execute rpki validation for policy only when it's necessary

currently, validate is executed even if the result is not necessary.

Signed-off-by: FUJITA Tomonori <fujita.tomonori@gmail.com>

3 files changed, 17 insertions, 14 deletions

diff --git a/go.mod b/go.mod
index 2ab35308..928dc102 100644
--- a/go.mod
+++ b/go.mod
@@ -39,3 +39,5 @@ require (
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
 	gopkg.in/yaml.v2 v2.0.0-20170721122051-25c4ec802a7d // indirect
 )
+
+go 1.13
diff --git a/internal/pkg/table/policy.go b/internal/pkg/table/policy.go
index bffc01c0..24eda345 100644
--- a/internal/pkg/table/policy.go
+++ b/internal/pkg/table/policy.go
@@ -35,9 +35,9 @@ import (
 )
 
 type PolicyOptions struct {
-	Info             *PeerInfo
-	ValidationResult *Validation
-	OldNextHop       net.IP
+	Info       *PeerInfo
+	OldNextHop net.IP
+	Validate   func(*Path) *Validation
 }
 
 type DefinedType int
@@ -1905,8 +1905,8 @@ func (c *RpkiValidationCondition) Type() ConditionType {
 }
 
 func (c *RpkiValidationCondition) Evaluate(path *Path, options *PolicyOptions) bool {
-	if options != nil && options.ValidationResult != nil {
-		return c.result == options.ValidationResult.Status
+	if options != nil && options.Validate != nil {
+		return c.result == options.Validate(path).Status
 	}
 	return false
 }
diff --git a/pkg/server/server.go b/pkg/server/server.go
index e92155b8..d1257cda 100644
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@@ -640,10 +640,6 @@ func (s *BgpServer) prePolicyFilterpath(peer *peer, path, old *table.Path) (*tab
 		OldNextHop: path.GetNexthop(),
 	}
 	path = table.UpdatePathAttrs(peer.fsm.gConf, peer.fsm.pConf, peer.fsm.peerInfo, path)
-
-	if v := s.roaManager.validate(path); v != nil {
-		options.ValidationResult = v
-	}
 	peer.fsm.lock.RUnlock()
 
 	return path, options, false
@@ -678,6 +674,7 @@ func (s *BgpServer) filterpath(peer *peer, path, old *table.Path) *table.Path {
 	if stop {
 		return path
 	}
+	options.Validate = s.roaManager.validate
 	path = peer.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_EXPORT, path, options)
 	// When 'path' is filtered (path == nil), check 'old' has been sent to this peer.
 	// If it has, send withdrawal to the peer.
@@ -984,6 +981,7 @@ func (s *BgpServer) sendSecondaryRoutes(peer *peer, newPath *table.Path, dsts []
 		if stop {
 			return nil
 		}
+		options.Validate = s.roaManager.validate
 		path = peer.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_EXPORT, path, options)
 		if path != nil {
 			return s.postFilterpath(peer, path)
@@ -1097,16 +1095,15 @@ func (s *BgpServer) propagateUpdate(peer *peer, pathList []*table.Path) {
 			}
 		}
 
-		policyOptions := &table.PolicyOptions{}
+		policyOptions := &table.PolicyOptions{
+			Validate: s.roaManager.validate,
+		}
 
 		if !rs && peer != nil {
 			peer.fsm.lock.RLock()
 			policyOptions.Info = peer.fsm.peerInfo
 			peer.fsm.lock.RUnlock()
 		}
-		if v := s.roaManager.validate(path); v != nil {
-			policyOptions.ValidationResult = v
-		}
 
 		if p := s.policy.ApplyPolicy(tableId, table.POLICY_DIRECTION_IMPORT, path, policyOptions); p != nil {
 			path = p
@@ -2452,7 +2449,10 @@ func (s *BgpServer) getAdjRib(addr string, family bgp.RouteFamily, in bool, enab
 			adjRib = peer.adjRibIn
 			if enableFiltered {
 				for _, path := range peer.adjRibIn.PathList([]bgp.RouteFamily{family}, true) {
-					if s.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_IMPORT, path, &table.PolicyOptions{}) == nil {
+					options := &table.PolicyOptions{
+						Validate: s.roaManager.validate,
+					}
+					if s.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_IMPORT, path, options) == nil {
 						filtered[path.GetNlri().String()] = path
 					}
 				}
@@ -2465,6 +2465,7 @@ func (s *BgpServer) getAdjRib(addr string, family bgp.RouteFamily, in bool, enab
 					if stop {
 						continue
 					}
+					options.Validate = s.roaManager.validate
 					p := peer.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_EXPORT, path, options)
 					if p == nil {
 						filtered[path.GetNlri().String()] = path