diff options
Diffstat (limited to 'sysdep')
-rw-r--r-- | sysdep/bsd/krt-sock.c | 261 | ||||
-rw-r--r-- | sysdep/cf/bsd-v6.h | 2 | ||||
-rw-r--r-- | sysdep/cf/bsd.h | 2 | ||||
-rw-r--r-- | sysdep/linux/netlink/netlink.c | 151 | ||||
-rw-r--r-- | sysdep/linux/sysio.h | 2 | ||||
-rw-r--r-- | sysdep/unix/config.Y | 2 | ||||
-rw-r--r-- | sysdep/unix/io.c | 15 | ||||
-rw-r--r-- | sysdep/unix/krt.c | 52 | ||||
-rw-r--r-- | sysdep/unix/krt.h | 1 | ||||
-rw-r--r-- | sysdep/unix/log.c | 1 | ||||
-rw-r--r-- | sysdep/unix/main.c | 13 | ||||
-rw-r--r-- | sysdep/unix/unix.h | 5 |
12 files changed, 253 insertions, 254 deletions
diff --git a/sysdep/bsd/krt-sock.c b/sysdep/bsd/krt-sock.c index a5279657..1dd09ae9 100644 --- a/sysdep/bsd/krt-sock.c +++ b/sysdep/bsd/krt-sock.c @@ -33,39 +33,8 @@ #include "lib/string.h" #include "lib/socket.h" -#ifdef IPV6 -#define HOST_MASK 128 -#else -#define HOST_MASK 32 -#endif - int rt_sock = 0; -#define CHECK_FAMILY(sa) \ - ((((struct sockaddr *)sa)->sa_family) == BIRD_AF) - -static struct iface * -krt_temp_iface_index(struct krt_proto *p, unsigned index) -{ - struct iface *i, *j; - - WALK_LIST(i, p->scan.temp_ifs) - if (i->index == index) - return i; - i = mb_allocz(p->p.pool, sizeof(struct iface)); - if (j = if_find_by_index(index)) - { - strcpy(i->name, j->name); - i->addr = j->addr; - } - else - strcpy(i->name, "?"); - i->index = index; - add_tail(&p->scan.temp_ifs, &i->n); - return i; -} - - int krt_capable(rte *e) { @@ -83,7 +52,7 @@ krt_capable(rte *e) || a->dest == RTD_UNREACHABLE #endif #ifdef RTF_BLACKHOLE - || a->dest == RTD_BLACKHOLE /* FIXME Prohibited? */ + || a->dest == RTD_BLACKHOLE #endif ); } @@ -96,6 +65,13 @@ krt_capable(rte *e) l = ROUNDUP(((struct sockaddr *)&(u))->sa_len);\ memmove(body, &(u), l); body += l;} +#define GETADDR(p, F) \ + bzero(p, sizeof(*p));\ + if ((addrs & (F)) && ((struct sockaddr *)body)->sa_len) {\ + unsigned int l = ROUNDUP(((struct sockaddr *)body)->sa_len);\ + memcpy(p, body, (l > sizeof(*p) ? sizeof(*p) : l));\ + body += l;} + static void krt_sock_send(int cmd, rte *e) { @@ -108,7 +84,7 @@ krt_sock_send(int cmd, rte *e) char *body = (char *)msg.buf; sockaddr gate, mask, dst; - DBG("krt-sock: send %I/%d via %I", net->n.prefix, net->n.pxlen, a->gw); + DBG("krt-sock: send %I/%d via %I\n", net->n.prefix, net->n.pxlen, a->gw); fill_in_sockaddr(&dst, net->n.prefix, 0); fill_in_sockaddr(&mask, ipa_mkmask(net->n.pxlen), 0); @@ -119,9 +95,9 @@ krt_sock_send(int cmd, rte *e) msg.rtm.rtm_type = cmd; msg.rtm.rtm_seq = msg_seq++; msg.rtm.rtm_addrs = RTA_DST; - msg.rtm.rtm_flags = RTF_UP; + msg.rtm.rtm_flags = RTF_UP | RTF_PROTO1; - if (net->n.pxlen == HOST_MASK) + if (net->n.pxlen == MAX_PREFIX_LENGTH) { msg.rtm.rtm_flags |= RTF_HOST; } @@ -200,12 +176,12 @@ krt_sock_send(int cmd, rte *e) msg.rtm.rtm_msglen = l; if ((l = write(rt_sock, (char *)&msg, l)) < 0) { - log(L_ERR "KIF: error writting route to socket (%I/%d)", net->n.prefix, net->n.pxlen); + log(L_ERR "KIF: Error sending route %I/%d to kernel", net->n.prefix, net->n.pxlen); } } void -krt_set_notify(struct krt_proto *p UNUSED, net *net UNUSED, rte *new, rte *old) +krt_set_notify(struct krt_proto *p UNUSED, net *net, rte *new, rte *old) { if (old) { @@ -258,68 +234,87 @@ krt_set_start(struct krt_proto *x, int first UNUSED) bug("krt-sock: sk_open failed"); } +#define SKIP(ARG...) do { DBG("KRT: Ignoring route - " ARG); return; } while(0) + static void krt_read_rt(struct ks_msg *msg, struct krt_proto *p, int scan) { - sockaddr gate, mask, dst; rta a; rte *e; net *net; + sockaddr dst, gate, mask; ip_addr idst, igate, imask; void *body = (char *)msg->buf; int new = (msg->rtm.rtm_type == RTM_ADD); int src; + char *errmsg = "KRT: Invalid route received"; int flags = msg->rtm.rtm_flags; int addrs = msg->rtm.rtm_addrs; - int masklen = -1; - if (!(flags & RTF_UP)) - { - DBG("Down.\n"); - return; - } + if (!(flags & RTF_UP) && scan) + SKIP("not up in scan\n"); - if (flags & RTF_HOST) - masklen = HOST_MASK; + if (!(flags & RTF_DONE) && !scan) + SKIP("not done in async\n"); - if(!CHECK_FAMILY(body)) return; + if (flags & RTF_LLINFO) + SKIP("link-local\n"); - if(msg->rtm.rtm_flags & RTF_LLINFO) return; /* ARPs etc. */ + GETADDR(&dst, RTA_DST); + GETADDR(&gate, RTA_GATEWAY); + GETADDR(&mask, RTA_NETMASK); -#define GETADDR(p, F) \ - bzero(p, sizeof(*p));\ - if ((addrs & (F)) && ((struct sockaddr *)body)->sa_len) {\ - unsigned int l = ROUNDUP(((struct sockaddr *)body)->sa_len);\ - memcpy(p, body, (l > sizeof(*p) ? sizeof(*p) : l));\ - body += l;} - - GETADDR (&dst, RTA_DST); - GETADDR (&gate, RTA_GATEWAY); - GETADDR (&mask, RTA_NETMASK); + if (sa_family_check(&dst)) + get_sockaddr(&dst, &idst, NULL, 0); + else + SKIP("invalid DST"); - idst = IPA_NONE; - igate = IPA_NONE; - imask = IPA_NONE; + /* We will check later whether we have valid gateway addr */ + if (sa_family_check(&gate)) + get_sockaddr(&gate, &igate, NULL, 0); + else + igate = IPA_NONE; - get_sockaddr(&dst, &idst, NULL, 0); - if(CHECK_FAMILY(&gate)) get_sockaddr(&gate, &igate, NULL, 0); + /* We do not test family for RTA_NETMASK, because BSD sends us + some strange values, but interpreting them as IPv4/IPv6 works */ get_sockaddr(&mask, &imask, NULL, 0); - if (masklen < 0) masklen = ipa_mklen(imask); + int c = ipa_classify_net(idst); + if ((c < 0) || !(c & IADDR_HOST) || ((c & IADDR_SCOPE_MASK) <= SCOPE_LINK)) + SKIP("strange class/scope\n"); - if (flags & (RTF_DYNAMIC | RTF_MODIFIED)) - { - log(L_WARN "krt: Ignoring redirect to %I/%d via %I", idst, masklen, igate); - return; - } + int pxlen = (flags & RTF_HOST) ? MAX_PREFIX_LENGTH : ipa_mklen(imask); + if (pxlen < 0) + { log(L_ERR "%s (%I) - netmask %I", errmsg, idst, imask); return; } - if (masklen < 0) - { - log(L_WARN "krt: Got invalid route from kernel!"); - return; - } + if ((flags & RTF_GATEWAY) && ipa_zero(igate)) + { log(L_ERR "%s (%I/%d) - missing gateway", errmsg, idst, pxlen); return; } - net = net_get(p->p.table, idst, masklen); + u32 self_mask = RTF_PROTO1; + u32 alien_mask = RTF_STATIC | RTF_PROTO1; + +#ifdef RTF_PROTO2 + alien_mask |= RTF_PROTO2; +#endif + +#ifdef RTF_PROTO3 + alien_mask |= RTF_PROTO3; +#endif + + if (flags & (RTF_DYNAMIC | RTF_MODIFIED)) + src = KRT_SRC_REDIRECT; + else if (flags & self_mask) + { + if (!scan) + SKIP("echo\n"); + src = KRT_SRC_BIRD; + } + else if (flags & alien_mask) + src = KRT_SRC_ALIEN; + else + src = KRT_SRC_KERNEL; + + net = net_get(p->p.table, idst, pxlen); bzero(&a, sizeof(a)); @@ -333,56 +328,56 @@ krt_read_rt(struct ks_msg *msg, struct krt_proto *p, int scan) a.iface = NULL; a.eattrs = NULL; - a.dest = RTD_NONE; - - if (flags & RTF_GATEWAY) - { - neighbor *ng = neigh_find(&p->p, &igate, 0); - if (ng && ng->scope) - a.iface = ng->iface; - else - { - log(L_WARN "Kernel told us to use non-neighbor %I for %I/%d", igate, net->n.prefix, net->n.pxlen); - return; - } - - a.dest = RTD_ROUTER; - a.gw = igate; - } - else - { - a.dest = RTD_DEVICE; - a.gw = IPA_NONE; - a.iface = krt_temp_iface_index(p, msg->rtm.rtm_index); - } + /* reject/blackhole routes have also set RTF_GATEWAY, + we wil check them first. */ #ifdef RTF_REJECT if(flags & RTF_REJECT) { a.dest = RTD_UNREACHABLE; - a.gw = IPA_NONE; + goto done; } #endif #ifdef RTF_BLACKHOLE if(flags & RTF_BLACKHOLE) { a.dest = RTD_BLACKHOLE; - a.gw = IPA_NONE; + goto done; } #endif - if (a.dest == RTD_NONE) + a.iface = if_find_by_index(msg->rtm.rtm_index); + if (!a.iface) + { + log(L_ERR "KRT: Received route %I/%d with unknown ifindex %u", + net->n.prefix, net->n.pxlen, msg->rtm.rtm_index); + return; + } + + if (flags & RTF_GATEWAY) { - log(L_WARN "Kernel reporting unknown route type to %I/%d", net->n.prefix, net->n.pxlen); - return; - } + neighbor *ng; + a.dest = RTD_ROUTER; + a.gw = igate; - src = KRT_SRC_UNKNOWN; /* FIXME */ + ng = neigh_find2(&p->p, &a.gw, a.iface, 0); + if (!ng || (ng->scope == SCOPE_HOST)) + { + log(L_ERR "KRT: Received route %I/%d with strange next-hop %I", + net->n.prefix, net->n.pxlen, a.gw); + return; + } + } + else + a.dest = RTD_DEVICE; + done: e = rte_get_temp(&a); e->net = net; e->u.krt.src = src; - //e->u.krt.proto = i->rtm_protocol; - //e->u.krt.type = i->rtm_type; + + /* These are probably too Linux-specific */ + e->u.krt.proto = 0; + e->u.krt.type = 0; e->u.krt.metric = 0; if (scan) @@ -471,6 +466,10 @@ krt_read_addr(struct ks_msg *msg) int scope, masklen = -1; int new = (ifam->ifam_type == RTM_NEWADDR); + /* Strange messages with zero (invalid) ifindex appear on OpenBSD */ + if (ifam->ifam_index == 0) + return; + if(!(iface = if_find_by_index(ifam->ifam_index))) { log(L_ERR "KIF: Received address message for unknown interface %d", ifam->ifam_index); @@ -486,7 +485,9 @@ krt_read_addr(struct ks_msg *msg) GETADDR (&null, RTA_AUTHOR); GETADDR (&brd, RTA_BRD); - if(!CHECK_FAMILY(&addr)) return; /* Some other family address */ + /* Some other family address */ + if (!sa_family_check(&addr)) + return; get_sockaddr(&addr, &iaddr, NULL, 0); get_sockaddr(&mask, &imask, NULL, 0); @@ -507,9 +508,6 @@ krt_read_addr(struct ks_msg *msg) memcpy(&ifa.brd, &ibrd, sizeof(ip_addr)); scope = ipa_classify(ifa.ip); - - ifa.prefix = ipa_and(ifa.ip, ipa_mkmask(masklen)); - if (scope < 0) { log(L_ERR "KIF: Invalid interface address %I for %s", ifa.ip, iface->name); @@ -517,6 +515,14 @@ krt_read_addr(struct ks_msg *msg) } ifa.scope = scope & IADDR_SCOPE_MASK; + if (iface->flags & IF_MULTIACCESS) + ifa.prefix = ipa_and(ifa.ip, ipa_mkmask(masklen)); + else /* PtP iface */ + { + ifa.flags |= IA_UNNUMBERED; + ifa.prefix = ifa.opposite = ifa.brd; + } + if (new) ifa_update(&ifa); else @@ -593,27 +599,27 @@ krt_sysctl_scan(struct proto *p, pool *pool, byte **buf, size_t *bl, int cmd) mib[4] = cmd; mib[5] = 0; - if( sysctl(mib, 6 , NULL , &needed, NULL, 0) < 0) + if (sysctl(mib, 6 , NULL , &needed, NULL, 0) < 0) { die("RT scan..."); } obl = *bl; - while(needed > *bl) *bl *= 2; - while(needed < (*bl/2)) *bl /= 2; + while (needed > *bl) *bl *= 2; + while (needed < (*bl/2)) *bl /= 2; - if( (obl!