json) {
- vty_out(vty, "host: %s port: %s\n",
+ vty_out(vty,
+ "host: %s port: %s, preference: %hhu\n",
cache->tr_config.tcp_config->host,
- cache->tr_config.tcp_config->port);
+ cache->tr_config.tcp_config->port,
+ cache->preference);
} else {
json_server = json_object_new_object();
json_object_string_add(json_server, "mode",
json_object_string_add(
json_server, "port",
cache->tr_config.tcp_config->port);
+ json_object_int_add(json_server, "preference",
+ cache->preference);
json_object_array_add(json_servers,
json_server);
}
} else if (cache->type == SSH) {
if (!json) {
vty_out(vty,
- "host: %s port: %d username: %s server_hostkey_path: %s client_privkey_path: %s\n",
+ "host: %s port: %d username: %s server_hostkey_path: %s client_privkey_path: %s, preference: %hhu\n",
cache->tr_config.ssh_config->host,
cache->tr_config.ssh_config->port,
cache->tr_config.ssh_config->username,
cache->tr_config.ssh_config
->server_hostkey_path,
cache->tr_config.ssh_config
- ->client_privkey_path);
+ ->client_privkey_path,
+ cache->preference);
} else {
json_server = json_object_new_object();
json_object_string_add(json_server, "mode",
json_server, "clientPrivkeyPath",
cache->tr_config.ssh_config
->client_privkey_path);
+ json_object_int_add(json_server, "preference",
+ cache->preference);
json_object_array_add(json_servers,
json_server);
}
const char *xpath =
"./match-condition[condition='frr-bgp-route-map:rpki']";
- nb_cli_enqueue_change(vty, xpath, NB_OP_CREATE, NULL);
+ nb_cli_enqueue_change(vty, xpath, NB_OP_DESTROY, NULL);
return nb_cli_apply_changes(vty, NULL);
}
install_default(RPKI_NODE);
install_element(CONFIG_NODE, &rpki_cmd);
install_element(ENABLE_NODE, &rpki_cmd);
+ install_element(CONFIG_NODE, &no_rpki_cmd);
+
install_element(ENABLE_NODE, &bgp_rpki_start_cmd);
install_element(ENABLE_NODE, &bgp_rpki_stop_cmd);