]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_open.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1991 from chiragshah6/ospfv3_dev
[mirror_frr.git] / bgpd / bgp_open.c
1 /* BGP open message handling
2 * Copyright (C) 1998, 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "stream.h"
26 #include "thread.h"
27 #include "log.h"
28 #include "command.h"
29 #include "memory.h"
30 #include "queue.h"
31 #include "filter.h"
32
33 #include "lib/json.h"
34 #include "bgpd/bgpd.h"
35 #include "bgpd/bgp_attr.h"
36 #include "bgpd/bgp_debug.h"
37 #include "bgpd/bgp_fsm.h"
38 #include "bgpd/bgp_packet.h"
39 #include "bgpd/bgp_open.h"
40 #include "bgpd/bgp_aspath.h"
41 #include "bgpd/bgp_vty.h"
42 #include "bgpd/bgp_memory.h"
43
44 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
45 negotiate remote peer supports extentions or not. But if
46 remote-peer doesn't supports negotiation process itself. We would
47 like to do manual configuration.
48
49 So there is many configurable point. First of all we want set each
50 peer whether we send capability negotiation to the peer or not.
51 Next, if we send capability to the peer we want to set my capabilty
52 inforation at each peer. */
53
54 void bgp_capability_vty_out(struct vty *vty, struct peer *peer,
55 uint8_t use_json, json_object *json_neigh)
56 {
57 char *pnt;
58 char *end;
59 struct capability_mp_data mpc;
60 struct capability_header *hdr;
61 json_object *json_cap = NULL;
62
63 if (use_json)
64 json_cap = json_object_new_object();
65
66 pnt = peer->notify.data;
67 end = pnt + peer->notify.length;
68
69 while (pnt < end) {
70 if (pnt + sizeof(struct capability_mp_data) + 2 > end)
71 return;
72
73 hdr = (struct capability_header *)pnt;
74 if (pnt + hdr->length + 2 > end)
75 return;
76
77 memcpy(&mpc, pnt + 2, sizeof(struct capability_mp_data));
78
79 if (hdr->code == CAPABILITY_CODE_MP) {
80 afi_t afi;
81 safi_t safi;
82
83 bgp_map_afi_safi_iana2int(ntohs(mpc.afi), mpc.safi,
84 &afi, &safi);
85 if (use_json) {
86 switch (afi) {
87 case AFI_IP:
88 json_object_string_add(
89 json_cap,
90 "capabilityErrorMultiProtocolAfi",
91 "IPv4");
92 break;
93 case AFI_IP6:
94 json_object_string_add(
95 json_cap,
96 "capabilityErrorMultiProtocolAfi",
97 "IPv6");
98 break;
99 case AFI_L2VPN:
100 json_object_string_add(
101 json_cap,
102 "capabilityErrorMultiProtocolAfi",
103 "L2VPN");
104 break;
105 default:
106 json_object_int_add(
107 json_cap,
108 "capabilityErrorMultiProtocolAfiUnknown",
109 ntohs(mpc.afi));
110 break;
111 }
112 switch (safi) {
113 case SAFI_UNICAST:
114 json_object_string_add(
115 json_cap,
116 "capabilityErrorMultiProtocolSafi",
117 "unicast");
118 break;
119 case SAFI_MULTICAST:
120 json_object_string_add(
121 json_cap,
122 "capabilityErrorMultiProtocolSafi",
123 "multicast");
124 break;
125 case SAFI_LABELED_UNICAST:
126 json_object_string_add(
127 json_cap,
128 "capabilityErrorMultiProtocolSafi",
129 "labeled-unicast");
130 break;
131 case SAFI_MPLS_VPN:
132 json_object_string_add(
133 json_cap,
134 "capabilityErrorMultiProtocolSafi",
135 "MPLS-labeled VPN");
136 break;
137 case SAFI_ENCAP:
138 json_object_string_add(
139 json_cap,
140 "capabilityErrorMultiProtocolSafi",
141 "encap");
142 break;
143 case SAFI_EVPN:
144 json_object_string_add(
145 json_cap,
146 "capabilityErrorMultiProtocolSafi",
147 "EVPN");
148 break;
149 case SAFI_FLOWSPEC:
150 json_object_string_add(
151 json_cap,
152 "capabilityErrorMultiProtocolSafi",
153 "flowspec");
154 break;
155 default:
156 json_object_int_add(
157 json_cap,
158 "capabilityErrorMultiProtocolSafiUnknown",
159 mpc.safi);
160 break;
161 }
162 } else {
163 vty_out(vty,
164 " Capability error for: Multi protocol ");
165 switch (afi) {
166 case AFI_IP:
167 vty_out(vty, "AFI IPv4, ");
168 break;
169 case AFI_IP6:
170 vty_out(vty, "AFI IPv6, ");
171 break;
172 case AFI_L2VPN:
173 vty_out(vty, "AFI L2VPN, ");
174 break;
175 default:
176 vty_out(vty, "AFI Unknown %d, ",
177 ntohs(mpc.afi));
178 break;
179 }
180 switch (safi) {
181 case SAFI_UNICAST:
182 vty_out(vty, "SAFI Unicast");
183 break;
184 case SAFI_MULTICAST:
185 vty_out(vty, "SAFI Multicast");
186 break;
187 case SAFI_LABELED_UNICAST:
188 vty_out(vty, "SAFI Labeled-unicast");
189 break;
190 case SAFI_MPLS_VPN:
191 vty_out(vty, "SAFI MPLS-labeled VPN");
192 break;
193 case SAFI_ENCAP:
194 vty_out(vty, "SAFI ENCAP");
195 break;
196 case SAFI_FLOWSPEC:
197 vty_out(vty, "SAFI FLOWSPEC");
198 break;
199 case SAFI_EVPN:
200 vty_out(vty, "SAFI EVPN");
201 break;
202 default:
203 vty_out(vty, "SAFI Unknown %d ",
204 mpc.safi);
205 break;
206 }
207 vty_out(vty, "\n");
208 }
209 } else if (hdr->code >= 128) {
210 if (use_json)
211 json_object_int_add(
212 json_cap,
213 "capabilityErrorVendorSpecificCapabilityCode",
214 hdr->code);
215 else
216 vty_out(vty,
217 " Capability error: vendor specific capability code %d",
218 hdr->code);
219 } else {
220 if (use_json)
221 json_object_int_add(
222 json_cap,
223 "capabilityErrorUnknownCapabilityCode",
224 hdr->code);
225 else
226 vty_out(vty,
227 " Capability error: unknown capability code %d",
228 hdr->code);
229 }
230 pnt += hdr->length + 2;
231 }
232 if (use_json)
233 json_object_object_add(json_neigh, "capabilityErrors",
234 json_cap);
235 }
236
237 static void bgp_capability_mp_data(struct stream *s,
238 struct capability_mp_data *mpc)
239 {
240 mpc->afi = stream_getw(s);
241 mpc->reserved = stream_getc(s);
242 mpc->safi = stream_getc(s);
243 }
244
245 /* Set negotiated capability value. */
246 static int bgp_capability_mp(struct peer *peer, struct capability_header *hdr)
247 {
248 struct capability_mp_data mpc;
249 struct stream *s = BGP_INPUT(peer);
250 afi_t afi;
251 safi_t safi;
252
253 /* Verify length is 4 */
254 if (hdr->length != 4) {
255 zlog_warn(
256 "MP Cap: Received invalid length %d, non-multiple of 4",
257 hdr->length);
258 return -1;
259 }
260
261 bgp_capability_mp_data(s, &mpc);
262
263 if (bgp_debug_neighbor_events(peer))
264 zlog_debug("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
265 peer->host, mpc.afi, mpc.safi);
266
267 /* Convert AFI, SAFI to internal values, check. */
