]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_open.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
*: reindent
[mirror_frr.git] / bgpd / bgp_open.c
1 /* BGP open message handling
2 * Copyright (C) 1998, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "stream.h"
26 #include "thread.h"
27 #include "log.h"
28 #include "command.h"
29 #include "memory.h"
30 #include "queue.h"
31 #include "filter.h"
32
33 #include "lib/json.h"
34 #include "bgpd/bgpd.h"
35 #include "bgpd/bgp_attr.h"
36 #include "bgpd/bgp_debug.h"
37 #include "bgpd/bgp_fsm.h"
38 #include "bgpd/bgp_packet.h"
39 #include "bgpd/bgp_open.h"
40 #include "bgpd/bgp_aspath.h"
41 #include "bgpd/bgp_vty.h"
42 #include "bgpd/bgp_memory.h"
43
44 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
45 negotiate remote peer supports extentions or not. But if
46 remote-peer doesn't supports negotiation process itself. We would
47 like to do manual configuration.
48
49 So there is many configurable point. First of all we want set each
50 peer whether we send capability negotiation to the peer or not.
51 Next, if we send capability to the peer we want to set my capabilty
52 inforation at each peer. */
53
54 void bgp_capability_vty_out(struct vty *vty, struct peer *peer, u_char use_json,
55 json_object *json_neigh)
56 {
57 char *pnt;
58 char *end;
59 struct capability_mp_data mpc;
60 struct capability_header *hdr;
61 json_object *json_cap = NULL;
62
63 if (use_json)
64 json_cap = json_object_new_object();
65
66 pnt = peer->notify.data;
67 end = pnt + peer->notify.length;
68
69 while (pnt < end) {
70 if (pnt + sizeof(struct capability_mp_data) + 2 > end)
71 return;
72
73 hdr = (struct capability_header *)pnt;
74 if (pnt + hdr->length + 2 > end)
75 return;
76
77 memcpy(&mpc, pnt + 2, sizeof(struct capability_mp_data));
78
79 if (hdr->code == CAPABILITY_CODE_MP) {
80 afi_t afi;
81 safi_t safi;
82
83 bgp_map_afi_safi_iana2int(ntohs(mpc.afi), mpc.safi,
84 &afi, &safi);
85 if (use_json) {
86 switch (afi) {
87 case AFI_IP:
88 json_object_string_add(
89 json_cap,
90 "capabilityErrorMultiProtocolAfi",
91 "IPv4");
92 break;
93 case AFI_IP6:
94 json_object_string_add(
95 json_cap,
96 "capabilityErrorMultiProtocolAfi",
97 "IPv6");
98 break;
99 case AFI_L2VPN:
100 json_object_string_add(
101 json_cap,
102 "capabilityErrorMultiProtocolAfi",
103 "L2VPN");
104 break;
105 default:
106 json_object_int_add(
107 json_cap,
108 "capabilityErrorMultiProtocolAfiUnknown",
109 ntohs(mpc.afi));
110 break;
111 }
112 switch (safi) {
113 case SAFI_UNICAST:
114 json_object_string_add(
115 json_cap,
116 "capabilityErrorMultiProtocolSafi",
117 "unicast");
118 break;
119 case SAFI_MULTICAST:
120 json_object_string_add(
121 json_cap,
122 "capabilityErrorMultiProtocolSafi",
123 "multicast");
124 break;
125 case SAFI_LABELED_UNICAST:
126 json_object_string_add(
127 json_cap,
128 "capabilityErrorMultiProtocolSafi",
129 "labeled-unicast");
130 break;
131 case SAFI_MPLS_VPN:
132 json_object_string_add(
133 json_cap,
134 "capabilityErrorMultiProtocolSafi",
135 "MPLS-labeled VPN");
136 break;
137 case SAFI_ENCAP:
138 json_object_string_add(
139 json_cap,
140 "capabilityErrorMultiProtocolSafi",
141 "encap");
142 break;
143 case SAFI_EVPN:
144 json_object_string_add(
145 json_cap,
146 "capabilityErrorMultiProtocolSafi",
147 "EVPN");
148 break;
149 default:
150 json_object_int_add(
151 json_cap,
152 "capabilityErrorMultiProtocolSafiUnknown",
153 mpc.safi);
154 break;
155 }
156 } else {
157 vty_out(vty,
158 " Capability error for: Multi protocol ");
159 switch (afi) {
160 case AFI_IP:
161 vty_out(vty, "AFI IPv4, ");
162 break;
163 case AFI_IP6:
164 vty_out(vty, "AFI IPv6, ");
165 break;
166 case AFI_L2VPN:
167 vty_out(vty, "AFI L2VPN, ");
168 break;
169 default:
170 vty_out(vty, "AFI Unknown %d, ",
171 ntohs(mpc.afi));
172 break;
173 }
174 switch (safi) {
175 case SAFI_UNICAST:
176 vty_out(vty, "SAFI Unicast");
177 break;
178 case SAFI_MULTICAST:
179 vty_out(vty, "SAFI Multicast");
180 break;
181 case SAFI_LABELED_UNICAST:
182 vty_out(vty, "SAFI Labeled-unicast");
183 break;
184 case SAFI_MPLS_VPN:
185 vty_out(vty, "SAFI MPLS-labeled VPN");
186 break;
187 case SAFI_ENCAP:
188 vty_out(vty, "SAFI ENCAP");
189 break;
190 case SAFI_EVPN:
191 vty_out(vty, "SAFI EVPN");
192 break;
193 default:
194 vty_out(vty, "SAFI Unknown %d ",
195 mpc.safi);
196 break;
197 }
198 vty_out(vty, "\n");
199 }
200 } else if (hdr->code >= 128) {
201 if (use_json)
202 json_object_int_add(
203 json_cap,
204 "capabilityErrorVendorSpecificCapabilityCode",
205 hdr->code);
206 else
207 vty_out(vty,
208 " Capability error: vendor specific capability code %d",
209 hdr->code);
210 } else {
211 if (use_json)
212 json_object_int_add(
213 json_cap,
214 "capabilityErrorUnknownCapabilityCode",
215 hdr->code);
216 else
217 vty_out(vty,
218 " Capability error: unknown capability code %d",
219 hdr->code);
220 }
221 pnt += hdr->length + 2;
222 }
223 if (use_json)
224 json_object_object_add(json_neigh, "capabilityErrors",
225 json_cap);
226 }
227
228 static void bgp_capability_mp_data(struct stream *s,
229 struct capability_mp_data *mpc)
230 {
231 mpc->afi = stream_getw(s);
232 mpc->reserved = stream_getc(s);
233 mpc->safi = stream_getc(s);
234 }
235
236 /* Set negotiated capability value. */
237 static int bgp_capability_mp(struct peer *peer, struct capability_header *hdr)
238 {
239 struct capability_mp_data mpc;
240 struct stream *s = BGP_INPUT(peer);
241 afi_t afi;
242 safi_t safi;
243
244 /* Verify length is 4 */
245 if (hdr->length != 4) {
246 zlog_warn(
247 "MP Cap: Received invalid length %d, non-multiple of 4",
248 hdr->length);
249 return -1;
250 }
251
252 bgp_capability_mp_data(s, &mpc);
253
254 if (bgp_debug_neighbor_events(peer))
255 zlog_debug("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
256 peer->host, mpc.afi, mpc.safi);
257
258 /* Convert AFI, SAFI to internal values, check. */
259 if (bgp_map_afi_safi_iana2int(mpc.afi, mpc.safi, &afi, &safi))
260 return -1;
261
