ROA entires are allowing to define a prefix with a maxlen.

In the end this is just another way to specify a prefixlen range
and kind of an or-longer case with an upper limit.
So these two prefix statements are equivalent:
       prefix 10.0.0.0/8 prefixlen 8 - 24
       prefix 10.0.0.0/8 maxlen 24
While there also make 'prefixlen = 17' a OP_RANGE and because of that also
usable in prefix-set tables. Finally adjust printconf.c for those to
changes to print them nicely.
OK phessler@

diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y
index 00c817d..28c6a7c 100644 (file)
--- a/usr.sbin/bgpd/parse.y
+++ b/usr.sbin/bgpd/parse.y
@@ -1,4 +1,4 @@
-/*     $OpenBSD: parse.y,v 1.350 2018/09/10 11:09:25 benno Exp $ */
+/*     $OpenBSD: parse.y,v 1.351 2018/09/13 11:16:21 claudio Exp $ */
 
 /*
  * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -218,7 +218,7 @@ typedef struct {
 %token IPSEC ESP AH SPI IKE
 %token IPV4 IPV6
 %token QUALIFY VIA
-%token NE LE GE XRANGE LONGER
+%token NE LE GE XRANGE LONGER MAXLEN
 %token <v.string>              STRING
 %token <v.number>              NUMBER
 %type  <v.number>              asnumber as4number as4number_any optnumber
@@ -2189,6 +2189,17 @@ prefixlenop      : /* empty */                   { bzero(&$$, sizeof($$)); }
                        $$.len_min = -1;
                        $$.len_max = -1;
                }
+               | MAXLEN NUMBER                         {
+                       bzero(&$$, sizeof($$));
+                       if ($2 < 0 || $2 > 128) {
+                               yyerror("prefixlen must be >= 0 and <= 128");
+                               YYERROR;
+                       }
+
+                       $$.op = OP_RANGE;
+                       $$.len_min = -1;
+                       $$.len_max = $2;
+               }
                | PREFIXLEN unaryop NUMBER              {
                        int min, max;
 
@@ -2204,10 +2215,10 @@ prefixlenop     : /* empty */                   { bzero(&$$, sizeof($$)); }
                        $$.op = OP_RANGE;
 
                        switch ($2) {
-                       case OP_EQ:
                        case OP_NE:
-                               min = max = $3;
                                $$.op = $2;
+                       case OP_EQ:
+                               min = max = $3;
                                break;
                        case OP_LT:
                                if ($3 == 0) {
@@ -2713,6 +2724,7 @@ lookup(char *s)
                { "max-as-len",         MAXASLEN},
                { "max-as-seq",         MAXASSEQ},
                { "max-prefix",         MAXPREFIX},
+               { "maxlen",             MAXLEN},
                { "md5sig",             MD5SIG},
                { "med",                MED},
                { "metric",             METRIC},

diff --git a/usr.sbin/bgpd/printconf.c b/usr.sbin/bgpd/printconf.c
index 2d8ab85..aa9d793 100644 (file)
--- a/usr.sbin/bgpd/printconf.c
+++ b/usr.sbin/bgpd/printconf.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: printconf.c,v 1.117 2018/09/10 11:01:15 benno Exp $   */
+/*     $OpenBSD: printconf.c,v 1.118 2018/09/13 11:16:21 claudio Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -77,9 +77,6 @@ print_prefix(struct filter_prefix *p)
        switch (p->op) {
        case OP_NONE:
                break;
-       case OP_EQ:
-               printf(" prefixlen = %u", p->len_min);
-               break;
        case OP_NE:
                printf(" prefixlen != %u", p->len_min);
                break;
@@ -87,8 +84,12 @@ print_prefix(struct filter_prefix *p)
                printf(" prefixlen %u >< %u ", p->len_min, p->len_max);
                break;
        case OP_RANGE:
-               if (p->len == p->len_min && p->len_max == max_len)
+               if (p->len == p->len_min && p->len == p->len_max)
+                       printf(" prefixlen = %u", p->len);
+               else if (p->len == p->len_min && p->len_max == max_len)
                        printf(" or-longer");
+               else if (p->len == p->len_min)
+                       printf(" maxlen %u", p->len_max);
                else if (p->len_max == max_len)
                        printf(" prefixlen >= %u", p->len_min);
                else