diff options
Diffstat (limited to 'bgpd')
| -rw-r--r-- | bgpd/ChangeLog | 86 | ||||
| -rw-r--r-- | bgpd/IMPLEMENTATION.txt | 2 | ||||
| -rw-r--r-- | bgpd/bgp_advertise.c | 10 | ||||
| -rw-r--r-- | bgpd/bgp_attr.c | 55 | ||||
| -rw-r--r-- | bgpd/bgp_attr.h | 5 | ||||
| -rw-r--r-- | bgpd/bgp_community.c | 4 | ||||
| -rw-r--r-- | bgpd/bgp_main.c | 10 | ||||
| -rw-r--r-- | bgpd/bgp_network.c | 182 | ||||
| -rw-r--r-- | bgpd/bgp_network.h | 2 | ||||
| -rw-r--r-- | bgpd/bgp_packet.c | 28 | ||||
| -rw-r--r-- | bgpd/bgp_route.c | 10 | ||||
| -rw-r--r-- | bgpd/bgp_routemap.c | 5 | ||||
| -rw-r--r-- | bgpd/bgp_table.c | 27 | ||||
| -rw-r--r-- | bgpd/bgp_table.h | 17 | ||||
| -rw-r--r-- | bgpd/bgp_vty.c | 132 | ||||
| -rw-r--r-- | bgpd/bgpd.c | 221 | ||||
| -rw-r--r-- | bgpd/bgpd.conf.sample | 2 | ||||
| -rw-r--r-- | bgpd/bgpd.h | 18 |
18 files changed, 437 insertions, 379 deletions
diff --git a/bgpd/ChangeLog b/bgpd/ChangeLog index 7f94565c..6fe2b0f5 100644 --- a/bgpd/ChangeLog +++ b/bgpd/ChangeLog @@ -1,4 +1,90 @@ +2008-07-22 Paul Jakma <paul.jakma@sun.com> + + * bgp_{packet,route,advertise}.c: change to compiler testing of + DISABLE_BGP_ANNOUNCE, rather than cpp. + +2008-07-22 MIYAJIMA Mitsuharu <miyajima.mitsuharu@anchor.jp> + + * bgp_packet.c: (bgp_update_packet_eor) Fix crash triggerable + if a bgpd was compiled with --disable-bgp-announce and if GR is + advertised by peer. + +2008-07-22 Paul Jakma <paul.jakma@sun.com> + + * bgp_community.c: (community_str2com) assigns defaults to local + vars + * bgp_attr.c: (bgp_attr_parse) match format specifier to arg + * bgp_table.{c,h}: (bgp_table_top) can take a * to a const, quelling + warning in bgp_route.c + +2008-07-21 Paul Jakma <paul.jakma@sun.com> + + + * bgp_packet.c: (bgp_open_receive) fix warning in a zlog call + * bgp_vty.c: (bgp_vty_return) add return code + * bgpd.c: (bgp_master_init) setup the socket list. + * bgp_network.c: Remove the dual IPv4/6 socket thing for now, which + was implemented by Michael, until such time as its clear its + required for Linux (see sockopt comments). IPv6 support, including + IPv4 sessions on AF_INET6 sockets, therefore is broken, and the + '-l 0.0.0.0' arguments would need to be given to bgpd to make + things work here. + +2008-07-21 Michael H. Warfield <mhw@wittsend.com> + YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> + Tomohiko Kusuda <kusuda@inetcore.com> + Leigh Brown <leigh@solinno.co.uk> + + * bgp_network.c: (bgp_md5_set_one) shim between libzebra tcp-md5 + sockopt and bgpd. + (bgp_md5_set_socket) Helper for bgp_connect + (bgp_md5_set) setup TCP-MD5SIG for the given peer. + (bgp_connect) call out to bgp_md5_set_socket for the outgoing + connect socket. + (bgp_socket) save references to the listen sockets, needed if + TCP-MD5SIG is applied later or changed. + * bgp_vty.c: (*neighbor_password_cmd) New 'neighbor ... password' + commands. + * bgpd.c: (peer_{new,delete) manage TCP-MD5 password + (peer_group2peer_config_copy) inherit TCP-MD5 password + (peer_password_{un,}set) orchestrate the whole add/remove of TCP-MD5 + passwords: applying checks, stopping peers, and trying to return + errors to UI, etc. + (bgp_config_write_peer) save password. + Fix missing newline in writeout of neighbor ... port. + +2008-07-02 MIYAJIMA Mitsuharu <miyajima.mitsuharu@anchor.jp> + + * *.c: CMD_AS_RANGE was being used inside command strings, and thus + not being expanded, fix by dequoting. + +2008-07-02 Stephen Hemminger <stephen.hemminger@vyatta.com> + + * bgp_table.{c,h}: (bgp_table_finish) Take a double pointer and + scrub pointer in caller, so fixing double-free crashes seen + with route-server-client configuration. + * *.c: Adjust all callers of bgp_table_finish + +2008-07-02 Paul Jakma <paul.jakma@sun.com> + + * bgp_table.{c,h}: (bgp_node_delete, bgp_table_free) shouldn't be + exported. + +2008-06-07 Paul Jakma <paul@jakma.org> + + * bgp_attr.{c,h}: (bgp_mp_{un,}reach_parse) export, for unit tests. + * bgp_attr.c: (bgp_mp_reach_parse) Add logging. Tighten length test + to bounds check against the attribute length rather than the + stream length.. + +2008-06-01 jfletche@gmail.com + + * bgp_attr.c: (bgp_attr_aspathlimit) fix silly bug in flags check + that was causing BGP to drop sessions if it received a + aspath-limit with partial set. Fixes bug #419. + 2008-04-10 Denis Ovsienko + * bgp_aspath.[ch]: (aspath_filter_exclude) New function allows filtering out arbitrary ASns from AS_PATH attribute. * bgp_aspath.[ch]: (aspath_print_vty) Accept suffix to let calling diff --git a/bgpd/IMPLEMENTATION.txt b/bgpd/IMPLEMENTATION.txt index ac087a38..fff360ab 100644 --- a/bgpd/IMPLEMENTATION.txt +++ b/bgpd/IMPLEMENTATION.txt @@ -1,4 +1,4 @@ -$Id$ +$Id: IMPLEMENTATION.txt,v 1.2 2005/02/15 17:10:03 gdt Exp $ This file contains notes about the internals of the BGP implementation. The initial impetus is understanding the memory usage diff --git a/bgpd/bgp_advertise.c b/bgpd/bgp_advertise.c index 73b868a8..870aab13 100644 --- a/bgpd/bgp_advertise.c +++ b/bgpd/bgp_advertise.c @@ -220,9 +220,8 @@ bgp_adj_out_set (struct bgp_node *rn, struct peer *peer, struct prefix *p, struct bgp_adj_out *adj = NULL; struct bgp_advertise *adv; -#ifdef DISABLE_BGP_ANNOUNCE - return; -#endif /* DISABLE_BGP_ANNOUNCE */ + if (DISABLE_BGP_ANNOUNCE) + return; /* Look for adjacency information. */ if (rn) @@ -274,9 +273,8 @@ bgp_adj_out_unset (struct bgp_node *rn, struct peer *peer, struct prefix *p, struct bgp_adj_out *adj; struct bgp_advertise *adv; -#ifdef DISABLE_BGP_ANNOUNCE - return; -#endif /* DISABLE_BGP_ANNOUNCE */ + if (DISABLE_BGP_ANNOUNCE) + return; /* Lookup existing adjacency, if it is not there return immediately. */ for (adj = rn->adj_out; adj; adj = adj->next) diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index b27267c0..b20386e5 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -695,7 +695,8 @@ bgp_attr_aspathlimit (struct peer *peer, bgp_size_t length, total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3); - if (flag != (BGP_ATTR_FLAG_TRANS|BGP_ATTR_FLAG_OPTIONAL)) + if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS) + || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) { zlog (peer->log, LOG_ERR, "AS-Pathlimit attribute flag isn't transitive %d", flag); @@ -804,7 +805,7 @@ bgp_attr_aspath (struct peer *peer, bgp_size_t length, || ! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS)) { zlog (peer->log, LOG_ERR, - "Origin attribute flag isn't transitive %d", flag); + "As-Path attribute flag isn't transitive %d", flag); bgp_notify_send_with_data (peer, BGP_NOTIFY_UPDATE_ERR, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR, @@ -1258,7 +1259,7 @@ bgp_attr_cluster_list (struct peer *peer, bgp_size_t length, } /* Multiprotocol reachability information parse. */ -static int +int bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, struct bgp_nlri *mp_update) { @@ -1276,8 +1277,13 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, /* safe to read statically sized header? */ #define BGP_MP_REACH_MIN_SIZE 5 +#define LEN_LEFT (length - (stream_get_getp(s) - start)) if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) - return -1; + { + zlog_info ("%s: %s sent invalid length, %lu", + __func__, peer->host, (unsigned long)length); + return -1; + } /* Load AFI, SAFI. */ afi = stream_getw (s); @@ -1286,8 +1292,12 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, /* Get nexthop length. */ attre->mp_nexthop_len = stream_getc (s); - if (STREAM_READABLE(s) < attre->mp_nexthop_len) - return -1; + if (LEN_LEFT < attre->mp_nexthop_len) + { + zlog_info ("%s: %s, MP nexthop length, %u, goes past end of attribute", + __func__, peer->host, attre->mp_nexthop_len); + return -1; + } /* Nexthop length check. */ switch (attre->mp_nexthop_len) @@ -1329,13 +1339,17 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, break; #endif /* HAVE_IPV6 */ default: - zlog_info ("Wrong multiprotocol next hop length: %d", - attre->mp_nexthop_len); + zlog_info ("%s: (%s) Wrong multiprotocol next hop length: %d", + __func__, peer->host, attre->mp_nexthop_len); return -1; } - if (!STREAM_READABLE(s)) - return -1; + if (!LEN_LEFT) + { + zlog_info ("%s: (%s) Failed to read SNPA and NLRI(s)", + __func__, peer->host); + return -1; + } { u_char val; @@ -1345,15 +1359,23 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, } /* must have nrli_len, what is left of the attribute */ - nlri_len = length - (stream_get_getp(s) - start); + nlri_len = LEN_LEFT; if ((!nlri_len) || (nlri_len > STREAM_READABLE(s))) - return -1; + { + zlog_info ("%s: (%s) Failed to read NLRI", + __func__, peer->host); + return -1; + } if (safi != BGP_SAFI_VPNV4) { ret = bgp_nlri_sanity_check (peer, afi, stream_pnt (s), nlri_len); - if (ret < 0) - return -1; + if (ret < 0) + { + zlog_info ("%s: (%s) NLRI doesn't pass sanity check", + __func__, peer->host); + return -1; + } } mp_update->afi = afi; @@ -1364,10 +1386,11 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, stream_forward_getp (s, nlri_len); return 0; +#undef LEN_LEFT } /* Multiprotocol unreachable parse */ -static int +int bgp_mp_unreach_parse (struct peer *peer, bgp_size_t length, struct bgp_nlri *mp_withdraw) { @@ -1548,7 +1571,7 @@ bgp_attr_parse (struct peer *peer, struct attr *attr, bgp_size_t size, && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) { zlog (peer->log, LOG_WARNING, - "%s Extended length set, but just %tu bytes of attr header", + "%s Extended length set, but just %lu bytes of attr header", peer->host, endp - STREAM_PNT (BGP_INPUT (peer))); diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h index e152b9f4..9647ccf8 100644 --- a/bgpd/bgp_attr.h +++ b/bgpd/bgp_attr.h @@ -176,4 +176,9 @@ extern void cluster_unintern (struct cluster_list *); /* Transit attribute prototypes. */ void transit_unintern (struct transit *); +/* Exported for unit-test purposes only */ +extern int bgp_mp_reach_parse (struct peer *, bgp_size_t, struct attr *, + struct bgp_nlri *); +extern int bgp_mp_unreach_parse (struct peer *, bgp_size_t, struct bgp_nlri *); + #endif /* _QUAGGA_BGP_ATTR_H */ diff --git a/bgpd/bgp_community.c b/bgpd/bgp_community.c index d5e9821b..592b810d 100644 --- a/bgpd/bgp_community.c +++ b/bgpd/bgp_community.c @@ -581,8 +581,8 @@ community_str2com (const char *str) { struct community *com = NULL; struct community *com_sort = NULL; - u_int32_t val; - enum community_token token; + u_int32_t val = 0; + enum community_token token = community_token_unknown; do { diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c index e6d34afc..2089c6b5 100644 --- a/bgpd/bgp_main.c +++ b/bgpd/bgp_main.c @@ -203,6 +203,7 @@ main (int argc, char **argv) int dryrun = 0; char *progname; struct thread thread; + int tmp_port; /* Set umask before anything for security */ umask (0027); @@ -238,7 +239,11 @@ main (int argc, char **argv) pid_file = optarg; break; case 'p': - bm->port = atoi (optarg); + tmp_port = atoi (optarg); + if (tmp_port <= 0 || tmp_port > 0xffff) + bm->port = BGP_PORT_DEFAULT; + else + bm->port = tmp_port; break; case 'A': vty_addr = optarg; @@ -252,7 +257,8 @@ main (int argc, char **argv) break; } vty_port = atoi (optarg); - vty_port = (vty_port ? vty_port : BGP_VTY_PORT); + if (vty_port <= 0 || vty_port > 0xffff) + vty_port = BGP_VTY_PORT; break; case 'r': retain_mode = 1; diff --git a/bgpd/bgp_network.c b/bgpd/bgp_network.c index e981e718..71f3ec7d 100644 --- a/bgpd/bgp_network.c +++ b/bgpd/bgp_network.c @@ -29,6 +29,7 @@ Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA #include "prefix.h" #include "command.h" #include "privs.h" +#include "linklist.h" #include "bgpd/bgpd.h" #include "bgpd/bgp_fsm.h" @@ -39,33 +40,79 @@ Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA extern struct zebra_privs_t bgpd_privs; -#if defined(HAVE_TCP_MD5SIG) /* * Set MD5 key for the socket, for the given IPv4 peer address. * If the password is NULL or zero-length, the option will be disabled. */ -int -bgp_md5_set (int sock, struct sockaddr_in *sin, const char *password) +static int +bgp_md5_set_socket (int socket, union sockunion *su, const char *password) { - int ret, en; - - if ( bgpd_privs.change (ZPRIVS_RAISE) ) - zlog_err ("bgp_md5_set: could not raise privs"); - - ret = sockopt_tcp_signature (sock, sin, password); + int ret = -1; + int en = ENOSYS; + + assert (socket >= 0); + +#if HAVE_DECL_TCP_MD5SIG + ret = sockopt_tcp_signature (socket, su, password); en = errno; - - if (bgpd_privs.change (ZPRIVS_LOWER) ) - zlog_err ("bgp_md5_set: could not lower privs"); - +#endif /* HAVE_TCP_MD5SIG */ + if (ret < 0) zlog (NULL, LOG_WARNING, "can't set TCP_MD5SIG option on socket %d: %s", - sock, safe_strerror (en)); + socket, safe_strerror (en)); return ret; } +/* Helper for bgp_connect */ +static int +bgp_md5_set_connect (int socket, union sockunion *su, const char *password) +{ + int ret = -1; + +#if HAVE_DECL_TCP_MD5SIG + if ( bgpd_privs.change (ZPRIVS_RAISE) ) + { + zlog_err ("%s: could not raise privs", __func__); + return ret; + } + + ret = bgp_md5_set_socket (socket, su, password); + + if (bgpd_privs.change (ZPRIVS_LOWER) ) + zlog_err ("%s: could not lower privs", __func__); #endif /* HAVE_TCP_MD5SIG */ + + return ret; +} + +int +bgp_md5_set (struct peer *peer) +{ + struct listnode *node; + int fret = 0, ret; + int *socket; + + if ( bgpd_privs.change (ZPRIVS_RAISE) ) + { + zlog_err ("%s: could not raise privs", __func__); + return -1; + } + + /* Just set the password on the listen socket(s). Outbound connections + * are taken care of in bgp_connect() below. + */ + for (ALL_LIST_ELEMENTS_RO(bm->listen_sockets, node, socket)) + { + ret = bgp_md5_set_socket ((int )socket, &peer->su, peer->password); + if (ret < 0) + fret = ret; + } + if (bgpd_privs.change (ZPRIVS_LOWER) ) + zlog_err ("%s: could not lower privs", __func__); + + return fret; +} /* Accept bgp connection. */ static int @@ -266,17 +313,9 @@ bgp_connect (struct peer *peer) sockopt_reuseaddr (peer->fd); sockopt_reuseport (peer->fd); - -#ifdef IPTOS_PREC_INTERNETCONTROL - if (sockunion_family (&peer->su) == AF_INET) - setsockopt_ipv4_tos (peer->fd, IPTOS_PREC_INTERNETCONTROL); -#endif - -#ifdef HAVE_TCP_MD5SIG - if (CHECK_FLAG (peer->flags, PEER_FLAG_PASSWORD)) - if (sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (peer->fd, &peer->su.sin, peer->password); -#endif /* HAVE_TCP_MD5SIG */ + + if (peer->password) + bgp_md5_set_connect (peer->fd, &peer->su, peer->password); /* Bind socket. */ bgp_bind (peer); @@ -328,10 +367,6 @@ bgp_socket (struct bgp *bgp, unsigned short port, char *address) struct addrinfo req; struct addrinfo *ainfo; struct addrinfo *ainfo_save; -#if