262 /* Now safi remapped, and afi/safi are valid array indices */
263 peer->afc_recv[afi][safi] = 1;
264
265 if (peer->afc[afi][safi])
266 peer->afc_nego[afi][safi] = 1;
267 else
268 return -1;
269
270 return 0;
271 }
272
273 static void bgp_capability_orf_not_support(struct peer *peer, iana_afi_t afi,
274 safi_t safi, u_char type,
275 u_char mode)
276 {
277 if (bgp_debug_neighbor_events(peer))
278 zlog_debug(
279 "%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
280 peer->host, afi, safi, type, mode);
281 }
282
283 static const struct message orf_type_str[] = {
284 {ORF_TYPE_PREFIX, "Prefixlist"},
285 {ORF_TYPE_PREFIX_OLD, "Prefixlist (old)"},
286 {0}};
287
288 static const struct message orf_mode_str[] = {{ORF_MODE_RECEIVE, "Receive"},
289 {ORF_MODE_SEND, "Send"},
290 {ORF_MODE_BOTH, "Both"},
291 {0}};
292
293 static int bgp_capability_orf_entry(struct peer *peer,
294 struct capability_header *hdr)
295 {
296 struct stream *s = BGP_INPUT(peer);
297 struct capability_mp_data mpc;
298 u_char num;
299 iana_afi_t pkt_afi;
300 afi_t afi;
301 safi_t pkt_safi, safi;
302 u_char type;
303 u_char mode;
304 u_int16_t sm_cap = 0; /* capability send-mode receive */
305 u_int16_t rm_cap = 0; /* capability receive-mode receive */
306 int i;
307
308 /* ORF Entry header */
309 bgp_capability_mp_data(s, &mpc);
310 num = stream_getc(s);
311 pkt_afi = mpc.afi;
312 pkt_safi = mpc.safi;
313
314 if (bgp_debug_neighbor_events(peer))
315 zlog_debug("%s ORF Cap entry for afi/safi: %u/%u", peer->host,
316 mpc.afi, mpc.safi);
317
318 /* Convert AFI, SAFI to internal values, check. */
319 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
320 zlog_info(
321 "%s Addr-family %d/%d not supported."
322 " Ignoring the ORF capability",
323 peer->host, pkt_afi, pkt_safi);
324 return 0;
325 }
326
327 mpc.afi = pkt_afi;
328 mpc.safi = safi;
329
330 /* validate number field */
331 if (CAPABILITY_CODE_ORF_LEN + (num * 2) > hdr->length) {
332 zlog_info(
333 "%s ORF Capability entry length error,"
334 " Cap length %u, num %u",
335 peer->host, hdr->length, num);
336 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
337 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
338 return -1;
339 }
340
341 for (i = 0; i < num; i++) {
342 type = stream_getc(s);
343 mode = stream_getc(s);
344
345 /* ORF Mode error check */
346 switch (mode) {
347 case ORF_MODE_BOTH:
348 case ORF_MODE_SEND:
349 case ORF_MODE_RECEIVE:
350 break;
351 default:
352 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
353 type, mode);
354 continue;
355 }
356 /* ORF Type and afi/safi error checks */
357 /* capcode versus type */
358 switch (hdr->code) {
359 case CAPABILITY_CODE_ORF:
360 switch (type) {
361 case ORF_TYPE_PREFIX:
362 break;
363 default:
364 bgp_capability_orf_not_support(
365 peer, pkt_afi, pkt_safi, type, mode);
366 continue;
367 }
368 break;
369 case CAPABILITY_CODE_ORF_OLD:
370 switch (type) {
371 case ORF_TYPE_PREFIX_OLD:
372 break;
373 default:
374 bgp_capability_orf_not_support(
375 peer, pkt_afi, pkt_safi, type, mode);
376 continue;
377 }
378 break;
379 default:
380 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
381 type, mode);
382 continue;
383 }
384
385 /* AFI vs SAFI */
386 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
387 || (afi == AFI_IP && safi == SAFI_MULTICAST)
388 || (afi == AFI_IP6 && safi == SAFI_UNICAST))) {
389 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
390 type, mode);
391 continue;
392 }
393
394 if (bgp_debug_neighbor_events(peer))
395 zlog_debug(
396 "%s OPEN has %s ORF capability"
397 " as %s for afi/safi: %d/%d",
398 peer->host,
399 lookup_msg(orf_type_str, type, NULL),
400 lookup_msg(orf_mode_str, mode, NULL), pkt_afi,
401 pkt_safi);
402
403 if (hdr->code == CAPABILITY_CODE_ORF) {
404 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
405 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
406 } else if (hdr->code == CAPABILITY_CODE_ORF_OLD) {
407 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
408 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
409 } else {
410 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
411 type, mode);
412 continue;
413 }
414
415 switch (mode) {
416 case ORF_MODE_BOTH:
417 SET_FLAG(peer->af_cap[afi][safi], sm_cap);
418 SET_FLAG(peer->af_cap[afi][safi], rm_cap);
419 break;
420 case ORF_MODE_SEND:
421 SET_FLAG(peer->af_cap[afi][safi], sm_cap);
422 break;
423 case ORF_MODE_RECEIVE:
424 SET_FLAG(peer->af_cap[afi][safi], rm_cap);
425 break;
426 }
427 }
428 return 0;
429 }
430
431 static int bgp_capability_restart(struct peer *peer,
432 struct capability_header *caphdr)
433 {
434 struct stream *s = BGP_INPUT(peer);
435 u_int16_t restart_flag_time;
436 size_t end = stream_get_getp(s) + caphdr->length;
437
438 /* Verify length is a multiple of 4 */
439 if ((caphdr->length - 2) % 4) {
440 zlog_warn(
441 "Restart Cap: Received invalid length %d, non-multiple of 4",
442 caphdr->length);
443 return -1;
444 }
445
446 SET_FLAG(peer->cap, PEER_CAP_RESTART_RCV);
447 restart_flag_time = stream_getw(s);
448 if (CHECK_FLAG(restart_flag_time, RESTART_R_BIT))
449 SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV);
450
451 UNSET_FLAG(restart_flag_time, 0xF000);
452 peer->v_gr_restart = restart_flag_time;
453
454 if (bgp_debug_neighbor_events(peer)) {
455 zlog_debug("%s OPEN has Graceful Restart capability",
456 peer->host);
457 zlog_debug("%s Peer has%srestarted. Restart Time : %d",
458 peer->host,
459 CHECK_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV)
460 ? " "
461 : " not ",
462 peer->v_gr_restart);
463 }
464
465 while (stream_get_getp(s) + 4 <= end) {
466 afi_t afi;
467 safi_t safi;
468 iana_afi_t pkt_afi = stream_getw(s);
469 safi_t pkt_safi = stream_getc(s);
470 u_char flag = stream_getc(s);
471
472 /* Convert AFI, SAFI to internal values, check. */
473 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
474 if (bgp_debug_neighbor_events(peer))
475 zlog_debug(
476 "%s Addr-family %d/%d(afi/safi) not supported."
