From 8fd3811d9d29d73570e03147eb024a4e5fde199b Mon Sep 17 00:00:00 2001 From: Maria Matejka Date: Tue, 7 Jun 2022 12:18:23 +0200 Subject: Fixing FlowSpec validation for v3 internal API Validation is called internally from route table at the same place where nexthop resolution is done. Also accounting for rte->sender semantics change (not a channel but the import hook instead). --- proto/bgp/packets.c | 23 ----------------------- 1 file changed, 23 deletions(-) (limited to 'proto/bgp/packets.c') diff --git a/proto/bgp/packets.c b/proto/bgp/packets.c index ce2848c0..06b563b0 100644 --- a/proto/bgp/packets.c +++ b/proto/bgp/packets.c @@ -1035,21 +1035,6 @@ bgp_apply_mpls_labels(struct bgp_parse_state *s, rta *a, u32 lnum, u32 labels[ln } } -static void -bgp_apply_flow_validation(struct bgp_parse_state *s, const net_addr *n, rta *a) -{ - struct bgp_channel *c = s->channel; - int valid = rt_flowspec_check(c->base_table, c->c.table, n, a, s->proto->is_interior); - a->dest = valid ? RTD_NONE : RTD_UNREACHABLE; - - /* Invalidate cached rta if dest changes */ - if (s->cached_rta && (s->cached_rta->dest != a->dest)) - { - rta_free(s->cached_rta); - s->cached_rta = NULL; - } -} - static int bgp_match_src(struct bgp_export_state *s, int mode) { @@ -1928,10 +1913,6 @@ bgp_decode_nlri_flow4(struct bgp_parse_state *s, byte *pos, uint len, rta *a) net_fill_flow4(n, px, pxlen, pos, flen); ADVANCE(pos, len, flen); - /* Apply validation procedure per RFC 8955 (6) */ - if (a && s->channel->cf->validate) - bgp_apply_flow_validation(s, n, a); - bgp_rte_update(s, n, path_id, a); } } @@ -2020,10 +2001,6 @@ bgp_decode_nlri_flow6(struct bgp_parse_state *s, byte *pos, uint len, rta *a) net_fill_flow6(n, px, pxlen, pos, flen); ADVANCE(pos, len, flen); - /* Apply validation procedure per RFC 8955 (6) */ - if (a && s->channel->cf->validate) - bgp_apply_flow_validation(s, n, a); - bgp_rte_update(s, n, path_id, a); } } -- cgit v1.2.3