diff options
| author | Hiroki Sato <hrs@FreeBSD.org> | 2012-12-24 12:41:36 +0000 |
|---|---|---|
| committer | Hiroki Sato <hrs@FreeBSD.org> | 2012-12-24 12:41:36 +0000 |
| commit | a32e5104bf6844ba5ab021a4965e712db701a575 (patch) | |
| tree | 0462fe8b3ffdc2915376fe6e637f13ffa3254444 /net/openbgpd | |
| parent | e7099ba051e55619cd5361848a10ebd70e3d6dd4 (diff) | |
| download | ports-a32e5104bf6844ba5ab021a4965e712db701a575.tar.gz ports-a32e5104bf6844ba5ab021a4965e712db701a575.zip | |
Update to 5.2.201201209.
Notes
Notes:
svn path=/head/; revision=309456
Diffstat (limited to 'net/openbgpd')
| -rw-r--r-- | net/openbgpd/Makefile | 2 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpctl_bgpctl.c | 61 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_bgpd.c | 31 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_bgpd.conf.5 | 68 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_bgpd.h | 50 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_buffer.c | 358 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_carp.c | 5 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_kroute.c | 55 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_mrt.c | 55 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_parse.y | 108 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_printconf.c | 30 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_rde.h | 15 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_rde_filter.c | 85 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-bgpd_session.c | 137 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-openbsd-compat_imsg-buffer.c | 34 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-openbsd-compat_imsg.c | 62 | ||||
| -rw-r--r-- | net/openbgpd/files/patch-openbsd-compat_imsg.h | 4 |
17 files changed, 584 insertions, 576 deletions
diff --git a/net/openbgpd/Makefile b/net/openbgpd/Makefile index cdf52e324282..da32e76f412d 100644 --- a/net/openbgpd/Makefile +++ b/net/openbgpd/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openbgpd -PORTVERSION= 5.2.20121014 +PORTVERSION= 5.2.20121209 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_OPENBSD} MASTER_SITE_SUBDIR= OpenBGPD diff --git a/net/openbgpd/files/patch-bgpctl_bgpctl.c b/net/openbgpd/files/patch-bgpctl_bgpctl.c index 54006c76dff3..1553efc83281 100644 --- a/net/openbgpd/files/patch-bgpctl_bgpctl.c +++ b/net/openbgpd/files/patch-bgpctl_bgpctl.c @@ -2,12 +2,13 @@ Index: bgpctl/bgpctl.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpctl/bgpctl.c,v retrieving revision 1.1.1.7 -diff -u -p -r1.1.1.7 bgpctl.c +retrieving revision 1.10 +diff -u -p -r1.1.1.7 -r1.10 --- bgpctl/bgpctl.c 14 Feb 2010 20:20:14 -0000 1.1.1.7 -+++ bgpctl/bgpctl.c 13 Oct 2012 18:49:31 -0000 ++++ bgpctl/bgpctl.c 8 Dec 2012 20:17:55 -0000 1.10 @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpctl.c,v 1.142 2009/06/06 06:33:15 eric Exp $ */ -+/* $OpenBSD: bgpctl.c,v 1.165 2012/09/12 05:57:10 claudio Exp $ */ ++/* $OpenBSD: bgpctl.c,v 1.167 2012/11/15 19:55:08 sthen Exp $ */ /* * Copyright (c) 2003 Henning Brauer <henning@openbsd.org> @@ -391,7 +392,7 @@ diff -u -p -r1.1.1.7 bgpctl.c p->conf.remote_masklen != 128)) { if (asprintf(&s, "%s/%u", log_addr(&p->conf.remote_addr), -@@ -549,6 +643,10 @@ show_neighbor_msg(struct imsg *imsg, enu +@@ -549,9 +643,20 @@ show_neighbor_msg(struct imsg *imsg, enu printf(", Template"); if (p->conf.cloned) printf(", Cloned"); @@ -402,7 +403,17 @@ diff -u -p -r1.1.1.7 bgpctl.c printf("\n"); if (p->conf.descr[0]) printf(" Description: %s\n", p->conf.descr); -@@ -563,22 +661,24 @@ show_neighbor_msg(struct imsg *imsg, enu ++ if (p->conf.max_prefix) { ++ printf(" Max-prefix: %u", p->conf.max_prefix); ++ if (p->conf.max_prefix_restart) ++ printf(" (restart %u)", ++ p->conf.max_prefix_restart); ++ printf("\n"); ++ } + printf(" BGP version 4, remote router-id %s\n", + inet_ntoa(ina)); + printf(" BGP state = %s", statenames[p->state]); +@@ -563,22 +668,24 @@ show_neighbor_msg(struct imsg *imsg, enu printf(" Last read %s, holdtime %us, keepalive interval %us\n", fmt_timeframe(p->stats.last_read), p->holdtime, p->holdtime/3); @@ -439,7 +450,7 @@ diff -u -p -r1.1.1.7 bgpctl.c if (p->capa.peer.as4byte) printf(" 4-byte AS numbers\n"); } -@@ -633,20 +733,38 @@ show_neighbor_msg(struct imsg *imsg, enu +@@ -633,20 +740,38 @@ show_neighbor_msg(struct imsg *imsg, enu } void @@ -491,7 +502,7 @@ diff -u -p -r1.1.1.7 bgpctl.c } void -@@ -654,17 +772,17 @@ print_neighbor_msgstats(struct peer *p) +@@ -654,17 +779,17 @@ print_neighbor_msgstats(struct peer *p) { printf(" Message statistics:\n"); printf(" %-15s %-10s %-10s\n", "", "Sent", "Received"); @@ -515,7 +526,7 @@ diff -u -p -r1.1.1.7 bgpctl.c p->stats.msg_sent_open + p->stats.msg_sent_notification + p->stats.msg_sent_update + p->stats.msg_sent_keepalive + p->stats.msg_sent_rrefresh, -@@ -673,14 +791,16 @@ print_neighbor_msgstats(struct peer *p) +@@ -673,14 +798,16 @@ print_neighbor_msgstats(struct peer *p) p->stats.msg_rcvd_rrefresh); printf(" Update statistics:\n"); printf(" %-15s %-10s %-10s\n", "", "Sent", "Received"); @@ -535,7 +546,7 @@ diff -u -p -r1.1.1.7 bgpctl.c { printf(" %-20s ", name); -@@ -745,6 +865,12 @@ show_fib_head(void) +@@ -745,6 +872,12 @@ show_fib_head(void) } void @@ -548,7 +559,7 @@ diff -u -p -r1.1.1.7 bgpctl.c show_network_head(void) { printf("flags: S = Static\n"); -@@ -788,56 +914,44 @@ show_fib_flags(u_int16_t flags) +@@ -788,56 +921,44 @@ show_fib_flags(u_int16_t flags) int show_fib_msg(struct imsg *imsg) { @@ -597,10 +608,10 @@ diff -u -p -r1.1.1.7 bgpctl.c + if (imsg->hdr.len < IMSG_HEADER_SIZE + sizeof(*kt)) errx(1, "wrong imsg len"); - k6 = imsg->data; +- +- show_fib_flags(k6->flags); + kt = imsg->data; -- show_fib_flags(k6->flags); -- - if (asprintf(&p, "%s/%u", log_in6addr(&k6->prefix), - k6->prefixlen) == -1) - err(1, NULL); @@ -623,7 +634,7 @@ diff -u -p -r1.1.1.7 bgpctl.c default: break; } -@@ -848,35 +962,70 @@ show_fib_msg(struct imsg *imsg) +@@ -848,35 +969,70 @@ show_fib_msg(struct imsg *imsg) void show_nexthop_head(void) { @@ -712,7 +723,7 @@ diff -u -p -r1.1.1.7 bgpctl.c } printf("\n"); break; -@@ -898,9 +1047,8 @@ show_interface_head(void) +@@ -898,9 +1054,8 @@ show_interface_head(void) "Link state"); } @@ -724,7 +735,7 @@ diff -u -p -r1.1.1.7 bgpctl.c const struct ifmedia_description ifm_type_descriptions[] = IFM_TYPE_DESCRIPTIONS; -@@ -936,36 +1084,36 @@ get_media_descr(int media_type) +@@ -936,36 +1091,36 @@ get_media_descr(int media_type) const char * get_linkstate(int media_type, int link_state) { @@ -783,7 +794,7 @@ diff -u -p -r1.1.1.7 bgpctl.c } int -@@ -982,17 +1130,12 @@ show_interface_msg(struct imsg *imsg) +@@ -982,17 +1137,12 @@ show_interface_msg(struct imsg *imsg) printf("%-15s", k->flags & IFF_UP ? "UP" : ""); if ((ifms_type = ift2ifm(k->media_type)) != 0) @@ -806,7 +817,7 @@ diff -u -p -r1.1.1.7 bgpctl.c printf("\n"); break; case IMSG_CTL_END: -@@ -1008,10 +1151,10 @@ show_interface_msg(struct imsg *imsg) +@@ -1008,10 +1158,10 @@ show_interface_msg(struct imsg *imsg) void show_rib_summary_head(void) { @@ -820,7 +831,7 @@ diff -u -p -r1.1.1.7 bgpctl.c "gateway", "lpref", "med", "aspath origin"); } -@@ -1049,26 +1192,30 @@ print_flags(u_int8_t flags, int sum) +@@ -1049,26 +1199,30 @@ print_flags(u_int8_t flags, int sum) char *p = flagstr; if (sum) { @@ -859,7 +870,7 @@ diff -u -p -r1.1.1.7 bgpctl.c printf(", announced"); } } -@@ -1077,27 +1224,14 @@ int +@@ -1077,27 +1231,14 @@ int show_rib_summary_msg(struct imsg *imsg) { struct ctl_show_rib rib; @@ -888,7 +899,7 @@ diff -u -p -r1.1.1.7 bgpctl.c break; case IMSG_CTL_END: return (1); -@@ -1112,108 +1246,21 @@ int +@@ -1112,108 +1253,21 @@ int show_rib_detail_msg(struct imsg *imsg, int nodescr) { struct ctl_show_rib rib; @@ -1003,7 +1014,7 @@ diff -u -p -r1.1.1.7 bgpctl.c break; case IMSG_CTL_END: printf("\n"); -@@ -1225,67 +1272,128 @@ show_rib_detail_msg(struct imsg *imsg, i +@@ -1225,67 +1279,128 @@ show_rib_detail_msg(struct imsg *imsg, i return (0); } @@ -1182,7 +1193,7 @@ diff -u -p -r1.1.1.7 bgpctl.c } void -@@ -1328,30 +1436,6 @@ show_community(u_char *data, u_int16_t l +@@ -1328,30 +1443,6 @@ show_community(u_char *data, u_int16_t l } } @@ -1213,7 +1224,7 @@ diff -u -p -r1.1.1.7 bgpctl.c void show_ext_community(u_char *data, u_int16_t len) { -@@ -1372,34 +1456,101 @@ show_ext_community(u_char *data, u_int16 +@@ -1372,34 +1463,101 @@ show_ext_community(u_char *data, u_int16 case EXT_COMMUNITY_TWO_AS: memcpy(&as2, data + i + 2, sizeof(as2)); memcpy(&u32, data + i + 4, sizeof(u32)); @@ -1322,7 +1333,7 @@ diff -u -p -r1.1.1.7 bgpctl.c void send_filterset(struct imsgbuf *i, struct filter_set_head *set) { -@@ -1469,6 +1620,183 @@ show_result(struct imsg *imsg) +@@ -1469,6 +1627,183 @@ show_result(struct imsg *imsg) return (1); } @@ -1506,7 +1517,7 @@ diff -u -p -r1.1.1.7 bgpctl.c /* following functions are necessary for imsg framework */ void log_warnx(const char *emsg, ...) -@@ -1495,3 +1823,9 @@ fatal(const char *emsg) +@@ -1495,3 +1830,9 @@ fatal(const char *emsg) { err(1, emsg); } diff --git a/net/openbgpd/files/patch-bgpd_bgpd.c b/net/openbgpd/files/patch-bgpd_bgpd.c index 43fb3eb010a2..322a8088a075 100644 --- a/net/openbgpd/files/patch-bgpd_bgpd.c +++ b/net/openbgpd/files/patch-bgpd_bgpd.c @@ -2,13 +2,13 @@ Index: bgpd/bgpd.