477 " Ignore the Graceful Restart capability for this AFI/SAFI",
478 peer->host, pkt_afi, pkt_safi);
479 } else if (!peer->afc[afi][safi]) {
480 if (bgp_debug_neighbor_events(peer))
481 zlog_debug(
482 "%s Addr-family %d/%d(afi/safi) not enabled."
483 " Ignore the Graceful Restart capability",
484 peer->host, pkt_afi, pkt_safi);
485 } else {
486 if (bgp_debug_neighbor_events(peer))
487 zlog_debug(
488 "%s Address family %s is%spreserved",
489 peer->host, afi_safi_print(afi, safi),
490 CHECK_FLAG(
491 peer->af_cap[afi][safi],
492 PEER_CAP_RESTART_AF_PRESERVE_RCV)
493 ? " "
494 : " not ");
495
496 SET_FLAG(peer->af_cap[afi][safi],
497 PEER_CAP_RESTART_AF_RCV);
498 if (CHECK_FLAG(flag, RESTART_F_BIT))
499 SET_FLAG(peer->af_cap[afi][safi],
500 PEER_CAP_RESTART_AF_PRESERVE_RCV);
501 }
502 }
503 return 0;
504 }
505
506 /* Unlike other capability parsing routines, this one returns 0 on error */
507 static as_t bgp_capability_as4(struct peer *peer, struct capability_header *hdr)
508 {
509 SET_FLAG(peer->cap, PEER_CAP_AS4_RCV);
510
511 if (hdr->length != CAPABILITY_CODE_AS4_LEN) {
512 zlog_err("%s AS4 capability has incorrect data length %d",
513 peer->host, hdr->length);
514 return 0;
515 }
516
517 as_t as4 = stream_getl(BGP_INPUT(peer));
518
519 if (BGP_DEBUG(as4, AS4))
520 zlog_debug(
521 "%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
522 peer->host, as4);
523 return as4;
524 }
525
526 static int bgp_capability_addpath(struct peer *peer,
527 struct capability_header *hdr)
528 {
529 struct stream *s = BGP_INPUT(peer);
530 size_t end = stream_get_getp(s) + hdr->length;
531
532 SET_FLAG(peer->cap, PEER_CAP_ADDPATH_RCV);
533
534 /* Verify length is a multiple of 4 */
535 if (hdr->length % 4) {
536 zlog_warn(
537 "Add Path: Received invalid length %d, non-multiple of 4",
538 hdr->length);
539 return -1;
540 }
541
542 while (stream_get_getp(s) + 4 <= end) {
543 afi_t afi;
544 safi_t safi;
545 iana_afi_t pkt_afi = stream_getw(s);
546 safi_t pkt_safi = stream_getc(s);
547 u_char send_receive = stream_getc(s);
548
549 if (bgp_debug_neighbor_events(peer))
550 zlog_debug(
551 "%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
552 peer->host, pkt_afi, pkt_safi,
553 (send_receive & BGP_ADDPATH_RX) ? ", receive"
554 : "",
555 (send_receive & BGP_ADDPATH_TX) ? ", transmit"
556 : "");
557
558 /* Convert AFI, SAFI to internal values, check. */
559 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
560 if (bgp_debug_neighbor_events(peer))
561 zlog_debug(
562 "%s Addr-family %d/%d(afi/safi) not supported."
563 " Ignore the Addpath Attribute for this AFI/SAFI",
564 peer->host, pkt_afi, pkt_safi);
565 continue;
566 } else if (!peer->afc[afi][safi]) {
567 if (bgp_debug_neighbor_events(peer))
568 zlog_debug(
569 "%s Addr-family %d/%d(afi/safi) not enabled."
570 " Ignore the AddPath capability for this AFI/SAFI",
571 peer->host, pkt_afi, pkt_safi);
572 continue;
573 }
574
575 if (send_receive & BGP_ADDPATH_RX)
576 SET_FLAG(peer->af_cap[afi][safi],
577 PEER_CAP_ADDPATH_AF_RX_RCV);
578
579 if (send_receive & BGP_ADDPATH_TX)
580 SET_FLAG(peer->af_cap[afi][safi],
581 PEER_CAP_ADDPATH_AF_TX_RCV);
582 }
583
584 return 0;
585 }
586
587 static int bgp_capability_enhe(struct peer *peer, struct capability_header *hdr)
588 {
589 struct stream *s = BGP_INPUT(peer);
590 size_t end = stream_get_getp(s) + hdr->length;
591
592 /* Verify length is a multiple of 4 */
593 if (hdr->length % 6) {
594 zlog_warn(
595 "Extended NH: Received invalid length %d, non-multiple of 6",
596 hdr->length);
597 return -1;
598 }
599
600 while (stream_get_getp(s) + 6 <= end) {
601 iana_afi_t pkt_afi = stream_getw(s);
602 afi_t afi;
603 safi_t safi, pkt_safi = stream_getw(s);
604 iana_afi_t pkt_nh_afi = stream_getw(s);
605 afi_t nh_afi;
606
607 if (bgp_debug_neighbor_events(peer))
608 zlog_debug(
609 "%s Received with afi/safi/next-hop afi: %u/%u/%u",
610 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
611
612 /* Convert AFI, SAFI to internal values, check. */
613 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
614 if (bgp_debug_neighbor_events(peer))
615 zlog_debug(
616 "%s Addr-family %d/%d(afi/safi) not supported."