defined(HAVE_TCP_MD5SIG) && defined(IPV6_V6ONLY) - struct sockaddr_in sin; - int socklen, on = 1; -#endif int sock = 0; char port_str[BUFSIZ]; @@ -367,26 +402,6 @@ bgp_socket (struct bgp *bgp, unsigned short port, char *address) sockopt_reuseaddr (sock); sockopt_reuseport (sock); -#ifdef IPTOS_PREC_INTERNETCONTROL - if (ainfo->ai_family == AF_INET) - setsockopt_ipv4_tos (sock, IPTOS_PREC_INTERNETCONTROL); -#endif - -#if defined(HAVE_TCP_MD5SIG) && defined(IPV6_V6ONLY) -/* We can not apply MD5SIG to an IPv6 socket. If this is an AF_INET6 - socket, we'll have to create another socket for IPv4*/ - - if (ainfo->ai_family == AF_INET6) { -/* Mark this one for IPv6 only */ - ret = setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, - (void *) &on, sizeof (on)); - if( ret < 0 ) { - en = errno; - zlog_err ("setsockopt V6ONLY: %s", safe_strerror (en)); - } - } -#endif - if (bgpd_privs.change (ZPRIVS_RAISE) ) zlog_err ("bgp_socket: could not raise privs"); @@ -409,67 +424,9 @@ bgp_socket (struct bgp *bgp, unsigned short port, char *address) close (sock); continue; } - -#if defined(HAVE_TCP_MD5SIG) && defined(IPV6_V6ONLY) - thread_add_read (master, bgp_accept, bgp, sock); - - if (ainfo->ai_family != AF_INET6) - continue; - - /* If first socket was an IPv6 socket, we need to create an IPv4 - socket for use by the TCP_MD5SIG logic. This code is blatently - copied and modified from the alternate IPv4 only code from below... */ - - sock = socket (AF_INET, SOCK_STREAM, 0); - if (sock < 0) - { - zlog_err ("socket: %s", safe_strerror (errno)); - continue; - } - - sockopt_reuseaddr (sock); - sockopt_reuseport (sock); - setsockopt_ipv4_tos (sock, IPTOS_PREC_INTERNETCONTROL); - - memset (&sin, 0, sizeof (struct sockaddr_in)); - - sin.sin_family = AF_INET; - sin.sin_port = htons (port); - socklen = sizeof (struct sockaddr_in); -#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN - sin.sin_len = socklen; -#endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */ - - if ( bgpd_privs.change (ZPRIVS_RAISE) ) - zlog_err ("bgp_socket: could not raise privs"); - - ret = bind (sock, (struct sockaddr *) &sin, socklen); - en = errno; - if (bgpd_privs.change (ZPRIVS_LOWER) ) - zlog_err ("bgp_bind_address: could not lower privs"); - - if (ret < 0) - { - zlog_err ("bind: %s", safe_strerror (en)); - close(sock); - continue; - } - - ret = listen (sock, 3); - if (ret < 0) - { - zlog_err ("listen: %s", safe_strerror (errno)); - close (sock); - continue; - } -#endif - -#ifdef HAVE_TCP_MD5SIG - bm->sock = sock; -#endif /* HAVE_TCP_MD5SIG */ - + + listnode_add (bm->listen_sockets, (void *)sock); thread_add_read (master, bgp_accept, bgp, sock); - } while ((ainfo = ainfo->ai_next) != NULL); @@ -497,10 +454,6 @@ bgp_socket (struct bgp *bgp, unsigned short port, char *address) sockopt_reuseaddr (sock); sockopt_reuseport (sock); -#ifdef IPTOS_PREC_INTERNETCONTROL - setsockopt_ipv4_tos (sock, IPTOS_PREC_INTERNETCONTROL); -#endif - memset (&sin, 0, sizeof (struct sockaddr_in)); sin.sin_family = AF_INET; @@ -540,9 +493,6 @@ bgp_socket (struct bgp *bgp, unsigned short port, char *address) close (sock); return ret; } -#ifdef HAVE_TCP_MD5SIG - bm->sock = sock; -#endif /* HAVE_TCP_MD5SIG */ thread_add_read (bm->master, bgp_accept, bgp, sock); diff --git a/bgpd/bgp_network.h b/bgpd/bgp_network.h index e7119414..3cbf647b 100644 --- a/bgpd/bgp_network.h +++ b/bgpd/bgp_network.h @@ -29,4 +29,6 @@ extern int bgp_socket (struct bgp *, unsigned short, char *); extern int bgp_connect (struct peer *); extern void bgp_getsockname (struct peer *); +extern int bgp_md5_set (struct peer *); + #endif /* _QUAGGA_BGP_NETWORK_H */ diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c index f92a88ad..4d7f32de 100644 --- a/bgpd/bgp_packet.c +++ b/bgpd/bgp_packet.c @@ -235,9 +235,8 @@ bgp_update_packet_eor (struct peer *peer, afi_t afi, safi_t safi) struct stream *s; struct stream *packet; -#ifdef DISABLE_BGP_ANNOUNCE - return; -#endif /* DISABLE_BGP_ANNOUNCE */ + if (DISABLE_BGP_ANNOUNCE) + return NULL; if (BGP_DEBUG (normal, NORMAL)) zlog_debug ("send End-of-RIB for %s to %s", afi_safi_print (afi, safi), peer->host); @@ -369,9 +368,8 @@ bgp_default_update_send (struct peer *peer, struct attr *attr, char attrstr[BUFSIZ]; char buf[BUFSIZ]; -#ifdef DISABLE_BGP_ANNOUNCE - return; -#endif /* DISABLE_BGP_ANNOUNCE */ + if (DISABLE_BGP_ANNOUNCE) + return; if (afi == AFI_IP) str2prefix ("0.0.0.0/0", &p); @@ -438,9 +436,8 @@ bgp_default_withdraw_send (struct peer *peer, afi_t afi, safi_t safi) bgp_size_t total_attr_len; char buf[BUFSIZ]; -#ifdef DISABLE_BGP_ANNOUNCE - return; -#endif /* DISABLE_BGP_ANNOUNCE */ + if (DISABLE_BGP_ANNOUNCE) + return; if (afi == AFI_IP) str2prefix ("0.0.0.0/0", &p); @@ -923,7 +920,6 @@ bgp_notify_send (struct peer *peer, u_char code, u_char sub_code) bgp_notify_send_with_data (peer, code, sub_code, NULL, 0); } -#if 0 static const char * afi2str (afi_t afi) { @@ -947,7 +943,6 @@ safi2str (safi_t safi) else return "Unknown SAFI"; } -#endif /* Send route refresh message to the peer. */ void @@ -960,9 +955,8 @@ bgp_route_refresh_send (struct peer *peer, afi_t afi, safi_t safi, struct bgp_filter *filter; int orf_refresh = 0; -#ifdef DISABLE_BGP_ANNOUNCE - return; -#endif /* DISABLE_BGP_ANNOUNCE */ + if (DISABLE_BGP_ANNOUNCE) + return; filter = &peer->filter[afi][safi]; @@ -1190,9 +1184,9 @@ bgp_open_receive (struct peer *peer, bgp_size_t size) /* Receive OPEN message log */ if (BGP_DEBUG (normal, NORMAL)) - zlog_debug ("%s rcv OPEN, version %d, remote-as (in open) %u," + zlog_debug ("%s rcv OPEN, version %d, remote-as (in open) %d," " holdtime %d, id %s", - peer->host, version, (unsigned)remote_as, holdtime, + peer->host, version, remote_as, holdtime, inet_ntoa (remote_id)); /* BEGIN to read the capability here, but dont do it yet */ @@ -1237,7 +1231,7 @@ bgp_open_receive (struct peer *peer, bgp_size_t size) zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but no AS4." " Odd, but proceeding.", peer->host); else if (as4 < BGP_AS_MAX && BGP_DEBUG (as4, AS4)) - zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but AS4 %u fits " + zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits " "in 2-bytes, very odd peer.", peer->host, as4); if (as4) remote_as = as4; diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index 7a14ac18..f39c669f 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -709,9 +709,8 @@ bgp_announce_check (struct bgp_info *ri, struct peer *peer, struct prefix *p, filter = &peer->filter[afi][safi]; bgp = peer->bgp; -#ifdef DISABLE_BGP_ANNOUNCE - return 0; -#endif + if (DISABLE_BGP_ANNOUNCE) + return 0; /* Do not send announces to RS-clients from the 'normal' bgp_table. */ if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_RSERVER_CLIENT)) @@ -1062,9 +1061,8 @@ bgp_announce_check_rsclient (struct bgp_info *ri, struct peer *rsclient, filter = &rsclient->filter[afi][safi]; bgp = rsclient->bgp; -#ifdef DISABLE_BGP_ANNOUNCE - return 0; -#endif + if (DISABLE_BGP_ANNOUNCE) + return 0; /* Do not send back route to sender. */ if (from == rsclient) diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c index b93b2682..78ad3f08 100644 --- a/bgpd/bgp_routemap.c +++ b/bgpd/bgp_routemap.c @@ -47,6 +47,7 @@ Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA #include "bgpd/bgp_filter.h" #include "bgpd/bgp_mplsvpn.h" #include "bgpd/bgp_ecommunity.h" +#include "bgpd/bgp_vty.h" /* Memo of route-map commands. @@ -3451,7 +3452,7 @@ DEFUN (no_set_atomic_aggregate, DEFUN (set_aggregator_as, set_aggregator_as_cmd, - "set aggregator as CMD_AS_RANGE A.B.C.D", + "set aggregator as " CMD_AS_RANGE " A.B.C.D", SET_STR "BGP aggregator attribute\n" "AS number of aggregator\n" @@ -3523,7 +3524,7 @@ DEFUN (no_set_aggregator_as, ALIAS (no_set_aggregator_as, no_set_aggregator_as_val_cmd, - "no set aggregator as CMD_AS_RANGE A.B.C.D", + "no set aggregator as " CMD_AS_RANGE " A.B.C.D", NO_STR SET_STR "BGP aggregator attribute\n" diff --git a/bgpd/bgp_table.c b/bgpd/bgp_table.c index 5faf5856..50cf8e8f 100644 --- a/bgpd/bgp_table.c +++ b/bgpd/bgp_table.c @@ -28,8 +28,8 @@ Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA #include "bgpd/bgpd.h" #include "bgpd/bgp_table.h" -void bgp_node_delete (struct bgp_node *); -void bgp_table_free (struct bgp_table *); +static void bgp_node_delete (struct bgp_node *); +static void bgp_table_free (struct bgp_table *); struct bgp_table * bgp_table_init (afi_t afi, safi_t safi) @@ -47,9 +47,10 @@ bgp_table_init (afi_t afi, safi_t safi) } void -bgp_table_finish (struct bgp_table *rt) +bgp_table_finish (struct bgp_table **rt) { - bgp_table_free (rt); + bgp_table_free (*rt); + *rt = NULL; } static struct bgp_node * @@ -84,7 +85,7 @@ bgp_node_free (struct bgp_node *node) } /* Free route table. */ -void +static void bgp_table_free (struct bgp_table *rt) { struct bgp_node *tmp_node; @@ -229,7 +230,7 @@ bgp_unlock_node (struct bgp_node *node) /* Find matched prefix. */ struct bgp_node * -bgp_node_match (struct bgp_table *table, struct prefix *p) +bgp_node_match (const struct bgp_table *table, struct prefix *p) { struct bgp_node *node; struct bgp_node *matched; @@ -255,7 +256,7 @@ bgp_node_match (struct bgp_table *table, struct prefix *p) } struct bgp_node * -bgp_node_match_ipv4 (struct bgp_table *table, struct in_addr *addr) +bgp_node_match_ipv4 (const struct bgp_table *table, struct in_addr *addr) { struct prefix_ipv4 p; @@ -269,7 +270,7 @@ bgp_node_match_ipv4 (struct bgp_table *table, struct in_addr *addr) #ifdef HAVE_IPV6 struct bgp_node * -bgp_node_match_ipv6 (struct bgp_table *table, struct in6_addr *addr) +bgp_node_match_ipv6 (const struct bgp_table *table, struct in6_addr *addr) { struct prefix_ipv6 p; @@ -284,7 +285,7 @@ bgp_node_match_ipv6 (struct bgp_table *table, struct in6_addr *addr) /* Lookup same prefix node. Return NULL when we can't find route. */ struct bgp_node * -bgp_node_lookup (struct bgp_table *table, struct prefix *p) +bgp_node_lookup (const struct bgp_table *table, struct prefix *p) { struct bgp_node *node; @@ -304,7 +305,7 @@ bgp_node_lookup (struct bgp_table *table, struct prefix *p) /* Add node to routing table. */ struct bgp_node * -bgp_node_get (struct bgp_table *table, struct prefix *p) +bgp_node_get (struct bgp_table *const table, struct prefix *p) { struct bgp_node *new; struct bgp_node *node; @@ -360,7 +361,7 @@ bgp_node_get (struct bgp_table *table, struct prefix *p) } /* Delete node from the routing table. */ -void +static void bgp_node_delete (struct bgp_node *node) { struct bgp_node *child; @@ -405,7 +406,7 @@ bgp_node_delete (struct bgp_node *node) /* Get fist node and lock it. This function is useful when one want to lookup all the node exist in the routing table. */ struct bgp_node * -bgp_table_top (struct bgp_table *table) +bgp_table_top (const struct bgp_table *const table) { /* If there is no node in the routing table return NULL. */ if (table->top == NULL) @@ -499,7 +500,7 @@ bgp_route_next_until (struct bgp_node *node, struct bgp_node *limit) } unsigned long -bgp_table_count (struct bgp_table *table) +bgp_table_count (const struct bgp_table *table) { return table->count; } diff --git a/bgpd/bgp_table.h b/bgpd/bgp_table.h index 62421e71..dfa7e1f3 100644 --- a/bgpd/bgp_table.h +++ b/bgpd/bgp_table.h @@ -68,21 +68,20 @@ struct bgp_node }; extern struct bgp_table *bgp_table_init (afi_t, safi_t); -extern void bgp_table_finish (struct bgp_table *); +extern void bgp_table_finish (struct bgp_table **); extern void bgp_unlock_node (struct bgp_node *node); -extern void bgp_node_delete (struct bgp_node *node); -extern struct bgp_node *bgp_table_top (struct bgp_table *); +extern struct bgp_node *bgp_table_top (const struct bgp_table *const); extern struct bgp_node *bgp_route_next (struct bgp_node *); extern struct bgp_node *bgp_route_next_until (struct bgp_node *, struct bgp_node *); -extern struct bgp_node *bgp_node_get (struct bgp_table *, struct prefix *); -extern struct bgp_node *bgp_node_lookup (struct bgp_table *, struct prefix *); +extern struct bgp_node *bgp_node_get (struct bgp_table *const, struct prefix *); +extern struct bgp_node *bgp_node_lookup (const struct bgp_table *const, struct prefix *); extern struct bgp_node *bgp_lock_node (struct bgp_node *node); -extern struct bgp_node *bgp_node_match (struct bgp_table *, struct prefix *); -extern struct bgp_node *bgp_node_match_ipv4 (struct bgp_table *, +extern struct bgp_node *bgp_node_match (const struct bgp_table *, struct prefix *); +extern struct bgp_node *bgp_node_match_ipv4 (const struct bgp_table *, struct in_addr *); #ifdef HAVE_IPV6 -extern struct bgp_node *bgp_node_match_ipv6 (struct bgp_table *, +extern struct bgp_node *bgp_node_match_ipv6 (const struct bgp_table *, struct in6_addr *); #endif /* HAVE_IPV6 */ -extern unsigned long bgp_table_count (struct bgp_table *); +extern unsigned long bgp_table_count (const struct bgp_table *const); #endif /* _QUAGGA_BGP_TABLE_H */ diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index 0e689359..54f11701 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -210,6 +210,9 @@ bgp_vty_return (struct vty *vty, int ret) case BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS: str = "Cannot have local-as same as BGP AS number"; break; + case BGP_ERR_TCPSIG_FAILED: + str = "Error while applying TCP-Sig to session(s)"; + break; } if (str) { @@ -308,7 +311,7 @@ DEFUN_DEPRECATED (neighbor_version, /* "router bgp" commands. */ DEFUN (router_bgp, router_bgp_cmd, - "router bgp CMD_AS_RANGE", + "router bgp " CMD_AS_RANGE, ROUTER_STR BGP_STR AS_STR) @@ -331,12 +334,12 @@ DEFUN (router_bgp, VTY_NEWLINE); return CMD_WARNING; case BGP_ERR_AS_MISMATCH: - vty_out (vty, "BGP is already running; AS is %u%s", (unsigned)as, VTY_NEWLINE); + vty_out (vty, "BGP is already running; AS is %d%s", as, VTY_NEWLINE); return CMD_WARNING; case BGP_ERR_INSTANCE_MISMATCH: vty_out (vty, "BGP view name and AS number mismatch%s", VTY_NEWLINE); - vty_out (vty, "BGP instance is already running; AS is %u%s", - (unsigned)as, VTY_NEWLINE); + vty_out (vty, "BGP instance is already running; AS is %d%s", + as, VTY_NEWLINE); return CMD_WARNING; } @@ -348,7 +351,7 @@ DEFUN (router_bgp, ALIAS (router_bgp, router_bgp_view_cmd, - "router bgp CMD_AS_RANGE view WORD", + "router bgp " CMD_AS_RANGE " view WORD", ROUTER_STR BGP_STR AS_STR @@ -358,7 +361,7 @@ ALIAS (router_bgp, /* "no router bgp" commands. */ DEFUN (no_router_bgp, no_router_bgp_cmd, - "no router bgp CMD_AS_RANGE", + "no router bgp " CMD_AS_RANGE, NO_STR ROUTER_STR BGP_STR @@ -388,7 +391,7 @@ DEFUN (no_router_bgp, ALIAS (no_router_bgp, no_router_bgp_view_cmd, - "no router bgp CMD_AS_RANGE view WORD", + "no router