268 if (bgp_map_afi_safi_iana2int(mpc.afi, mpc.safi, &afi, &safi))
269 return -1;
270
271 /* Now safi remapped, and afi/safi are valid array indices */
272 peer->afc_recv[afi][safi] = 1;
273
274 if (peer->afc[afi][safi])
275 peer->afc_nego[afi][safi] = 1;
276 else
277 return -1;
278
279 return 0;
280 }
281
282 static void bgp_capability_orf_not_support(struct peer *peer, iana_afi_t afi,
283 iana_safi_t safi, uint8_t type,
284 uint8_t mode)
285 {
286 if (bgp_debug_neighbor_events(peer))
287 zlog_debug(
288 "%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
289 peer->host, afi, safi, type, mode);
290 }
291
292 static const struct message orf_type_str[] = {
293 {ORF_TYPE_PREFIX, "Prefixlist"},
294 {ORF_TYPE_PREFIX_OLD, "Prefixlist (old)"},
295 {0}};
296
297 static const struct message orf_mode_str[] = {{ORF_MODE_RECEIVE, "Receive"},
298 {ORF_MODE_SEND, "Send"},
299 {ORF_MODE_BOTH, "Both"},
300 {0}};
301
302 static int bgp_capability_orf_entry(struct peer *peer,
303 struct capability_header *hdr)
304 {
305 struct stream *s = BGP_INPUT(peer);
306 struct capability_mp_data mpc;
307 uint8_t num;
308 iana_afi_t pkt_afi;
309 afi_t afi;
310 iana_safi_t pkt_safi;
311 safi_t safi;
312 uint8_t type;
313 uint8_t mode;
314 uint16_t sm_cap = 0; /* capability send-mode receive */
315 uint16_t rm_cap = 0; /* capability receive-mode receive */
316 int i;
317
318 /* ORF Entry header */
319 bgp_capability_mp_data(s, &mpc);
320 num = stream_getc(s);
321 pkt_afi = mpc.afi;
322 pkt_safi = mpc.safi;
323
324 if (bgp_debug_neighbor_events(peer))
325 zlog_debug("%s ORF Cap entry for afi/safi: %u/%u", peer->host,
326 mpc.afi, mpc.safi);
327
328 /* Convert AFI, SAFI to internal values, check. */
329 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
330 zlog_info(
331 "%s Addr-family %d/%d not supported."
332 " Ignoring the ORF capability",
333 peer->host, pkt_afi, pkt_safi);
334 return 0;
335 }
336
337 mpc.afi = pkt_afi;
338 mpc.safi = safi;
339
340 /* validate number field */
341 if (CAPABILITY_CODE_ORF_LEN + (num * 2) > hdr->length) {
342 zlog_info(
343 "%s ORF Capability entry length error,"
344 " Cap length %u, num %u",
345 peer->host, hdr->length, num);
346 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
347 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
348 return -1;
349 }
350
351 for (i = 0; i < num; i++) {
352 type = stream_getc(s);
353 mode = stream_getc(s);
354
355 /* ORF Mode error check */
356 switch (mode) {
357 case ORF_MODE_BOTH:
358 case ORF_MODE_SEND:
359 case ORF_MODE_RECEIVE:
360 break;
361 default:
362 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
363 type, mode);
364 continue;
365 }
366 /* ORF Type and afi/safi error checks */
367 /* capcode versus type */
368 switch (hdr->code) {
369 case CAPABILITY_CODE_ORF:
370 switch (type) {
371 case ORF_TYPE_PREFIX:
372 break;
373 default:
374 bgp_capability_orf_not_support(
375 peer, pkt_afi, pkt_safi, type, mode);
376 continue;
377 }
378 break;
379 case CAPABILITY_CODE_ORF_OLD:
380 switch (type) {
381 case ORF_TYPE_PREFIX_OLD:
382 break;
383 default:
384 bgp_capability_orf_not_support(
385 peer, pkt_afi, pkt_safi, type, mode);
386 continue;
387 }
388 break;
389 default:
390 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
391 type, mode);
392 continue;
393 }
394
395 /* AFI vs SAFI */
396 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
397 || (afi == AFI_IP && safi == SAFI_MULTICAST)
398 || (afi == AFI_IP6 && safi == SAFI_UNICAST))) {
399 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
400 type, mode);
401 continue;
402 }
403
404 if (bgp_debug_neighbor_events(peer))
405 zlog_debug(
406 "%s OPEN has %s ORF capability"
407 " as %s for afi/safi: %d/%d",
408 peer->host,
409 lookup_msg(orf_type_str, type, NULL),
410 lookup_msg(orf_mode_str, mode, NULL), pkt_afi,
411 pkt_safi);
412
413 if (hdr->code == CAPABILITY_CODE_ORF) {
414 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
415 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
416 } else if (hdr->code == CAPABILITY_CODE_ORF_OLD) {
417 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
418 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
419 } else {
420 bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi,
421 type, mode);
422 continue;
423 }
424
425 switch (mode) {
426 case ORF_MODE_BOTH:
427 SET_FLAG(peer->af_cap[afi][safi], sm_cap);
428 SET_FLAG(peer->af_cap[afi][safi], rm_cap);
429 break;
430 case ORF_MODE_SEND:
431 SET_FLAG(peer->af_cap[afi][safi], sm_cap);
432 break;
433 case ORF_MODE_RECEIVE:
434 SET_FLAG(peer->af_cap[afi][safi], rm_cap);
435 break;
436 }
437 }
438 return 0;
439 }
440
441 static int bgp_capability_restart(struct peer *peer,
442 struct capability_header *caphdr)
443 {
444 struct stream *s = BGP_INPUT(peer);
445 uint16_t restart_flag_time;
446 size_t end = stream_get_getp(s) + caphdr->length;
447
448 /* Verify length is a multiple of 4 */
449 if ((caphdr->length - 2) % 4) {
450 zlog_warn(
451 "Restart Cap: Received invalid length %d, non-multiple of 4",
452 caphdr->length);
453 return -1;
454 }
455
456 SET_FLAG(peer->cap, PEER_CAP_RESTART_RCV);
457 restart_flag_time = stream_getw(s);
458 if (CHECK_FLAG(restart_flag_time, RESTART_R_BIT))
459 SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV);
460
461 UNSET_FLAG(restart_flag_time, 0xF000);
462 peer->v_gr_restart = restart_flag_time;
463
464 if (bgp_debug_neighbor_events(peer)) {
465 zlog_debug("%s OPEN has Graceful Restart capability",
466 peer->host);
467 zlog_debug("%s Peer has%srestarted. Restart Time : %d",
468 peer->host,
469 CHECK_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV)
470 ? " "
471 : " not ",
472 peer->v_gr_restart);
473 }
474
475 while (stream_get_getp(s) + 4 <= end) {
476 afi_t afi;
477 safi_t safi;
478 iana_afi_t pkt_afi = stream_getw(s);
479 iana_safi_t pkt_safi = stream_getc(s);
480 uint8_t flag = stream_getc(s);
481
482 /* Convert AFI, SAFI to internal values, check. */
483 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
484 if (bgp_debug_neighbor_events(peer))
485 zlog_debug(
486 "%s Addr-family %d/%d(afi/safi) not supported."