617 " Ignore the ENHE Attribute for this AFI/SAFI",
618 peer->host, pkt_afi, pkt_safi);
619 continue;
620 }
621
622 /* RFC 5549 specifies use of this capability only for IPv4 AFI,
623 * with
624 * the Nexthop AFI being IPv6. A future spec may introduce other
625 * possibilities, so we ignore other values with a log. Also,
626 * only
627 * SAFI_UNICAST and SAFI_LABELED_UNICAST are currently supported
628 * (and expected).
629 */
630 nh_afi = afi_iana2int(pkt_nh_afi);
631
632 if (afi != AFI_IP || nh_afi != AFI_IP6
633 || !(safi == SAFI_UNICAST
634 || safi == SAFI_LABELED_UNICAST)) {
635 zlog_warn(
636 "%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
637 "in Extended Next-hop capability, ignoring",
638 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
639 continue;
640 }
641
642 SET_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
643
644 if (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
645 SET_FLAG(peer->af_cap[afi][safi],
646 PEER_CAP_ENHE_AF_NEGO);
647 }
648
649 SET_FLAG(peer->cap, PEER_CAP_ENHE_RCV);
650
651 return 0;
652 }
653
654 static int bgp_capability_hostname(struct peer *peer,
655 struct capability_header *hdr)
656 {
657 struct stream *s = BGP_INPUT(peer);
658 char str[BGP_MAX_HOSTNAME + 1];
659 size_t end = stream_get_getp(s) + hdr->length;
660 u_char len;
661
662 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
663
664 len = stream_getc(s);
665 if (stream_get_getp(s) + len > end) {
666 zlog_warn(
667 "%s: Received malformed hostname capability from peer %s",
668 __FUNCTION__, peer->host);
669 return -1;
670 }
671
672 if (len > BGP_MAX_HOSTNAME) {
673 stream_get(str, s, BGP_MAX_HOSTNAME);
674 stream_forward_getp(s, len - BGP_MAX_HOSTNAME);
675 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
676 } else if (len)
677 stream_get(str, s, len);
678
679 if (len) {
680 str[len] = '\0';
681
682 if (peer->hostname != NULL) {
683 XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
684 peer->hostname = NULL;
685 }
686
687 if (peer->domainname != NULL) {
688 XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
689 peer->domainname = NULL;
690 }
691
692 peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
693 }
694
695 if (stream_get_getp(s) + 1 > end) {
696 zlog_warn(
697 "%s: Received invalid domain name len (hostname capability) from peer %s",
698 __FUNCTION__, peer->host);
699 return -1;
700 }
701
702 len = stream_getc(s);
703 if (stream_get_getp(s) + len > end) {
704 zlog_warn(
705 "%s: Received runt domain name (hostname capability) from peer %s",
706 __FUNCTION__, peer->host);
707 return -1;
708 }
709
710 if (len > BGP_MAX_HOSTNAME) {
711 stream_get(str, s, BGP_MAX_HOSTNAME);
712 stream_forward_getp(s, len - BGP_MAX_HOSTNAME);
713 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
714 } else if (len)
715 stream_get(str, s, len);
716
717 if (len) {
718 str[len] = '\0';
719 peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
720 }
721
722 if (bgp_debug_neighbor_events(peer)) {
723 zlog_debug("%s received hostname %s, domainname %s", peer->host,
724 peer->hostname, peer->domainname);
725 }
726
727 return 0;
728 }
729
730 static const struct message capcode_str[] = {
731 {CAPABILITY_CODE_MP, "MultiProtocol Extensions"},
732 {CAPABILITY_CODE_REFRESH, "Route Refresh"},
733 {CAPABILITY_CODE_ORF, "Cooperative Route Filtering"},
734 {CAPABILITY_CODE_RESTART, "Graceful Restart"},
735 {CAPABILITY_CODE_AS4, "4-octet AS number"},
736 {CAPABILITY_CODE_ADDPATH, "AddPath"},
737 {CAPABILITY_CODE_DYNAMIC, "Dynamic"},
738 {CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding"},
739 {CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)"},
740 {CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)"},
741 {CAPABILITY_CODE_ORF_OLD, "ORF (Old)"},
742 {CAPABILITY_CODE_FQDN, "FQDN"},
743 {0}};
744
745 /* Minimum sizes for length field of each cap (so not inc. the header) */
746 static const size_t cap_minsizes[] = {
747 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
748 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
749 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
750 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
751 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
752 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
753 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
754 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
755 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
756 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
757 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
758 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
759 };
760
761 /* value the capability must be a multiple of.
762 * 0-data capabilities won't be checked against this.
763 * Other capabilities whose data doesn't fall on convenient boundaries for this
764 * table should be set to 1.
765 */
766 static const size_t cap_modsizes[] = {
767 [CAPABILITY_CODE_MP] = 4,
768 [CAPABILITY_CODE_REFRESH] = 1,
769 [CAPABILITY_CODE_ORF] = 1,
770 [CAPABILITY_CODE_RESTART] = 1,
771 [CAPABILITY_CODE_AS4] = 4,
772 [CAPABILITY_CODE_ADDPATH] = 4,
773 [CAPABILITY_CODE_DYNAMIC] = 1,
774 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
775 [CAPABILITY_CODE_ENHE] = 6,
776 [CAPABILITY_CODE_REFRESH_OLD] = 1,
777 [CAPABILITY_CODE_ORF_OLD] = 1,
778 [CAPABILITY_CODE_FQDN] = 1,
779 };
780
781 /**
782 * Parse given capability.
783 * XXX: This is reading into a stream, but not using stream API
784 *
785 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
786 * capabilities were encountered.