bgp " CMD_AS_RANGE " view WORD", NO_STR ROUTER_STR BGP_STR @@ -539,7 +542,7 @@ ALIAS (no_bgp_cluster_id, DEFUN (bgp_confederation_identifier, bgp_confederation_identifier_cmd, - "bgp confederation identifier CMD_AS_RANGE", + "bgp confederation identifier " CMD_AS_RANGE, "BGP specific commands\n" "AS confederation parameters\n" "AS number\n" @@ -580,7 +583,7 @@ DEFUN (no_bgp_confederation_identifier, ALIAS (no_bgp_confederation_identifier, no_bgp_confederation_identifier_arg_cmd, - "no bgp confederation identifier CMD_AS_RANGE", + "no bgp confederation identifier " CMD_AS_RANGE, NO_STR "BGP specific commands\n" "AS confederation parameters\n" @@ -589,7 +592,7 @@ ALIAS (no_bgp_confederation_identifier, DEFUN (bgp_confederation_peers, bgp_confederation_peers_cmd, - "bgp confederation peers .CMD_AS_RANGE", + "bgp confederation peers ." CMD_AS_RANGE, "BGP specific commands\n" "AS confederation parameters\n" "Peer ASs in BGP confederation\n" @@ -619,7 +622,7 @@ DEFUN (bgp_confederation_peers, DEFUN (no_bgp_confederation_peers, no_bgp_confederation_peers_cmd, - "no bgp confederation peers .CMD_AS_RANGE", + "no bgp confederation peers ." CMD_AS_RANGE, NO_STR "BGP specific commands\n" "AS confederation parameters\n" @@ -1277,10 +1280,10 @@ peer_remote_as_vty (struct vty *vty, const char *peer_str, switch (ret) { case BGP_ERR_PEER_GROUP_MEMBER: - vty_out (vty, "%% Peer-group AS %u. Cannot configure remote-as for member%s", (unsigned)as, VTY_NEWLINE); + vty_out (vty, "%% Peer-group AS %d. Cannot configure remote-as for member%s", as, VTY_NEWLINE); return CMD_WARNING; case BGP_ERR_PEER_GROUP_PEER_TYPE_DIFFERENT: - vty_out (vty, "%% The AS# can not be changed from %u to %s, peer-group members must be all internal or all external%s", (unsigned)as, as_str, VTY_NEWLINE); + vty_out (vty, "%% The AS# can not be changed from %d to %s, peer-group members must be all internal or all external%s", as, as_str, VTY_NEWLINE); return CMD_WARNING; } return bgp_vty_return (vty, ret); @@ -1288,7 +1291,7 @@ peer_remote_as_vty (struct vty *vty, const char *peer_str, DEFUN (neighbor_remote_as, neighbor_remote_as_cmd, - NEIGHBOR_CMD2 "remote-as CMD_AS_RANGE", + NEIGHBOR_CMD2 "remote-as " CMD_AS_RANGE, NEIGHBOR_STR NEIGHBOR_ADDR_STR2 "Specify a BGP neighbor\n" @@ -1352,7 +1355,7 @@ DEFUN (no_neighbor, ALIAS (no_neighbor, no_neighbor_remote_as_cmd, - NO_NEIGHBOR_CMD "remote-as CMD_AS_RANGE", + NO_NEIGHBOR_CMD "remote-as " CMD_AS_RANGE, NO_STR NEIGHBOR_STR NEIGHBOR_ADDR_STR @@ -1382,7 +1385,7 @@ DEFUN (no_neighbor_peer_group, DEFUN (no_neighbor_peer_group_remote_as, no_neighbor_peer_group_remote_as_cmd, - "no neighbor WORD remote-as CMD_AS_RANGE", + "no neighbor WORD remote-as " CMD_AS_RANGE, NO_STR NEIGHBOR_STR "Neighbor tag\n" @@ -1404,7 +1407,7 @@ DEFUN (no_neighbor_peer_group_remote_as, DEFUN (neighbor_local_as, neighbor_local_as_cmd, - NEIGHBOR_CMD2 "local-as CMD_AS_RANGE", + NEIGHBOR_CMD2 "local-as " CMD_AS_RANGE, NEIGHBOR_STR NEIGHBOR_ADDR_STR2 "Specify a local-as number\n" @@ -1423,7 +1426,7 @@ DEFUN (neighbor_local_as, DEFUN (neighbor_local_as_no_prepend, neighbor_local_as_no_prepend_cmd, - NEIGHBOR_CMD2 "local-as CMD_AS_RANGE no-prepend", + NEIGHBOR_CMD2 "local-as " CMD_AS_RANGE " no-prepend", NEIGHBOR_STR NEIGHBOR_ADDR_STR2 "Specify a local-as number\n" @@ -1462,7 +1465,7 @@ DEFUN (no_neighbor_local_as, ALIAS (no_neighbor_local_as, no_neighbor_local_as_val_cmd, - NO_NEIGHBOR_CMD2 "local-as CMD_AS_RANGE", + NO_NEIGHBOR_CMD2 "local-as " CMD_AS_RANGE, NO_STR NEIGHBOR_STR NEIGHBOR_ADDR_STR2 @@ -1471,7 +1474,7 @@ ALIAS (no_neighbor_local_as, ALIAS (no_neighbor_local_as, no_neighbor_local_as_val2_cmd, - NO_NEIGHBOR_CMD2 "local-as CMD_AS_RANGE no-prepend", + NO_NEIGHBOR_CMD2 "local-as " CMD_AS_RANGE " no-prepend", NO_STR NEIGHBOR_STR NEIGHBOR_ADDR_STR2 @@ -1479,7 +1482,6 @@ ALIAS (no_neighbor_local_as, "AS number used as local AS\n" "Do not prepend local-as to updates from ebgp peers\n") -#ifdef HAVE_TCP_MD5SIG DEFUN (neighbor_password, neighbor_password_cmd, NEIGHBOR_CMD2 "password LINE", @@ -1517,7 +1519,6 @@ DEFUN (no_neighbor_password, ret = peer_password_unset (peer); return bgp_vty_return (vty, ret); } -#endif /* HAVE_TCP_MD5SIG */ DEFUN (neighbor_activate, neighbor_activate_cmd, @@ -1600,7 +1601,7 @@ DEFUN (neighbor_set_peer_group, if (ret == BGP_ERR_PEER_GROUP_PEER_TYPE_DIFFERENT) { - vty_out (vty, "%% Peer with AS %u cannot be in this peer-group, members must be all internal or all external%s", (unsigned)as, VTY_NEWLINE); + vty_out (vty, "%% Peer with AS %d cannot be in this peer-group, members must be all internal or all external%s", as, VTY_NEWLINE); return CMD_WARNING; } @@ -2193,8 +2194,7 @@ peer_rsclient_unset_vty (struct vty *vty, const char *peer_str, listnode_delete (bgp->rsclient, peer); } - bgp_table_finish (peer->rib[afi][safi]); - peer->rib[afi][safi] = NULL; + bgp_table_finish (&peer->rib[bgp_node_afi(vty)][bgp_node_safi(vty)]); return CMD_SUCCESS; } @@ -4363,7 +4363,7 @@ ALIAS (clear_ip_bgp_external, DEFUN (clear_ip_bgp_as, clear_ip_bgp_as_cmd, - "clear ip bgp CMD_AS_RANGE", + "clear ip bgp " CMD_AS_RANGE, CLEAR_STR IP_STR BGP_STR @@ -4374,14 +4374,14 @@ DEFUN (clear_ip_bgp_as, ALIAS (clear_ip_bgp_as, clear_bgp_as_cmd, - "clear bgp CMD_AS_RANGE", + "clear bgp " CMD_AS_RANGE, CLEAR_STR BGP_STR "Clear peers with the AS number\n") ALIAS (clear_ip_bgp_as, clear_bgp_ipv6_as_cmd, - "clear bgp ipv6 CMD_AS_RANGE", + "clear bgp ipv6 " CMD_AS_RANGE, CLEAR_STR BGP_STR "Address family\n" @@ -4893,7 +4893,7 @@ ALIAS (clear_bgp_external_soft_out, DEFUN (clear_ip_bgp_as_soft_out, clear_ip_bgp_as_soft_out_cmd, - "clear ip bgp CMD_AS_RANGE soft out", + "clear ip bgp " CMD_AS_RANGE " soft out", CLEAR_STR IP_STR BGP_STR @@ -4907,7 +4907,7 @@ DEFUN (clear_ip_bgp_as_soft_out, ALIAS (clear_ip_bgp_as_soft_out, clear_ip_bgp_as_out_cmd, - "clear ip bgp CMD_AS_RANGE out", + "clear ip bgp " CMD_AS_RANGE " out", CLEAR_STR IP_STR BGP_STR @@ -4916,7 +4916,7 @@ ALIAS (clear_ip_bgp_as_soft_out, DEFUN (clear_ip_bgp_as_ipv4_soft_out, clear_ip_bgp_as_ipv4_soft_out_cmd, - "clear ip bgp CMD_AS_RANGE ipv4 (unicast|multicast) soft out", + "clear ip bgp " CMD_AS_RANGE " ipv4 (unicast|multicast) soft out", CLEAR_STR IP_STR BGP_STR @@ -4937,7 +4937,7 @@ DEFUN (clear_ip_bgp_as_ipv4_soft_out, ALIAS (clear_ip_bgp_as_ipv4_soft_out, clear_ip_bgp_as_ipv4_out_cmd, - "clear ip bgp CMD_AS_RANGE ipv4 (unicast|multicast) out", + "clear ip bgp " CMD_AS_RANGE " ipv4 (unicast|multicast) out", CLEAR_STR IP_STR BGP_STR @@ -4949,7 +4949,7 @@ ALIAS (clear_ip_bgp_as_ipv4_soft_out, DEFUN (clear_ip_bgp_as_vpnv4_soft_out, clear_ip_bgp_as_vpnv4_soft_out_cmd, - "clear ip bgp CMD_AS_RANGE vpnv4 unicast soft out", + "clear ip bgp " CMD_AS_RANGE " vpnv4 unicast soft out", CLEAR_STR IP_STR BGP_STR @@ -4965,7 +4965,7 @@ DEFUN (clear_ip_bgp_as_vpnv4_soft_out, ALIAS (clear_ip_bgp_as_vpnv4_soft_out, clear_ip_bgp_as_vpnv4_out_cmd, - "clear ip bgp CMD_AS_RANGE vpnv4 unicast out", + "clear ip bgp " CMD_AS_RANGE " vpnv4 unicast out", CLEAR_STR IP_STR BGP_STR @@ -4976,7 +4976,7 @@ ALIAS (clear_ip_bgp_as_vpnv4_soft_out, DEFUN (clear_bgp_as_soft_out, clear_bgp_as_soft_out_cmd, - "clear bgp CMD_AS_RANGE soft out", + "clear bgp " CMD_AS_RANGE " soft out", CLEAR_STR BGP_STR "Clear peers with the AS number\n" @@ -4989,7 +4989,7 @@ DEFUN (clear_bgp_as_soft_out, ALIAS (clear_bgp_as_soft_out, clear_bgp_ipv6_as_soft_out_cmd, - "clear bgp ipv6 CMD_AS_RANGE soft out", + "clear bgp ipv6 " CMD_AS_RANGE " soft out", CLEAR_STR BGP_STR "Address family\n" @@ -4999,7 +4999,7 @@ ALIAS (clear_bgp_as_soft_out, ALIAS (clear_bgp_as_soft_out, clear_bgp_as_out_cmd, - "clear bgp CMD_AS_RANGE out", + "clear bgp " CMD_AS_RANGE " out", CLEAR_STR BGP_STR "Clear peers with the AS number\n" @@ -5007,7 +5007,7 @@ ALIAS (clear_bgp_as_soft_out, ALIAS (clear_bgp_as_soft_out, clear_bgp_ipv6_as_out_cmd, - "clear bgp ipv6 CMD_AS_RANGE out", + "clear bgp ipv6 " CMD_AS_RANGE " out", CLEAR_STR BGP_STR "Address family\n" @@ -5797,7 +5797,7 @@ ALIAS (clear_bgp_external_in_prefix_filter, DEFUN (clear_ip_bgp_as_soft_in, clear_ip_bgp_as_soft_in_cmd, - "clear ip bgp CMD_AS_RANGE soft in", + "clear ip bgp " CMD_AS_RANGE " soft in", CLEAR_STR IP_STR BGP_STR @@ -5811,7 +5811,7 @@ DEFUN (clear_ip_bgp_as_soft_in, ALIAS (clear_ip_bgp_as_soft_in, clear_ip_bgp_as_in_cmd, - "clear ip bgp CMD_AS_RANGE in", + "clear ip bgp " CMD_AS_RANGE " in", CLEAR_STR IP_STR BGP_STR @@ -5820,7 +5820,7 @@ ALIAS (clear_ip_bgp_as_soft_in, DEFUN (clear_ip_bgp_as_in_prefix_filter, clear_ip_bgp_as_in_prefix_filter_cmd, - "clear ip bgp CMD_AS_RANGE in prefix-filter", + "clear ip bgp " CMD_AS_RANGE " in prefix-filter", CLEAR_STR IP_STR BGP_STR @@ -5834,7 +5834,7 @@ DEFUN (clear_ip_bgp_as_in_prefix_filter, DEFUN (clear_ip_bgp_as_ipv4_soft_in, clear_ip_bgp_as_ipv4_soft_in_cmd, - "clear ip bgp CMD_AS_RANGE ipv4 (unicast|multicast) soft in", + "clear ip bgp " CMD_AS_RANGE " ipv4 (unicast|multicast) soft in", CLEAR_STR IP_STR BGP_STR @@ -5855,7 +5855,7 @@ DEFUN (clear_ip_bgp_as_ipv4_soft_in, ALIAS (clear_ip_bgp_as_ipv4_soft_in, clear_ip_bgp_as_ipv4_in_cmd, - "clear ip bgp CMD_AS_RANGE ipv4 (unicast|multicast) in", + "clear ip bgp " CMD_AS_RANGE " ipv4 (unicast|multicast) in", CLEAR_STR IP_STR BGP_STR @@ -5867,7 +5867,7 @@ ALIAS (clear_ip_bgp_as_ipv4_soft_in, DEFUN (clear_ip_bgp_as_ipv4_in_prefix_filter, clear_ip_bgp_as_ipv4_in_prefix_filter_cmd, - "clear ip bgp CMD_AS_RANGE ipv4 (unicast|multicast) in prefix-filter", + "clear ip bgp " CMD_AS_RANGE " ipv4 (unicast|multicast) in prefix-filter", CLEAR_STR IP_STR BGP_STR @@ -5888,7 +5888,7 @@ DEFUN (clear_ip_bgp_as_ipv4_in_prefix_filter, DEFUN (clear_ip_bgp_as_vpnv4_soft_in, clear_ip_bgp_as_vpnv4_soft_in_cmd, - "clear ip bgp CMD_AS_RANGE vpnv4 unicast soft in", + "clear ip bgp " CMD_AS_RANGE " vpnv4 unicast soft in", CLEAR_STR IP_STR BGP_STR @@ -5904,7 +5904,7 @@ DEFUN (clear_ip_bgp_as_vpnv4_soft_in, ALIAS (clear_ip_bgp_as_vpnv4_soft_in, clear_ip_bgp_as_vpnv4_in_cmd, - "clear ip bgp CMD_AS_RANGE vpnv4 unicast in", + "clear ip bgp " CMD_AS_RANGE " vpnv4 unicast in", CLEAR_STR IP_STR BGP_STR @@ -5915,7 +5915,7 @@ ALIAS (clear_ip_bgp_as_vpnv4_soft_in, DEFUN (clear_bgp_as_soft_in, clear_bgp_as_soft_in_cmd, - "clear bgp CMD_AS_RANGE soft in", + "clear bgp " CMD_AS_RANGE " soft in", CLEAR_STR BGP_STR "Clear peers with the AS number\n" @@ -5928,7 +5928,7 @@ DEFUN (clear_bgp_as_soft_in, ALIAS (clear_bgp_as_soft_in, clear_bgp_ipv6_as_soft_in_cmd, - "clear bgp ipv6 CMD_AS_RANGE soft in", + "clear bgp ipv6 " CMD_AS_RANGE " soft in", CLEAR_STR BGP_STR "Address family\n" @@ -5938,7 +5938,7 @@ ALIAS (clear_bgp_as_soft_in, ALIAS (clear_bgp_as_soft_in, clear_bgp_as_in_cmd, - "clear bgp CMD_AS_RANGE in", + "clear bgp " CMD_AS_RANGE " in", CLEAR_STR BGP_STR "Clear peers with the AS number\n" @@ -5946,7 +5946,7 @@ ALIAS (clear_bgp_as_soft_in, ALIAS (clear_bgp_as_soft_in, clear_bgp_ipv6_as_in_cmd, - "clear bgp ipv6 CMD_AS_RANGE in", + "clear bgp ipv6 " CMD_AS_RANGE " in", CLEAR_STR BGP_STR "Address family\n" @@ -5955,7 +5955,7 @@ ALIAS (clear_bgp_as_soft_in, DEFUN (clear_bgp_as_in_prefix_filter, clear_bgp_as_in_prefix_filter_cmd, - "clear bgp CMD_AS_RANGE in prefix-filter", + "clear bgp " CMD_AS_RANGE " in prefix-filter", CLEAR_STR BGP_STR "Clear peers with the AS number\n" @@ -5968,7 +5968,7 @@ DEFUN (clear_bgp_as_in_prefix_filter, ALIAS (clear_bgp_as_in_prefix_filter, clear_bgp_ipv6_as_in_prefix_filter_cmd, - "clear bgp ipv6 CMD_AS_RANGE in prefix-filter", + "clear bgp ipv6 " CMD_AS_RANGE " in prefix-filter", CLEAR_STR BGP_STR "Address family\n" @@ -6283,7 +6283,7 @@ ALIAS (clear_bgp_external_soft, DEFUN (clear_ip_bgp_as_soft, clear_ip_bgp_as_soft_cmd, - "clear ip bgp CMD_AS_RANGE soft", + "clear ip bgp " CMD_AS_RANGE " soft", CLEAR_STR IP_STR BGP_STR @@ -6296,7 +6296,7 @@ DEFUN (clear_ip_bgp_as_soft, DEFUN (clear_ip_bgp_as_ipv4_soft, clear_ip_bgp_as_ipv4_soft_cmd, - "clear ip bgp CMD_AS_RANGE ipv4 (unicast|multicast) soft", + "clear ip bgp " CMD_AS_RANGE " ipv4 (unicast|multicast) soft", CLEAR_STR IP_STR BGP_STR @@ -6316,7 +6316,7 @@ DEFUN (clear_ip_bgp_as_ipv4_soft, DEFUN (clear_ip_bgp_as_vpnv4_soft, clear_ip_bgp_as_vpnv4_soft_cmd, - "clear ip bgp CMD_AS_RANGE vpnv4 unicast soft", + "clear ip bgp " CMD_AS_RANGE " vpnv4 unicast soft", CLEAR_STR IP_STR BGP_STR @@ -6331,7 +6331,7 @@ DEFUN (clear_ip_bgp_as_vpnv4_soft, DEFUN (clear_bgp_as_soft, clear_bgp_as_soft_cmd, - "clear bgp CMD_AS_RANGE soft", + "clear bgp " CMD_AS_RANGE " soft", CLEAR_STR BGP_STR "Clear peers with the AS number\n" @@ -6343,7 +6343,7 @@ DEFUN (clear_bgp_as_soft, ALIAS (clear_bgp_as_soft, clear_bgp_ipv6_as_soft_cmd, - "clear bgp ipv6 CMD_AS_RANGE soft", + "clear bgp ipv6 " CMD_AS_RANGE " soft", CLEAR_STR BGP_STR "Address family\n" @@ -6669,8 +6669,8 @@ bgp_show_summary (struct vty *vty, struct bgp *bgp, int afi, int safi) /* Usage summary and header */ vty_out (vty, - "BGP router identifier %s, local AS number %u%s", - inet_ntoa (bgp->router_id), (unsigned)bgp->as, VTY_NEWLINE); + "BGP router identifier %s, local AS number %d%s", + inet_ntoa (bgp->router_id), bgp->as, VTY_NEWLINE); ents = bgp_table_count (bgp->rib[afi][safi]); vty_out (vty, "RIB entries %ld, using %s of memory%s", ents, @@ -6716,8 +6716,8 @@ bgp_show_summary (struct vty *vty, struct bgp *bgp, int afi, int safi) vty_out (vty, "4 "); - vty_out (vty, "%5u %7d %7d %8d %4d %4lu ", - (unsigned)peer->as, + vty_out (vty, "%5d %7d %7d %8d %4d %4lu ", + peer->as, peer->open_in + peer->update_in + peer->keepalive_in + peer->notify_in + peer->refresh_in + peer->dynamic_cap_in, peer->open_out + peer->update_out + peer->keepalive_out @@ -7226,9 +7226,9 @@ bgp_show_peer (struct vty *vty, struct peer *p) /* Configured IP address. */ vty_out (vty, "BGP neighbor is %s, ", p->host); - vty_out (vty, "remote AS %u, ", (unsigned)p->as); - vty_out (vty, "local AS %u%s, ", - p->change_local_as ? (unsigned)p->change_local_as : (unsigned)p->local_as, + vty_out (vty, "remote AS %d, ", p->as); + vty_out (vty, "local AS %d%s, ", + p->change_local_as ? p->change_local_as : p->local_as, CHECK_FLAG (p->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND) ? " no-prepend" : ""); vty_out (vty, "%s link%s", @@ -8009,7 +8009,7 @@ bgp_show_rsclient_summary (struct vty *vty, struct bgp *bgp, "Route Server's BGP router identifier %s%s", inet_ntoa (bgp->router_id), VTY_NEWLINE); vty_out (vty, - "Route Server's local AS number %u%s", (unsigned)bgp->as, + "Route Server's local AS number %d%s", bgp->as, VTY_NEWLINE); vty_out (vty, "%s", VTY_NEWLINE); @@ -8938,11 +8938,9 @@ bgp_vty_init (void) install_element (BGP_NODE, &no_neighbor_local_as_val_cmd); install_element (BGP_NODE, &no_neighbor_local_as_val2_cmd); -#ifdef