487 " Ignore the Graceful Restart capability for this AFI/SAFI",
488 peer->host, pkt_afi, pkt_safi);
489 } else if (!peer->afc[afi][safi]) {
490 if (bgp_debug_neighbor_events(peer))
491 zlog_debug(
492 "%s Addr-family %d/%d(afi/safi) not enabled."
493 " Ignore the Graceful Restart capability",
494 peer->host, pkt_afi, pkt_safi);
495 } else {
496 if (bgp_debug_neighbor_events(peer))
497 zlog_debug(
498 "%s Address family %s is%spreserved",
499 peer->host, afi_safi_print(afi, safi),
500 CHECK_FLAG(
501 peer->af_cap[afi][safi],
502 PEER_CAP_RESTART_AF_PRESERVE_RCV)
503 ? " "
504 : " not ");
505
506 SET_FLAG(peer->af_cap[afi][safi],
507 PEER_CAP_RESTART_AF_RCV);
508 if (CHECK_FLAG(flag, RESTART_F_BIT))
509 SET_FLAG(peer->af_cap[afi][safi],
510 PEER_CAP_RESTART_AF_PRESERVE_RCV);
511 }
512 }
513 return 0;
514 }
515
516 /* Unlike other capability parsing routines, this one returns 0 on error */
517 static as_t bgp_capability_as4(struct peer *peer, struct capability_header *hdr)
518 {
519 SET_FLAG(peer->cap, PEER_CAP_AS4_RCV);
520
521 if (hdr->length != CAPABILITY_CODE_AS4_LEN) {
522 zlog_err("%s AS4 capability has incorrect data length %d",
523 peer->host, hdr->length);
524 return 0;
525 }
526
527 as_t as4 = stream_getl(BGP_INPUT(peer));
528
529 if (BGP_DEBUG(as4, AS4))
530 zlog_debug(
531 "%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
532 peer->host, as4);
533 return as4;
534 }
535
536 static int bgp_capability_addpath(struct peer *peer,
537 struct capability_header *hdr)
538 {
539 struct stream *s = BGP_INPUT(peer);
540 size_t end = stream_get_getp(s) + hdr->length;
541
542 SET_FLAG(peer->cap, PEER_CAP_ADDPATH_RCV);
543
544 /* Verify length is a multiple of 4 */
545 if (hdr->length % 4) {
546 zlog_warn(
547 "Add Path: Received invalid length %d, non-multiple of 4",
548 hdr->length);
549 return -1;
550 }
551
552 while (stream_get_getp(s) + 4 <= end) {
553 afi_t afi;
554 safi_t safi;
555 iana_afi_t pkt_afi = stream_getw(s);
556 iana_safi_t pkt_safi = stream_getc(s);
557 uint8_t send_receive = stream_getc(s);
558
559 if (bgp_debug_neighbor_events(peer))
560 zlog_debug(
561 "%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
562 peer->host, pkt_afi, pkt_safi,
563 (send_receive & BGP_ADDPATH_RX) ? ", receive"
564 : "",
565 (send_receive & BGP_ADDPATH_TX) ? ", transmit"
566 : "");
567
568 /* Convert AFI, SAFI to internal values, check. */
569 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
570 if (bgp_debug_neighbor_events(peer))
571 zlog_debug(
572 "%s Addr-family %d/%d(afi/safi) not supported."
573 " Ignore the Addpath Attribute for this AFI/SAFI",
574 peer->host, pkt_afi, pkt_safi);
575 continue;
576 } else if (!peer->afc[afi][safi]) {
577 if (bgp_debug_neighbor_events(peer))
578 zlog_debug(
579 "%s Addr-family %d/%d(afi/safi) not enabled."
580 " Ignore the AddPath capability for this AFI/SAFI",
581 peer->host, pkt_afi, pkt_safi);
582 continue;
583 }
584
585 if (send_receive & BGP_ADDPATH_RX)
586 SET_FLAG(peer->af_cap[afi][safi],
587 PEER_CAP_ADDPATH_AF_RX_RCV);
588
589 if (send_receive & BGP_ADDPATH_TX)
590 SET_FLAG(peer->af_cap[afi][safi],
591 PEER_CAP_ADDPATH_AF_TX_RCV);
592 }
593
594 return 0;
595 }
596
597 static int bgp_capability_enhe(struct peer *peer, struct capability_header *hdr)
598 {
599 struct stream *s = BGP_INPUT(peer);
600 size_t end = stream_get_getp(s) + hdr->length;
601
602 /* Verify length is a multiple of 4 */
603 if (hdr->length % 6) {
604 zlog_warn(
605 "Extended NH: Received invalid length %d, non-multiple of 6",
606 hdr->length);
607 return -1;
608 }
609
610 while (stream_get_getp(s) + 6 <= end) {
611 iana_afi_t pkt_afi = stream_getw(s);
612 afi_t afi;
613 iana_safi_t pkt_safi = stream_getw(s);
614 safi_t safi;
615 iana_afi_t pkt_nh_afi = stream_getw(s);
616 afi_t nh_afi;
617
618 if (bgp_debug_neighbor_events(peer))
619 zlog_debug(
620 "%s Received with afi/safi/next-hop afi: %u/%u/%u",
621 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
622
623 /* Convert AFI, SAFI to internal values, check. */
624 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
625 if (bgp_debug_neighbor_events(peer))
626 zlog_debug(
627 "%s Addr-family %d/%d(afi/safi) not supported."
