-/* $OpenBSD: bgpd.h,v 1.477 2023/08/30 08:16:28 claudio Exp $ */
+/* $OpenBSD: bgpd.h,v 1.478 2023/10/16 10:25:45 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
struct bgpd_addr remote_addr;
struct capabilities capa;
uint32_t remote_bgpid;
+ unsigned int if_scope;
uint16_t short_as;
};
void kr_net_reload(u_int, uint64_t, struct network_head *);
int kr_reload(void);
int get_mpe_config(const char *, u_int *, u_int *);
+uint8_t mask2prefixlen(sa_family_t, struct sockaddr *);
/* log.c */
void log_peer_info(const struct peer_config *, const char *, ...)
-/* $OpenBSD: kroute.c,v 1.305 2023/06/01 09:47:34 claudio Exp $ */
+/* $OpenBSD: kroute.c,v 1.306 2023/10/16 10:25:45 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
void kroute_detach_nexthop(struct ktable *, struct knexthop *);
uint8_t prefixlen_classful(in_addr_t);
-uint8_t mask2prefixlen(in_addr_t);
-uint8_t mask2prefixlen6(struct sockaddr_in6 *);
uint64_t ift2ifm(uint8_t);
const char *get_media_descr(uint64_t);
const char *get_linkstate(uint8_t, int);
return (8);
}
-uint8_t
-mask2prefixlen(in_addr_t ina)
+static uint8_t
+mask2prefixlen4(struct sockaddr_in *sa_in)
{
+ in_addr_t ina;
+
+ if (sa_in->sin_len == 0)
+ return (0);
+ ina = sa_in->sin_addr.s_addr;
if (ina == 0)
return (0);
else
return (33 - ffs(ntohl(ina)));
}
-uint8_t
+static uint8_t
mask2prefixlen6(struct sockaddr_in6 *sa_in6)
{
uint8_t *ap, *ep;
u_int l = 0;
+ if (sa_in6->sin6_len == 0)
+ return (0);
/*
* sin6_len is the size of the sockaddr so subtract the offset of
* the possibly truncated sin6_addr struct.
return (l);
}
+uint8_t
+mask2prefixlen(sa_family_t af, struct sockaddr *mask)
+{
+ switch (af) {
+ case AF_INET:
+ return mask2prefixlen4((struct sockaddr_in *)mask);
+ case AF_INET6:
+ return mask2prefixlen6((struct sockaddr_in6 *)mask);
+ default:
+ fatalx("%s: unsupported af", __func__);
+ }
+}
+
const struct if_status_description
if_status_descriptions[] = LINK_STATE_DESCRIPTIONS;
const struct ifmedia_description
case AF_INET:
sa_in = (struct sockaddr_in *)rti_info[RTAX_NETMASK];
if (sa_in != NULL) {
- if (sa_in->sin_len != 0)
- kf->prefixlen =
- mask2prefixlen(sa_in->sin_addr.s_addr);
+ kf->prefixlen = mask2prefixlen4(sa_in);
} else if (rtm->rtm_flags & RTF_HOST)
kf->prefixlen = 32;
else
case AF_INET6:
sa_in6 = (struct sockaddr_in6 *)rti_info[RTAX_NETMASK];
if (sa_in6 != NULL) {
- if (sa_in6->sin6_len != 0)
- kf->prefixlen = mask2prefixlen6(sa_in6);
+ kf->prefixlen = mask2prefixlen6(sa_in6);
} else if (rtm->rtm_flags & RTF_HOST)
kf->prefixlen = 128;
else
-/* $OpenBSD: rde.c,v 1.610 2023/08/16 08:26:35 claudio Exp $ */
+/* $OpenBSD: rde.c,v 1.611 2023/10/16 10:25:45 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
int rde_attr_add(struct filterstate *, u_char *, uint16_t);
uint8_t rde_attr_missing(struct rde_aspath *, int, uint16_t);
int rde_get_mp_nexthop(u_char *, uint16_t, uint8_t,
- struct filterstate *);
+ struct rde_peer *, struct filterstate *);
void rde_as4byte_fixup(struct rde_peer *, struct rde_aspath *);
uint8_t rde_aspa_validity(struct rde_peer *, struct rde_aspath *,
uint8_t);
/* unlock the previously locked nexthop, it is no longer used */
nexthop_unref(state.nexthop);
state.nexthop = NULL;
- if ((pos = rde_get_mp_nexthop(mpp, mplen, aid, &state)) == -1) {
+ if ((pos = rde_get_mp_nexthop(mpp, mplen, aid, peer,
+ &state)) == -1) {
log_peer_warnx(&peer->conf, "bad nlri nexthop");
rde_update_err(peer, ERR_UPDATE, ERR_UPD_OPTATTR,
mpa.reach, mpa.reach_len);
int
rde_get_mp_nexthop(u_char *data, uint16_t len, uint8_t aid,
- struct filterstate *state)
+ struct rde_peer *peer, struct filterstate *state)
{
struct bgpd_addr nexthop;
uint8_t totlen, nhlen;
* traffic.