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/bgpd.c,v retrieving revision 1.1.1.7 -retrieving revision 1.1.1.11 -diff -u -p -r1.1.1.7 -r1.1.1.11 +retrieving revision 1.1.1.12 +diff -u -p -r1.1.1.7 -r1.1.1.12 --- bgpd/bgpd.c 14 Feb 2010 20:19:57 -0000 1.1.1.7 -+++ bgpd/bgpd.c 13 Oct 2012 18:22:38 -0000 1.1.1.11 ++++ bgpd/bgpd.c 8 Dec 2012 10:37:08 -0000 1.1.1.12 @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpd.c,v 1.148 2009/06/07 00:30:23 claudio Exp $ */ -+/* $OpenBSD: bgpd.c,v 1.168 2011/08/20 19:02:28 sthen Exp $ */ ++/* $OpenBSD: bgpd.c,v 1.169 2012/09/18 09:45:51 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -264,7 +264,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 log_info("Terminating"); return (0); -@@ -452,27 +414,32 @@ send_filterset(struct imsgbuf *i, struct +@@ -452,27 +414,33 @@ send_filterset(struct imsgbuf *i, struct int reconfigure(char *conffile, struct bgpd_config *conf, struct mrt_head *mrt_l, @@ -293,6 +293,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 + &rdom_l)) { log_warnx("config file %s has errors, not reloading", conffile); ++ reconfpending = 0; return (1); } @@ -305,7 +306,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 prepare_listeners(conf); /* start reconfiguration */ -@@ -483,12 +450,6 @@ reconfigure(char *conffile, struct bgpd_ +@@ -483,12 +451,6 @@ reconfigure(char *conffile, struct bgpd_ conf, sizeof(struct bgpd_config)) == -1) return (-1); @@ -318,7 +319,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 TAILQ_FOREACH(la, conf->listen_addrs, entry) { if (imsg_compose(ibuf_se, IMSG_RECONF_LISTENER, 0, 0, la->fd, la, sizeof(struct listen_addr)) == -1) -@@ -496,51 +457,104 @@ reconfigure(char *conffile, struct bgpd_ +@@ -496,51 +458,104 @@ reconfigure(char *conffile, struct bgpd_ la->fd = -1; } @@ -440,7 +441,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 /* mrt changes can be sent out of bound */ mrt_reconfigure(mrt_l); return (0); -@@ -550,8 +564,8 @@ int +@@ -550,8 +565,8 @@ int dispatch_imsg(struct imsgbuf *ibuf, int idx) { struct imsg imsg; @@ -451,7 +452,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 if ((n = imsg_read(ibuf)) == -1) return (-1); -@@ -573,46 +587,39 @@ dispatch_imsg(struct imsgbuf *ibuf, int +@@ -573,46 +588,39 @@ dispatch_imsg(struct imsgbuf *ibuf, int case IMSG_KROUTE_CHANGE: if (idx != PFD_PIPE_ROUTE) log_warnx("route request not from RDE"); @@ -516,7 +517,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 break; case IMSG_PFTABLE_ADD: if (idx != PFD_PIPE_ROUTE) -@@ -646,26 +653,28 @@ dispatch_imsg(struct imsgbuf *ibuf, int +@@ -646,26 +654,28 @@ dispatch_imsg(struct imsgbuf *ibuf, int case IMSG_CTL_RELOAD: if (idx != PFD_PIPE_SESSION) log_warnx("reload request not from SE"); @@ -548,7 +549,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 if (idx != PFD_PIPE_SESSION) log_warnx("kroute request not from SE"); else -@@ -692,6 +701,16 @@ dispatch_imsg(struct imsgbuf *ibuf, int +@@ -692,6 +702,16 @@ dispatch_imsg(struct imsgbuf *ibuf, int carp_demote_set(msg->demote_group, msg->level); } break; @@ -565,7 +566,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 default: break; } -@@ -707,7 +726,7 @@ send_nexthop_update(struct kroute_nextho +@@ -707,7 +727,7 @@ send_nexthop_update(struct kroute_nextho { char *gw = NULL; @@ -574,7 +575,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 if (asprintf(&gw, ": via %s", log_addr(&msg->gateway)) == -1) { log_warn("send_nexthop_update"); -@@ -717,7 +736,7 @@ send_nexthop_update(struct kroute_nextho +@@ -717,7 +737,7 @@ send_nexthop_update(struct kroute_nextho log_info("nexthop %s now %s%s%s", log_addr(&msg->nexthop), msg->valid ? "valid" : "invalid", msg->connected ? ": directly connected" : "", @@ -583,7 +584,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 free(gw); -@@ -733,56 +752,20 @@ send_imsg_session(int type, pid_t pid, v +@@ -733,56 +753,20 @@ send_imsg_session(int type, pid_t pid, v } int @@ -644,7 +645,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.11 } int -@@ -810,3 +793,45 @@ bgpd_filternexthop(struct kroute *kr, st +@@ -810,3 +794,45 @@ bgpd_filternexthop(struct kroute *kr, st return (1); } diff --git a/net/openbgpd/files/patch-bgpd_bgpd.conf.5 b/net/openbgpd/files/patch-bgpd_bgpd.conf.5 index 306de76703d7..32f4439fc0ab 100644 --- a/net/openbgpd/files/patch-bgpd_bgpd.conf.5 +++ b/net/openbgpd/files/patch-bgpd_bgpd.conf.5 @@ -2,13 +2,13 @@ Index: bgpd/bgpd.conf.5 =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/bgpd.conf.5,v retrieving revision 1.1.1.7 -retrieving revision 1.9 -diff -u -p -r1.1.1.7 -r1.9 +retrieving revision 1.10 +diff -u -p -r1.1.1.7 -r1.10 --- bgpd/bgpd.conf.5 14 Feb 2010 20:19:57 -0000 1.1.1.7 -+++ bgpd/bgpd.conf.5 13 Oct 2012 18:36:00 -0000 1.9 ++++ bgpd/bgpd.conf.5 8 Dec 2012 20:17:59 -0000 1.10 @@ -1,4 +1,4 @@ -.\" $OpenBSD: bgpd.conf.5,v 1.94 2009/06/07 00:31:22 claudio Exp $ -+.\" $OpenBSD: bgpd.conf.5,v 1.120 2012/07/07 08:22:57 claudio Exp $ ++.\" $OpenBSD: bgpd.conf.5,v 1.122 2012/11/13 09:47:20 claudio Exp $ .\" .\" Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org> .\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -17,7 +17,7 @@ diff -u -p -r1.1.1.7 -r1.9 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: June 7 2009 $ -+.Dd $Mdocdate: July 7 2012 $ ++.Dd $Mdocdate: November 13 2012 $ .Dt BGPD.CONF 5 .Os .Sh NAME @@ -249,7 +249,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Xc If set to .Ic yes , -@@ -376,6 +409,111 @@ to EBGP neighbors are not prepended with +@@ -376,6 +409,110 @@ to EBGP neighbors are not prepended with The default is .Ic no . .El @@ -356,12 +356,11 @@ diff -u -p -r1.1.1.7 -r1.9 +Whereas +.Ar local +can be chosen by the local operator. -+.Pp +.El .Sh NEIGHBORS AND GROUPS .Xr bgpd 8 establishes TCP connections to other BGP speakers called -@@ -470,21 +608,35 @@ The default for IBGP peers is +@@ -470,21 +607,35 @@ The default for IBGP peers is .Pp .It Xo .Ic announce @@ -403,7 +402,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Xc If set to .Ic no , -@@ -493,6 +645,29 @@ This can be helpful to connect to old or +@@ -493,6 +644,29 @@ This can be helpful to connect to old or The default is .Ic yes . .Pp @@ -433,7 +432,7 @@ diff -u -p -r1.1.1.7 -r1.9 .It Ic demote Ar group Increase the .Xr carp 4 -@@ -504,7 +679,7 @@ The demotion counter will be increased a +@@ -504,7 +678,7 @@ The demotion counter will be increased a .Xr bgpd 8 starts and decreased 60 seconds after the session went to state @@ -442,7 +441,7 @@ diff -u -p -r1.1.1.7 -r1.9 For neighbors added at runtime, the demotion counter is only increased after the session has been .Em ESTABLISHED -@@ -548,8 +723,8 @@ Do not start the session when bgpd comes +@@ -548,8 +722,8 @@ Do not start the session when bgpd comes .Pp .It Xo .Ic dump @@ -453,7 +452,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Ar file Op Ar timeout .Xc Do a peer specific MRT dump. -@@ -564,7 +739,7 @@ section in +@@ -564,7 +738,7 @@ section in .Pp .It Xo .Ic enforce neighbor-as @@ -462,7 +461,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Xc If set to .Ic yes , -@@ -589,10 +764,16 @@ Inherited from the global configuration +@@ -589,10 +763,16 @@ Inherited from the global configuration Set the minimal acceptable holdtime. Inherited from the global configuration if not given. .Pp @@ -481,7 +480,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Ic spi Ar spi-number authspec Op Ar encspec .Xc Enable IPsec with static keying. -@@ -627,7 +808,7 @@ Keys must be given in hexadecimal format +@@ -627,7 +807,7 @@ Keys must be given in hexadecimal format .Pp .It Xo .Ic ipsec @@ -490,7 +489,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Ic ike .Xc Enable IPsec with dynamic keying. -@@ -639,11 +820,11 @@ is responsible for managing the session +@@ -639,11 +819,11 @@ is responsible for managing the session With .Xr isakmpd 8 , it is sufficient to copy the peer's public key, found in @@ -504,7 +503,7 @@ diff -u -p -r1.1.1.7 -r1.9 The local public key must be copied to the peer in the same way. As .Xr bgpd 8 -@@ -698,11 +879,11 @@ Do not attempt to actively open a TCP co +@@ -698,11 +878,11 @@ Do not attempt to actively open a TCP co .It Ic remote-as Ar as-number Set the AS number of the remote system. .Pp @@ -518,7 +517,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Em route-reflector for this neighbor. An optional cluster ID can be specified; otherwise the BGP ID will be used. -@@ -732,8 +913,8 @@ These sets are rewritten into filter rul +@@ -732,8 +912,8 @@ These sets are rewritten into filter rul .Pp .It Xo .Ic softreconfig @@ -529,7 +528,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Xc Turn soft reconfiguration on or off for the specified direction. If soft reconfiguration is turned on, filter changes will be applied on -@@ -760,7 +941,7 @@ tcp md5sig key deadbeef +@@ -760,7 +940,7 @@ tcp md5sig key deadbeef .Pp .It Xo .Ic transparent-as @@ -538,7 +537,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Xc If set to .Ic yes , -@@ -772,7 +953,7 @@ setting. +@@ -772,7 +952,7 @@ setting. .Pp .It Xo .Ic ttl-security @@ -547,7 +546,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Xc Enable or disable ttl-security. When enabled, -@@ -849,6 +1030,10 @@ is matched against a part of the +@@ -849,6 +1029,10 @@ is matched against a part of the .Em AS path specified by the .Ar as-type . @@ -558,7 +557,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Ar as-type is one of the following operators: .Pp -@@ -917,7 +1102,32 @@ may be set to +@@ -917,7 +1101,32 @@ may be set to which is expanded to the current neighbor remote AS number. .Pp .It Xo @@ -592,7 +591,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Ar peer .Xc This rule applies only to -@@ -945,7 +1155,7 @@ if enclosed in curly brackets: +@@ -945,7 +1154,7 @@ if enclosed in curly brackets: deny from { 128.251.16.1, 251.128.16.2, group hojo } .Ed .Pp @@ -601,7 +600,7 @@ diff -u -p -r1.1.1.7 -r1.9 This rule applies only to routes matching the stated address family. The address family needs to be set only in rules that use .Ic prefixlen -@@ -953,6 +1163,24 @@ without specifying a +@@ -953,6 +1162,37 @@ without specifying a .Ic prefix beforehand. .Pp @@ -623,10 +622,23 @@ diff -u -p -r1.1.1.7 -r1.9 +.Ar len +times. +.Pp ++.It Ic nexthop Ar address ++This rule applies only to ++.Em UPDATES ++where the nexthop is equal to ++.Ar address . ++The ++.Ar address ++can be set to ++.Em neighbor ++in which case the nexthop is compared against the address of the neighbor. ++Nexthop filtering is not supported on locally announced networks and one must ++take into consideration previous rules overwriting nexthops. ++.Pp .It Xo .Ic prefix .Ar address Ns Li / Ns Ar len -@@ -1028,6 +1256,12 @@ matches a rule which has the +@@ -1028,6 +1268,12 @@ matches a rule which has the option set, this rule is considered the last matching rule, and evaluation of subsequent rules is skipped. .Pp @@ -639,7 +651,7 @@ diff -u -p -r1.1.1.7 -r1.9 .It Ic set Ar attribute ... All matching rules can set the .Em AS path attributes -@@ -1079,6 +1313,48 @@ Alternately, well-known communities may +@@ -1079,6 +1325,48 @@ Alternately, well-known communities may or .Ic NO_PEER . .Pp @@ -688,7 +700,7 @@ diff -u -p -r1.1.1.7 -r1.9 .It Ic localpref Ar number Set the .Em LOCAL_PREF -@@ -1108,6 +1384,20 @@ otherwise it will be set to +@@ -1108,6 +1396,20 @@ otherwise it will be set to .Ar number . .Pp .It Xo @@ -709,7 +721,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Ic nexthop .Sm off .Po Ar address \*(Ba -@@ -1157,9 +1447,8 @@ times to the +@@ -1157,9 +1459,8 @@ times to the .Em AS path . .Pp .It Ic rtlabel Ar label @@ -721,7 +733,7 @@ diff -u -p -r1.1.1.7 -r1.9 .Pp .It Ic weight Ar number The -@@ -1181,8 +1470,8 @@ For prefixes with equally long paths, th +@@ -1181,8 +1482,8 @@ For prefixes with equally long paths, th is selected. .El .Sh FILES diff --git a/net/openbgpd/files/patch-bgpd_bgpd.h b/net/openbgpd/files/patch-bgpd_bgpd.h index a624b0796bd8..6c0db7763543 100644 --- a/net/openbgpd/files/patch-bgpd_bgpd.h +++ b/net/openbgpd/files/patch-bgpd_bgpd.h @@ -2,13 +2,13 @@ Index: bgpd/bgpd.h =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/bgpd.h,v retrieving revision 1.1.1.8 -retrieving revision 1.13 -diff -u -p -r1.1.1.8 -r1.13 +retrieving revision 1.14 +diff -u -p -r1.1.1.8 -r1.14 --- bgpd/bgpd.h 14 Feb 2010 20:19:57 -0000 1.1.1.8 -+++ bgpd/bgpd.h 13 Oct 2012 18:36:00 -0000 1.13 ++++ bgpd/bgpd.h 8 Dec 2012 20:17:59 -0000 1.14 @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpd.h,v 1.241 2009/06/12 16:42:53 claudio Exp $ */ -+/* $OpenBSD: bgpd.h,v 1.272 2012/09/18 09:45:51 claudio Exp $ */ ++/* $OpenBSD: bgpd.h,v 1.273 2012/09/18 10:10:00 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -463,13 +463,13 @@ diff -u -p -r1.1.1.8 -r1.13 u_int32_t as; + u_int16_t flags; + enum as_spec type; -+}; -+ + }; + +struct filter_aslen { + u_int aslen; + enum aslen_spec type; - }; - ++}; ++ +#define AS_FLAG_NEIGHBORAS 0x01 + struct filter_community { @@ -477,8 +477,8 @@ diff -u -p -r1.1.1.8 -r1.13 - int type; + int as; + int type; -+}; -+ + }; + +struct filter_extcommunity { + u_int16_t flags; + u_int8_t type; @@ -498,8 +498,8 @@ diff -u -p -r1.1.1.8 -r1.13 + } ext_ip; + u_int64_t ext_opaq; /* only 48 bits */ + } data; - }; - ++}; ++ + struct ctl_show_rib_request { char rib[PEER_DESCR_LEN]; @@ -543,8 +543,17 @@ diff -u -p -r1.1.1.8 -r1.13 struct filter_prefix { -@@ -594,16 +757,18 @@ struct filter_prefix { +@@ -592,18 +755,28 @@ struct filter_prefix { + u_int8_t len; + }; ++struct filter_nexthop { ++ struct bgpd_addr addr; ++ u_int8_t flags; ++#define FILTER_NEXTHOP_ADDR 1 ++#define FILTER_NEXTHOP_NEIGHBOR 2 ++}; ++ struct filter_prefixlen { enum comp_ops op; - sa_family_t af; @@ -560,6 +569,7 @@ diff -u -p -r1.1.1.8 -r1.13 - struct filter_community community; + struct filter_prefix prefix; + struct filter_prefixlen prefixlen; ++ struct filter_nexthop nexthop; + struct filter_as as; + struct filter_aslen aslen; + struct filter_community community; @@ -567,7 +577,7 @@ diff -u -p -r1.1.1.8 -r1.13 }; TAILQ_HEAD(filter_head, filter_rule); -@@ -635,10 +800,13 @@ enum action_types { +@@ -635,10 +808,13 @@ enum action_types { ACTION_SET_NEXTHOP_SELF, ACTION_SET_COMMUNITY, ACTION_DEL_COMMUNITY, @@ -582,7 +592,7 @@ diff -u -p -r1.1.1.8 -r1.13 }; struct filter_set { -@@ -650,23 +818,53 @@ struct filter_set { +@@ -650,23 +826,53 @@ struct filter_set { int32_t relative; struct bgpd_addr nexthop; struct filter_community community; @@ -641,7 +651,7 @@ diff -u -p -r1.1.1.8 -r1.13 int64_t nexthop_cnt; int64_t aspath_cnt; int64_t aspath_size; -@@ -677,82 +875,117 @@ struct rde_memstats { +@@ -677,82 +883,117 @@ struct rde_memstats { int64_t attr_dcnt; }; @@ -685,12 +695,12 @@ diff -u -p -r1.1.1.8 -r1.13 }; -SIMPLEQ_HEAD(rib_names, rde_rib); -extern struct rib_names ribnames; -- + -/* Address Family Numbers as per RFC 1700 */ -#define AFI_IPv4 1 -#define AFI_IPv6 2 -#define AFI_ALL 0xffff - +- -/* Subsequent Address Family Identifier as per RFC 4760 */ -#define SAFI_NONE 0x00 -#define SAFI_UNICAST 0x01 @@ -812,7 +822,7 @@ diff -u -p -r1.1.1.8 -r1.13 /* name2id.c */ u_int16_t rib_name2id(const char *); -@@ -768,10 +1001,22 @@ const char *pftable_id2name(u_int16_t); +@@ -768,10 +1009,22 @@ const char *pftable_id2name(u_int16_t); void pftable_unref(u_int16_t); void pftable_ref(u_int16_t); @@ -835,7 +845,7 @@ diff -u -p -r1.1.1.8 -r1.13 const char *filterset_name(enum action_types); /* util.c */ -@@ -779,11 +1024,24 @@ const char *log_addr(const struct bgpd_a +@@ -779,11 +1032,24 @@ const char *log_addr(const struct bgpd_a const char *log_in6addr(const struct in6_addr *); const char *log_sockaddr(struct sockaddr *); const char *log_as(u_int32_t); diff --git a/net/openbgpd/files/patch-bgpd_buffer.c b/net/openbgpd/files/patch-bgpd_buffer.c index 7ca7a41c1438..692fe85c1687 100644 --- a/net/openbgpd/files/patch-bgpd_buffer.c +++ b/net/openbgpd/files/patch-bgpd_buffer.c @@ -1,182 +1,39 @@ Index: bgpd/buffer.c =================================================================== -RCS file: bgpd/buffer.c -diff -N bgpd/buffer.c +RCS file: /home/cvs/private/hrs/openbgpd/bgpd/buffer.c,v +retrieving revision 1.1.1.7 +retrieving revision 1.3 +diff -u -p -r1.1.1.7 -r1.3 --- bgpd/buffer.c 14 Feb 2010 20:19:57 -0000 1.1.1.7 -+++ /dev/null 1 Jan 1970 00:00:00 -0000 -@@ -1,305 +0,0 @@ ++++ bgpd/buffer.c 8 Dec 2012 20:17:59 -0000 1.3 +@@ -1,4 +1,4 @@ -/* $OpenBSD: buffer.c,v 1.43 2009/06/06 06:33:15 eric Exp $ */ -- --/* -- * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> -- * -- * Permission to use, copy, modify, and distribute this software for any -- * purpose with or without fee is hereby granted, provided that the above -- * copyright notice and this permission notice appear in all copies. -- * -- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -- */ -- --#include <sys/param.h> --#include <sys/queue.h> --#include <sys/socket.h> --#include <sys/uio.h> -- --#include <errno.h> --#include <stdlib.h> --#include <string.h> --#include <unistd.h> -- --#include "imsg.h" -- --int buf_realloc(struct buf *, size_t); --void buf_enqueue(struct msgbuf *, struct buf *); --void buf_dequeue(struct msgbuf *, struct buf *); -- --struct buf * --buf_open(size_t len) --{ -- struct buf *buf; -- -- if ((buf = calloc(1, sizeof(struct buf))) == NULL) -- return (NULL); -- if ((buf->buf = malloc(len)) == NULL) { -- free(buf); -- return (NULL); -- } -- buf->size = buf->max = len; -- buf->fd = -1; -- -- return (buf); --} -- --struct buf * --buf_dynamic(size_t len, size_t max) --{ -- struct buf *buf; -- -- if (max < len) -- return (NULL); -- -- if ((buf = buf_open(len)) == NULL) -- return (NULL); -- -- if (max > 0) -- buf->max = max; -- -- return (buf); --} -- --int --buf_realloc(struct buf *buf, size_t len) --{ -- u_char *b; -- -- /* on static buffers max is eq size and so the following fails */ -- if (buf->wpos + len > buf->max) { -- errno = ENOMEM; -- return (-1); -- } -- -- b = realloc(buf->buf, buf->wpos + len); -- if (b == NULL) -- return (-1); -- buf->buf = b; -- buf->size = buf->wpos + len; -- -- return (0); --} -- --int --buf_add(struct buf *buf, const void *data, size_t len) --{ -- if (buf->wpos + len > buf->size) -- if (buf_realloc(buf, len) == -1) -- return (-1); -- -- memcpy(buf->buf + buf->wpos, data, len); -- buf->wpos += len; -- return (0); --} -- --void * --buf_reserve(struct buf *buf, size_t len) --{ -- void *b; -- -- if (buf->wpos + len > buf->size) -- if (buf_realloc(buf, len) == -1) -- return (NULL); -- -- b = buf->buf + buf->wpos; -- buf->wpos += len; -- return (b); --} -- --void * --buf_seek(struct buf *buf, size_t pos, size_t len) --{ -- /* only allowed to seek in already written parts */ -- if (pos + len > buf->wpos) -- return (NULL); -- -- return (buf->buf + pos); --} -- --size_t --buf_size(struct buf *buf) --{ -- return (buf->wpos); --} -- --size_t --buf_left(struct buf *buf) --{ -- return (buf->max - buf->wpos); --} -- --void --buf_close(struct msgbuf *msgbuf, struct buf *buf) --{ -- buf_enqueue(msgbuf, buf); --} -- --int --buf_write(struct msgbuf *msgbuf) --{ -- struct iovec iov[IOV_MAX]; ++/* $OpenBSD: buffer.c,v 1.44 2009/07/23 18:58:42 eric Exp $ */ + + /* + * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> +@@ -144,7 +144,7 @@ int + buf_write(struct msgbuf *msgbuf) + { + struct iovec iov[IOV_MAX]; - struct buf *buf, *next; -- unsigned int i = 0; -- ssize_t n; -- -- bzero(&iov, sizeof(iov)); -- TAILQ_FOREACH(buf, &msgbuf->bufs, entry) { -- if (i >= IOV_MAX) -- break; -- iov[i].iov_base = buf->buf + buf->rpos; ++ struct buf *buf; + unsigned int i = 0; + ssize_t n; + +@@ -153,7 +153,7 @@ buf_write(struct msgbuf *msgbuf) + if (i >= IOV_MAX) + break; + iov[i].iov_base = buf->buf + buf->rpos; - iov[i].iov_len = buf->size - buf->rpos; -- i++; -- } -- -- if ((n = writev(msgbuf->fd, iov, i)) == -1) { -- if (errno == EAGAIN || errno == ENOBUFS || -- errno == EINTR) /* try later */ -- return (0); -- else -- return (-1); -- } -- -- if (n == 0) { /* connection closed */ -- errno = 0; -- return (-2); -- } -- ++ iov[i].iov_len = buf->wpos - buf->rpos; + i++; + } + +@@ -170,17 +170,7 @@ buf_write(struct msgbuf *msgbuf) + return (-2); + } + - for (buf = TAILQ_FIRST(&msgbuf->bufs); buf != NULL && n > 0; - buf = next) { - next = TAILQ_NEXT(buf, entry); @@ -188,95 +45,48 @@ diff -N bgpd/buffer.c - n = 0; - } - } -- -- return (0); --} -- --void --buf_free(struct buf *buf) --{ -- free(buf->buf); -- free(buf); --} -- --void --msgbuf_init(struct msgbuf *msgbuf) --{ -- msgbuf->queued = 0; -- msgbuf->fd = -1; -- TAILQ_INIT(&msgbuf->bufs); --} -- --void --msgbuf_clear(struct msgbuf *msgbuf) --{ -- struct buf *buf; -- -- while ((buf = TAILQ_FIRST(&msgbuf->bufs)) != NULL) -- buf_dequeue(msgbuf, buf); --} -- --int --msgbuf_write(struct