628 " Ignore the ENHE Attribute for this AFI/SAFI",
629 peer->host, pkt_afi, pkt_safi);
630 continue;
631 }
632
633 /* RFC 5549 specifies use of this capability only for IPv4 AFI,
634 * with
635 * the Nexthop AFI being IPv6. A future spec may introduce other
636 * possibilities, so we ignore other values with a log. Also,
637 * only
638 * SAFI_UNICAST and SAFI_LABELED_UNICAST are currently supported
639 * (and expected).
640 */
641 nh_afi = afi_iana2int(pkt_nh_afi);
642
643 if (afi != AFI_IP || nh_afi != AFI_IP6
644 || !(safi == SAFI_UNICAST
645 || safi == SAFI_LABELED_UNICAST)) {
646 zlog_warn(
647 "%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
648 "in Extended Next-hop capability, ignoring",
649 peer->host, pkt_afi, pkt_safi, pkt_nh_afi);
650 continue;
651 }
652
653 SET_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
654
655 if (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
656 SET_FLAG(peer->af_cap[afi][safi],
657 PEER_CAP_ENHE_AF_NEGO);
658 }
659
660 SET_FLAG(peer->cap, PEER_CAP_ENHE_RCV);
661
662 return 0;
663 }
664
665 static int bgp_capability_hostname(struct peer *peer,
666 struct capability_header *hdr)
667 {
668 struct stream *s = BGP_INPUT(peer);
669 char str[BGP_MAX_HOSTNAME + 1];
670 size_t end = stream_get_getp(s) + hdr->length;
671 uint8_t len;
672
673 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
674
675 len = stream_getc(s);
676 if (stream_get_getp(s) + len > end) {
677 zlog_warn(
678 "%s: Received malformed hostname capability from peer %s",
679 __FUNCTION__, peer->host);
680 return -1;
681 }
682
683 if (len > BGP_MAX_HOSTNAME) {
684 stream_get(str, s, BGP_MAX_HOSTNAME);
685 stream_forward_getp(s, len - BGP_MAX_HOSTNAME);
686 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
687 } else if (len)
688 stream_get(str, s, len);
689
690 if (len) {
691 str[len] = '\0';
692
693 if (peer->hostname != NULL) {
694 XFREE(MTYPE_BGP_PEER_HOST, peer->hostname);
695 peer->hostname = NULL;
696 }
697
698 if (peer->domainname != NULL) {
699 XFREE(MTYPE_BGP_PEER_HOST, peer->domainname);
700 peer->domainname = NULL;
701 }
702
703 peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
704 }
705
706 if (stream_get_getp(s) + 1 > end) {
707 zlog_warn(
708 "%s: Received invalid domain name len (hostname capability) from peer %s",
709 __FUNCTION__, peer->host);
710 return -1;
711 }
712
713 len = stream_getc(s);
714 if (stream_get_getp(s) + len > end) {
715 zlog_warn(
716 "%s: Received runt domain name (hostname capability) from peer %s",
717 __FUNCTION__, peer->host);
718 return -1;
719 }
720
721 if (len > BGP_MAX_HOSTNAME) {
722 stream_get(str, s, BGP_MAX_HOSTNAME);
723 stream_forward_getp(s, len - BGP_MAX_HOSTNAME);
724 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
725 } else if (len)
726 stream_get(str, s, len);
727
728 if (len) {
729 str[len] = '\0';
730 peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str);
731 }
732
733 if (bgp_debug_neighbor_events(peer)) {
734 zlog_debug("%s received hostname %s, domainname %s", peer->host,
735 peer->hostname, peer->domainname);
736 }
737
738 return 0;
739 }
740
741 static const struct message capcode_str[] = {
742 {CAPABILITY_CODE_MP, "MultiProtocol Extensions"},
743 {CAPABILITY_CODE_REFRESH, "Route Refresh"},
744 {CAPABILITY_CODE_ORF, "Cooperative Route Filtering"},
745 {CAPABILITY_CODE_RESTART, "Graceful Restart"},
746 {CAPABILITY_CODE_AS4, "4-octet AS number"},
747 {CAPABILITY_CODE_ADDPATH, "AddPath"},
748 {CAPABILITY_CODE_DYNAMIC, "Dynamic"},
749 {CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding"},
750 {CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)"},
751 {CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)"},
752 {CAPABILITY_CODE_ORF_OLD, "ORF (Old)"},
753 {CAPABILITY_CODE_FQDN, "FQDN"},
754 {0}};
755
756 /* Minimum sizes for length field of each cap (so not inc. the header) */
757 static const size_t cap_minsizes[] = {
758 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
759 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
760 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
761 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
762 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
763 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
764 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
765 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
766 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
767 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
768 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
769 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
770 };
771
772 /* value the capability must be a multiple of.
773 * 0-data capabilities won't be checked against this.
774 * Other capabilities whose data doesn't fall on convenient boundaries for this
775 * table should be set to 1.
776 */
777 static const size_t cap_modsizes[] = {
778 [CAPABILITY_CODE_MP] = 4,
779 [CAPABILITY_CODE_REFRESH] = 1,
780 [CAPABILITY_CODE_ORF] = 1,
781 [CAPABILITY_CODE_RESTART] = 1,
782 [CAPABILITY_CODE_AS4] = 4,
783 [CAPABILITY_CODE_ADDPATH] = 4,
784 [CAPABILITY_CODE_DYNAMIC] = 1,
785 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
786 [CAPABILITY_CODE_ENHE] = 6,
787 [CAPABILITY_CODE_REFRESH_OLD] = 1,
788 [CAPABILITY_CODE_ORF_OLD] = 1,
789 [CAPABILITY_CODE_FQDN] = 1,
790 };
791
792 /**
793 * Parse given capability.
794 * XXX: This is reading into a stream, but not using stream API
795 *
796 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
797 * capabilities were encountered.