*/
if (nhlen != 16 && nhlen != 32) {
- log_warnx("bad %s nexthop, bad size %d", aid2str(aid),
- nhlen);
+ log_peer_warnx(&peer->conf, "bad %s nexthop, "
+ "bad size %d", aid2str(aid), nhlen);
return (-1);
}
memcpy(&nexthop.v6.s6_addr, data, 16);
nexthop.aid = AID_INET6;
+ if (IN6_IS_ADDR_LINKLOCAL(&nexthop.v6)) {
+ if (peer->local_if_scope != 0) {
+ nexthop.scope_id = peer->local_if_scope;
+ } else {
+ log_peer_warnx(&peer->conf,
+ "unexpected link-local nexthop: %s",
+ log_addr(&nexthop));
+ return (-1);
+ }
+ }
break;
case AID_VPN_IPv4:
/*
* AID_VPN_IPv4 in nexthop and kroute.
*/
if (nhlen != 12) {
- log_warnx("bad %s nexthop, bad size %d", aid2str(aid),
- nhlen);
+ log_peer_warnx(&peer->conf, "bad %s nexthop, "
+ "bad size %d", aid2str(aid), nhlen);
return (-1);
}
nexthop.aid = AID_INET;
break;
case AID_VPN_IPv6:
if (nhlen != 24) {
- log_warnx("bad %s nexthop, bad size %d", aid2str(aid),
- nhlen);
+ log_peer_warnx(&peer->conf, "bad %s nexthop, "
+ "bad size %d", aid2str(aid), nhlen);
return (-1);
}
memcpy(&nexthop.v6, data + sizeof(uint64_t),
sizeof(nexthop.v6));
nexthop.aid = AID_INET6;
+ if (IN6_IS_ADDR_LINKLOCAL(&nexthop.v6)) {
+ if (peer->local_if_scope != 0) {
+ nexthop.scope_id = peer->local_if_scope;
+ } else {
+ log_peer_warnx(&peer->conf,
+ "unexpected link-local nexthop: %s",
+ log_addr(&nexthop));
+ return (-1);
+ }
+ }
break;
case AID_FLOWSPECv4:
case AID_FLOWSPECv6:
/* nexthop must be 0 and ignored for flowspec */
if (nhlen != 0) {
- log_warnx("bad %s nexthop, bad size %d", aid2str(aid),
- nhlen);
+ log_peer_warnx(&peer->conf, "bad %s nexthop, "
+ "bad size %d", aid2str(aid), nhlen);
return (-1);
}
/* also ignore reserved (old SNPA) field as per RFC4760 */
return (totlen + 1);
default:
- log_warnx("bad multiprotocol nexthop, bad AID");
+ log_peer_warnx(&peer->conf, "bad multiprotocol nexthop, "
+ "bad AID");
return (-1);
}
-/* $OpenBSD: rde.h,v 1.296 2023/08/16 08:26:35 claudio Exp $ */
+/* $OpenBSD: rde.h,v 1.297 2023/10/16 10:25:46 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> and
time_t staletime[AID_MAX];
uint32_t remote_bgpid; /* host byte order! */
uint32_t path_id_tx;
+ unsigned int local_if_scope;
enum peer_state state;
enum export_type export_type;
enum role role;
-/* $OpenBSD: rde_peer.c,v 1.32 2023/04/19 13:23:33 claudio Exp $ */
+/* $OpenBSD: rde_peer.c,v 1.33 2023/10/16 10:25:46 claudio Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
peer->remote_addr = sup->remote_addr;
peer->local_v4_addr = sup->local_v4_addr;
peer->local_v6_addr = sup->local_v6_addr;
+ peer->local_if_scope = sup->if_scope;
memcpy(&peer->capa, &sup->capa, sizeof(peer->capa));
/* clear eor markers depending on GR flags */
-/* $OpenBSD: rde_rib.c,v 1.260 2023/04/23 11:39:10 claudio Exp $ */
+/* $OpenBSD: rde_rib.c,v 1.261 2023/10/16 10:25:46 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org>
case AID_INET6:
return (memcmp(&a->v6, &b->v6, sizeof(struct in6_addr)));
default:
- fatalx("nexthop_cmp: unknown af");
+ fatalx("nexthop_cmp: %s is unsupported", aid2str(a->aid));
}
return (-1);
}
-/* $OpenBSD: session.c,v 1.448 2023/10/09 07:11:20 claudio Exp $ */
+/* $OpenBSD: session.c,v 1.449 2023/10/16 10:25:46 claudio Exp $ */
/*
* Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org>
return (0);
}
-/* compare two sockaddrs by converting them into bgpd_addr */