HAVE_TCP_MD5SIG /* "neighbor password" commands. */ install_element (BGP_NODE, &neighbor_password_cmd); install_element (BGP_NODE, &no_neighbor_password_cmd); -#endif /* HAVE_TCP_MD5SIG */ /* "neighbor activate" commands. */ install_element (BGP_NODE, &neighbor_activate_cmd); diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c index 539996f8..8eb0d2e4 100644 --- a/bgpd/bgpd.c +++ b/bgpd/bgpd.c @@ -684,7 +684,7 @@ peer_sort (struct peer *peer) } } -void +static inline void peer_free (struct peer *peer) { assert (peer->status == Deleted); @@ -697,8 +697,6 @@ peer_free (struct peer *peer) BGP_WRITE_OFF (peer->t_write); BGP_EVENT_FLUSH (peer); - bgp_unlock (peer->bgp); - if (peer->desc) XFREE (MTYPE_PEER_DESC, peer->desc); @@ -722,6 +720,48 @@ peer_free (struct peer *peer) XFREE (MTYPE_BGP_PEER, peer); } +/* increase reference count on a struct peer */ +struct peer * +peer_lock (struct peer *peer) +{ + assert (peer && (peer->lock >= 0)); + assert (peer->status != Deleted); + + peer->lock++; + + return peer; +} + +/* decrease reference count on a struct peer + * struct peer is freed and NULL returned if last reference + */ +struct peer * +peer_unlock (struct peer *peer) +{ + assert (peer && (peer->lock > 0)); + + peer->lock--; + + if (peer->lock == 0) + { +#if 0 + zlog_debug ("unlocked and freeing"); + zlog_backtrace (LOG_DEBUG); +#endif + peer_free (peer); + return NULL; + } + +#if 0 + if (peer->lock == 1) + { + zlog_debug ("unlocked to 1"); + zlog_backtrace (LOG_DEBUG); + } +#endif + + return peer; +} /* Allocate new peer object, implicitely locked. */ static struct peer * @@ -749,7 +789,7 @@ peer_new (struct bgp *bgp) peer->ostatus = Idle; peer->weight = 0; peer->password = NULL; - peer->bgp = bgp_lock (bgp); + peer->bgp = bgp; peer = peer_lock (peer); /* initial reference */ /* Set default flags. */ @@ -1150,7 +1190,7 @@ peer_delete (struct peer *peer) if ((pn = listnode_lookup (peer->group->peer, peer))) { - peer_unlock (peer); /* group->peer list reference */ + peer = peer_unlock (peer); /* group->peer list reference */ list_delete_node (peer->group->peer, pn); } peer->group = NULL; @@ -1164,19 +1204,16 @@ peer_delete (struct peer *peer) bgp_stop (peer); bgp_fsm_change_status (peer, Deleted); -#ifdef HAVE_TCP_MD5SIG /* Password configuration */ if (peer->password) { - free (peer->password); + XFREE (MTYPE_PEER_PASSWORD, peer->password); peer->password = NULL; - if (! CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP) - && sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (bm->sock, &peer->su.sin, NULL); + if (! CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP)) + bgp_md5_set (peer); } -#endif /* HAVE_TCP_MD5SIG */ - + bgp_timer_set (peer); /* stops all timers for Deleted */ /* Delete from all peer list. */ @@ -1203,10 +1240,7 @@ peer_delete (struct peer *peer) for (afi = AFI_IP; afi < AFI_MAX; afi++) for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) if (peer->rib[afi][safi] && ! peer->af_group[afi][safi]) - { - bgp_table_finish (peer->rib[afi][safi]); - peer->rib[afi][safi] = NULL; - } + bgp_table_finish (&peer->rib[afi][safi]); /* Buffers. */ if (peer->ibuf) @@ -1287,19 +1321,15 @@ peer_group_active (struct peer *peer) /* Peer group cofiguration. */ static struct peer_group * -peer_group_new (struct bgp *bgp) +peer_group_new () { - struct peer_group *group; - - group = XCALLOC (MTYPE_PEER_GROUP, sizeof (struct peer_group)); - group->bgp = bgp_lock (bgp); - return group; + return (struct peer_group *) XCALLOC (MTYPE_PEER_GROUP, + sizeof (struct peer_group)); } static void peer_group_free (struct peer_group *group) { - bgp_unlock (group->bgp); XFREE (MTYPE_PEER_GROUP, group); } @@ -1326,7 +1356,8 @@ peer_group_get (struct bgp *bgp, const char *name) if (group) return group; - group = peer_group_new (bgp); + group = peer_group_new (); + group->bgp = bgp; group->name = strdup (name); group->peer = list_new (); group->conf = peer_new (bgp); @@ -1398,26 +1429,16 @@ peer_group2peer_config_copy (struct peer_group *group, struct peer *peer, else peer->v_routeadv = BGP_DEFAULT_EBGP_ROUTEADV; -#ifdef HAVE_TCP_MD5SIG /* password apply */ - if (CHECK_FLAG (conf->flags, PEER_FLAG_PASSWORD)) - { - if (peer->password) - free (peer->password); - peer->password = strdup (conf->password); + if (peer->password) + XFREE (MTYPE_PEER_PASSWORD, peer->password); - if (sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (bm->sock, &peer->su.sin, peer->password); - } - else if (peer->password) - { - free (peer->password); - peer->password = NULL; + if (conf->password) + peer->password = XSTRDUP (MTYPE_PEER_PASSWORD, conf->password); + else + peer->password = NULL; - if (sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (bm->sock, &peer->su.sin, NULL); - } -#endif /* HAVE_TCP_MD5SIG */ + bgp_md5_set (peer); /* maximum-prefix */ peer->pmax[afi][safi] = conf->pmax[afi][safi]; @@ -1800,8 +1821,7 @@ peer_group_bind (struct bgp *bgp, union sockunion *su, list_delete_node (bgp->rsclient, pn); } - bgp_table_finish (peer->rib[afi][safi]); - peer->rib[afi][safi] = NULL; + bgp_table_finish (&peer->rib[afi][safi]); /* Import policy. */ if (peer->filter[afi][safi].map[RMAP_IMPORT].name) @@ -1889,7 +1909,6 @@ bgp_create (as_t *as, const char *name) if ( (bgp = XCALLOC (MTYPE_BGP, sizeof (struct bgp))) == NULL) return NULL; - bgp_lock(bgp); /* initial reference */ bgp->peer_self = peer_new (bgp); bgp->peer_self->host = strdup ("Static announcement"); @@ -2018,7 +2037,7 @@ bgp_get (struct bgp **bgp_val, as_t *as, const char *name) } /* Delete BGP instance. */ -void +int bgp_delete (struct bgp *bgp) { struct peer *peer; @@ -2026,6 +2045,7 @@ bgp_delete (struct bgp *bgp) struct listnode *node; struct listnode *next; afi_t afi; + safi_t safi; int i; /* Delete static route. */ @@ -2050,16 +2070,7 @@ bgp_delete (struct bgp *bgp) list_delete (bgp->rsclient); listnode_delete (bm->bgp, bgp); - - bgp_unlock(bgp); -} - -void -bgp_free(struct bgp *bgp) -{ - afi_t afi; - safi_t safi; - + if (bgp->name) free (bgp->name); @@ -2074,6 +2085,8 @@ bgp_free(struct bgp *bgp) XFREE (MTYPE_ROUTE_TABLE,bgp->rib[afi][safi]); } XFREE (MTYPE_BGP, bgp); + + return 0; } struct peer * @@ -3389,26 +3402,25 @@ peer_local_as_unset (struct peer *peer) return 0; } -#ifdef HAVE_TCP_MD5SIG /* Set password for authenticating with the peer. */ int peer_password_set (struct peer *peer, const char *password) { - struct peer_group *group; struct listnode *nn, *nnode; int len = password ? strlen(password) : 0; + int ret = BGP_SUCCESS; if ((len < PEER_PASSWORD_MINLEN) || (len > PEER_PASSWORD_MAXLEN)) return BGP_ERR_INVALID_VALUE; if (peer->password && strcmp (peer->password, password) == 0 && ! CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP)) - return 0; + return 0; - SET_FLAG (peer->flags, PEER_FLAG_PASSWORD); if (peer->password) - free (peer->password); - peer->password = strdup (password); + XFREE (MTYPE_PEER_PASSWORD, peer->password); + + peer->password = XSTRDUP (MTYPE_PEER_PASSWORD, password); if (! CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP)) { @@ -3416,50 +3428,46 @@ peer_password_set (struct peer *peer, const char *password) bgp_notify_send (peer, BGP_NOTIFY_CEASE, BGP_NOTIFY_CEASE_CONFIG_CHANGE); else BGP_EVENT_ADD (peer, BGP_Stop); - - if (sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (bm->sock, &peer->su.sin, peer->password); - return 0; + + return (bgp_md5_set (peer) >= 0) ? BGP_SUCCESS : BGP_ERR_TCPSIG_FAILED; } - group = peer->group; - /* #42# LIST_LOOP (group->peer, peer, nn) */ - for (ALL_LIST_ELEMENTS (group->peer, nn, nnode, peer)) + for (ALL_LIST_ELEMENTS (peer->group->peer, nn, nnode, peer)) { if (peer->password && strcmp (peer->password, password) == 0) continue; - - SET_FLAG (peer->flags, PEER_FLAG_PASSWORD); + if (peer->password) - free (peer->password); - peer->password = strdup (password); + XFREE (MTYPE_PEER_PASSWORD, peer->password); + + peer->password = XSTRDUP(MTYPE_PEER_PASSWORD, password); if (peer->status == Established) bgp_notify_send (peer, BGP_NOTIFY_CEASE, BGP_NOTIFY_CEASE_CONFIG_CHANGE); else BGP_EVENT_ADD (peer, BGP_Stop); - - if (sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (bm->sock, &peer->su.sin, peer->password); + + if (bgp_md5_set (peer) < 0) + ret = BGP_ERR_TCPSIG_FAILED; } - return 0; + return ret; } int peer_password_unset (struct peer *peer) { - struct peer_group *group; struct listnode *nn, *nnode; - if (! CHECK_FLAG (peer->flags, PEER_FLAG_PASSWORD) - && ! CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP)) + if (!peer->password + && !CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP)) return 0; - if (! CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP)) + if (!CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP)) { if (peer_group_active (peer) - && CHECK_FLAG (peer->group->conf->flags, PEER_FLAG_PASSWORD)) + && peer->group->conf->password + && strcmp (peer->group->conf->password, peer->password) == 0) return BGP_ERR_PEER_GROUP_HAS_THE_FLAG; if (peer->status == Established) @@ -3467,46 +3475,37 @@ peer_password_unset (struct peer *peer) else BGP_EVENT_ADD (peer, BGP_Stop); - if (sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (bm->sock, &peer->su.sin, NULL); - - UNSET_FLAG (peer->flags, PEER_FLAG_PASSWORD); if (peer->password) - free (peer->password); + XFREE (MTYPE_PEER_PASSWORD, peer->password); + peer->password = NULL; + + bgp_md5_set (peer); return 0; } - UNSET_FLAG (peer->flags, PEER_FLAG_PASSWORD); - if (peer->password) - free (peer->password); + XFREE (MTYPE_PEER_PASSWORD, peer->password); peer->password = NULL; - group = peer->group; - /* #42# LIST_LOOP (group->peer, peer, nn) */ - for (ALL_LIST_ELEMENTS (group->peer, nn, nnode, peer)) + for (ALL_LIST_ELEMENTS (peer->group->peer, nn, nnode, peer)) { - if (! CHECK_FLAG (peer->flags, PEER_FLAG_PASSWORD)) + if (!peer->password) continue; if (peer->status == Established) bgp_notify_send (peer, BGP_NOTIFY_CEASE, BGP_NOTIFY_CEASE_CONFIG_CHANGE); else BGP_EVENT_ADD (peer, BGP_Stop); - - if (sockunion_family (&peer->su) == AF_INET) - bgp_md5_set (bm->sock, &peer->su.sin, NULL); - - UNSET_FLAG (peer->flags, PEER_FLAG_PASSWORD); - if (peer->password) - free (peer->password); + + XFREE (MTYPE_PEER_PASSWORD, peer->password); peer->password = NULL; + + bgp_md5_set (peer); } return 0; } -#endif /* HAVE_TCP_MD5SIG */ /* Set distribute list to the peer. */ int @@ -4513,13 +4512,13 @@ bgp_config_write_peer (struct vty *vty, struct bgp *bgp, vty_out (vty, " neighbor %s peer-group%s", addr, VTY_NEWLINE); if (peer->as) - vty_out (vty, " neighbor %s remote-as %u%s", addr, (unsigned)peer->as, + vty_out (vty, " neighbor %s remote-as %d%s", addr, peer->as, VTY_NEWLINE); } else { if (! g_peer->as) - vty_out (vty, " neighbor %s remote-as %u%s", addr, (unsigned)peer->as, + vty_out (vty, " neighbor %s remote-as %d%s", addr, peer->as, VTY_NEWLINE); if (peer->af_group[AFI_IP][SAFI_UNICAST]) vty_out (vty, " neighbor %s peer-group %s%s", addr, @@ -4545,19 +4544,17 @@ bgp_config_write_peer (struct vty *vty, struct bgp *bgp, ! CHECK_FLAG (g_peer->flags, PEER_FLAG_SHUTDOWN)) vty_out (vty, " neighbor %s shutdown%s", addr, VTY_NEWLINE); -#ifdef HAVE_TCP_MD5SIG /* Password. */ - if (CHECK_FLAG (peer->flags, PEER_FLAG_PASSWORD)) - if (! peer_group_active (peer) - || ! CHECK_FLAG (g_peer->flags, PEER_FLAG_PASSWORD) + if (peer->password) + if (!peer_group_active (peer) + || ! g_peer->password || strcmp (peer->password, g_peer->password) != 0) vty_out (vty, " neighbor %s password %s%s", addr, peer->password, VTY_NEWLINE); -#endif /* HAVE_TCP_MD5SIG */ /* BGP port. */ if (peer->port != BGP_PORT_DEFAULT) - vty_out (vty, " neighbor %s port %d%s", addr, peer->port, + vty_out (vty, " neighbor %s port %d%s", addr, peer->port, VTY_NEWLINE); /* Local interface name. */ @@ -4920,7 +4917,7 @@ bgp_config_write (struct vty *vty) vty_out (vty, "!%s", VTY_NEWLINE); /* Router bgp ASN */ - vty_out (vty, "router bgp %u", (unsigned)bgp->as); + vty_out (vty, "router bgp %d", bgp->as); if (bgp_option_check (BGP_OPT_MULTIPLE_INSTANCE)) { @@ -5087,12 +5084,10 @@ bgp_master_init (void) bm = &bgp_master; bm->bgp = list_new (); + bm->listen_sockets = list_new (); bm->port = BGP_PORT_DEFAULT; bm->master = thread_master_create (); bm->start_time = time (NULL); -#ifdef HAVE_TCP_MD5SIG - bm->sock = -1; -#endif /* HAVE_TCP_MD5SIG */ } diff --git a/bgpd/bgpd.conf.sample b/bgpd/bgpd.conf.sample index 62cacc85..b6a8b6f1 100644 --- a/bgpd/bgpd.conf.sample +++ b/bgpd/bgpd.conf.sample @@ -2,7 +2,7 @@ ! ! BGPd sample configuratin file ! -! $Id$ +! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $ ! hostname bgpd password zebra diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h index 124ccb24..3be7f56d 100644 --- a/bgpd/bgpd.h +++ b/bgpd/bgpd.h @@ -42,6 +42,9 @@ struct bgp_master struct work_queue *process_main_queue; struct work_queue *process_rsclient_queue; + /* Listening sockets */ + struct list *listen_sockets; + /* BGP port number. */ u_int16_t port; @@ -390,7 +393,10 @@ struct peer #define PEER_FLAG_ORF_PREFIX_RM (1 << 13) /* orf capability receive-mode */ #define PEER_FLAG_MAX_PREFIX (1 << 14) /* maximum prefix */ #define PEER_FLAG_MAX_PREFIX_WARNING (1 << 15) /* maximum prefix warning-only */ -#define PEER_FLAG_NEXTHOP_LOCAL_UNCHANGED (1 << 16) /* leave link-local nexthop unchanged */ +#define PEER_FLAG_NEXTHOP_LOCAL_UNCHANGED (1 << 16) /* leave link-local nexthop unchanged */ + + /* MD5 password */ + char *password; /* MD5 password */ char *password; @@ -550,13 +556,9 @@ struct peer #define PEER_RMAP_TYPE_EXPORT (1 << 7) /* neighbor route-map export */ }; -#if defined(HAVE_TCP_MD5SIG) - #define PEER_PASSWORD_MINLEN (1) #define PEER_PASSWORD_MAXLEN (80) -#endif /* HAVE_TCP_MD5SIG */ - /* This structure's member directly points incoming packet data stream. */ struct bgp_nlri @@ -810,7 +812,8 @@ enum bgp_clear_type #define BGP_ERR_INSTANCE_MISMATCH -26 #define BGP_ERR_LOCAL_AS_ALLOWED_ONLY_FOR_EBGP -27 #define BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS -28 -#define BGP_ERR_MAX -29 +#define BGP_ERR_TCPSIG_FAILED -29 +#define BGP_ERR_MAX -30 extern struct bgp_master *bm; @@ -984,10 +987,9 @@ extern int peer_route_map_set (struct peer *, afi_t, safi_t, int, const char *); extern int peer_route_map_unset (struct peer *, afi_t, safi_t, int); extern int peer_unsuppress_map_set (struct peer *, afi_t, safi_t, const char *); -#ifdef HAVE_TCP_MD5SIG + extern int peer_password_set (struct peer *, const char *); extern int peer_password_unset (struct peer *); -#endif /* HAVE_TCP_MD5SIG */ extern int peer_unsuppress_map_unset (struct peer *, afi_t, safi_t); |