798 */
799 static int bgp_capability_parse(struct peer *peer, size_t length,
800 int *mp_capability, uint8_t **error)
801 {
802 int ret;
803 struct stream *s = BGP_INPUT(peer);
804 size_t end = stream_get_getp(s) + length;
805
806 assert(STREAM_READABLE(s) >= length);
807
808 while (stream_get_getp(s) < end) {
809 size_t start;
810 uint8_t *sp = stream_pnt(s);
811 struct capability_header caphdr;
812
813 ret = 0;
814 /* We need at least capability code and capability length. */
815 if (stream_get_getp(s) + 2 > end) {
816 zlog_info("%s Capability length error (< header)",
817 peer->host);
818 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
819 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
820 return -1;
821 }
822
823 caphdr.code = stream_getc(s);
824 caphdr.length = stream_getc(s);
825 start = stream_get_getp(s);
826
827 /* Capability length check sanity check. */
828 if (start + caphdr.length > end) {
829 zlog_info("%s Capability length error (< length)",
830 peer->host);
831 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
832 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
833 return -1;
834 }
835
836 if (bgp_debug_neighbor_events(peer))
837 zlog_debug("%s OPEN has %s capability (%u), length %u",
838 peer->host,
839 lookup_msg(capcode_str, caphdr.code, NULL),
840 caphdr.code, caphdr.length);
841
842 /* Length sanity check, type-specific, for known capabilities */
843 switch (caphdr.code) {
844 case CAPABILITY_CODE_MP:
845 case CAPABILITY_CODE_REFRESH:
846 case CAPABILITY_CODE_REFRESH_OLD:
847 case CAPABILITY_CODE_ORF:
848 case CAPABILITY_CODE_ORF_OLD:
849 case CAPABILITY_CODE_RESTART:
850 case CAPABILITY_CODE_AS4:
851 case CAPABILITY_CODE_ADDPATH:
852 case CAPABILITY_CODE_DYNAMIC:
853 case CAPABILITY_CODE_DYNAMIC_OLD:
854 case CAPABILITY_CODE_ENHE:
855 case CAPABILITY_CODE_FQDN:
856 /* Check length. */
857 if (caphdr.length < cap_minsizes[caphdr.code]) {
858 zlog_info(
859 "%s %s Capability length error: got %u,"
860 " expected at least %u",
861 peer->host,
862 lookup_msg(capcode_str, caphdr.code,
863 NULL),
864 caphdr.length,
865 (unsigned)cap_minsizes[caphdr.code]);
866 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
867 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
868 return -1;
869 }
870 if (caphdr.length
871 && caphdr.length % cap_modsizes[caphdr.code] != 0) {
872 zlog_info(
873 "%s %s Capability length error: got %u,"
874 " expected a multiple of %u",
875 peer->host,
876 lookup_msg(capcode_str, caphdr.code,
877 NULL),
878 caphdr.length,
879 (unsigned)cap_modsizes[caphdr.code]);
880 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
881 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
882 return -1;
883 }
884 /* we deliberately ignore unknown codes, see below */
885 default:
886 break;
887 }
888
889 switch (caphdr.code) {
890 case CAPABILITY_CODE_MP: {
891 *mp_capability = 1;
892
893 /* Ignore capability when override-capability is set. */
894 if (!CHECK_FLAG(peer->flags,
895 PEER_FLAG_OVERRIDE_CAPABILITY)) {
896 /* Set negotiated value. */
897 ret = bgp_capability_mp(peer, &caphdr);
898
899 /* Unsupported Capability. */
900 if (ret < 0) {
901 /* Store return data. */
902 memcpy(*error, sp, caphdr.length + 2);
903 *error += caphdr.length + 2;
904 }
905 ret = 0; /* Don't return error for this */
906 }
907 } break;
908 case CAPABILITY_CODE_REFRESH:
909 case CAPABILITY_CODE_REFRESH_OLD: {
910 /* BGP refresh capability */
911 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
912 SET_FLAG(peer->cap, PEER_CAP_REFRESH_OLD_RCV);
913 else
914 SET_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV);
915 } break;
916 case CAPABILITY_CODE_ORF:
917 case CAPABILITY_CODE_ORF_OLD:
918 ret = bgp_capability_orf_entry(peer, &caphdr);
919 break;
920 case CAPABILITY_CODE_RESTART:
921 ret = bgp_capability_restart(peer, &caphdr);
922 break;
923 case CAPABILITY_CODE_DYNAMIC:
924 case CAPABILITY_CODE_DYNAMIC_OLD:
925 SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV);
926 break;
927 case CAPABILITY_CODE_AS4:
928 /* Already handled as a special-case parsing of the
929 * capabilities
930 * at the beginning of OPEN processing. So we care not a
931 * jot
932 * for the value really, only error case.
933 */
934 if (!bgp_capability_as4(peer, &caphdr))
935 ret = -1;
936 break;
937 case CAPABILITY_CODE_ADDPATH:
938 ret = bgp_capability_addpath(peer, &caphdr);
939 break;
940 case CAPABILITY_CODE_ENHE:
941 ret = bgp_capability_enhe(peer, &caphdr);
942 break;
943 case CAPABILITY_CODE_FQDN:
944 ret = bgp_capability_hostname(peer, &caphdr);
945 break;
946 default:
947 if (caphdr.code > 128) {
948 /* We don't send Notification for unknown vendor
949 specific
950 capabilities. It seems reasonable for now...
951 */
952 zlog_warn("%s Vendor specific capability %d",
953 peer->host, caphdr.code);
954 } else {
955 zlog_warn(
956 "%s unrecognized capability code: %d - ignored",
957 peer->host, caphdr.code);
958 memcpy(*error, sp, caphdr.length + 2);
959 *error += caphdr.length + 2;
960 }
961 }
962
963 if (ret < 0) {
964 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
965 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
966 return -1;
967 }
968 if (stream_get_getp(s) != (start + caphdr.length)) {
969 if (stream_get_getp(s) > (start + caphdr.length))
970 zlog_warn(
971 "%s Cap-parser for %s read past cap-length, %u!",
972 peer->host,
973 lookup_msg(capcode_str, caphdr.code,
974 NULL),
975 caphdr.length);
976 stream_set_getp(s, start + caphdr.length);
977 }
978 }
979 return 0;
980 }
981
982 static int bgp_auth_parse(struct peer *peer, size_t length)
983 {
984 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
985 BGP_NOTIFY_OPEN_AUTH_FAILURE);
986 return -1;
987 }
988
989 static int strict_capability_same(struct peer *peer)
990 {
991 int i, j;
992
993 for (i = AFI_IP; i < AFI_MAX; i++)
994 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
995 if (peer->afc[i][j] != peer->afc_nego[i][j])
996 return 0;
997 return 1;
998 }
999
1000 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
1001 * Returns 0 if no as4 found, as4cap value otherwise.
1002 */
1003 as_t peek_for_as4_capability(struct peer *peer, uint8_t length)
1004 {
1005 struct stream *s = BGP_INPUT(peer);
1006 size_t orig_getp = stream_get_getp(s);
1007 size_t end = orig_getp + length;
1008 as_t as4 = 0;
1009
1010 if (BGP_DEBUG(as4, AS4))
1011 zlog_info(
1012 "%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
1013 " peeking for as4",
1014 peer->host, length);
1015 /* the error cases we DONT handle, we ONLY try to read as4 out of
1016 * correctly formatted options.
