summaryrefslogtreecommitdiff
path: root/proto/bgp
diff options
context:
space:
mode:
authorJan Moskyto Matejka <mq@ucw.cz>2016-05-13 13:48:04 +0200
committerJan Moskyto Matejka <mq@ucw.cz>2016-05-13 13:48:04 +0200
commit5af7b59660be615fbbd7c20b92b71321c003c43a (patch)
tree59bc962b18ae5a4ac6bf088863cfe210c9123b57 /proto/bgp
parentd39d41fbda2ec86ea2bac27308eb4fb16ecc4702 (diff)
parentb66a9e2f3376b4cb07ef4cc318f70a9c794f407a (diff)
Merge branch 'int-new' of gitlab.labs.nic.cz:labs/bird into int-new
Diffstat (limited to 'proto/bgp')
-rw-r--r--proto/bgp/bgp.c6
-rw-r--r--proto/bgp/bgp.h1
-rw-r--r--proto/bgp/config.Y4
3 files changed, 8 insertions, 3 deletions
diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c
index 61b5cba2..0ae3db7b 100644
--- a/proto/bgp/bgp.c
+++ b/proto/bgp/bgp.c
@@ -121,7 +121,8 @@ bgp_open(struct bgp_proto *p)
bgp_counter++;
if (p->cf->password)
- if (sk_set_md5_auth(bgp_listen_sk, p->cf->remote_ip, p->cf->iface, p->cf->password) < 0)
+ if (sk_set_md5_auth(bgp_listen_sk, p->cf->source_addr, p->cf->remote_ip,
+ p->cf->iface, p->cf->password, p->cf->setkey) < 0)
{
sk_log_error(bgp_listen_sk, p->p.name);
bgp_close(p, 0);
@@ -191,7 +192,8 @@ bgp_close(struct bgp_proto *p, int apply_md5)
bgp_counter--;
if (p->cf->password && apply_md5)
- if (sk_set_md5_auth(bgp_listen_sk, p->cf->remote_ip, p->cf->iface, NULL) < 0)
+ if (sk_set_md5_auth(bgp_listen_sk, p->cf->source_addr, p->cf->remote_ip,
+ p->cf->iface, NULL, p->cf->setkey) < 0)
sk_log_error(bgp_listen_sk, p->p.name);
if (!bgp_counter)
diff --git a/proto/bgp/bgp.h b/proto/bgp/bgp.h
index 274794f1..b1cca2d9 100644
--- a/proto/bgp/bgp.h
+++ b/proto/bgp/bgp.h
@@ -51,6 +51,7 @@ struct bgp_config {
int add_path; /* Use ADD-PATH extension [draft] */
int allow_local_as; /* Allow that number of local ASNs in incoming AS_PATHs */
int gr_mode; /* Graceful restart mode (BGP_GR_*) */
+ int setkey; /* Set MD5 password to system SA/SP database */
unsigned gr_time; /* Graceful restart timeout */
unsigned connect_delay_time; /* Minimum delay between connect attempts */
unsigned connect_retry_time; /* Timeout for connect attempts */
diff --git a/proto/bgp/config.Y b/proto/bgp/config.Y
index 614ef08c..33561bff 100644
--- a/proto/bgp/config.Y
+++ b/proto/bgp/config.Y
@@ -27,7 +27,7 @@ CF_KEYWORDS(BGP, LOCAL, NEIGHBOR, AS, HOLD, TIME, CONNECT, RETRY,
INTERPRET, COMMUNITIES, BGP_ORIGINATOR_ID, BGP_CLUSTER_LIST, IGP,
TABLE, GATEWAY, DIRECT, RECURSIVE, MED, TTL, SECURITY, DETERMINISTIC,
SECONDARY, ALLOW, BFD, ADD, PATHS, RX, TX, GRACEFUL, RESTART, AWARE,
- CHECK, LINK, PORT, EXTENDED, MESSAGES)
+ CHECK, LINK, PORT, EXTENDED, MESSAGES, SETKEY)
CF_GRAMMAR
@@ -54,6 +54,7 @@ bgp_proto_start: proto_start BGP {
BGP_CFG->default_local_pref = 100;
BGP_CFG->gr_mode = BGP_GR_AWARE;
BGP_CFG->gr_time = 120;
+ BGP_CFG->setkey = 1;
}
;
@@ -112,6 +113,7 @@ bgp_proto:
| bgp_proto CAPABILITIES bool ';' { BGP_CFG->capabilities = $3; }
| bgp_proto ADVERTISE IPV4 bool ';' { BGP_CFG->advertise_ipv4 = $4; }
| bgp_proto PASSWORD text ';' { BGP_CFG->password = $3; }
+ | bgp_proto SETKEY bool ';' { BGP_CFG->setkey = $3; }
| bgp_proto PASSIVE bool ';' { BGP_CFG->passive = $3; }
| bgp_proto INTERPRET COMMUNITIES bool ';' { BGP_CFG->interpret_communities = $4; }
| bgp_proto SECONDARY bool ';' { BGP_CFG->secondary = $3; }