787 */
788 static int bgp_capability_parse(struct peer *peer, size_t length,
789 int *mp_capability, u_char **error)
790 {
791 int ret;
792 struct stream *s = BGP_INPUT(peer);
793 size_t end = stream_get_getp(s) + length;
794
795 assert(STREAM_READABLE(s) >= length);
796
797 while (stream_get_getp(s) < end) {
798 size_t start;
799 u_char *sp = stream_pnt(s);
800 struct capability_header caphdr;
801
802 ret = 0;
803 /* We need at least capability code and capability length. */
804 if (stream_get_getp(s) + 2 > end) {
805 zlog_info("%s Capability length error (< header)",
806 peer->host);
807 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
808 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
809 return -1;
810 }
811
812 caphdr.code = stream_getc(s);
813 caphdr.length = stream_getc(s);
814 start = stream_get_getp(s);
815
816 /* Capability length check sanity check. */
817 if (start + caphdr.length > end) {
818 zlog_info("%s Capability length error (< length)",
819 peer->host);
820 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
821 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
822 return -1;
823 }
824
825 if (bgp_debug_neighbor_events(peer))
826 zlog_debug("%s OPEN has %s capability (%u), length %u",
827 peer->host,
828 lookup_msg(capcode_str, caphdr.code, NULL),
829 caphdr.code, caphdr.length);
830
831 /* Length sanity check, type-specific, for known capabilities */
832 switch (caphdr.code) {
833 case CAPABILITY_CODE_MP:
834 case CAPABILITY_CODE_REFRESH:
835 case CAPABILITY_CODE_REFRESH_OLD:
836 case CAPABILITY_CODE_ORF:
837 case CAPABILITY_CODE_ORF_OLD:
838 case CAPABILITY_CODE_RESTART:
839 case CAPABILITY_CODE_AS4:
840 case CAPABILITY_CODE_ADDPATH:
841 case CAPABILITY_CODE_DYNAMIC:
842 case CAPABILITY_CODE_DYNAMIC_OLD:
843 case CAPABILITY_CODE_ENHE:
844 case CAPABILITY_CODE_FQDN:
845 /* Check length. */
846 if (caphdr.length < cap_minsizes[caphdr.code]) {
847 zlog_info(
848 "%s %s Capability length error: got %u,"
849 " expected at least %u",
850 peer->host,
851 lookup_msg(capcode_str, caphdr.code,
852 NULL),
853 caphdr.length,
854 (unsigned)cap_minsizes[caphdr.code]);
855 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
856 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
857 return -1;
858 }
859 if (caphdr.length
860 && caphdr.length % cap_modsizes[caphdr.code] != 0) {
861 zlog_info(
862 "%s %s Capability length error: got %u,"
863 " expected a multiple of %u",
864 peer->host,
865 lookup_msg(capcode_str, caphdr.code,
866 NULL),
867 caphdr.length,
868 (unsigned)cap_modsizes[caphdr.code]);
869 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
870 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
871 return -1;
872 }
873 /* we deliberately ignore unknown codes, see below */
874 default:
875 break;
876 }
877
878 switch (caphdr.code) {
879 case CAPABILITY_CODE_MP: {
880 *mp_capability = 1;
881
882 /* Ignore capability when override-capability is set. */
883 if (!CHECK_FLAG(peer->flags,
884 PEER_FLAG_OVERRIDE_CAPABILITY)) {
885 /* Set negotiated value. */
886 ret = bgp_capability_mp(peer, &caphdr);
887
888 /* Unsupported Capability. */
889 if (ret < 0) {
890 /* Store return data. */
891 memcpy(*error, sp, caphdr.length + 2);
892 *error += caphdr.length + 2;
893 }
894 ret = 0; /* Don't return error for this */
895 }
896 } break;
897 case CAPABILITY_CODE_REFRESH:
898 case CAPABILITY_CODE_REFRESH_OLD: {
899 /* BGP refresh capability */
900 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
901 SET_FLAG(peer->cap, PEER_CAP_REFRESH_OLD_RCV);
902 else
903 SET_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV);
904 } break;
905 case CAPABILITY_CODE_ORF:
906 case CAPABILITY_CODE_ORF_OLD:
907 ret = bgp_capability_orf_entry(peer, &caphdr);
908 break;
909 case CAPABILITY_CODE_RESTART:
910 ret = bgp_capability_restart(peer, &caphdr);
911 break;
912 case CAPABILITY_CODE_DYNAMIC:
913 case CAPABILITY_CODE_DYNAMIC_OLD:
914 SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV);
915 break;
916 case CAPABILITY_CODE_AS4:
917 /* Already handled as a special-case parsing of the
918 * capabilities
919 * at the beginning of OPEN processing. So we care not a
920 * jot
921 * for the value really, only error case.
922 */
923 if (!bgp_capability_as4(peer, &caphdr))
924 ret = -1;
925 break;
926 case CAPABILITY_CODE_ADDPATH:
927 ret = bgp_capability_addpath(peer, &caphdr);
928 break;
929 case CAPABILITY_CODE_ENHE:
930 ret = bgp_capability_enhe(peer, &caphdr);
931 break;
932 case CAPABILITY_CODE_FQDN:
933 ret = bgp_capability_hostname(peer, &caphdr);
934 break;
935 default:
936 if (caphdr.code > 128) {
937 /* We don't send Notification for unknown vendor
938 specific
939 capabilities. It seems reasonable for now...
940 */
941 zlog_warn("%s Vendor specific capability %d",
942 peer->host, caphdr.code);
943 } else {
944 zlog_warn(
945 "%s unrecognized capability code: %d - ignored",
946 peer->host, caphdr.code);
947 memcpy(*error, sp, caphdr.length + 2);
948 *error += caphdr.length + 2;
949 }
950 }
951
952 if (ret < 0) {
953 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
954 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
955 return -1;
956 }
957 if (stream_get_getp(s) != (start + caphdr.length)) {
958 if (stream_get_getp(s) > (start + caphdr.length))
959 zlog_warn(
960 "%s Cap-parser for %s read past cap-length, %u!",
961 peer->host,
962 lookup_msg(capcode_str, caphdr.code,
963 NULL),
964 caphdr.length);
965 stream_set_getp(s, start + caphdr.length);
966 }
967 }
968 return 0;
969 }
970
971 static int bgp_auth_parse(struct peer *peer, size_t length)
972 {
973 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
974 BGP_NOTIFY_OPEN_AUTH_FAILURE);
975 return -1;
976 }
977
978 static int strict_capability_same(struct peer *peer)
979 {
980 int i, j;
981
982 for (i = AFI_IP; i < AFI_MAX; i++)
983 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
984 if (peer->afc[i][j] != peer->afc_nego[i][j])
985 return 0;
986 return 1;
987 }
988
989 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
990 * Returns 0 if no as4 found, as4cap value otherwise.
991 */
992 as_t peek_for_as4_capability(struct peer *peer, u_char length)
993 {
994 struct stream *s = BGP_INPUT(peer);
995 size_t orig_getp = stream_get_getp(s);
996 size_t end = orig_getp + length;
997 as_t as4 = 0;
998
999 if (BGP_DEBUG(as4, AS4))
1000 zlog_info(
1001 "%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
1002 " peeking for as4",
1003 peer->host, length);
1004 /* the error cases we DONT handle, we ONLY try to read as4 out of
1005 * correctly formatted options.