1017 */
1018 while (stream_get_getp(s) < end) {
1019 uint8_t opt_type;
1020 uint8_t opt_length;
1021
1022 /* Check the length. */
1023 if (stream_get_getp(s) + 2 > end)
1024 goto end;
1025
1026 /* Fetch option type and length. */
1027 opt_type = stream_getc(s);
1028 opt_length = stream_getc(s);
1029
1030 /* Option length check. */
1031 if (stream_get_getp(s) + opt_length > end)
1032 goto end;
1033
1034 if (opt_type == BGP_OPEN_OPT_CAP) {
1035 unsigned long capd_start = stream_get_getp(s);
1036 unsigned long capd_end = capd_start + opt_length;
1037
1038 assert(capd_end <= end);
1039
1040 while (stream_get_getp(s) < capd_end) {
1041 struct capability_header hdr;
1042
1043 if (stream_get_getp(s) + 2 > capd_end)
1044 goto end;
1045
1046 hdr.code = stream_getc(s);
1047 hdr.length = stream_getc(s);
1048
1049 if ((stream_get_getp(s) + hdr.length)
1050 > capd_end)
1051 goto end;
1052
1053 if (hdr.code == CAPABILITY_CODE_AS4) {
1054 if (BGP_DEBUG(as4, AS4))
1055 zlog_info(
1056 "[AS4] found AS4 capability, about to parse");
1057 as4 = bgp_capability_as4(peer, &hdr);
1058
1059 goto end;
1060 }
1061 stream_forward_getp(s, hdr.length);
1062 }
1063 }
1064 }
1065
1066 end:
1067 stream_set_getp(s, orig_getp);
1068 return as4;
1069 }
1070
1071 /**
1072 * Parse open option.
1073 *
1074 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1075 */
1076 int bgp_open_option_parse(struct peer *peer, uint8_t length, int *mp_capability)
1077 {
1078 int ret = 0;
1079 uint8_t *error;
1080 uint8_t error_data[BGP_MAX_PACKET_SIZE];
1081 struct stream *s = BGP_INPUT(peer);
1082 size_t end = stream_get_getp(s) + length;
1083
1084 error = error_data;
1085
1086 if (bgp_debug_neighbor_events(peer))
1087 zlog_debug("%s rcv OPEN w/ OPTION parameter len: %u",
1088 peer->host, length);
1089
1090 while (stream_get_getp(s) < end) {
1091 uint8_t opt_type;
1092 uint8_t opt_length;
1093
1094 /* Must have at least an OPEN option header */
1095 if (STREAM_READABLE(s) < 2) {
1096 zlog_info("%s Option length error", peer->host);
1097 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1098 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1099 return -1;
1100 }
1101
1102 /* Fetch option type and length. */
1103 opt_type = stream_getc(s);
1104 opt_length = stream_getc(s);
1105
1106 /* Option length check. */
1107 if (STREAM_READABLE(s) < opt_length) {
1108 zlog_info("%s Option length error", peer->host);
1109 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1110 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1111 return -1;
1112 }
1113
1114 if (bgp_debug_neighbor_events(peer))
1115 zlog_debug(
1116 "%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
1117 peer->host, opt_type,
1118 opt_type == BGP_OPEN_OPT_AUTH
1119 ? "Authentication"
1120 : opt_type == BGP_OPEN_OPT_CAP
1121 ? "Capability"
1122 : "Unknown",
1123 opt_length);
1124
1125 switch (opt_type) {
1126 case BGP_OPEN_OPT_AUTH:
1127 ret = bgp_auth_parse(peer, opt_length);
1128 break;
1129 case BGP_OPEN_OPT_CAP:
1130 ret = bgp_capability_parse(peer, opt_length,
1131 mp_capability, &error);
1132 break;
1133 default:
1134 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1135 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1136 ret = -1;
1137 break;
1138 }
1139
1140 /* Parse error. To accumulate all unsupported capability codes,
1141 bgp_capability_parse does not return -1 when encounter
1142 unsupported capability code. To detect that, please check
1143 error and erro_data pointer, like below. */
1144 if (ret < 0)
1145 return -1;
1146 }
1147
1148 /* All OPEN option is parsed. Check capability when strict compare
1149 flag is enabled.*/
1150 if (CHECK_FLAG(peer->flags, PEER_FLAG_STRICT_CAP_MATCH)) {
1151 /* If Unsupported Capability exists. */
1152 if (error != error_data) {
1153 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1154 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1155 error_data,
1156 error - error_data);
1157 return -1;
1158 }
1159
1160 /* Check local capability does not negotiated with remote
1161 peer. */
1162 if (!strict_capability_same(peer)) {
1163 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1164 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1165 return -1;
1166 }
1167 }
1168
1169 /* Check there are no common AFI/SAFIs and send Unsupported Capability
1170 error. */
1171 if (*mp_capability
1172 && !CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1173 if (!peer->afc_nego[AFI_IP][SAFI_UNICAST]
1174 && !peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1175 && !peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
1176 && !peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1177 && !peer->afc_nego[AFI_IP][SAFI_ENCAP]
1178 && !peer->afc_nego[AFI_IP][SAFI_FLOWSPEC]
1179 && !peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1180 && !peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1181 && !peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
1182 && !peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1183 && !peer->afc_nego[AFI_IP6][SAFI_ENCAP]
1184 && !peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC]
1185 && !peer->afc_nego[AFI_L2VPN][SAFI_EVPN]) {
1186 zlog_err(
1187 "%s [Error] Configured AFI/SAFIs do not "
1188 "overlap with received MP capabilities",
1189 peer->host);
1190
1191 if (error != error_data)
1192 bgp_notify_send_with_data(
1193 peer, BGP_NOTIFY_OPEN_ERR,
1194 BGP_NOTIFY_OPEN_UNSUP_CAPBL, error_data,
1195 error - error_data);