msgbuf *msgbuf) --{ -- struct iovec iov[IOV_MAX]; ++ msgbuf_drain(msgbuf, n); + + return (0); + } +@@ -201,6 +191,24 @@ msgbuf_init(struct msgbuf *msgbuf) + } + + void ++msgbuf_drain(struct msgbuf *msgbuf, size_t n) ++{ ++ struct buf *buf, *next; ++ ++ for (buf = TAILQ_FIRST(&msgbuf->bufs); buf != NULL && n > 0; ++ buf = next) { ++ next = TAILQ_NEXT(buf, entry); ++ if (buf->rpos + n >= buf->wpos) { ++ n -= buf->wpos - buf->rpos; ++ buf_dequeue(msgbuf, buf); ++ } else { ++ buf->rpos += n; ++ n = 0; ++ } ++ } ++} ++ ++void + msgbuf_clear(struct msgbuf *msgbuf) + { + struct buf *buf; +@@ -213,7 +221,7 @@ int + msgbuf_write(struct msgbuf *msgbuf) + { + struct iovec iov[IOV_MAX]; - struct buf *buf, *next; -- unsigned int i = 0; -- ssize_t n; -- struct msghdr msg; -- struct cmsghdr *cmsg; -- union { -- struct cmsghdr hdr; -- char buf[CMSG_SPACE(sizeof(int))]; -- } cmsgbuf; -- -- bzero(&iov, sizeof(iov)); -- bzero(&msg, sizeof(msg)); -- TAILQ_FOREACH(buf, &msgbuf->bufs, entry) { -- if (i >= IOV_MAX) -- break; -- iov[i].iov_base = buf->buf + buf->rpos; -- iov[i].iov_len = buf->wpos - buf->rpos; -- i++; -- if (buf->fd != -1) -- break; -- } -- -- msg.msg_iov = iov; -- msg.msg_iovlen = i; -- -- if (buf != NULL && buf->fd != -1) { -- msg.msg_control = (caddr_t)&cmsgbuf.buf; -- msg.msg_controllen = sizeof(cmsgbuf.buf); -- cmsg = CMSG_FIRSTHDR(&msg); -- cmsg->cmsg_len = CMSG_LEN(sizeof(int)); -- cmsg->cmsg_level = SOL_SOCKET; -- cmsg->cmsg_type = SCM_RIGHTS; -- *(int *)CMSG_DATA(cmsg) = buf->fd; -- } -- -- if ((n = sendmsg(msgbuf->fd, &msg, 0)) == -1) { -- if (errno == EAGAIN || errno == ENOBUFS || -- errno == EINTR) /* try later */ -- return (0); -- else -- return (-1); -- } -- -- if (n == 0) { /* connection closed */ -- errno = 0; -- return (-2); -- } -- -- /* -- * assumption: fd got sent if sendmsg sent anything -- * this works because fds are passed one at a time -- */ -- if (buf != NULL && buf->fd != -1) { -- close(buf->fd); -- buf->fd = -1; -- } -- ++ struct buf *buf; + unsigned int i = 0; + ssize_t n; + struct msghdr msg; +@@ -270,17 +278,7 @@ msgbuf_write(struct msgbuf *msgbuf) + buf->fd = -1; + } + - for (buf = TAILQ_FIRST(&msgbuf->bufs); buf != NULL && n > 0; - buf = next) { - next = TAILQ_NEXT(buf, entry); @@ -288,25 +98,7 @@ diff -N bgpd/buffer.c - n = 0; - } - } -- -- return (0); --} -- --void --buf_enqueue(struct msgbuf *msgbuf, struct buf *buf) --{ -- TAILQ_INSERT_TAIL(&msgbuf->bufs, buf, entry); -- msgbuf->queued++; --} -- --void --buf_dequeue(struct msgbuf *msgbuf, struct buf *buf) --{ -- TAILQ_REMOVE(&msgbuf->bufs, buf, entry); -- -- if (buf->fd != -1) -- close(buf->fd); -- -- msgbuf->queued--; -- buf_free(buf); --} ++ msgbuf_drain(msgbuf, n); + + return (0); + } diff --git a/net/openbgpd/files/patch-bgpd_carp.c b/net/openbgpd/files/patch-bgpd_carp.c index 4a93258dc940..7ed50075cd5c 100644 --- a/net/openbgpd/files/patch-bgpd_carp.c +++ b/net/openbgpd/files/patch-bgpd_carp.c @@ -2,9 +2,10 @@ Index: bgpd/carp.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/carp.c,v retrieving revision 1.1.1.6 -diff -u -p -r1.1.1.6 carp.c +retrieving revision 1.4 +diff -u -p -r1.1.1.6 -r1.4 --- bgpd/carp.c 14 Feb 2010 20:19:57 -0000 1.1.1.6 -+++ bgpd/carp.c 13 Oct 2012 18:23:46 -0000 ++++ bgpd/carp.c 22 Oct 2009 15:10:02 -0000 1.4 @@ -93,9 +93,8 @@ carp_demote_shutdown(void) while ((c = TAILQ_FIRST(&carpgroups)) != NULL) { diff --git a/net/openbgpd/files/patch-bgpd_kroute.c b/net/openbgpd/files/patch-bgpd_kroute.c index 963ad6653ce4..96be012cbc9d 100644 --- a/net/openbgpd/files/patch-bgpd_kroute.c +++ b/net/openbgpd/files/patch-bgpd_kroute.c @@ -2,13 +2,13 @@ Index: bgpd/kroute.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/kroute.c,v retrieving revision 1.1.1.7 -retrieving revision 1.13 -diff -u -p -r1.1.1.7 -r1.13 +retrieving revision 1.14 +diff -u -p -r1.1.1.7 -r1.14 --- bgpd/kroute.c 14 Feb 2010 20:19:57 -0000 1.1.1.7 -+++ bgpd/kroute.c 13 Oct 2012 18:36:00 -0000 1.13 ++++ bgpd/kroute.c 8 Dec 2012 20:17:59 -0000 1.14 @@ -1,4 +1,4 @@ -/* $OpenBSD: kroute.c,v 1.169 2009/06/25 15:54:22 claudio Exp $ */ -+/* $OpenBSD: kroute.c,v 1.189 2012/05/27 18:52:07 claudio Exp $ */ ++/* $OpenBSD: kroute.c,v 1.190 2012/07/13 16:57:35 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -565,8 +565,7 @@ diff -u -p -r1.1.1.7 -r1.13 + /* for blackhole and reject routes nexthop needs to be ::1 */ + if (kl->flags & (F_BLACKHOLE|F_REJECT)) + bcopy(&lo6, &kl->nexthop.v6, sizeof(kl->nexthop.v6)); - -- rtlabel_unref(kl->kr.labelid); ++ + if (action == RTM_ADD) { + if ((kr6 = calloc(1, sizeof(struct kroute6_node))) == NULL) { + log_warn("kr_change"); @@ -579,7 +578,8 @@ diff -u -p -r1.1.1.7 -r1.13 + kr6->r.flags = kl->flags | F_BGPD_INSERTED; + kr6->r.priority = RTP_BGP; + kr6->r.labelid = labelid; -+ + +- rtlabel_unref(kl->kr.labelid); + if (kroute6_insert(kt, kr6) == -1) + free(kr6); + } else { @@ -706,11 +706,10 @@ diff -u -p -r1.1.1.7 -r1.13 + if (send_rtmsg(kr_state.fd, action, kt, &kr->r) == -1) + return (-1); + - return (0); - } - - int --kr6_delete(struct kroute6_label *kl) ++ return (0); ++} ++ ++int +kr_delete(u_int rtableid, struct kroute_full *kl) +{ + struct ktable *kt; @@ -751,10 +750,11 @@ diff -u -p -r1.1.1.7 -r1.13 + if (kroute_remove(kt, kr) == -1) + return (-1); + -+ return (0); -+} -+ -+int + return (0); + } + + int +-kr6_delete(struct kroute6_label *kl) +kr6_delete(struct ktable *kt, struct kroute_full *kl) { struct kroute6_node *kr6; @@ -1188,12 +1188,12 @@ diff -u -p -r1.1.1.7 -r1.13 + } + return (NULL); +} - ++ +struct network * +kr_net_match6(struct ktable *kt, struct kroute6 *kr6) +{ + struct network *xn; -+ + + TAILQ_FOREACH(xn, &kt->krn, entry) { + if (xn->net.prefix.aid != AID_INET6) + continue; @@ -1454,12 +1454,12 @@ diff -u -p -r1.1.1.7 -r1.13 + for (rid = 0; rid < krt_size; rid++) { + if ((kt = ktable_get(rid)) == NULL) + continue; -+ -+ RB_FOREACH(nh, knexthop_tree, KT2KNT(kt)) -+ knexthop_validate(kt, nh); - RB_FOREACH(nh, knexthop_tree, &knt) - knexthop_validate(nh); ++ RB_FOREACH(nh, knexthop_tree, KT2KNT(kt)) ++ knexthop_validate(kt, nh); ++ + TAILQ_FOREACH(n, &kt->krn, entry) + if (n->net.type == NETWORK_DEFAULT) { + if (send_network(IMSG_NETWORK_ADD, &n->net, @@ -2114,13 +2114,13 @@ diff -u -p -r1.1.1.7 -r1.13 + n.gateway.aid = AID_INET6; + memcpy(&n.gateway.v6, &kr6->r.nexthop, + sizeof(struct in6_addr)); -+ } + } + if (n.connected) { + n.net.aid = AID_INET6; + memcpy(&n.net.v6, &kr6->r.nexthop, + sizeof(struct in6_addr)); + n.netlen = kr6->r.prefixlen; - } ++ } + break; + } + send_nexthop_update(&n); @@ -2964,7 +2964,7 @@ diff -u -p -r1.1.1.7 -r1.13 } } else if (rtm->rtm_type == RTM_CHANGE) { log_warnx("change req for %s/%u: not in table", -@@ -2651,12 +3307,13 @@ add4: +@@ -2651,50 +3307,62 @@ add4: kr->r.ifindex = ifindex; kr->r.priority = prio; @@ -2981,7 +2981,12 @@ diff -u -p -r1.1.1.7 -r1.13 if (kr6->r.flags & F_KERNEL) { /* get the correct route */ if (mpath && rtm->rtm_type == RTM_CHANGE && -@@ -2668,33 +3325,44 @@ add4: + (kr6 = kroute6_matchgw(kr6, sa_in6)) == + NULL) { + log_warnx("dispatch_rtmsg[change] " +- "mpath route not found"); ++ "IPv6 mpath route not found"); + return (-1); } else if (mpath && rtm->rtm_type == RTM_ADD) goto add6; diff --git a/net/openbgpd/files/patch-bgpd_mrt.c b/net/openbgpd/files/patch-bgpd_mrt.c index 2ff724a4714f..31546fcf96d0 100644 --- a/net/openbgpd/files/patch-bgpd_mrt.c +++ b/net/openbgpd/files/patch-bgpd_mrt.c @@ -2,13 +2,13 @@ Index: bgpd/mrt.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/mrt.c,v retrieving revision 1.1.1.7 -retrieving revision 1.1.1.10 -diff -u -p -r1.1.1.7 -r1.1.1.10 +retrieving revision 1.1.1.11 +diff -u -p -r1.1.1.7 -r1.1.1.11 --- bgpd/mrt.c 14 Feb 2010 20:19:57 -0000 1.1.1.7 -+++ bgpd/mrt.c 13 Oct 2012 18:22:43 -0000 1.1.1.10 ++++ bgpd/mrt.c 8 Dec 2012 10:37:09 -0000 1.1.1.11 @@ -1,4 +1,4 @@ -/* $OpenBSD: mrt.c,v 1.63 2009/06/29 12:22:16 claudio Exp $ */ -+/* $OpenBSD: mrt.c,v 1.71 2011/09/17 16:29:44 claudio Exp $ */ ++/* $OpenBSD: mrt.c,v 1.72 2011/11/06 10:29:05 guenther Exp $ */ /* * Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> @@ -106,7 +106,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 - log_warnx("mrt_dump_bgp_msg: buf_add error"); - buf_free(buf); + if (ibuf_add(buf, pkg, pkglen) == -1) { -+ log_warn("mrt_dump_bgp_msg: buf_add error"); ++ log_warn("mrt_dump_bgp_msg: ibuf_add error"); + ibuf_free(buf); return; } @@ -241,7 +241,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 free(pdata); } -@@ -189,25 +244,23 @@ int +@@ -189,28 +244,26 @@ int mrt_dump_entry_mp(struct mrt *mrt, struct prefix *p, u_int16_t snum, struct rde_peer *peer) { @@ -255,8 +255,9 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + u_int8_t aid; - if ((buf = buf_dynamic(0, MAX_PKTSIZE)) == NULL) { +- log_warn("mrt_dump_entry_mp: buf_dynamic"); + if ((buf = ibuf_dynamic(0, MAX_PKTSIZE)) == NULL) { - log_warn("mrt_dump_entry_mp: buf_dynamic"); ++ log_warn("mrt_dump_entry_mp: ibuf_dynamic"); return (-1); } @@ -272,7 +273,11 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + if ((h2buf = ibuf_dynamic(MRT_BGP4MP_IPv4_HEADER_SIZE + MRT_BGP4MP_IPv4_ENTRY_SIZE, MRT_BGP4MP_IPv6_HEADER_SIZE + MRT_BGP4MP_IPv6_ENTRY_SIZE + MRT_BGP4MP_MAX_PREFIXLEN)) == NULL) { - log_warn("mrt_dump_entry_mp: buf_dynamic"); +- log_warn("mrt_dump_entry_mp: buf_dynamic"); ++ log_warn("mrt_dump_entry_mp: ibuf_dynamic"); + goto fail; + } + @@ -219,25 +272,26 @@ mrt_dump_entry_mp(struct mrt *mrt, struc DUMP_SHORT(h2buf, /* ifindex */ 0); @@ -298,7 +303,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + ibuf_add(h2buf, &peer->remote_addr.v6, sizeof(struct in6_addr)) == -1) { - log_warnx("mrt_dump_entry_mp: buf_add error"); -+ log_warn("mrt_dump_entry_mp: buf_add error"); ++ log_warn("mrt_dump_entry_mp: ibuf_add error"); goto fail; } break; @@ -336,7 +341,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 - if (buf_add(h2buf, &nh->v6, sizeof(struct in6_addr)) == -1) { - log_warnx("mrt_dump_entry_mp: buf_add error"); + if (ibuf_add(h2buf, &nh->v6, sizeof(struct in6_addr)) == -1) { -+ log_warn("mrt_dump_entry_mp: buf_add error"); ++ log_warn("mrt_dump_entry_mp: ibuf_add error"); goto fail; } break; @@ -407,7 +412,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 - if ((buf = buf_dynamic(0, MAX_PKTSIZE)) == NULL) { - log_warnx("mrt_dump_entry: buf_dynamic"); + if ((buf = ibuf_dynamic(0, MAX_PKTSIZE)) == NULL) { -+ log_warn("mrt_dump_entry: buf_dynamic"); ++ log_warn("mrt_dump_entry: ibuf_dynamic"); return (-1); } @@ -447,7 +452,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + break; + case AID_INET6: + if (ibuf_add(hbuf, &addr.v6, sizeof(struct in6_addr)) == -1) { -+ log_warn("mrt_dump_entry: buf_add error"); ++ log_warn("mrt_dump_entry: ibuf_add error"); + goto fail; + } + break; @@ -464,7 +469,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + case AID_INET6: + if (ibuf_add(hbuf, &peer->remote_addr.v6, + sizeof(struct in6_addr)) == -1) { -+ log_warn("mrt_dump_entry: buf_add error"); ++ log_warn("mrt_dump_entry: ibuf_add error"); + goto fail; + } + break; @@ -509,7 +514,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + } + + if ((buf = ibuf_dynamic(0, UINT_MAX)) == NULL) { -+ log_warn("mrt_dump_entry: buf_dynamic"); ++ log_warn("mrt_dump_entry: ibuf_dynamic"); + return (-1); + } + @@ -530,7 +535,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + + off = ibuf_size(buf); + if (ibuf_reserve(buf, sizeof(nump)) == NULL) { -+ log_warn("mrt_dump_v2_hdr: buf_reserve error"); ++ log_warn("mrt_dump_v2_hdr: ibuf_reserve error"); + goto fail; + } + nump = 0; @@ -549,7 +554,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + DUMP_LONG(buf, p->lastchange); /* originated */ + + if ((tbuf = ibuf_dynamic(0, MAX_PKTSIZE)) == NULL) { -+ log_warn("mrt_dump_entry_v2: buf_dynamic"); ++ log_warn("mrt_dump_entry_v2: ibuf_dynamic"); + return (-1); + } + if (mrt_attr_dump(tbuf, p->aspath, nh, 1) == -1) { @@ -597,7 +602,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + u_int16_t nlen, nump; + + if ((buf = ibuf_dynamic(0, UINT_MAX)) == NULL) { -+ log_warn("mrt_dump_v2_hdr: buf_dynamic"); ++ log_warn("mrt_dump_v2_hdr: ibuf_dynamic"); + return (-1); + } + @@ -607,13 +612,13 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + nlen += 1; + DUMP_SHORT(buf, nlen); + if (ibuf_add(buf, mrt->rib, nlen) == -1) { -+ log_warn("mrt_dump_v2_hdr: buf_add error"); ++ log_warn("mrt_dump_v2_hdr: ibuf_add error"); + goto fail; + } + + off = ibuf_size(buf); + if (ibuf_reserve(buf, sizeof(nump)) == NULL) { -+ log_warn("mrt_dump_v2_hdr: buf_reserve error"); ++ log_warn("mrt_dump_v2_hdr: ibuf_reserve error"); + goto fail; + } + nump = 0; @@ -662,7 +667,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + case AID_INET6: + if (ibuf_add(buf, &peer->remote_addr.v6, + sizeof(struct in6_addr)) == -1) { -+ log_warn("mrt_dump_peer: buf_add error"); ++ log_warn("mrt_dump_peer: ibuf_add error"); + goto fail; + } + break; @@ -719,7 +724,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 + if ((*bp = ibuf_dynamic(MRT_HEADER_SIZE, MRT_HEADER_SIZE + MRT_BGP4MP_AS4_IPv6_HEADER_SIZE + len)) == NULL) { - log_warnx("mrt_dump_hdr_se: buf_open error"); -+ log_warn("mrt_dump_hdr_se: buf_open error"); ++ log_warn("mrt_dump_hdr_se: ibuf_dynamic error"); return (-1); } @@ -732,7 +737,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 &peer->sa_local)->sin6_addr, sizeof(struct in6_addr)) == -1) { - log_warnx("mrt_dump_hdr_se: buf_add error"); -+ log_warn("mrt_dump_hdr_se: buf_add error"); ++ log_warn("mrt_dump_hdr_se: ibuf_add error"); goto fail; } - if (buf_add(*bp, @@ -740,7 +745,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 &((struct sockaddr_in6 *)&peer->sa_remote)->sin6_addr, sizeof(struct in6_addr)) == -1) { - log_warnx("mrt_dump_hdr_se: buf_add error"); -+ log_warn("mrt_dump_hdr_se: buf_add error"); ++ log_warn("mrt_dump_hdr_se: ibuf_add error"); goto fail; } if (swap) @@ -749,7 +754,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 &peer->sa_local)->sin6_addr, sizeof(struct in6_addr)) == -1) { - log_warnx("mrt_dump_hdr_se: buf_add error"); -+ log_warn("mrt_dump_hdr_se: buf_add error"); ++ log_warn("mrt_dump_hdr_se: ibuf_add error"); goto fail; } break; @@ -774,7 +779,7 @@ diff -u -p -r1.1.1.7 -r1.1.1.10 MRT_BGP4MP_AS4_IPv6_HEADER_SIZE + MRT_BGP4MP_IPv6_ENTRY_SIZE)) == NULL) { - log_warnx("mrt_dump_hdr_rde: buf_dynamic error"); -+ log_warn("mrt_dump_hdr_rde: buf_dynamic error"); ++ log_warn("mrt_dump_hdr_rde: ibuf_dynamic error"); return (-1); } diff --git a/net/openbgpd/files/patch-bgpd_parse.y b/net/openbgpd/files/patch-bgpd_parse.y index 76bc093b8ed3..0f9160187aac 100644 --- a/net/openbgpd/files/patch-bgpd_parse.y +++ b/net/openbgpd/files/patch-bgpd_parse.y @@ -2,13 +2,13 @@ Index: bgpd/parse.y =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/parse.y,v retrieving revision 1.1.1.8 -retrieving revision 1.11 -diff -u -p -r1.1.1.8 -r1.11 +retrieving revision 1.12 +diff -u -p -r1.1.1.8 -r1.12 --- bgpd/parse.y 14 Feb 2010 20:19:57 -0000 1.1.1.8 -+++ bgpd/parse.y 13 Oct 2012 18:50:07 -0000 1.11 ++++ bgpd/parse.y 8 Dec 2012 20:17:59 -0000 1.12 @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.231 2009/06/06 01:10:29 claudio Exp $ */ -+/* $OpenBSD: parse.y,v 1.263 2012/09/12 05:56:22 claudio Exp $ */ ++/* $OpenBSD: parse.y,v 1.264 2012/09/23 09:39:17 claudio Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -773,7 +773,7 @@ diff -u -p -r1.1.1.8 -r1.11 } | filter_as_h { if (fmopts.as_l != NULL) { -@@ -1457,32 +1653,73 @@ filter_elm : filter_prefix_h { +@@ -1457,32 +1653,93 @@ filter_elm : filter_prefix_h { } fmopts.as_l = $1; } @@ -810,11 +810,11 @@ diff -u -p -r1.1.1.8 -r1.11 - if (parsecommunity($2, &fmopts.m.community.as, - &fmopts.m.community.type) == -1) { + if (parsecommunity(&fmopts.m.community, $2) == -1) { -+ free($2); -+ YYERROR; -+ } -+ free($2); -+ } + free($2); + YYERROR; + } + free($2); + } + | EXTCOMMUNITY STRING STRING { + if (fmopts.m.ext_community.flags & + EXT_COMMUNITY_FLAG_VALID) { @@ -826,13 +826,13 @@ diff -u -p -r1.1.1.8 -r1.11 + + if (parseextcommunity(&fmopts.m.ext_community, + $2, $3) == -1) { - free($2); ++ free($2); + free($3); - YYERROR; - } - free($2); ++ YYERROR; ++ } ++ free($2); + free($3); - } ++ } | IPV4 { - if (fmopts.af) { + if (fmopts.aid) { @@ -850,10 +850,30 @@ diff -u -p -r1.1.1.8 -r1.11 } - fmopts.af = AF_INET6; + fmopts.aid = AID_INET6; ++ } ++ | NEXTHOP address { ++ if (fmopts.m.nexthop.flags) { ++ yyerror("nexthop already specified"); ++ YYERROR; ++ } ++ if (fmopts.aid && fmopts.aid != $2.aid) { ++ yyerror("nexthop address family doesn't match " ++ "rule address family"); ++ YYERROR; ++ } ++ fmopts.m.nexthop.addr = $2; ++ fmopts.m.nexthop.flags = FILTER_NEXTHOP_ADDR; ++ } ++ | NEXTHOP NEIGHBOR { ++ if (fmopts.m.nexthop.flags) { ++ yyerror("nexthop already specified"); ++ YYERROR; ++ } ++ fmopts.m.nexthop.flags = FILTER_NEXTHOP_NEIGHBOR; } ; -@@ -1588,7 +1825,7 @@ filter_set_opt : LOCALPREF NUMBER { +@@ -1588,7 +1845,7 @@ filter_set_opt : LOCALPREF NUMBER { } if (($$ = calloc(1, sizeof(struct filter_set))) == NULL) fatal(NULL); @@ -862,7 +882,7 @@ diff -u -p -r1.1.1.8 -r1.11 $$->type = ACTION_SET_MED; $$->action.metric = $2; } else { -@@ -1623,7 +1860,7 @@ filter_set_opt : LOCALPREF NUMBER { +@@ -1623,7 +1880,7 @@ filter_set_opt : LOCALPREF NUMBER { } if (($$ = calloc(1, sizeof(struct filter_set))) == NULL) fatal(NULL); @@ -871,7 +891,7 @@ diff -u -p -r1.1.1.8 -r1.11 $$->type = ACTION_SET_MED; $$->action.metric = $2; } else { -@@ -1782,8 +2019,7 @@ filter_set_opt : LOCALPREF NUMBER { +@@ -1782,8 +2039,7 @@ filter_set_opt : LOCALPREF NUMBER { else $$->type = ACTION_SET_COMMUNITY; @@ -881,7 +901,7 @@ diff -u -p -r1.1.1.8 -r1.11 free($3); free($$); YYERROR; -@@ -1796,40 +2032,62 @@ filter_set_opt : LOCALPREF NUMBER { +@@ -1796,40 +2052,62 @@ filter_set_opt : LOCALPREF NUMBER { free($$); YYERROR; } @@ -964,7 +984,7 @@ diff -u -p -r1.1.1.8 -r1.11 ; %% -@@ -1873,6 +2131,7 @@ lookup(char *s) +@@ -1873,6 +2151,7 @@ lookup(char *s) { "allow", ALLOW}, { "announce", ANNOUNCE}, { "any", ANY}, @@ -972,7 +992,7 @@ diff -u -p -r1.1.1.8 -r1.11 { "blackhole", BLACKHOLE}, { "capabilities", CAPABILITIES}, { "community", COMMUNITY}, -@@ -1889,16 +2148,22 @@ lookup(char *s) +@@ -1889,16 +2168,22 @@ lookup(char *s) { "enforce", ENFORCE}, { "esp", ESP}, { "evaluate", EVALUATE}, @@ -995,7 +1015,7 @@ diff -u -p -r1.1.1.8 -r1.11 { "ipsec", IPSEC}, { "key", KEY}, { "listen", LISTEN}, -@@ -1906,6 +2171,8 @@ lookup(char *s) +@@ -1906,6 +2191,8 @@ lookup(char *s) { "localpref", LOCALPREF}, { "log", LOG}, { "match", MATCH}, @@ -1004,7 +1024,7 @@ diff -u -p -r1.1.1.8 -r1.11 { "max-prefix", MAXPREFIX}, { "md5sig", MD5SIG}, { "med", MED}, -@@ -1918,6 +2185,7 @@ lookup(char *s) +@@ -1918,6 +2205,7 @@ lookup(char *s) { "nexthop", NEXTHOP}, { "no-modify", NOMODIFY}, { "on", ON}, @@ -1012,7 +1032,7 @@ diff -u -p -r1.1.1.8 -r1.11 { "out", OUT}, { "passive", PASSIVE}, { "password", PASSWORD}, -@@ -1929,10 +2197,14 @@ lookup(char *s) +@@ -1929,10 +2217,14 @@ lookup(char *s) { "prepend-self", PREPEND_SELF}, { "qualify", QUALIFY}, { "quick", QUICK}, @@ -1027,7 +1047,7 @@ diff -u -p -r1.1.1.8 -r1.11 { "rib", RIB}, { "route-collector", ROUTECOLL}, { "route-reflector", REFLECTOR}, -@@ -1941,6 +2213,7 @@ lookup(char *s) +@@ -1941,6 +2233,7 @@ lookup(char *s) { "rtlabel", RTLABEL}, { "self", SELF}, { "set", SET}, @@ -1035,7 +1055,7 @@ diff -u -p -r1.1.1.8 -r1.11 { "softreconfig", SOFTRECONFIG}, { "source-as", SOURCEAS}, { "spi", SPI}, -@@ -2117,9 +2390,10 @@ top: +@@ -2117,9 +2410,10 @@ top: return (0); if (next == quotec || c == ' ' || c == '\t') c = next; @@ -1048,7 +1068,7 @@ diff -u -p -r1.1.1.8 -r1.11 lungetc(next); } else if (c == quotec) { *p = '\0'; -@@ -2135,6 +2409,26 @@ top: +@@ -2135,6 +2429,26 @@ top: if (yylval.v.string == NULL) fatal("yylex: strdup"); return (STRING); @@ -1075,7 +1095,7 @@ diff -u -p -r1.1.1.8 -r1.11 } #define allowed_to_end_number(x) \ -@@ -2274,18 +2568,21 @@ popfile(void) +@@ -2274,18 +2588,21 @@ popfile(void) int parse_config(char *filename, struct bgpd_config *xconf, struct mrt_head *xmconf, struct peer **xpeers, struct network_head *nc, @@ -1098,7 +1118,7 @@ diff -u -p -r1.1.1.8 -r1.11 if ((file = pushfile(filename, 1)) == NULL) { free(conf); -@@ -2316,13 +2613,15 @@ parse_config(char *filename, struct bgpd +@@ -2316,13 +2633,15 @@ parse_config(char *filename, struct bgpd id = 1; /* network list is always empty in the parent */ @@ -1117,7 +1137,7 @@ diff -u -p -r1.1.1.8 -r1.11 yyparse(); errors = file->errors; -@@ -2344,6 +2643,9 @@ parse_config(char *filename, struct bgpd +@@ -2344,6 +2663,9 @@ parse_config(char *filename, struct bgpd if (errors) { /* XXX more leaks in this case */ @@ -1127,7 +1147,7 @@ diff -u -p -r1.1.1.8 -r1.11 while ((la = TAILQ_FIRST(listen_addrs)) != NULL) { TAILQ_REMOVE(listen_addrs, la, entry); free(la); -@@ -2357,23 +2659,44 @@ parse_config(char *filename, struct bgpd +@@ -2357,23 +2679,44 @@ parse_config(char *filename, struct bgpd while ((n = TAILQ_FIRST(netconf)) != NULL) { TAILQ_REMOVE(netconf, n, entry); @@ -1172,7 +1192,7 @@ diff -u -p -r1.1.1.8 -r1.11 } else { errors += merge_config(xconf, conf, peer_l, listen_addrs); errors += mrt_mergeconfig(xmconf, mrtconf); -@@ -2505,27 +2828,27 @@ getcommunity(char *s) +@@ -2505,27 +2848,27 @@ getcommunity(char *s) } int @@ -1210,7 +1230,7 @@ diff -u -p -r1.1.1.8 -r1.11 return (0); } -@@ -2537,23 +2860,176 @@ parsecommunity(char *s, int *as, int *ty +@@ -2537,23 +2880,176 @@ parsecommunity(char *s, int *as, int *ty if ((i = getcommunity(s)) == COMMUNITY_ERROR) return (-1); @@ -1390,7 +1410,7 @@ diff -u -p -r1.1.1.8 -r1.11 if ((p = calloc(1, sizeof(struct peer))) == NULL) fatal("new_peer"); -@@ -2564,11 +3040,11 @@ alloc_peer(void) +@@ -2564,11 +3060,11 @@ alloc_peer(void) p->conf.distance = 1; p->conf.announce_type = ANNOUNCE_UNDEF; p->conf.announce_capa = 1; @@ -1406,7 +1426,7 @@ diff -u -p -r1.1.1.8 -r1.11 p->conf.local_as = conf->as; p->conf.local_short_as = conf->short_as; p->conf.softreconfig_in = 1; -@@ -2592,6 +3068,9 @@ new_peer(void) +@@ -2592,6 +3088,9 @@ new_peer(void) if (strlcpy(p->conf.descr, curgroup->conf.descr, sizeof(p->conf.descr)) >= sizeof(p->conf.descr)) fatalx("new_peer descr strlcpy"); @@ -1416,7 +1436,7 @@ diff -u -p -r1.1.1.8 -r1.11 p->conf.groupid = curgroup->conf.id; p->conf.local_as = curgroup->conf.local_as; p->conf.local_short_as = curgroup->conf.local_short_as; -@@ -2674,39 +3153,52 @@ add_mrtconfig(enum mrt_type type, char * +@@ -2674,39 +3173,52 @@ add_mrtconfig(enum mrt_type type, char * } int @@ -1481,7 +1501,7 @@ diff -u -p -r1.1.1.8 -r1.11 } int -@@ -2715,7 +3207,7 @@ get_id(struct peer *newpeer) +@@ -2715,7 +3227,7 @@ get_id(struct peer *newpeer) struct peer *p; for (p = peer_l_old; p != NULL; p = p->next) @@ -1490,7 +1510,7 @@ diff -u -p -r1.1.1.8 -r1.11 if (!memcmp(&p->conf.remote_addr, &newpeer->conf.remote_addr, sizeof(p->conf.remote_addr))) { -@@ -2856,9 +3348,11 @@ str2key(char *s, char *dest, size_t max_ +@@ -2856,9 +3368,11 @@ str2key(char *s, char *dest, size_t max_ int neighbor_consistent(struct peer *p) { @@ -1504,7 +1524,7 @@ diff -u -p -r1.1.1.8 -r1.11 yyerror("local-address and neighbor address " "must be of the same address family"); return (-1); -@@ -2869,7 +3363,7 @@ neighbor_consistent(struct peer *p) +@@ -2869,7 +3383,7 @@ neighbor_consistent(struct peer *p) p->conf.auth.method == AUTH_IPSEC_IKE_AH || p->conf.auth.method == AUTH_IPSEC_MANUAL_ESP || p->conf.auth.method == AUTH_IPSEC_MANUAL_AH) && @@ -1513,7 +1533,7 @@ diff -u -p -r1.1.1.8 -r1.11 yyerror("neighbors with any form of IPsec configured " "need local-address to be specified"); return (-1); -@@ -2889,18 +3383,14 @@ neighbor_consistent(struct peer *p) +@@ -2889,18 +3403,14 @@ neighbor_consistent(struct peer *p) return (-1); } @@ -1536,7 +1556,7 @@ diff -u -p -r1.1.1.8 -r1.11 /* EBGP neighbors are not allowed in route reflector clusters */ if (p->conf.reflector_client && p->conf.ebgp) { -@@ -2909,6 +3399,11 @@ neighbor_consistent(struct peer *p) +@@ -2909,6 +3419,11 @@ neighbor_consistent(struct peer *p) return (-1); } @@ -1548,7 +1568,7 @@ diff -u -p -r1.1.1.8 -r1.11 return (0); } -@@ -2927,6 +3422,11 @@ merge_filterset(struct filter_set_head * +@@ -2927,6 +3442,11 @@ merge_filterset(struct filter_set_head * yyerror("community is already set"); else if (s->type == ACTION_DEL_COMMUNITY) yyerror("community will already be deleted"); @@ -1560,7 +1580,7 @@ diff -u -p -r1.1.1.8 -r1.11 else yyerror("redefining set parameter %s", filterset_name(s->type)); -@@ -2953,9 +3453,18 @@ merge_filterset(struct filter_set_head * +@@ -2953,9 +3473,18 @@ merge_filterset(struct filter_set_head * return (0); } break; @@ -1581,7 +1601,7 @@ diff -u -p -r1.1.1.8 -r1.11 TAILQ_INSERT_BEFORE(t, s, entry); return (0); } -@@ -2985,22 +3494,6 @@ copy_filterset(struct filter_set_head *s +@@ -2985,22 +3514,6 @@ copy_filterset(struct filter_set_head *s } } diff --git a/net/openbgpd/files/patch-bgpd_printconf.c b/net/openbgpd/files/patch-bgpd_printconf.c index ecc7dfdc4aaf..c440a512b3a1 100644 --- a/net/openbgpd/files/patch-bgpd_printconf.c +++ b/net/openbgpd/files/patch-bgpd_printconf.c @@ -2,13 +2,13 @@ Index: bgpd/printconf.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/printconf.c,v retrieving revision 1.1.1.7 -retrieving revision 1.9 -diff -u -p -r1.1.1.7 -r1.9 +retrieving revision 1.10 +diff -u -p -r1.1.1.7 -r1.10 --- bgpd/printconf.c 14 Feb 2010 20:19:57 -0000 1.1.1.7 -+++ bgpd/printconf.c 13 Oct 2012 18:36:00 -0000 1.9 ++++ bgpd/printconf.c 8 Dec 2012 20:17:59 -0000 1.10 @@ -1,4 +1,4 @@ -/* $OpenBSD: printconf.c,v 1.70 2009/06/06 01:10:29 claudio Exp $ */ -+/* $OpenBSD: printconf.c,v 1.87 2012/09/12 05:56:22 claudio Exp $ */ ++/* $OpenBSD: printconf.c,v 1.88 2012/09/23 09:39:18 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -335,7 +335,21 @@ diff -u -p -r1.1.1.7 -r1.9 printf("inet6 "); } -@@ -492,11 +581,20 @@ print_rule(struct peer *peer_l, struct f +@@ -479,6 +568,13 @@ print_rule(struct peer *peer_l, struct f + } + } + ++ if (r->match.nexthop.flags) { ++ if (r->match.nexthop.flags == FILTER_NEXTHOP_NEIGHBOR) ++ printf("nexthop neighbor "); ++ else ++ printf("nexthop %s ", log_addr(&r->match.nexthop.addr)); ++ } ++ + if (r->match.as.type) { + if (r->match.as.type == AS_ALL) + printf("AS %s ", log_as(r->match.as.as)); +@@ -492,11 +588,20 @@ print_rule(struct peer *peer_l, struct f printf("unfluffy-as %s ", log_as(r->match.as.as)); } @@ -356,7 +370,7 @@ diff -u -p -r1.1.1.7 -r1.9 print_set(&r->set); -@@ -513,6 +611,8 @@ mrt_type(enum mrt_type t) +@@ -513,6 +618,8 @@ mrt_type(enum mrt_type t) return "table"; case MRT_TABLE_DUMP_MP: return "table-mp"; @@ -365,7 +379,7 @@ diff -u -p -r1.1.1.7 -r1.9 case MRT_ALL_IN: return "all in"; case MRT_ALL_OUT: -@@ -541,13 +641,12 @@ print_mrt(u_int32_t pid, u_int32_t gid, +@@ -541,13 +648,12 @@ print_mrt(u_int32_t pid, u_int32_t gid, printf("%s%sdump ", prep, prep2); if (m->rib[0]) printf("rib %s ", m->rib); @@ -383,7 +397,7 @@ diff -u -p -r1.1.1.7 -r1.9 } } -@@ -612,26 +711,34 @@ peer_compare(const void *aa, const void +@@ -612,26 +718,34 @@ peer_compare(const void *aa, const void void print_config(struct bgpd_config *conf, struct rib_names *rib_l, struct network_head *net_l, struct peer *peer_l, diff --git a/net/openbgpd/files/patch-bgpd_rde.h b/net/openbgpd/files/patch-bgpd_rde.h index 717422949486..ba7d2d095891 100644 --- a/net/openbgpd/files/patch-bgpd_rde.h +++ b/net/openbgpd/files/patch-bgpd_rde.h @@ -2,16 +2,21 @@ Index: bgpd/rde.h =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/rde.h,v retrieving revision 1.1.1.8 -retrieving revision 1.1.1.12 -diff -u -p -r1.1.1.8 -r1.1.1.12 +retrieving revision 1.1.1.13 +diff -u -p -r1.1.1.8 -r1.1.1.13 --- bgpd/rde.h 14 Feb 2010 20:19:57 -0000 1.1.1.8 -+++ bgpd/rde.h 13 Oct 2012 18:22:46 -0000 1.1.1.12 -@@ -1,4 +1,4 @@ ++++ bgpd/rde.h 8 Dec 2012 10:37:09 -0000 1.1.1.13 +@@ -1,8 +1,8 @@ -/* $OpenBSD: rde.h,v 1.120 2009/06/06 01:10:29 claudio Exp $ */ -+/* $OpenBSD: rde.h,v 1.143 2012/08/12 14:24:56 claudio Exp $ */ ++/* $OpenBSD: rde.h,v 1.144 2012/09/12 05:56:22 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> and +- * Andre Oppermann <oppermann@pipeline.ch> ++ * Andre Oppermann <oppermann@networx.ch> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above @@ -56,16 +56,16 @@ struct rde_peer { struct bgpd_addr local_v6_addr; struct uptree_prefix up_prefix; diff --git a/net/openbgpd/files/patch-bgpd_rde_filter.c b/net/openbgpd/files/patch-bgpd_rde_filter.c index c08eff6a5a18..c17d9fc5fdbf 100644 --- a/net/openbgpd/files/patch-bgpd_rde_filter.c +++ b/net/openbgpd/files/patch-bgpd_rde_filter.c @@ -2,16 +2,25 @@ Index: bgpd/rde_filter.