+/*
+ * compare the bgpd_addr with the sockaddr by converting the latter into
+ * a bgpd_addr. Return true if the two are equal, including any scope
+ */
static int
-sa_equal(struct sockaddr *a, struct sockaddr *b)
+sa_equal(struct bgpd_addr *ba, struct sockaddr *b)
{
- struct bgpd_addr ba, bb;
+ struct bgpd_addr bb;
- sa2addr(a, &ba, NULL);
sa2addr(b, &bb, NULL);
-
- return (memcmp(&ba, &bb, sizeof(ba)) == 0);
+ return (memcmp(ba, &bb, sizeof(*ba)) == 0);
}
static void
-get_alternate_addr(struct sockaddr *sa, struct bgpd_addr *alt)
+get_alternate_addr(struct bgpd_addr *local, struct bgpd_addr *remote,
+ struct bgpd_addr *alt, unsigned int *scope)
{
struct ifaddrs *ifap, *ifa, *match;
+ int connected = 0;
+ u_int8_t plen;
if (getifaddrs(&ifap) == -1)
fatal("getifaddrs");
- for (match = ifap; match != NULL; match = match->ifa_next)
- if (match->ifa_addr != NULL && sa_equal(sa, match->ifa_addr))
+ for (match = ifap; match != NULL; match = match->ifa_next) {
+ if (match->ifa_addr == NULL)
+ continue;
+ if (match->ifa_addr->sa_family != AF_INET &&
+ match->ifa_addr->sa_family != AF_INET6)
+ continue;
+ if (sa_equal(local, match->ifa_addr)) {
+ if (match->ifa_flags & IFF_POINTOPOINT &&
+ match->ifa_dstaddr) {
+ if (sa_equal(remote, match->ifa_dstaddr))
+ connected = 1;
+ } else if (match->ifa_netmask) {
+ plen = mask2prefixlen(
+ match->ifa_addr->sa_family,
+ match->ifa_netmask);
+ if (plen != 0xff &&
+ prefix_compare(local, remote, plen) == 0)
+ connected = 1;
+ }
break;
+ }
+ }
if (match == NULL) {
log_warnx("%s: local address not found", __func__);
return;
}
+ if (connected)
+ *scope = if_nametoindex(match->ifa_name);
+ else
+ *scope = 0;
- switch (sa->sa_family) {
- case AF_INET6:
+ switch (local->aid) {
+ case AID_INET6:
for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) {
if (ifa->ifa_addr != NULL &&
ifa->ifa_addr->sa_family == AF_INET &&
}
}
break;
- case AF_INET:
+ case AID_INET:
for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) {
if (ifa->ifa_addr != NULL &&
ifa->ifa_addr->sa_family == AF_INET6 &&
}
break;
default:
- log_warnx("%s: unsupported address family %d", __func__,
- sa->sa_family);
+ log_warnx("%s: unsupported address family %s", __func__,
+ aid2str(local->aid));
break;
}
if (getsockname(peer->fd, (struct sockaddr *)&ss, &len) == -1)
log_warn("getsockname");
sa2addr((struct sockaddr *)&ss, &peer->local, &peer->local_port);
- get_alternate_addr((struct sockaddr *)&ss, &peer->local_alt);
len = sizeof(ss);
if (getpeername(peer->fd, (struct sockaddr *)&ss, &len) == -1)
log_warn("getpeername");
sa2addr((struct sockaddr *)&ss, &peer->remote, &peer->remote_port);
+
+ get_alternate_addr(&peer->local, &peer->remote, &peer->local_alt,
+ &peer->if_scope);
}
void
sup.local_v4_addr = p->local_alt;
}
sup.remote_addr = p->remote;
+ sup.if_scope = p->if_scope;
sup.remote_bgpid = p->remote_bgpid;
sup.short_as = p->short_as;
-/* $OpenBSD: session.h,v 1.162 2023/03/28 12:15:23 claudio Exp $ */
+/* $OpenBSD: session.h,v 1.163 2023/10/16 10:25:46 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
int lasterr;
u_int errcnt;
u_int IdleHoldTime;
+ unsigned int if_scope; /* interface scope for IPv6 */
uint32_t remote_bgpid;
enum session_state state;
enum session_state prev_state;
projects / openbsd / commitdiff