1196 else
1197 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1198 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1199 return -1;
1200 }
1201 }
1202 return 0;
1203 }
1204
1205 static void bgp_open_capability_orf(struct stream *s, struct peer *peer,
1206 afi_t afi, safi_t safi, uint8_t code)
1207 {
1208 uint8_t cap_len;
1209 uint8_t orf_len;
1210 unsigned long capp;
1211 unsigned long orfp;
1212 unsigned long numberp;
1213 int number_of_orfs = 0;
1214 iana_afi_t pkt_afi;
1215 iana_safi_t pkt_safi;
1216
1217 /* Convert AFI, SAFI to values for packet. */
1218 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
1219
1220 stream_putc(s, BGP_OPEN_OPT_CAP);
1221 capp = stream_get_endp(s); /* Set Capability Len Pointer */
1222 stream_putc(s, 0); /* Capability Length */
1223 stream_putc(s, code); /* Capability Code */
1224 orfp = stream_get_endp(s); /* Set ORF Len Pointer */
1225 stream_putc(s, 0); /* ORF Length */
1226 stream_putw(s, pkt_afi);
1227 stream_putc(s, 0);
1228 stream_putc(s, pkt_safi);
1229 numberp = stream_get_endp(s); /* Set Number Pointer */
1230 stream_putc(s, 0); /* Number of ORFs */
1231
1232 /* Address Prefix ORF */
1233 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1234 || CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM)) {
1235 stream_putc(s, (code == CAPABILITY_CODE_ORF
1236 ? ORF_TYPE_PREFIX
1237 : ORF_TYPE_PREFIX_OLD));
1238
1239 if (CHECK_FLAG(peer->af_flags[afi][safi],
1240 PEER_FLAG_ORF_PREFIX_SM)
1241 && CHECK_FLAG(peer->af_flags[afi][safi],
1242 PEER_FLAG_ORF_PREFIX_RM)) {
1243 SET_FLAG(peer->af_cap[afi][safi],
1244 PEER_CAP_ORF_PREFIX_SM_ADV);
1245 SET_FLAG(peer->af_cap[afi][safi],
1246 PEER_CAP_ORF_PREFIX_RM_ADV);
1247 stream_putc(s, ORF_MODE_BOTH);
1248 } else if (CHECK_FLAG(peer->af_flags[afi][safi],
1249 PEER_FLAG_ORF_PREFIX_SM)) {
1250 SET_FLAG(peer->af_cap[afi][safi],
1251 PEER_CAP_ORF_PREFIX_SM_ADV);
1252 stream_putc(s, ORF_MODE_SEND);
1253 } else {
1254 SET_FLAG(peer->af_cap[afi][safi],
1255 PEER_CAP_ORF_PREFIX_RM_ADV);
1256 stream_putc(s, ORF_MODE_RECEIVE);
1257 }
1258 number_of_orfs++;
1259 }
1260
1261 /* Total Number of ORFs. */
1262 stream_putc_at(s, numberp, number_of_orfs);
1263
1264 /* Total ORF Len. */
1265 orf_len = stream_get_endp(s) - orfp - 1;
1266 stream_putc_at(s, orfp, orf_len);
1267
1268 /* Total Capability Len. */
1269 cap_len = stream_get_endp(s) - capp - 1;
1270 stream_putc_at(s, capp, cap_len);
1271 }
1272
1273 /* Fill in capability open option to the packet. */
1274 void bgp_open_capability(struct stream *s, struct peer *peer)
1275 {
1276 uint8_t len;
1277 unsigned long cp, capp, rcapp;
1278 iana_afi_t pkt_afi;
1279 afi_t afi;
1280 safi_t safi;
1281 iana_safi_t pkt_safi;
1282 as_t local_as;
1283 uint32_t restart_time;
1284 uint8_t afi_safi_count = 0;
1285 int adv_addpath_tx = 0;
1286
1287 /* Remember current pointer for Opt Parm Len. */
1288 cp = stream_get_endp(s);
1289
1290 /* Opt Parm Len. */
1291 stream_putc(s, 0);
1292
1293 /* Do not send capability. */
1294 if (!CHECK_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1295 || CHECK_FLAG(peer->flags, PEER_FLAG_DONT_CAPABILITY))
1296 return;
1297
1298 /* MP capability for configured AFI, SAFI */
1299 FOREACH_AFI_SAFI (afi, safi) {
1300 if (peer->afc[afi][safi]) {
1301 /* Convert AFI, SAFI to values for packet. */
1302 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
1303 &pkt_safi);
1304
1305 peer->afc_adv[afi][safi] = 1;
1306 stream_putc(s, BGP_OPEN_OPT_CAP);
1307 stream_putc(s, CAPABILITY_CODE_MP_LEN + 2);
1308 stream_putc(s, CAPABILITY_CODE_MP);
1309 stream_putc(s, CAPABILITY_CODE_MP_LEN);
1310 stream_putw(s, pkt_afi);
1311 stream_putc(s, 0);
1312 stream_putc(s, pkt_safi);
1313
1314 /* Extended nexthop capability - currently
1315 * supporting RFC-5549 for
1316 * Link-Local peering only
1317 */
1318 if (CHECK_FLAG(peer->flags, PEER_FLAG_CAPABILITY_ENHE)
1319 && peer->su.sa.sa_family == AF_INET6
1320 && IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr)
1321 && afi == AFI_IP
1322 && (safi == SAFI_UNICAST
1323 || safi == SAFI_LABELED_UNICAST)) {
1324 /* RFC 5549 Extended Next Hop Encoding
1325 */
1326 SET_FLAG(peer->cap, PEER_CAP_ENHE_ADV);
1327 stream_putc(s, BGP_OPEN_OPT_CAP);
1328 stream_putc(s, CAPABILITY_CODE_ENHE_LEN + 2);
1329 stream_putc(s, CAPABILITY_CODE_ENHE);
1330 stream_putc(s, CAPABILITY_CODE_ENHE_LEN);
1331
1332 SET_FLAG(peer->af_cap[AFI_IP][safi],
1333 PEER_CAP_ENHE_AF_ADV);
1334 stream_putw(s, pkt_afi);
1335 stream_putw(s, pkt_safi);
1336 stream_putw(s, afi_int2iana(AFI_IP6));
1337
1338 if (CHECK_FLAG(peer->af_cap[afi][safi],
1339 PEER_CAP_ENHE_AF_RCV))
1340 SET_FLAG(peer->af_cap[afi][safi],
1341 PEER_CAP_ENHE_AF_NEGO);
1342 }
1343 }
1344 }
1345
1346 /* Route refresh. */
1347 SET_FLAG(peer->cap, PEER_CAP_REFRESH_ADV);
1348 stream_putc(s, BGP_OPEN_OPT_CAP);
1349 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2);
1350 stream_putc(s, CAPABILITY_CODE_REFRESH_OLD);
1351 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN);
1352 stream_putc(s, BGP_OPEN_OPT_CAP);
1353 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2);
1354 stream_putc(s, CAPABILITY_CODE_REFRESH);
1355 stream_putc(s, CAPABILITY_CODE_REFRESH_LEN);
1356
1357 /* AS4 */
1358 SET_FLAG(peer->cap, PEER_CAP_AS4_ADV);
1359 stream_putc(s, BGP_OPEN_OPT_CAP);
1360 stream_putc(s, CAPABILITY_CODE_AS4_LEN + 2);
1361 stream_putc(s, CAPABILITY_CODE_AS4);
1362 stream_putc(s, CAPABILITY_CODE_AS4_LEN);
