server: verify OpenMessage

- BGP version (must be 4) - AS number - holdtime (0 or 3 <= or <= 65535) Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
author: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> 2015-01-29 19:43:56 +0900
committer: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> 2015-01-29 19:43:56 +0900
commit: a34228410e645d6e53c9752d8a9122cfa67310b9 (patch)
tree: d4bdacc7005dd469aaa75f58cc9834c37e209662 /server
parent: cbcc16c65b75be7af2a6c3e227107cce3795b33f (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/server/fsm.go b/server/fsm.go
index 8c3882cf..829de382 100644
--- a/server/fsm.go
+++ b/server/fsm.go
@@ -323,6 +323,18 @@ func (h *FSMHandler) opensent() bgp.FSMState {
 			case *bgp.BGPMessage:
 				m := e.MsgData.(*bgp.BGPMessage)
 				if m.Header.Type == bgp.BGP_MSG_OPEN {
+					body := m.Body.(*bgp.BGPOpen)
+					err := bgp.ValidateOpenMsg(body, fsm.peerConfig.PeerAs)
+					if err != nil {
+						e := err.(*bgp.MessageError)
+						m := bgp.NewBGPNotificationMessage(e.TypeCode, e.SubTypeCode, e.Data)
+						b, _ := m.Serialize()
+						fsm.passiveConn.Write(b)
+						fsm.bgpMessageStateUpdate(m.Header.Type, false)
+						h.conn.Close()
+						return bgp.BGP_FSM_IDLE
+					}
+
 					e := &fsmMsg{
 						MsgType: FSM_MSG_BGP_MESSAGE,
 						MsgData: m,
author	FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>	2015-01-29 19:43:56 +0900
committer	FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>	2015-01-29 19:43:56 +0900
commit	a34228410e645d6e53c9752d8a9122cfa67310b9 (patch)
tree	d4bdacc7005dd469aaa75f58cc9834c37e209662 /server
parent	cbcc16c65b75be7af2a6c3e227107cce3795b33f (diff)