From 8ead1a30b8928525dceb5792bcb02ddd7d25bfe1 Mon Sep 17 00:00:00 2001 From: claudio Date: Wed, 24 Apr 2024 10:41:34 +0000 Subject: [PATCH] Remove 'announce capabilities' as neighbor config stanza. There is no need to have an easy knob to get outdated or crappy implementations to limp along. Instead the various default on capabilities just need to be disabled (e.g. announce as-4byte no). OK tb@ --- usr.sbin/bgpd/bgpd.conf.5 | 15 ++------------- usr.sbin/bgpd/bgpd.h | 3 +-- usr.sbin/bgpd/parse.y | 9 ++------- usr.sbin/bgpd/printconf.c | 5 +---- usr.sbin/bgpd/session.c | 11 +---------- 5 files changed, 7 insertions(+), 36 deletions(-) diff --git a/usr.sbin/bgpd/bgpd.conf.5 b/usr.sbin/bgpd/bgpd.conf.5 index e637818c043..a554e51ffb6 100644 --- a/usr.sbin/bgpd/bgpd.conf.5 +++ b/usr.sbin/bgpd/bgpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: bgpd.conf.5,v 1.239 2024/04/09 09:03:18 claudio Exp $ +.\" $OpenBSD: bgpd.conf.5,v 1.240 2024/04/24 10:41:34 claudio Exp $ .\" .\" Copyright (c) 2004 Claudio Jeker .\" Copyright (c) 2003, 2004 Henning Brauer @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: April 9 2024 $ +.Dd $Mdocdate: April 24 2024 $ .Dt BGPD.CONF 5 .Os .Sh NAME @@ -1064,17 +1064,6 @@ The default is .Ic yes . .Pp .It Xo -.Ic announce capabilities -.Pq Ic yes Ns | Ns Ic no -.Xc -If set to -.Ic no , -capability negotiation is disabled during the establishment of the session. -This can be helpful to connect to old or broken BGP implementations. -The default is -.Ic yes . -.Pp -.It Xo .Ic announce enhanced refresh .Pq Ic yes Ns | Ns Ic no Ns | Ns Ic enforce .Xc diff --git a/usr.sbin/bgpd/bgpd.h b/usr.sbin/bgpd/bgpd.h index 6cf22dcb033..7939303d271 100644 --- a/usr.sbin/bgpd/bgpd.h +++ b/usr.sbin/bgpd/bgpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpd.h,v 1.491 2024/04/09 12:09:19 claudio Exp $ */ +/* $OpenBSD: bgpd.h,v 1.492 2024/04/24 10:41:34 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -479,7 +479,6 @@ struct peer_config { uint8_t distance; /* 1 = direct, >1 = multihop */ uint8_t passive; uint8_t down; - uint8_t announce_capa; uint8_t reflector_client; uint8_t ttlsec; /* TTL security hack */ uint8_t flags; diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y index 3fc7b923b15..6919e2278ef 100644 --- a/usr.sbin/bgpd/parse.y +++ b/usr.sbin/bgpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.461 2024/04/11 18:07:55 tb Exp $ */ +/* $OpenBSD: parse.y,v 1.462 2024/04/24 10:41:34 claudio Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer @@ -246,7 +246,7 @@ typedef struct { %token EBGP IBGP %token FLOWSPEC PROTO FLAGS FRAGMENT TOS LENGTH ICMPTYPE CODE %token LOCALAS REMOTEAS DESCR LOCALADDR MULTIHOP PASSIVE MAXPREFIX RESTART -%token ANNOUNCE CAPABILITIES REFRESH AS4BYTE CONNECTRETRY ENHANCED ADDPATH +%token ANNOUNCE REFRESH AS4BYTE CONNECTRETRY ENHANCED ADDPATH %token SEND RECV PLUS POLICY ROLE %token DEMOTE ENFORCE NEIGHBORAS ASOVERRIDE REFLECTOR DEPEND DOWN %token DUMP IN OUT SOCKET RESTRICTED @@ -1912,9 +1912,6 @@ peeropts : REMOTEAS as4number { curpeer->conf.capabilities.mp[aid] = 1; } } - | ANNOUNCE CAPABILITIES yesno { - curpeer->conf.announce_capa = $3; - } | ANNOUNCE REFRESH yesnoenforce { curpeer->conf.capabilities.refresh = $3; } @@ -3522,7 +3519,6 @@ lookup(char *s) { "aspa-set", ASPASET}, { "avs", AVS}, { "blackhole", BLACKHOLE}, - { "capabilities", CAPABILITIES}, { "community", COMMUNITY}, { "compare", COMPARE}, { "connect-retry", CONNECTRETRY}, @@ -4635,7 +4631,6 @@ alloc_peer(void) p->reconf_action = RECONF_REINIT; p->conf.distance = 1; p->conf.export_type = EXPORT_UNSET; - p->conf.announce_capa = 1; p->conf.capabilities.refresh = 1; p->conf.capabilities.grestart.restart = 1; p->conf.capabilities.as4byte = 1; diff --git a/usr.sbin/bgpd/printconf.c b/usr.sbin/bgpd/printconf.c index f1a4efa3d5e..cdac0d8d82c 100644 --- a/usr.sbin/bgpd/printconf.c +++ b/usr.sbin/bgpd/printconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: printconf.c,v 1.171 2024/04/09 09:03:18 claudio Exp $ */ +/* $OpenBSD: printconf.c,v 1.172 2024/04/24 10:41:34 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -918,9 +918,6 @@ print_announce(struct peer_config *p, const char *c) uint8_t aid; int match = 0; - if (p->announce_capa == 0) - printf("%s\tannounce capabilities no\n", c); - for (aid = AID_MIN; aid < AID_MAX; aid++) if (p->capabilities.mp[aid] == 2) { printf("%s\tannounce %s enforce\n", c, aid2str(aid)); diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c index e2260e2830b..559e41c1bd2 100644 --- a/usr.sbin/bgpd/session.c +++ b/usr.sbin/bgpd/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.473 2024/04/22 09:43:11 claudio Exp $ */ +/* $OpenBSD: session.c,v 1.474 2024/04/24 10:41:34 claudio Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer @@ -66,7 +66,6 @@ int session_setup_socket(struct peer *); void session_accept(int); int session_connect(struct peer *); void session_tcp_established(struct peer *); -void session_capa_ann_none(struct peer *); int session_capa_add(struct ibuf *, uint8_t, uint8_t); int session_capa_add_mp(struct ibuf *, uint8_t); int session_capa_add_afi(struct ibuf *, uint8_t, uint8_t); @@ -931,8 +930,6 @@ change_state(struct peer *peer, enum session_state state, /* initialize capability negotiation structures */ memcpy(&peer->capa.ann, &peer->conf.capabilities, sizeof(peer->capa.ann)); - if (!peer->conf.announce_capa) - session_capa_ann_none(peer); } break; case STATE_CONNECT: @@ -1330,12 +1327,6 @@ session_tcp_established(struct peer *peer) &peer->if_scope); } -void -session_capa_ann_none(struct peer *peer) -{ - memset(&peer->capa.ann, 0, sizeof(peer->capa.ann)); -} - int session_capa_add(struct ibuf *opb, uint8_t capa_code, uint8_t capa_len) { -- 2.20.1