1006 */
1007 while (stream_get_getp(s) < end) {
1008 u_char opt_type;
1009 u_char opt_length;
1010
1011 /* Check the length. */
1012 if (stream_get_getp(s) + 2 > end)
1013 goto end;
1014
1015 /* Fetch option type and length. */
1016 opt_type = stream_getc(s);
1017 opt_length = stream_getc(s);
1018
1019 /* Option length check. */
1020 if (stream_get_getp(s) + opt_length > end)
1021 goto end;
1022
1023 if (opt_type == BGP_OPEN_OPT_CAP) {
1024 unsigned long capd_start = stream_get_getp(s);
1025 unsigned long capd_end = capd_start + opt_length;
1026
1027 assert(capd_end <= end);
1028
1029 while (stream_get_getp(s) < capd_end) {
1030 struct capability_header hdr;
1031
1032 if (stream_get_getp(s) + 2 > capd_end)
1033 goto end;
1034
1035 hdr.code = stream_getc(s);
1036 hdr.length = stream_getc(s);
1037
1038 if ((stream_get_getp(s) + hdr.length)
1039 > capd_end)
1040 goto end;
1041
1042 if (hdr.code == CAPABILITY_CODE_AS4) {
1043 if (BGP_DEBUG(as4, AS4))
1044 zlog_info(
1045 "[AS4] found AS4 capability, about to parse");
1046 as4 = bgp_capability_as4(peer, &hdr);
1047
1048 goto end;
1049 }
1050 stream_forward_getp(s, hdr.length);
1051 }
1052 }
1053 }
1054
1055 end:
1056 stream_set_getp(s, orig_getp);
1057 return as4;
1058 }
1059
1060 /**
1061 * Parse open option.
1062 *
1063 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1064 */
1065 int bgp_open_option_parse(struct peer *peer, u_char length, int *mp_capability)
1066 {
1067 int ret = 0;
1068 u_char *error;
1069 u_char error_data[BGP_MAX_PACKET_SIZE];
1070 struct stream *s = BGP_INPUT(peer);
1071 size_t end = stream_get_getp(s) + length;
1072
1073 error = error_data;
1074
1075 if (bgp_debug_neighbor_events(peer))
1076 zlog_debug("%s rcv OPEN w/ OPTION parameter len: %u",
1077 peer->host, length);
1078
1079 while (stream_get_getp(s) < end) {
1080 u_char opt_type;
1081 u_char opt_length;
1082
1083 /* Must have at least an OPEN option header */
1084 if (STREAM_READABLE(s) < 2) {
1085 zlog_info("%s Option length error", peer->host);
1086 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1087 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1088 return -1;
1089 }
1090
1091 /* Fetch option type and length. */
1092 opt_type = stream_getc(s);
1093 opt_length = stream_getc(s);
1094
1095 /* Option length check. */
1096 if (STREAM_READABLE(s) < opt_length) {
1097 zlog_info("%s Option length error", peer->host);
1098 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1099 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1100 return -1;
1101 }
1102
1103 if (bgp_debug_neighbor_events(peer))
1104 zlog_debug(
1105 "%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
1106 peer->host, opt_type,
1107 opt_type == BGP_OPEN_OPT_AUTH
1108 ? "Authentication"
1109 : opt_type == BGP_OPEN_OPT_CAP
1110 ? "Capability"
1111 : "Unknown",
1112 opt_length);
1113
1114 switch (opt_type) {
1115 case BGP_OPEN_OPT_AUTH:
1116 ret = bgp_auth_parse(peer, opt_length);
1117 break;
1118 case BGP_OPEN_OPT_CAP:
1119 ret = bgp_capability_parse(peer, opt_length,
1120 mp_capability, &error);
1121 break;
1122 default:
1123 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1124 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1125 ret = -1;
1126 break;
1127 }
1128
1129 /* Parse error. To accumulate all unsupported capability codes,
1130 bgp_capability_parse does not return -1 when encounter
1131 unsupported capability code. To detect that, please check
1132 error and erro_data pointer, like below. */
1133 if (ret < 0)
1134 return -1;
1135 }
1136
1137 /* All OPEN option is parsed. Check capability when strict compare
1138 flag is enabled.*/
1139 if (CHECK_FLAG(peer->flags, PEER_FLAG_STRICT_CAP_MATCH)) {
1140 /* If Unsupported Capability exists. */
1141 if (error != error_data) {
1142 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1143 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1144 error_data,
1145 error - error_data);
1146 return -1;
1147 }
1148
1149 /* Check local capability does not negotiated with remote
1150 peer. */
1151 if (!strict_capability_same(peer)) {
1152 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1153 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1154 return -1;
1155 }
1156 }
1157
1158 /* Check there are no common AFI/SAFIs and send Unsupported Capability
1159 error. */
1160 if (*mp_capability
1161 && !CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1162 if (!peer->afc_nego[AFI_IP][SAFI_UNICAST]
1163 && !peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1164 && !peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
1165 && !peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1166 && !peer->afc_nego[AFI_IP][SAFI_ENCAP]
1167 && !peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1168 && !peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1169 && !peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
1170 && !peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1171 && !peer->afc_nego[AFI_IP6][SAFI_ENCAP]
1172 && !peer->afc_nego[AFI_L2VPN][SAFI_EVPN]) {
1173 zlog_err(
1174 "%s [Error] Configured AFI/SAFIs do not "
1175 "overlap with received MP capabilities",
1176 peer->host);
1177
1178 if (error != error_data)
1179 bgp_notify_send_with_data(
1180 peer, BGP_NOTIFY_OPEN_ERR,
1181 BGP_NOTIFY_OPEN_UNSUP_CAPBL, error_data,
1182 error - error_data);
1183 else
1184 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1185 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1186 return -1;
1187 }
1188 }
1189 return 0;
1190 }
1191
1192 static void bgp_open_capability_orf(struct stream *s, struct peer *peer,
1193 afi_t afi, safi_t safi, u_char code)
1194 {