=*bl) || !*buf) + if ((obl!=*bl) || !*buf) { - if(*buf) mb_free(*buf); - if( (*buf = mb_alloc(pool, *bl)) == NULL ) die("RT scan buf alloc"); + if (*buf) mb_free(*buf); + if ((*buf = mb_alloc(pool, *bl)) == NULL) die("RT scan buf alloc"); } on = needed; - if( sysctl(mib, 6 , *buf, &needed, NULL, 0) < 0) + if (sysctl(mib, 6 , *buf, &needed, NULL, 0) < 0) { - if(on != needed) return; /* The buffer size changed since last sysctl */ + if (on != needed) return; /* The buffer size changed since last sysctl */ die("RT scan 2"); } @@ -624,22 +630,23 @@ krt_sysctl_scan(struct proto *p, pool *pool, byte **buf, size_t *bl, int cmd) } } +static byte *krt_buffer = NULL; +static byte *kif_buffer = NULL; +static size_t krt_buflen = 32768; +static size_t kif_buflen = 4096; + void krt_scan_fire(struct krt_proto *p) { - static byte *buf = NULL; - static size_t bl = 32768; - krt_sysctl_scan((struct proto *)p , p->krt_pool, &buf, &bl, NET_RT_DUMP); + krt_sysctl_scan((struct proto *)p, p->krt_pool, &krt_buffer, &krt_buflen, NET_RT_DUMP); } void krt_if_scan(struct kif_proto *p) { - static byte *buf = NULL; - static size_t bl = 4096; struct proto *P = (struct proto *)p; if_start_update(); - krt_sysctl_scan(P, P->pool, &buf, &bl, NET_RT_IFLIST); + krt_sysctl_scan(P, P->pool, &kif_buffer, &kif_buflen, NET_RT_IFLIST); if_end_update(); } @@ -652,7 +659,9 @@ krt_set_construct(struct krt_config *c UNUSED) void krt_set_shutdown(struct krt_proto *x UNUSED, int last UNUSED) { -} + mb_free(krt_buffer); + krt_buffer = NULL; +} void krt_if_io_init(void) @@ -672,5 +681,7 @@ krt_if_start(struct kif_proto *p UNUSED) void krt_if_shutdown(struct kif_proto *p UNUSED) { + mb_free(kif_buffer); + kif_buffer = NULL; } diff --git a/sysdep/cf/bsd-v6.h b/sysdep/cf/bsd-v6.h index f3aefeb4..66985abf 100644 --- a/sysdep/cf/bsd-v6.h +++ b/sysdep/cf/bsd-v6.h @@ -9,7 +9,7 @@ #define IPV6 #define CONFIG_AUTO_ROUTES -#undef CONFIG_SELF_CONSCIOUS +#define CONFIG_SELF_CONSCIOUS #undef CONFIG_MULTIPLE_TABLES #undef CONFIG_UNIX_IFACE diff --git a/sysdep/cf/bsd.h b/sysdep/cf/bsd.h index 72b24720..acd1b58b 100644 --- a/sysdep/cf/bsd.h +++ b/sysdep/cf/bsd.h @@ -7,7 +7,7 @@ */ #define CONFIG_AUTO_ROUTES -#undef CONFIG_SELF_CONSCIOUS +#define CONFIG_SELF_CONSCIOUS #undef CONFIG_MULTIPLE_TABLES #undef CONFIG_UNIX_IFACE diff --git a/sysdep/linux/netlink/netlink.c b/sysdep/linux/netlink/netlink.c index f45fe159..b59b32f3 100644 --- a/sysdep/linux/netlink/netlink.c +++ b/sysdep/linux/netlink/netlink.c @@ -52,7 +52,6 @@ struct nl_sock static struct nl_sock nl_scan = {.fd = -1}; /* Netlink socket for synchronous scan */ static struct nl_sock nl_req = {.fd = -1}; /* Netlink socket for requests */ - static void nl_open_sock(struct nl_sock *nl) { @@ -555,23 +554,7 @@ krt_set_notify(struct krt_proto *p, net *n UNUSED, rte *new, rte *old) nl_send_route(p, new, 1); } -static struct iface * -krt_temp_iface(struct krt_proto *p, unsigned index) -{ - struct iface *i, *j; - - WALK_LIST(i, p->scan.temp_ifs) - if (i->index == index) - return i; - i = mb_allocz(p->p.pool, sizeof(struct iface)); - if (j = if_find_by_index(index)) - strcpy(i->name, j->name); - else - strcpy(i->name, "?"); - i->index = index; - add_tail(&p->scan.temp_ifs, &i->n); - return i; -} +#define SKIP(ARG...) do { DBG("KRT: Ignoring route - " ARG); return; } while(0) static void nl_parse_route(struct nlmsghdr *h, int scan) @@ -599,31 +582,7 @@ nl_parse_route(struct nlmsghdr *h, int scan) #endif (a[RTA_GATEWAY] && RTA_PAYLOAD(a[RTA_GATEWAY]) != sizeof(ip_addr))) { - log(L_ERR "nl_parse_route: Malformed message received"); - return; - } - - p = nl_table_map[i->rtm_table]; /* Do we know this table? */ - if (!p) - return; - -#ifdef IPV6 - if (a[RTA_IIF]) - { - DBG("KRT: Ignoring route with IIF set\n"); - return; - } -#else - if (i->rtm_tos != 0) /* We don't support TOS */ - { - DBG("KRT: Ignoring route with TOS %02x\n", i->rtm_tos); - return; - } -#endif - - if (scan && !new) - { - DBG("KRT: Ignoring route deletion\n"); + log(L_ERR "KRT: Malformed message received"); return; } @@ -634,33 +593,57 @@ nl_parse_route(struct nlmsghdr *h, int scan) } else dst = IPA_NONE; + if (a[RTA_OIF]) memcpy(&oif, RTA_DATA(a[RTA_OIF]), sizeof(oif)); else oif = ~0; - DBG("Got %I/%d, type=%d, oif=%d, table=%d, prid=%d, proto=%s\n", dst, i->rtm_dst_len, i->rtm_type, oif, i->rtm_table, i->rtm_protocol, p->p.name); + DBG("KRT: Got %I/%d, type=%d, oif=%d, table=%d, prid=%d, proto=%s\n", dst, i->rtm_dst_len, i->rtm_type, oif, i->rtm_table, i->rtm_protocol, p->p.name); + + p = nl_table_map[i->rtm_table]; /* Do we know this table? */ + if (!p) + SKIP("unknown table %d", i->rtm_table); + +#ifdef IPV6 + if (a[RTA_IIF]) + SKIP("IIF set\n"); +#else + if (i->rtm_tos != 0) /* We don't support TOS */ + SKIP("TOS %02x\n", i->rtm_tos); +#endif + + if (scan && !new) + SKIP("RTM_DELROUTE in scan\n"); + + int c = ipa_classify_net(dst); + if ((c < 0) || !(c & IADDR_HOST) || ((c & IADDR_SCOPE_MASK) <= SCOPE_LINK)) + SKIP("strange class/scope\n"); + + // ignore rtm_scope, it is not a real scope + // if (i->rtm_scope != RT_SCOPE_UNIVERSE) + // SKIP("scope %u\n", i->rtm_scope); switch (i->rtm_protocol) { + case RTPROT_UNSPEC: + SKIP("proto unspec\n"); + case RTPROT_REDIRECT: src = KRT_SRC_REDIRECT; break; + case RTPROT_KERNEL: - DBG("Route originated in kernel, ignoring\n"); + src = KRT_SRC_KERNEL; return; + case RTPROT_BIRD: -#ifdef IPV6 - case RTPROT_BOOT: - /* Current Linux kernels don't remember rtm_protocol for IPv6 routes and supply RTPROT_BOOT instead */ -#endif if (!scan) - { - DBG("Echo of our own route, ignoring\n"); - return; - } + SKIP("echo\n"); src = KRT_SRC_BIRD; break; + + case RTPROT_BOOT: default: src = KRT_SRC_ALIEN; } @@ -679,52 +662,48 @@ nl_parse_route(struct nlmsghdr *h, int scan) switch (i->rtm_type) { case RTN_UNICAST: - if (oif == ~0U) + ra.iface = if_find_by_index(oif); + if (!ra.iface) { - log(L_ERR "KRT: Mysterious route with no OIF (%I/%d)", net->n.prefix, net->n.pxlen); + log(L_ERR "KRT: Received route %I/%d with unknown ifindex %u", + net->n.prefix, net->n.pxlen, oif); return; } + if (a[RTA_GATEWAY]) { - struct iface *ifa = if_find_by_index(oif); neighbor *ng; ra.dest = RTD_ROUTER; memcpy(&ra.gw, RTA_DATA(a[RTA_GATEWAY]), sizeof(ra.gw)); ipa_ntoh(ra.gw); - if (i->rtm_flags & RTNH_F_ONLINK) - { - /* route with 'onlink' attribute */ - ra.iface = if_find_by_index(oif); - if (ra.iface == NULL) - { - log(L_WARN "Kernel told us to use unknown interface %u for %I/%d", - oif, net->n.prefix, net->n.pxlen); - return; - } - } - else + ng = neigh_find2(&p->p, &ra.gw, ra.iface, + (i->rtm_flags & RTNH_F_ONLINK) ? NEF_ONLINK : 0); + if (!ng || (ng->scope == SCOPE_HOST)) { - ng = neigh_find2(&p->p, &ra.gw, ifa, 0); - if (ng && ng->scope) - { - if (ng->iface != ifa) - log(L_WARN "KRT: Route with unexpected iface for %I/%d", net->n.prefix, net->n.pxlen); - ra.iface = ng->iface; - } - else - { - log(L_WARN "Kernel told us to use non-neighbor %I for %I/%d", ra.gw, net->n.prefix, net->n.pxlen); - return; - } - + log(L_ERR "KRT: Received route %I/%d with strange next-hop %I", + net->n.prefix, net->n.pxlen, ra.gw); + return; } } else { ra.dest = RTD_DEVICE; - ra.iface = krt_temp_iface(p, oif); + + /* + * In Linux IPv6, 'native' device routes have proto + * RTPROT_BOOT and not RTPROT_KERNEL (which they have in + * IPv4 and which is expected). We cannot distinguish + * 'native' and user defined device routes, so we ignore all + * such device routes and for consistency, we have the same + * behavior in IPv4. Anyway, users should use RTPROT_STATIC + * for their 'alien' routes. + */ + + if (i->rtm_protocol == RTPROT_BOOT) + src = KRT_SRC_KERNEL; } + break; case RTN_BLACKHOLE: ra.dest = RTD_BLACKHOLE; @@ -737,13 +716,7 @@ nl_parse_route(struct nlmsghdr *h, int scan) break; /* FIXME: What about RTN_THROW? */ default: - DBG("KRT: Ignoring route with type=%d\n", i->rtm_type); - return; - } - - if (i->rtm_scope != RT_SCOPE_UNIVERSE) - { - DBG("KRT: Ignoring route with scope=%d\n", i->rtm_scope); + SKIP("type %d\n", i->rtm_type); return; } diff --git a/sysdep/linux/sysio.h b/sysdep/linux/sysio.h index 07f2cb15..94be002f 100644 --- a/sysdep/linux/sysio.h +++ b/sysdep/linux/sysio.h @@ -101,7 +101,7 @@ struct ip_mreqn #define fill_mreq_ifa fill_mreq #define fill_mreq_grp fill_mreq -static inline fill_mreq(struct ip_mreqn *m, struct iface *ifa, ip_addr maddr) +static inline void fill_mreq(struct ip_mreqn *m, struct iface *ifa, ip_addr maddr) { bzero(m, sizeof(*m)); m->imr_ifindex = ifa->index; diff --git a/sysdep/unix/config.Y b/sysdep/unix/config.Y index 8c2b6903..ac5be7e2 100644 --- a/sysdep/unix/config.Y +++ b/sysdep/unix/config.Y @@ -107,7 +107,7 @@ CF_CLI(CONFIGURE SOFT, cfg_name, [\"<file>\"], [[Reload configuration and ignore { cmd_reconfig($3, RECONFIG_SOFT); } ; CF_CLI(DOWN,,, [[Shut the daemon down]]) -{ cli_msg(7, "Shutdown requested"); order_shutdown(); } ; +{ cmd_shutdown(); } ; cfg_name: /* empty */ { $$ = NULL; } diff --git a/sysdep/unix/io.c b/sysdep/unix/io.c index 316244d7..c7527c97 100644 --- a/sysdep/unix/io.c +++ b/sysdep/unix/io.c @@ -70,7 +70,8 @@ static struct resclass rf_class = { "FILE", sizeof(struct rfile), rf_free, - rf_dump + rf_dump, + NULL }; void * @@ -195,7 +196,8 @@ static struct resclass tm_class = { "Timer", sizeof(timer), tm_free, - tm_dump + tm_dump, + NULL }; /** @@ -564,7 +566,8 @@ static struct resclass sk_class = { "Socket", sizeof(sock), sk_free, - sk_dump + sk_dump, + NULL }; /** @@ -640,7 +643,7 @@ fill_in_sockaddr(sockaddr *sa, ip_addr a, unsigned port) } static inline void -fill_in_sockifa(sockaddr *sa, struct iface *ifa) +fill_in_sockifa(sockaddr *sa UNUSED, struct iface *ifa UNUSED) { } @@ -660,7 +663,6 @@ get_sockaddr(struct sockaddr_in *sa, ip_addr *a, unsigned *port, int check) static char * sk_set_ttl_int(sock *s) { - int one = 1; #ifdef IPV6 if (setsockopt(s->fd, SOL_IPV6, IPV6_UNICAST_HOPS, &s->ttl, sizeof(s->ttl)) < 0) return "IPV6_UNICAST_HOPS"; @@ -668,6 +670,7 @@ sk_set_ttl_int(sock *s) if (setsockopt(s->fd, SOL_IP, IP_TTL, &s->ttl, sizeof(s->ttl)) < 0) return "IP_TTL"; #ifdef CONFIG_UNIX_DONTROUTE + int one = 1; if (s->ttl == 1 && setsockopt(s->fd, SOL_SOCKET, SO_DONTROUTE, &one, sizeof(one)) < 0) return "SO_DONTROUTE"; #endif @@ -1012,7 +1015,6 @@ sk_passive_connected(sock *s, struct sockaddr *sa, int al, int type) } else if (errno != EINTR && errno != EAGAIN) { - log(L_ERR "accept: %m"); s->err_hook(s, errno); } return 0; @@ -1602,7 +1604,6 @@ io_loop(void) { sock *s = current_sock; int e; - int steps; if ((s->type < SK_MAGIC) && FD_ISSET(s->fd, &rd) && s->rx_hook) { diff --git a/sysdep/unix/krt.c b/sysdep/unix/krt.c index 488447b7..c8887b72 100644 --- a/sysdep/unix/krt.c +++ b/sysdep/unix/krt.c @@ -139,15 +139,6 @@ kif_shutdown(struct proto *P) krt_if_shutdown(p); kif_proto = NULL; - if_start_update(); /* Remove all interfaces */ - if_end_update(); - /* - * FIXME: Is it really a good idea? It causes routes to be flushed, - * but at the same time it avoids sending of these deletions to the kernel, - * because krt thinks the kernel itself has already removed the route - * when downing the interface. Sad. - */ - return PS_DOWN; } @@ -558,32 +549,30 @@ krt_got_route(struct krt_proto *p, rte *e) rte *old; net *net = e->net; int verdict; -#ifdef KRT_ALLOW_LEARN - int src = e->u.krt.src; -#endif -#ifdef CONFIG_AUTO_ROUTES - if (e->attrs->dest == RTD_DEVICE) +#ifdef KRT_ALLOW_LEARN + switch (e->u.krt.src) { - /* It's a device route. Probably a kernel-generated one. */ + case KRT_SRC_KERNEL: verdict = KRF_IGNORE; goto sentenced; - } -#endif -#ifdef KRT_ALLOW_LEARN - if (src == KRT_SRC_ALIEN) - { + case KRT_SRC_REDIRECT: + verdict = KRF_DELETE; + goto sentenced; + + case KRT_SRC_ALIEN: if (KRT_CF->learn) krt_learn_scan(p, e); else { - krt_trace_in_rl(&rl_alien_ignored, p, e, "alien route, ignored"); + krt_trace_in_rl(&rl_alien_ignored, p, e, "[alien] ignored"); rte_free(e); } return; } #endif + /* The rest is for KRT_SRC_BIRD (or KRT_SRC_UNKNOWN) */ if (net->n.flags & KRF_VERDICT_MASK) { @@ -605,7 +594,7 @@ krt_got_route(struct krt_proto *p, rte *e) else verdict = KRF_DELETE; -sentenced: + sentenced: krt_trace_in(p, e, ((char *[]) { "?", "seen", "will be updated", "will be removed", "ignored" }) [verdict]); net->n.flags = (net->n.flags & ~KRF_VERDICT_MASK) | verdict; if (verdict == KRF_UPDATE || verdict == KRF_DELETE) @@ -680,19 +669,24 @@ krt_prune(struct krt_proto *p) } void -krt_got_route_async(struct krt_proto *p, rte *e, int new UNUSED) +krt_got_route_async(struct krt_proto *p, rte *e, int new) { net *net = e->net; - int src = e->u.krt.src; - switch (src) + switch (e->u.krt.src) { case KRT_SRC_BIRD: ASSERT(0); /* Should be filtered by the back end */ + case KRT_SRC_REDIRECT: - DBG("It's a redirect, kill him! Kill! Kill!