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/rde_filter.c,v retrieving revision 1.1.1.7 -retrieving revision 1.8 -diff -u -p -r1.1.1.7 -r1.8 +retrieving revision 1.9 +diff -u -p -r1.1.1.7 -r1.9 --- bgpd/rde_filter.c 14 Feb 2010 20:19:57 -0000 1.1.1.7 -+++ bgpd/rde_filter.c 13 Oct 2012 18:36:00 -0000 1.8 ++++ bgpd/rde_filter.c 8 Dec 2012 20:17:59 -0000 1.9 @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_filter.c,v 1.56 2009/06/06 01:10:29 claudio Exp $ */ -+/* $OpenBSD: rde_filter.c,v 1.62 2010/03/05 15:25:00 claudio Exp $ */ ++/* $OpenBSD: rde_filter.c,v 1.67 2011/09/20 21:19:06 claudio Exp $ */ /* * Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org> +@@ -26,7 +26,7 @@ + #include "rde.h" + + int rde_filter_match(struct filter_rule *, struct rde_aspath *, +- struct bgpd_addr *, u_int8_t, struct rde_peer *); ++ struct bgpd_addr *, u_int8_t, struct rde_peer *, struct rde_peer *); + int filterset_equal(struct filter_set_head *, struct filter_set_head *); + + enum filter_actions @@ -40,6 +40,13 @@ rde_filter(u_int16_t ribid, struct rde_a if (new != NULL) *new = NULL; @@ -26,6 +35,15 @@ diff -u -p -r1.1.1.7 -r1.8 TAILQ_FOREACH(f, rules, entry) { if (dir != f->dir) continue; +@@ -51,7 +58,7 @@ rde_filter(u_int16_t ribid, struct rde_a + if (f->peer.peerid != 0 && + f->peer.peerid != peer->conf.id) + continue; +- if (rde_filter_match(f, asp, prefix, prefixlen, peer)) { ++ if (rde_filter_match(f, asp, prefix, prefixlen, peer, from)) { + if (asp != NULL && new != NULL) { + /* asp may get modified so create a copy */ + if (*new == NULL) { @@ -59,7 +66,7 @@ rde_filter(u_int16_t ribid, struct rde_a /* ... and use the copy from now on */ asp = *new; @@ -53,7 +71,7 @@ diff -u -p -r1.1.1.7 -r1.8 break; case ACTION_SET_COMMUNITY: switch (set->action.community.as) { -@@ -243,6 +250,17 @@ rde_apply_set(struct rde_aspath *asp, st +@@ -243,19 +250,42 @@ rde_apply_set(struct rde_aspath *asp, st asp->rtlabelid = set->action.id; rtlabel_ref(asp->rtlabelid); break; @@ -71,9 +89,12 @@ diff -u -p -r1.1.1.7 -r1.8 } } } -@@ -251,11 +269,22 @@ int + + int rde_filter_match(struct filter_rule *f, struct rde_aspath *asp, - struct bgpd_addr *prefix, u_int8_t plen, struct rde_peer *peer) +- struct bgpd_addr *prefix, u_int8_t plen, struct rde_peer *peer) ++ struct bgpd_addr *prefix, u_int8_t plen, struct rde_peer *peer, ++ struct rde_peer *from) { - int as, type; + u_int32_t pas; @@ -98,7 +119,7 @@ diff -u -p -r1.1.1.7 -r1.8 return (0); if (asp != NULL && f->match.community.as != COMMUNITY_UNSET) { -@@ -263,10 +292,10 @@ rde_filter_match(struct filter_rule *f, +@@ -263,10 +293,10 @@ rde_filter_match(struct filter_rule *f, case COMMUNITY_ERROR: fatalx("rde_apply_set bad community string"); case COMMUNITY_NEIGHBOR_AS: @@ -111,7 +132,7 @@ diff -u -p -r1.1.1.7 -r1.8 break; } -@@ -281,12 +310,17 @@ rde_filter_match(struct filter_rule *f, +@@ -281,12 +311,17 @@ rde_filter_match(struct filter_rule *f, break; } @@ -132,7 +153,7 @@ diff -u -p -r1.1.1.7 -r1.8 /* don't use IPv4 rules for IPv6 and vice versa */ return (0); -@@ -322,7 +356,7 @@ rde_filter_match(struct filter_rule *f, +@@ -322,7 +357,7 @@ rde_filter_match(struct filter_rule *f, } else if (f->match.prefixlen.op != OP_NONE) { /* only prefixlen without a prefix */ @@ -141,7 +162,41 @@ diff -u -p -r1.1.1.7 -r1.8 /* don't use IPv4 rules for IPv6 and vice versa */ return (0); -@@ -356,19 +390,6 @@ rde_filter_match(struct filter_rule *f, +@@ -350,25 +385,40 @@ rde_filter_match(struct filter_rule *f, + } + /* NOTREACHED */ + } ++ if (f->match.nexthop.flags != 0) { ++ struct bgpd_addr *nexthop, *cmpaddr; ++ if (asp->nexthop == NULL) ++ /* no nexthop, skip */ ++ return (0); ++ nexthop = &asp->nexthop->exit_nexthop; ++ if (f->match.nexthop.flags == FILTER_NEXTHOP_ADDR) ++ cmpaddr = &f->match.nexthop.addr; ++ else ++ cmpaddr = &from->remote_addr; ++ if (cmpaddr->aid != nexthop->aid) ++ /* don't use IPv4 rules for IPv6 and vice versa */ ++ return (0); ++ ++ switch (cmpaddr->aid) { ++ case AID_INET: ++ if (cmpaddr->v4.s_addr != nexthop->v4.s_addr) ++ return (0); ++ break; ++ case AID_INET6: ++ if (memcmp(&cmpaddr->v6, &nexthop->v6, ++ sizeof(struct in6_addr))) ++ return (0); ++ break; ++ default: ++ fatalx("King Bula lost in address space"); ++ } ++ } + + /* matched somewhen or is anymatch rule */ + return (1); } int @@ -161,7 +216,7 @@ diff -u -p -r1.1.1.7 -r1.8 rde_filter_equal(struct filter_head *a, struct filter_head *b, struct rde_peer *peer, enum directions dir) { -@@ -476,6 +497,12 @@ filterset_cmp(struct filter_set *a, stru +@@ -476,6 +526,12 @@ filterset_cmp(struct filter_set *a, stru return (a->action.community.type - b->action.community.type); } @@ -174,7 +229,7 @@ diff -u -p -r1.1.1.7 -r1.8 if (a->type == ACTION_SET_NEXTHOP && b->type == ACTION_SET_NEXTHOP) { /* * This is the only interesting case, all others are considered -@@ -483,13 +510,29 @@ filterset_cmp(struct filter_set *a, stru +@@ -483,13 +539,29 @@ filterset_cmp(struct filter_set *a, stru * reject it at the same time. Allow one IPv4 and one IPv6 * per filter set or only one of the other nexthop modifiers. */ @@ -205,7 +260,7 @@ diff -u -p -r1.1.1.7 -r1.8 int filterset_equal(struct filter_set_head *ah, struct filter_set_head *bh) { -@@ -574,6 +617,19 @@ filterset_equal(struct filter_set_head * +@@ -574,6 +646,19 @@ filterset_equal(struct filter_set_head * if (strcmp(as, bs) == 0) continue; break; @@ -225,7 +280,7 @@ diff -u -p -r1.1.1.7 -r1.8 } /* compare failed */ return (0); -@@ -616,7 +672,14 @@ filterset_name(enum action_types type) +@@ -616,7 +701,14 @@ filterset_name(enum action_types type) case ACTION_RTLABEL: case ACTION_RTLABEL_ID: return ("rtlabel"); diff --git a/net/openbgpd/files/patch-bgpd_session.c b/net/openbgpd/files/patch-bgpd_session.c index 97648857e8f7..d043c447cf48 100644 --- a/net/openbgpd/files/patch-bgpd_session.c +++ b/net/openbgpd/files/patch-bgpd_session.c @@ -2,13 +2,13 @@ Index: bgpd/session.c =================================================================== RCS file: /home/cvs/private/hrs/openbgpd/bgpd/session.c,v retrieving revision 1.1.1.8 -retrieving revision 1.12 -diff -u -p -r1.1.1.8 -r1.12 +retrieving revision 1.13 +diff -u -p -r1.1.1.8 -r1.13 --- bgpd/session.c 14 Feb 2010 20:19:57 -0000 1.1.1.8 -+++ bgpd/session.c 13 Oct 2012 19:10:00 -0000 1.12 ++++ bgpd/session.c 8 Dec 2012 20:17:59 -0000 1.13 @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.293 2009/06/07 05:56:24 eric Exp $ */ -+/* $OpenBSD: session.c,v 1.324 2012/09/12 05:56:22 claudio Exp $ */ ++/* $OpenBSD: session.c,v 1.325 2012/09/18 09:45:50 claudio Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org> @@ -1223,14 +1223,7 @@ diff -u -p -r1.1.1.8 -r1.12 - if (rpos + msglen > av) - break; - p->rbuf->rptr = p->rbuf->buf + rpos; -+int -+session_process_msg(struct peer *p) -+{ -+ ssize_t rpos, av, left; -+ int processed = 0; -+ u_int16_t msglen; -+ u_int8_t msgtype; - +- - switch (msgtype) { - case OPEN: - bgp_fsm(p, EVNT_RCVD_OPEN); @@ -1265,8 +1258,13 @@ diff -u -p -r1.1.1.8 -r1.12 - } - if (p->rbuf == NULL) - return (1); -+ rpos = 0; -+ av = p->rbuf->wpos; ++int ++session_process_msg(struct peer *p) ++{ ++ ssize_t rpos, av, left; ++ int processed = 0; ++ u_int16_t msglen; ++ u_int8_t msgtype; - if (rpos < av) { - left = av - rpos; @@ -1274,6 +1272,10 @@ diff -u -p -r1.1.1.8 -r1.12 - p->rbuf->wpos = left; - } else - p->rbuf->wpos = 0; ++ rpos = 0; ++ av = p->rbuf->wpos; + +- return (1); + /* + * session might drop to IDLE -> buffers deallocated + * we MUST check rbuf != NULL before use @@ -1289,8 +1291,7 @@ diff -u -p -r1.1.1.8 -r1.12 + if (rpos + msglen > av) + break; + p->rbuf->rptr = p->rbuf->buf + rpos; - -- return (1); ++ + switch (msgtype) { + case OPEN: + bgp_fsm(p, EVNT_RCVD_OPEN); @@ -1467,7 +1468,7 @@ diff -u -p -r1.1.1.8 -r1.12 log_peer_warnx(&peer->conf, "disabling restart capability"); break; -@@ -2139,13 +2376,17 @@ parse_notification(struct peer *peer) +@@ -2139,19 +2376,23 @@ parse_notification(struct peer *peer) int parse_capabilities(struct peer *peer, u_char *d, u_int16_t dlen, u_int32_t *as) { @@ -1489,10 +1490,31 @@ diff -u -p -r1.1.1.8 -r1.12 len = dlen; while (len > 0) { -@@ -2182,36 +2423,65 @@ parse_capabilities(struct peer *peer, u_ - "expect len 4, len is %u", capa_len); + if (len < 2) { +- log_peer_warnx(&peer->conf, "parse_capabilities: " +- "expect len >= 2, len is %u", len); ++ log_peer_warnx(&peer->conf, "Bad capabilities attr " ++ "length: %u, too short", len); + return (-1); + } + memcpy(&capa_code, d, sizeof(capa_code)); +@@ -2163,7 +2404,7 @@ parse_capabilities(struct peer *peer, u_ + if (capa_len > 0) { + if (len < capa_len) { + log_peer_warnx(&peer->conf, +- "parse_capabilities: " ++ "Bad capabilities attr length: " + "len %u smaller than capa_len %u", + len, capa_len); return (-1); - } +@@ -2178,47 +2419,82 @@ parse_capabilities(struct peer *peer, u_ + case CAPA_MP: /* RFC 4760 */ + if (capa_len != 4) { + log_peer_warnx(&peer->conf, +- "parse_capabilities: " +- "expect len 4, len is %u", capa_len); +- return (-1); +- } - memcpy(&mp_afi, capa_val, sizeof(mp_afi)); - mp_afi = ntohs(mp_afi); - memcpy(&mp_safi, capa_val + 3, sizeof(mp_safi)); @@ -1504,7 +1526,9 @@ diff -u -p -r1.1.1.8 -r1.12 - "mp_safi %u unknown", mp_safi); - else - peer->capa.peer.mp_v4 = mp_safi; -- break; ++ "Bad multi protocol capability length: " ++ "%u", capa_len); + break; - case AFI_IPv6: - if (mp_safi < 1 || mp_safi > 3) - log_peer_warnx(&peer->conf, @@ -1514,13 +1538,15 @@ diff -u -p -r1.1.1.8 -r1.12 - peer->capa.peer.mp_v6 = mp_safi; - break; - default: /* ignore */ ++ } + memcpy(&afi, capa_val, sizeof(afi)); + afi = ntohs(afi); + memcpy(&safi, capa_val + 3, sizeof(safi)); + if (afi2aid(afi, safi, &aid) == -1) { + log_peer_warnx(&peer->conf, -+ "parse_capabilities: AFI %u, " -+ "safi %u unknown", afi, safi); ++ "Received multi protocol capability: " ++ " unknown AFI %u, safi %u pair", ++ afi, safi); break; } + peer->capa.peer.mp[aid] = 1; @@ -1538,9 +1564,11 @@ diff -u -p -r1.1.1.8 -r1.12 + break; + } else if (capa_len % 4 != 2) { + log_peer_warnx(&peer->conf, -+ "parse_capabilities: " -+ "expect len 2 + x*4, len is %u", capa_len); -+ return (-1); ++ "Bad graceful restart capability length: " ++ "%u", capa_len); ++ peer->capa.peer.grestart.restart = 0; ++ peer->capa.peer.grestart.timeout = 0; ++ break; + } + + memcpy(&gr_header, capa_val, sizeof(gr_header)); @@ -1548,9 +1576,10 @@ diff -u -p -r1.1.1.8 -r1.12 + peer->capa.peer.grestart.timeout = + gr_header & CAPA_GR_TIMEMASK; + if (peer->capa.peer.grestart.timeout == 0) { -+ log_peer_warnx(&peer->conf, ++ log_peer_warnx(&peer->conf, "Received " + "graceful restart timeout is zero"); -+ return (-1); ++ peer->capa.peer.grestart.restart = 0; ++ break; + } + + for (i = 2; i <= capa_len - 4; i += 4) { @@ -1559,9 +1588,10 @@ diff -u -p -r1.1.1.8 -r1.12 + memcpy(&safi, capa_val + i + 2, sizeof(safi)); + if (afi2aid(afi, safi, &aid) == -1) { + log_peer_warnx(&peer->conf, -+ "parse_capabilities: restart: AFI " -+ "%u, safi %u unknown", afi, safi); -+ return (-1); ++ "Received graceful restart capa: " ++ " unknown AFI %u, safi %u pair", ++ afi, safi); ++ continue; + } + memcpy(&gr_flags, capa_val + i + 3, + sizeof(gr_flags)); @@ -1578,7 +1608,18 @@ diff -u -p -r1.1.1.8 -r1.12 break; case CAPA_AS4BYTE: if (capa_len != 4) { -@@ -2232,6 +2502,66 @@ parse_capabilities(struct peer *peer, u_ + log_peer_warnx(&peer->conf, +- "parse_capabilities: " +- "expect len 4, len is %u", capa_len); +- return (-1); ++ "Bad AS4BYTE