diff options
author | Maria Matejka <mq@ucw.cz> | 2022-06-08 11:47:49 +0200 |
---|---|---|
committer | Maria Matejka <mq@ucw.cz> | 2022-06-08 11:47:49 +0200 |
commit | cae5979871ee7aa341334f8b1af6bafc60ee9692 (patch) | |
tree | 490f68c9c5d856ab560f2194fe350cd68039cccd /proto/bgp | |
parent | 8fd3811d9d29d73570e03147eb024a4e5fde199b (diff) | |
parent | 950775f6fa3d569a9d7cd05e33538d35e895d688 (diff) |
Merge commit '950775f6fa3d569a9d7cd05e33538d35e895d688' into haugesund
There were quite a lot of conflicts in flowspec validation code which
ultimately led to some code being a bit rewritten, not only adapted from
this or that branch, yet it is still in a limit of a merge.
Diffstat (limited to 'proto/bgp')
-rw-r--r-- | proto/bgp/attrs.c | 16 | ||||
-rw-r--r-- | proto/bgp/bgp.h | 4 | ||||
-rw-r--r-- | proto/bgp/packets.c | 11 |
3 files changed, 20 insertions, 11 deletions
diff --git a/proto/bgp/attrs.c b/proto/bgp/attrs.c index ccfda4df..0b715eaa 100644 --- a/proto/bgp/attrs.c +++ b/proto/bgp/attrs.c @@ -1715,8 +1715,20 @@ bgp_preexport(struct channel *c, rte *e) return 0; /* Reject flowspec that failed validation */ - if ((e->attrs->dest == RTD_UNREACHABLE) && net_is_flow(e->net)) - return -1; + if (net_is_flow(e->net)) + switch (rt_get_flowspec_valid(e)) + { + case FLOWSPEC_VALID: + break; + case FLOWSPEC_INVALID: + return -1; + case FLOWSPEC_UNKNOWN: + ASSUME((rt_get_source_attr(e) != RTS_BGP) || + !((struct bgp_channel *) SKIP_BACK(struct channel, in_req, e->sender->req))->base_table); + break; + case FLOWSPEC__MAX: + bug("This never happens."); + } /* IBGP route reflection, RFC 4456 */ if (p->is_internal && src->is_internal && (p->local_as == src->local_as)) diff --git a/proto/bgp/bgp.h b/proto/bgp/bgp.h index 8e3ed70e..662d9d48 100644 --- a/proto/bgp/bgp.h +++ b/proto/bgp/bgp.h @@ -519,7 +519,9 @@ struct rte_source *bgp_get_source(struct bgp_proto *p, u32 path_id); static inline int rta_resolvable(rta *a) { - return a->dest != RTD_UNREACHABLE; + eattr *nhea = ea_find(a->eattrs, &ea_gen_nexthop); + struct nexthop_adata *nhad = (void *) nhea->u.ptr; + return NEXTHOP_IS_REACHABLE(nhad) || (nhad->dest != RTD_UNREACHABLE); } diff --git a/proto/bgp/packets.c b/proto/bgp/packets.c index 06b563b0..9911738d 100644 --- a/proto/bgp/packets.c +++ b/proto/bgp/packets.c @@ -968,7 +968,6 @@ bgp_apply_next_hop(struct bgp_parse_state *s, rta *a, ip_addr gw, ip_addr ll) ea_set_attr_u32(&a->eattrs, &ea_gen_igp_metric, 0, c->cf->cost); - a->dest = RTD_UNICAST; struct nexthop_adata nhad = { .nh = { .gw = nbr->addr, @@ -1003,8 +1002,7 @@ bgp_apply_mpls_labels(struct bgp_parse_state *s, rta *a, u32 lnum, u32 labels[ln { REPORT("Too many MPLS labels ($u)", lnum); - a->dest = RTD_UNREACHABLE; - ea_unset_attr(&a->eattrs, 0, &ea_gen_nexthop); + ea_set_dest(&a->eattrs, 0, RTD_UNREACHABLE); return; } @@ -1092,17 +1090,14 @@ bgp_use_gateway(struct bgp_export_state *s) if (c->cf->next_hop_self && bgp_match_src(s, c->cf->next_hop_self)) return NULL; - /* Unreachable */ - if (ra->dest != RTD_UNICAST) - return NULL; - eattr *nhea = ea_find(ra->eattrs, &ea_gen_nexthop); if (!nhea) return NULL; /* We need one valid global gateway */ struct nexthop_adata *nhad = (struct nexthop_adata *) nhea->u.ptr; - if (!NEXTHOP_ONE(nhad) || ipa_zero(nhad->nh.gw) || + if (!NEXTHOP_IS_REACHABLE(nhad) || + !NEXTHOP_ONE(nhad) || ipa_zero(nhad->nh.gw) || ipa_is_link_local(nhad->nh.gw)) return NULL; |