1363 if (peer->change_local_as)
1364 local_as = peer->change_local_as;
1365 else
1366 local_as = peer->local_as;
1367 stream_putl(s, local_as);
1368
1369 /* AddPath */
1370 FOREACH_AFI_SAFI (afi, safi) {
1371 if (peer->afc[afi][safi]) {
1372 afi_safi_count++;
1373
1374 /* Only advertise addpath TX if a feature that
1375 * will use it is
1376 * configured */
1377 if (CHECK_FLAG(peer->af_flags[afi][safi],
1378 PEER_FLAG_ADDPATH_TX_ALL_PATHS)
1379 || CHECK_FLAG(peer->af_flags[afi][safi],
1380 PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
1381 adv_addpath_tx = 1;
1382 }
1383 }
1384
1385 SET_FLAG(peer->cap, PEER_CAP_ADDPATH_ADV);
1386 stream_putc(s, BGP_OPEN_OPT_CAP);
1387 stream_putc(s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1388 stream_putc(s, CAPABILITY_CODE_ADDPATH);
1389 stream_putc(s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1390
1391 FOREACH_AFI_SAFI (afi, safi) {
1392 if (peer->afc[afi][safi]) {
1393 /* Convert AFI, SAFI to values for packet. */
1394 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
1395 &pkt_safi);
1396
1397 stream_putw(s, pkt_afi);
1398 stream_putc(s, pkt_safi);
1399
1400 if (adv_addpath_tx) {
1401 stream_putc(s, BGP_ADDPATH_RX | BGP_ADDPATH_TX);
1402 SET_FLAG(peer->af_cap[afi][safi],
1403 PEER_CAP_ADDPATH_AF_RX_ADV);
1404 SET_FLAG(peer->af_cap[afi][safi],
1405 PEER_CAP_ADDPATH_AF_TX_ADV);
1406 } else {
1407 stream_putc(s, BGP_ADDPATH_RX);
1408 SET_FLAG(peer->af_cap[afi][safi],
1409 PEER_CAP_ADDPATH_AF_RX_ADV);
1410 UNSET_FLAG(peer->af_cap[afi][safi],
1411 PEER_CAP_ADDPATH_AF_TX_ADV);
1412 }
1413 }
1414 }
1415
1416 /* ORF capability. */
1417 FOREACH_AFI_SAFI (afi, safi) {
1418 if (CHECK_FLAG(peer->af_flags[afi][safi],
1419 PEER_FLAG_ORF_PREFIX_SM)
1420 || CHECK_FLAG(peer->af_flags[afi][safi],
1421 PEER_FLAG_ORF_PREFIX_RM)) {
1422 bgp_open_capability_orf(s, peer, afi, safi,
1423 CAPABILITY_CODE_ORF_OLD);
1424 bgp_open_capability_orf(s, peer, afi, safi,
1425 CAPABILITY_CODE_ORF);
1426 }
1427 }
1428
1429 /* Dynamic capability. */
1430 if (CHECK_FLAG(peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY)) {
1431 SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV);
1432 stream_putc(s, BGP_OPEN_OPT_CAP);
1433 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1434 stream_putc(s, CAPABILITY_CODE_DYNAMIC_OLD);
1435 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN);
1436 stream_putc(s, BGP_OPEN_OPT_CAP);
1437 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1438 stream_putc(s, CAPABILITY_CODE_DYNAMIC);
1439 stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN);
1440 }
1441
1442 /* Hostname capability */
1443 if (cmd_hostname_get()) {
1444 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1445 stream_putc(s, BGP_OPEN_OPT_CAP);
1446 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1447 stream_putc(s, 0); /* dummy len for now */
1448 stream_putc(s, CAPABILITY_CODE_FQDN);
1449 capp = stream_get_endp(s);
1450 stream_putc(s, 0); /* dummy len for now */
1451 len = strlen(cmd_hostname_get());
1452 if (len > BGP_MAX_HOSTNAME)
1453 len = BGP_MAX_HOSTNAME;
1454
1455 stream_putc(s, len);
1456 stream_put(s, cmd_hostname_get(), len);
1457 if (cmd_domainname_get()) {
1458 len = strlen(cmd_domainname_get());
1459 if (len > BGP_MAX_HOSTNAME)
1460 len = BGP_MAX_HOSTNAME;
1461
1462 stream_putc(s, len);
1463 stream_put(s, cmd_domainname_get(), len);
1464 } else
1465 stream_putc(s, 0); /* 0 length */
1466
1467 /* Set the lengths straight */
1468 len = stream_get_endp(s) - rcapp - 1;
1469 stream_putc_at(s, rcapp, len);
1470 len = stream_get_endp(s) - capp - 1;
1471 stream_putc_at(s, capp, len);
1472
1473 if (bgp_debug_neighbor_events(peer))
1474 zlog_debug(
1475 "%s Sending hostname cap with hn = %s, dn = %s",
1476 peer->host, cmd_hostname_get(),
1477 cmd_domainname_get());
1478 }
1479
1480 /* Sending base graceful-restart capability irrespective of the config
1481 */
1482 SET_FLAG(peer->cap, PEER_CAP_RESTART_ADV);
1483 stream_putc(s, BGP_OPEN_OPT_CAP);
1484 capp = stream_get_endp(s); /* Set Capability Len Pointer */
1485 stream_putc(s, 0); /* Capability Length */
1486 stream_putc(s, CAPABILITY_CODE_RESTART);
1487 rcapp = stream_get_endp(s); /* Set Restart Capability Len Pointer */
1488 stream_putc(s, 0);
1489 restart_time = peer->bgp->restart_time;
1490 if (peer->bgp->t_startup) {
1491 SET_FLAG(restart_time, RESTART_R_BIT);
1492 SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_ADV);
1493 }
1494 stream_putw(s, restart_time);
1495
1496 /* Send address-family specific graceful-restart capability only when GR
1497 config
1498 is present */
1499 if (bgp_flag_check(peer->bgp, BGP_FLAG_GRACEFUL_RESTART)) {
1500 FOREACH_AFI_SAFI (afi, safi) {
1501 if (peer->afc[afi][safi]) {
1502 /* Convert AFI, SAFI to values for
1503 * packet. */
1504 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
1505 &pkt_safi);
1506 stream_putw(s, pkt_afi);
1507 stream_putc(s, pkt_safi);
1508 if (bgp_flag_check(peer->bgp,
1509 BGP_FLAG_GR_PRESERVE_FWD))
1510 stream_putc(s, RESTART_F_BIT);
1511 else
1512 stream_putc(s, 0);
1513 }
1514 }
1515 }
1516
1517 /* Total Graceful restart capability Len. */
1518 len = stream_get_endp(s) - rcapp - 1;
1519 stream_putc_at(s, rcapp, len);
1520
1521 /* Total Capability Len. */
1522 len = stream_get_endp(s) - capp - 1;
1523 stream_putc_at(s, capp, len);
1524
1525 /* Total Opt Parm Len. */
1526 len = stream_get_endp(s) - cp - 1;
1527 stream_putc_at(s, cp, len);
1528 }
FRRouting mirror