capability length: " ++ "%u", capa_len); ++ peer->capa.peer.as4byte = 0; ++ break; + } + memcpy(&remote_as, capa_val, sizeof(remote_as)); + *as = ntohl(remote_as); +@@ -2232,6 +2508,66 @@ parse_capabilities(struct peer *peer, u_ return (0); } @@ -1645,7 +1686,7 @@ diff -u -p -r1.1.1.8 -r1.12 void session_dispatch_imsg(struct imsgbuf *ibuf, int idx, u_int *listener_cnt) { -@@ -2244,8 +2574,8 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2244,8 +2580,8 @@ session_dispatch_imsg(struct imsgbuf *ib struct kif *kif; u_char *data; enum reconf_action reconf; @@ -1656,7 +1697,7 @@ diff -u -p -r1.1.1.8 -r1.12 if ((n = imsg_read(ibuf)) == -1) fatal("session_dispatch_imsg: imsg_read error"); -@@ -2332,15 +2662,42 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2332,15 +2668,42 @@ session_dispatch_imsg(struct imsgbuf *ib } break; @@ -1700,7 +1741,7 @@ diff -u -p -r1.1.1.8 -r1.12 /* add new peers */ for (p = npeers; p != NULL; p = next) { -@@ -2388,6 +2745,8 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2388,6 +2751,8 @@ session_dispatch_imsg(struct imsgbuf *ib nconf = NULL; pending_reconf = 0; log_info("SE reconfigured"); @@ -1709,7 +1750,7 @@ diff -u -p -r1.1.1.8 -r1.12 break; case IMSG_IFINFO: if (idx != PFD_PIPE_MAIN) -@@ -2397,9 +2756,7 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2397,9 +2762,7 @@ session_dispatch_imsg(struct imsgbuf *ib fatalx("IFINFO imsg with wrong len"); kif = imsg.data; depend_ok = (kif->flags & IFF_UP) && @@ -1720,7 +1761,7 @@ diff -u -p -r1.1.1.8 -r1.12 for (p = peers; p != NULL; p = p->next) if (!strcmp(p->conf.if_depend, kif->ifname)) { -@@ -2408,7 +2765,8 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2408,7 +2771,8 @@ session_dispatch_imsg(struct imsgbuf *ib bgp_fsm(p, EVNT_START); } else if (!depend_ok && p->depend_ok) { p->depend_ok = depend_ok; @@ -1730,7 +1771,7 @@ diff -u -p -r1.1.1.8 -r1.12 } } break; -@@ -2456,10 +2814,10 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2456,10 +2820,10 @@ session_dispatch_imsg(struct imsgbuf *ib } break; case IMSG_CTL_KROUTE: @@ -1742,7 +1783,7 @@ diff -u -p -r1.1.1.8 -r1.12 if (idx != PFD_PIPE_MAIN) fatalx("ctl kroute request not from parent"); control_imsg_relay(&imsg); -@@ -2469,7 +2827,6 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2469,7 +2833,6 @@ session_dispatch_imsg(struct imsgbuf *ib case IMSG_CTL_SHOW_RIB_ATTR: case IMSG_CTL_SHOW_RIB_MEM: case IMSG_CTL_SHOW_NETWORK: @@ -1750,7 +1791,7 @@ diff -u -p -r1.1.1.8 -r1.12 case IMSG_CTL_SHOW_NEIGHBOR: if (idx != PFD_PIPE_ROUTE_CTL) fatalx("ctl rib request not from RDE"); -@@ -2531,6 +2888,40 @@ session_dispatch_imsg(struct imsgbuf *ib +@@ -2531,6 +2894,40 @@ session_dispatch_imsg(struct imsgbuf *ib break; } break; @@ -1791,7 +1832,7 @@ diff -u -p -r1.1.1.8 -r1.12 default: break; } -@@ -2612,29 +3003,23 @@ getpeerbydesc(const char *descr) +@@ -2612,29 +3009,23 @@ getpeerbydesc(const char *descr) struct peer * getpeerbyip(struct sockaddr *ip) { @@ -1828,7 +1869,7 @@ diff -u -p -r1.1.1.8 -r1.12 if (loose == NULL || loose->conf.remote_masklen < p->conf.remote_masklen) loose = p; -@@ -2653,21 +3038,19 @@ getpeerbyip(struct sockaddr *ip) +@@ -2653,21 +3044,19 @@ getpeerbyip(struct sockaddr *ip) break; } } @@ -1857,7 +1898,7 @@ diff -u -p -r1.1.1.8 -r1.12 newpeer->rbuf = NULL; init_peer(newpeer); bgp_fsm(newpeer, EVNT_START); -@@ -2680,40 +3063,24 @@ getpeerbyip(struct sockaddr *ip) +@@ -2680,40 +3069,24 @@ getpeerbyip(struct sockaddr *ip) } int @@ -1909,7 +1950,7 @@ diff -u -p -r1.1.1.8 -r1.12 return (0); } -@@ -2733,6 +3100,7 @@ getpeerbyid(u_int32_t peerid) +@@ -2733,6 +3106,7 @@ getpeerbyid(u_int32_t peerid) void session_down(struct peer *peer) { @@ -1917,7 +1958,7 @@ diff -u -p -r1.1.1.8 -r1.12 peer->stats.last_updown = time(NULL); if (imsg_compose(ibuf_rde, IMSG_SESSION_DOWN, peer->conf.id, 0, -1, NULL, 0) == -1) -@@ -2744,39 +3112,17 @@ session_up(struct peer *p) +@@ -2744,39 +3118,17 @@ session_up(struct peer *p) { struct session_up sup; @@ -1964,7 +2005,7 @@ diff -u -p -r1.1.1.8 -r1.12 p->stats.last_updown = time(NULL); if (imsg_compose(ibuf_rde, IMSG_SESSION_UP, p->conf.id, 0, -1, &sup, sizeof(sup)) == -1) -@@ -2784,9 +3130,10 @@ session_up(struct peer *p) +@@ -2784,9 +3136,10 @@ session_up(struct peer *p) } int @@ -1977,7 +2018,7 @@ diff -u -p -r1.1.1.8 -r1.12 } int -@@ -2795,34 +3142,6 @@ imsg_compose_rde(int type, pid_t pid, vo +@@ -2795,34 +3148,6 @@ imsg_compose_rde(int type, pid_t pid, vo return (imsg_compose(ibuf_rde, type, 0, pid, -1, data, datalen)); } @@ -2012,7 +2053,7 @@ diff -u -p -r1.1.1.8 -r1.12 void session_demote(struct peer *p, int level) { -@@ -2837,3 +3156,19 @@ session_demote(struct peer *p, int level +@@ -2837,3 +3162,19 @@ session_demote(struct peer *p, int level p->demoted += level; } diff --git a/net/openbgpd/files/patch-openbsd-compat_imsg-buffer.c b/net/openbgpd/files/patch-openbsd-compat_imsg-buffer.c index 7d807d2259d9..3db0ec22abe8 100644 --- a/net/openbgpd/files/patch-openbsd-compat_imsg-buffer.c +++ b/net/openbgpd/files/patch-openbsd-compat_imsg-buffer.c @@ -3,8 +3,8 @@ Index: openbsd-compat/imsg-buffer.c RCS file: openbsd-compat/imsg-buffer.c diff -N openbsd-compat/imsg-buffer.c --- /dev/null 1 Jan 1970 00:00:00 -0000 -+++ openbsd-compat/imsg-buffer.c 2 Jul 2011 16:06:38 -0000 1.1 -@@ -0,0 +1,303 @@ ++++ openbsd-compat/imsg-buffer.c 8 Dec 2012 20:17:59 -0000 1.2 +@@ -0,0 +1,305 @@ +/* $OpenBSD: imsg-buffer.c,v 1.1 2010/05/26 16:44:32 nicm Exp $ */ + +/* @@ -164,22 +164,23 @@ diff -N openbsd-compat/imsg-buffer.c + i++; + } + ++again: + if ((n = writev(msgbuf->fd, iov, i)) == -1) { -+ if (errno == EAGAIN || errno == ENOBUFS || -+ errno == EINTR) /* try later */ -+ return (0); -+ else -+ return (-1); ++ if (errno == EAGAIN || errno == EINTR) ++ goto again; ++ if (errno == ENOBUFS) ++ errno = EAGAIN; ++ return (-1); + } + + if (n == 0) { /* connection closed */ + errno = 0; -+ return (-2); ++ return (0); + } + + msgbuf_drain(msgbuf, n); + -+ return (0); ++ return (1); +} + +void @@ -263,17 +264,18 @@ diff -N openbsd-compat/imsg-buffer.c + *(int *)CMSG_DATA(cmsg) = buf->fd; + } + ++again: + if ((n = sendmsg(msgbuf->fd, &msg, 0)) == -1) { -+ if (errno == EAGAIN || errno == ENOBUFS || -+ errno == EINTR) /* try later */ -+ return (0); -+ else -+ return (-1); ++ if (errno == EAGAIN || errno == EINTR) ++ goto again; ++ if (errno == ENOBUFS) ++ errno = EAGAIN; ++ return (-1); + } + + if (n == 0) { /* connection closed */ + errno = 0; -+ return (-2); ++ return (0); + } + + /* @@ -287,7 +289,7 @@ diff -N openbsd-compat/imsg-buffer.c + + msgbuf_drain(msgbuf, n); + -+ return (0); ++ return (1); +} + +void diff --git a/net/openbgpd/files/patch-openbsd-compat_imsg.c b/net/openbgpd/files/patch-openbsd-compat_imsg.c index 183a46ba6697..c23d5aa22060 100644 --- a/net/openbgpd/files/patch-openbsd-compat_imsg.c +++ b/net/openbgpd/files/patch-openbsd-compat_imsg.c @@ -3,8 +3,8 @@ Index: openbsd-compat/imsg.c RCS file: openbsd-compat/imsg.c diff -N openbsd-compat/imsg.c --- /dev/null 1 Jan 1970 00:00:00 -0000 -+++ openbsd-compat/imsg.c 2 Jul 2011 16:06:38 -0000 1.1 -@@ -0,0 +1,271 @@ ++++ openbsd-compat/imsg.c 8 Dec 2012 20:17:59 -0000 1.2 +@@ -0,0 +1,305 @@ +/* $OpenBSD: imsg.c,v 1.1 2010/05/26 16:44:32 nicm Exp $ */ + +/* @@ -35,6 +35,8 @@ diff -N openbsd-compat/imsg.c + +#include "imsg.h" + ++int imsg_fd_overhead = 0; ++ +int imsg_get_fd(struct imsgbuf *); + +void @@ -55,10 +57,10 @@ diff -N openbsd-compat/imsg.c + struct cmsghdr *cmsg; + union { + struct cmsghdr hdr; -+ char buf[CMSG_SPACE(sizeof(int) * 16)]; ++ char buf[CMSG_SPACE(sizeof(int) * 1)]; + } cmsgbuf; + struct iovec iov; -+ ssize_t n; ++ ssize_t n = -1; + int fd; + struct imsg_fd *ifd; + @@ -71,11 +73,27 @@ diff -N openbsd-compat/imsg.c + msg.msg_control = &cmsgbuf.buf; + msg.msg_controllen = sizeof(cmsgbuf.buf); + ++ if ((ifd = calloc(1, sizeof(struct imsg_fd))) == NULL) ++ return (-1); ++ ++again: ++#if defined(__FreeBSD__) ++ if (imsg_fd_overhead + ++#else ++ if (getdtablecount() + imsg_fd_overhead + ++#endif ++ (CMSG_SPACE(sizeof(int))-CMSG_SPACE(0))/sizeof(int) ++ >= getdtablesize()) { ++ errno = EAGAIN; ++ return (-1); ++ } ++ + if ((n = recvmsg(ibuf->fd, &msg, 0)) == -1) { -+ if (errno != EINTR && errno != EAGAIN) { -+ return (-1); -+ } -+ return (-2); ++ if (errno == EMSGSIZE) ++ goto fail; ++ if (errno != EINTR && errno != EAGAIN) ++ goto fail; ++ goto again; + } + + ibuf->r.wpos += n; @@ -84,17 +102,33 @@ diff -N openbsd-compat/imsg.c + cmsg = CMSG_NXTHDR(&msg, cmsg)) { + if (cmsg->cmsg_level == SOL_SOCKET && + cmsg->cmsg_type == SCM_RIGHTS) { -+ fd = (*(int *)CMSG_DATA(cmsg)); -+ if ((ifd = calloc(1, sizeof(struct imsg_fd))) == NULL) { -+ close(fd); -+ return (-1); ++ int i; ++ int j; ++ ++ /* ++ * We only accept one file descriptor. Due to C ++ * padding rules, our control buffer might contain ++ * more than one fd, and we must close them. ++ */ ++ j = ((char *)cmsg + cmsg->cmsg_len - ++ (char *)CMSG_DATA(cmsg)) / sizeof(int); ++ for (i = 0; i < j; i++) { ++ fd = ((int *)CMSG_DATA(cmsg))[i]; ++ if (i == 0) { ++ ifd->fd = fd; ++ TAILQ_INSERT_TAIL(&ibuf->fds, ifd, ++ entry); ++ ifd = NULL; ++ } else ++ close(fd); + } -+ ifd->fd = fd; -+ TAILQ_INSERT_TAIL(&ibuf->fds, ifd, entry); + } + /* we do not handle other ctl data level */ + } + ++fail: ++ if (ifd) ++ free(ifd); + return (n); +} + diff --git a/net/openbgpd/files/patch-openbsd-compat_imsg.h b/net/openbgpd/files/patch-openbsd-compat_imsg.h index 80ce85487aef..91cf15ea1afd 100644 --- a/net/openbgpd/files/patch-openbsd-compat_imsg.h +++ b/net/openbgpd/files/patch-openbsd-compat_imsg.h @@ -3,9 +3,9 @@ Index: openbsd-compat/imsg.h RCS file: openbsd-compat/imsg.h diff -N openbsd-compat/imsg.h --- /dev/null 1 Jan 1970 00:00:00 -0000 -+++ openbsd-compat/imsg.h 2 Jul 2011 16:06:38 -0000 1.1 ++++ openbsd-compat/imsg.h 8 Dec 2012 20:17:59 -0000 1.2 @@ -0,0 +1,112 @@ -+/* $OpenBSD: imsg.h,v 1.2 2010/06/23 07:53:55 nicm Exp $ */ ++/* $OpenBSD: imsg.h,v 1.1 2010/05/26 16:44:32 nicm Exp $ */ + +/* + * Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org> |