\n"); - krt_set_notify(p, net, NULL, e); + if (new) + { + krt_trace_in(p, e, "[redirect] deleting"); + krt_set_notify(p, net, NULL, e); + } + /* If !new, it is probably echo of our deletion */ break; + #ifdef KRT_ALLOW_LEARN case KRT_SRC_ALIEN: if (KRT_CF->learn) @@ -742,7 +736,8 @@ krt_scan(timer *t UNUSED) */ static void -krt_notify(struct proto *P, net *net, rte *new, rte *old, struct ea_list *attrs UNUSED) +krt_notify(struct proto *P, struct rtable *table UNUSED, net *net, + rte *new, rte *old, struct ea_list *attrs UNUSED) { struct krt_proto *p = (struct krt_proto *) P; @@ -877,7 +872,6 @@ krt_init(struct proto_config *c) p->p.accept_ra_types = RA_OPTIMAL; p->p.rt_notify = krt_notify; - p->p.min_scope = SCOPE_HOST; return &p->p; } diff --git a/sysdep/unix/krt.h b/sysdep/unix/krt.h index 607e6993..1d9e1448 100644 --- a/sysdep/unix/krt.h +++ b/sysdep/unix/krt.h @@ -83,6 +83,7 @@ void krt_got_route_async(struct krt_proto *p, struct rte *e, int new); #define KRT_SRC_BIRD 0 /* Our route (not passed in async mode) */ #define KRT_SRC_REDIRECT 1 /* Redirect route, delete it */ #define KRT_SRC_ALIEN 2 /* Route installed by someone else */ +#define KRT_SRC_KERNEL 3 /* Kernel routes, are ignored by krt syncer */ extern struct protocol proto_unix_iface; diff --git a/sysdep/unix/log.c b/sysdep/unix/log.c index f227549c..3d3b4337 100644 --- a/sysdep/unix/log.c +++ b/sysdep/unix/log.c @@ -19,6 +19,7 @@ #include <stdlib.h> #include <stdarg.h> #include <time.h> +#include <unistd.h> #include "nest/bird.h" #include "nest/cli.h" diff --git a/sysdep/unix/main.c b/sysdep/unix/main.c index 7a1ef286..2245692c 100644 --- a/sysdep/unix/main.c +++ b/sysdep/unix/main.c @@ -141,6 +141,9 @@ cmd_reconfig(char *name, int type) { struct config *conf; + if (cli_access_restricted()) + return; + if (!name) name = config_name; cli_msg(-2, "Reading configuration from %s", name); @@ -304,6 +307,16 @@ cli_init_unix(void) */ void +cmd_shutdown(void) +{ + if (cli_access_restricted()) + return; + + cli_msg(7, "Shutdown requested"); + order_shutdown(); +} + +void async_shutdown(void) { DBG("Shutting down...\n"); diff --git a/sysdep/unix/unix.h b/sysdep/unix/unix.h index 83f61af9..0b179e00 100644 --- a/sysdep/unix/unix.h +++ b/sysdep/unix/unix.h @@ -9,6 +9,8 @@ #ifndef _BIRD_UNIX_H_ #define _BIRD_UNIX_H_ +#include <sys/socket.h> + struct pool; /* main.c */ @@ -17,6 +19,7 @@ void async_config(void); void async_dump(void); void async_shutdown(void); void cmd_reconfig(char *name, int type); +void cmd_shutdown(void); /* io.c */ @@ -28,10 +31,12 @@ volatile int async_shutdown_flag; #define BIRD_PF PF_INET6 #define BIRD_AF AF_INET6 typedef struct sockaddr_in6 sockaddr; +static inline int sa_family_check(sockaddr *sa) { return sa->sin6_family == AF_INET6; } #else #define BIRD_PF PF_INET #define BIRD_AF AF_INET typedef struct sockaddr_in sockaddr; +static inline int sa_family_check(sockaddr *sa) { return sa->sin_family == AF_INET; } #endif #ifndef SUN_LEN |