1195 u_char cap_len;
1196 u_char orf_len;
1197 unsigned long capp;
1198 unsigned long orfp;
1199 unsigned long numberp;
1200 int number_of_orfs = 0;
1201 iana_afi_t pkt_afi;
1202 safi_t pkt_safi;
1203
1204 /* Convert AFI, SAFI to values for packet. */
1205 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
1206
1207 stream_putc(s, BGP_OPEN_OPT_CAP);
1208 capp = stream_get_endp(s); /* Set Capability Len Pointer */
1209 stream_putc(s, 0); /* Capability Length */
1210 stream_putc(s, code); /* Capability Code */
1211 orfp = stream_get_endp(s); /* Set ORF Len Pointer */
1212 stream_putc(s, 0); /* ORF Length */
1213 stream_putw(s, pkt_afi);
1214 stream_putc(s, 0);
1215 stream_putc(s, pkt_safi);
1216 numberp = stream_get_endp(s); /* Set Number Pointer */
1217 stream_putc(s, 0); /* Number of ORFs */
1218
1219 /* Address Prefix ORF */
1220 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1221 || CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM)) {
1222 stream_putc(s, (code == CAPABILITY_CODE_ORF
1223 ? ORF_TYPE_PREFIX
1224 : ORF_TYPE_PREFIX_OLD));
1225
1226 if (CHECK_FLAG(peer->af_flags[afi][safi],
1227 PEER_FLAG_ORF_PREFIX_SM)
1228 && CHECK_FLAG(peer->af_flags[afi][safi],
1229 PEER_FLAG_ORF_PREFIX_RM)) {
1230 SET_FLAG(peer->af_cap[afi][safi],
1231 PEER_CAP_ORF_PREFIX_SM_ADV);
1232 SET_FLAG(peer->af_cap[afi][safi],
1233 PEER_CAP_ORF_PREFIX_RM_ADV);
1234 stream_putc(s, ORF_MODE_BOTH);
1235 } else if (CHECK_FLAG(peer->af_flags[afi][safi],
1236 PEER_FLAG_ORF_PREFIX_SM)) {
1237 SET_FLAG(peer->af_cap[afi][safi],
1238 PEER_CAP_ORF_PREFIX_SM_ADV);
1239 stream_putc(s, ORF_MODE_SEND);
1240 } else {
1241 SET_FLAG(peer->af_cap[afi][safi],
1242 PEER_CAP_ORF_PREFIX_RM_ADV);
1243 stream_putc(s, ORF_MODE_RECEIVE);
1244 }
1245 number_of_orfs++;
1246 }
1247
1248 /* Total Number of ORFs. */
1249 stream_putc_at(s, numberp, number_of_orfs);
1250
1251 /* Total ORF Len. */
1252 orf_len = stream_get_endp(s) - orfp - 1;
1253 stream_putc_at(s, orfp, orf_len);
1254
1255 /* Total Capability Len. */
1256 cap_len = stream_get_endp(s) - capp - 1;
1257 stream_putc_at(s, capp, cap_len);
1258 }
1259
1260 /* Fill in capability open option to the packet. */
1261 void bgp_open_capability(struct stream *s, struct peer *peer)
1262 {
1263 u_char len;
1264 unsigned long cp, capp, rcapp;
1265 iana_afi_t pkt_afi;
1266 afi_t afi;
1267 safi_t safi, pkt_safi;
1268 as_t local_as;
1269 u_int32_t restart_time;
1270 u_char afi_safi_count = 0;
1271 struct utsname names;
1272 int adv_addpath_tx = 0;
1273
1274 /* Remember current pointer for Opt Parm Len. */
1275 cp = stream_get_endp(s);
1276
1277 /* Opt Parm Len. */
1278 stream_putc(s, 0);
1279
1280 /* Do not send capability. */
1281 if (!CHECK_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1282 || CHECK_FLAG(peer->flags, PEER_FLAG_DONT_CAPABILITY))
1283 return;
1284
1285 /* MP capability for configured AFI, SAFI */
1286 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1287 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
1288 if (peer->afc[afi][safi]) {
1289 /* Convert AFI, SAFI to values for packet. */
1290 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
1291 &pkt_safi);
1292
1293 peer->afc_adv[afi][safi] = 1;
1294 stream_putc(s, BGP_OPEN_OPT_CAP);
1295 stream_putc(s, CAPABILITY_CODE_MP_LEN + 2);
1296 stream_putc(s, CAPABILITY_CODE_MP);
1297 stream_putc(s, CAPABILITY_CODE_MP_LEN);
1298 stream_putw(s, pkt_afi);
1299 stream_putc(s, 0);
1300 stream_putc(s, pkt_safi);
1301
1302 /* Extended nexthop capability - currently
1303 * supporting RFC-5549 for
1304 * Link-Local peering only
1305 */
1306 if (CHECK_FLAG(peer->flags,
1307 PEER_FLAG_CAPABILITY_ENHE)
1308 && peer->su.sa.sa_family == AF_INET6
1309 && IN6_IS_ADDR_LINKLOCAL(
1310 &peer->su.sin6.sin6_addr)
1311 && afi == AFI_IP
1312 && (safi == SAFI_UNICAST
1313 || safi == SAFI_LABELED_UNICAST)) {
1314 /* RFC 5549 Extended Next Hop Encoding
1315 */
1316 SET_FLAG(peer->cap, PEER_CAP_ENHE_ADV);
1317 stream_putc(s, BGP_OPEN_OPT_CAP);
1318 stream_putc(s,
1319 CAPABILITY_CODE_ENHE_LEN
1320 + 2);
1321 stream_putc(s, CAPABILITY_CODE_ENHE);
1322 stream_putc(s,
1323 CAPABILITY_CODE_ENHE_LEN);
1324
1325 SET_FLAG(peer->af_cap[AFI_IP][safi],
1326 PEER_CAP_ENHE_AF_ADV);
1327 stream_putw(s, pkt_afi);
1328 stream_putw(s, pkt_safi);
1329 stream_putw(s, afi_int2iana(AFI_IP6));
1330
1331 if (CHECK_FLAG(peer->af_cap[afi][safi],
1332 PEER_CAP_ENHE_AF_RCV))
1333 SET_FLAG(
1334 peer->af_cap[afi][safi],
1335 PEER_CAP_ENHE_AF_NEGO);
1336 }
1337 }
1338 }
1339
1340 /* Route refresh. */
1341 SET_FLAG(peer->cap, PEER_CAP_REFRESH_ADV);
1342 stream_putc(s, BGP_OPEN_OPT_CAP);
1343 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2);
1344 stream_putc(s, CAPABILITY_CODE_REFRESH_OLD);
1345 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN);
1346 stream_putc(s, BGP_OPEN_OPT_CAP);
1347 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2);
1348 stream_putc(s, CAPABILITY_CODE_REFRESH);
1349 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN);
1350
1351 /* AS4 */
1352 SET_FLAG(peer->cap, PEER_CAP_AS4_ADV);
1353 stream_putc(s, BGP_OPEN_OPT_CAP);
1354 stream_putc(s, CAPABILITY_CODE_AS4_LEN + 2);
1355 stream_putc(s, CAPABILITY_CODE_AS4);
1356 stream_putc(s, CAPABILITY_CODE_AS4_LEN);
1357 if (peer->change_local_as)
1358 local_as = peer->change_local_as;
1359 else
1360 local_as = peer->local_as;
1361 stream_putl(s, local_as);
1362
1363 /* AddPath */
1364 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1365 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1366 if (peer->afc[afi][safi]) {
1367 afi_safi_count++;
1368
1369 /* Only advertise addpath TX if a feature that
1370 * will use it is
1371 * configured */
1372 if (CHECK_FLAG(peer->af_flags[afi][safi],
1373 PEER_FLAG_ADDPATH_TX_ALL_PATHS)
1374 || CHECK_FLAG(
1375 peer->af_flags[afi][safi],
1376 PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
1377 adv_addpath_tx = 1;
1378 }
1379
1380 SET_FLAG(peer->cap, PEER_CAP_ADDPATH_ADV);
1381 stream_putc(s, BGP_OPEN_OPT_CAP);
1382 stream_putc(s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1383 stream_putc(s, CAPABILITY_CODE_ADDPATH);
1384 stream_putc(s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1385
1386 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1387 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1388 if (peer->afc[afi][safi]) {
1389 /* Convert AFI, SAFI to values for packet. */
1390 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
1391 &pkt_safi);
1392
1393 stream_putw(s, pkt_afi);
1394 stream_putc(s, pkt_safi);
1395
1396 if (adv_addpath_tx) {
1397 stream_putc(s,
1398 BGP_ADDPATH_RX
1399 | BGP_ADDPATH_TX);
1400 SET_FLAG(peer->af_cap[afi][safi],
1401 PEER_CAP_ADDPATH_AF_RX_ADV);
1402 SET_FLAG(peer->af_cap[afi][safi],
1403 PEER_CAP_ADDPATH_AF_TX_ADV);
1404 } else {
1405 stream_putc(s, BGP_ADDPATH_RX);
1406 SET_FLAG(peer->af_cap[afi][safi],
1407 PEER_CAP_ADDPATH_AF_RX_ADV);
1408 UNSET_FLAG(peer->af_cap[afi][safi],
1409 PEER_CAP_ADDPATH_AF_TX_ADV);
1410 }
1411 }
1412
1413 /* ORF capability. */
1414 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1415 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1416 if (CHECK_FLAG(peer->af_flags[afi][safi],
1417 PEER_FLAG_ORF_PREFIX_SM)
1418 || CHECK_FLAG(peer->af_flags[afi][safi],
1419 PEER_FLAG_ORF_PREFIX_RM)) {
1420 bgp_open_capability_orf(
1421 s, peer, afi, safi,
1422 CAPABILITY_CODE_ORF_OLD);
1423 bgp_open_capability_orf(s, peer, afi, safi,
1424 CAPABILITY_CODE_ORF);
1425 }
1426
1427 /* Dynamic capability. */
1428 if (CHECK_FLAG(peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY)) {
1429 SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV);
1430 stream_putc(s, BGP_OPEN_OPT_CAP);
1431 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1432 stream_putc(s, CAPABILITY_CODE_DYNAMIC_OLD);
1433 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN);
1434 stream_putc(s, BGP_OPEN_OPT_CAP);
1435 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1436 stream_putc(s, CAPABILITY_CODE_DYNAMIC);
1437 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN);
1438 }
1439
1440 /* Hostname capability */
1441 uname(&names);
1442 if (names.nodename[0] != '\0') {
1443 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1444 stream_putc(s, BGP_OPEN_OPT_CAP);
1445 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1446 stream_putc(s, 0); /* dummy len for now */
1447 stream_putc(s, CAPABILITY_CODE_FQDN);
1448 capp = stream_get_endp(s);
1449 stream_putc(s, 0); /* dummy len for now */
1450 len = strlen(names.nodename);
1451 if (len > BGP_MAX_HOSTNAME)
1452 len = BGP_MAX_HOSTNAME;
1453
1454 stream_putc(s, len);
1455 stream_put(s, names.nodename, len);
1456 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1457 if ((names.domainname[0] != '\0')
1458 && (strcmp(names.domainname, "(none)") != 0)) {
1459 len = strlen(names.domainname);
1460 if (len > BGP_MAX_HOSTNAME)
1461 len = BGP_MAX_HOSTNAME;
1462
1463 stream_putc(s, len);
1464 stream_put(s, names.domainname, len);
1465 } else
1466 #endif
1467 {
1468 stream_putc(s, 0); /* 0 length */
1469 }
1470
1471 /* Set the lengths straight */
1472 len = stream_get_endp(s) - rcapp - 1;
1473 stream_putc_at(s, rcapp, len);
1474 len = stream_get_endp(s) - capp - 1;
1475 stream_putc_at(s, capp, len);
1476
1477 if (bgp_debug_neighbor_events(peer))
1478 #ifdef HAVE_STRUCT_UTSNAME_DOMAINNAME
1479 zlog_debug(
1480 "%s Sending hostname cap with hn = %s, dn = %s",
1481 peer->host, names.nodename, names.domainname);
1482 #else
1483 zlog_debug("%s Sending hostname cap with hn = %s",
1484 peer->host, names.nodename);
1485 #endif
1486 }
1487
1488 /* Sending base graceful-restart capability irrespective of the config
1489 */
1490 SET_FLAG(peer->cap, PEER_CAP_RESTART_ADV);
1491 stream_putc(s, BGP_OPEN_OPT_CAP);
1492 capp = stream_get_endp(s); /* Set Capability Len Pointer */
1493 stream_putc(s, 0); /* Capability Length */
1494 stream_putc(s, CAPABILITY_CODE_RESTART);
1495 rcapp = stream_get_endp(s); /* Set Restart Capability Len Pointer */
1496 stream_putc(s, 0);
1497 restart_time = peer->bgp->restart_time;
1498 if (peer->bgp->t_startup) {
1499 SET_FLAG(restart_time, RESTART_R_BIT);
1500 SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_ADV);
1501 }
1502 stream_putw(s, restart_time);
1503
1504 /* Send address-family specific graceful-restart capability only when GR
1505 config
1506 is present */
1507 if (bgp_flag_check(peer->bgp, BGP_FLAG_GRACEFUL_RESTART)) {
1508 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1509 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1510 if (peer->afc[afi][safi]) {
1511 /* Convert AFI, SAFI to values for
1512 * packet. */
1513 bgp_map_afi_safi_int2iana(
1514 afi, safi, &pkt_afi, &pkt_safi);
1515 stream_putw(s, pkt_afi);
1516 stream_putc(s, pkt_safi);
1517 if (bgp_flag_check(
1518 peer->bgp,
1519 BGP_FLAG_GR_PRESERVE_FWD))
1520 stream_putc(s, RESTART_F_BIT);
1521 else
1522 stream_putc(s, 0);
1523 }
1524 }
1525
1526 /* Total Graceful restart capability Len. */
1527 len = stream_get_endp(s) - rcapp - 1;
1528 stream_putc_at(s, rcapp, len);
1529
1530 /* Total Capability Len. */
1531 len = stream_get_endp(s) - capp - 1;
1532 stream_putc_at(s, capp, len);
1533
1534 /* Total Opt Parm Len. */
1535 len = stream_get_endp(s) - cp - 1;
1536 stream_putc_at(s, cp, len);
1537 }
FRRouting mirror