Home Explore Help
Register Sign In
Quagga
/
quagga-github-mirror
mirror of https://github.com/Quagga/quagga
2
0
Fork 0
Files Issues 0 Wiki
Tree: 298cc2f688
Branches Tags
quagga-githu...
/
bgpd
/
bgp_open.c

bgp_open.c 34 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144 
  1. /* BGP open message handling
    2. 

  2.    Copyright (C) 1998, 1999 Kunihiro Ishiguro
    3. 

  3. 

  4. This file is part of GNU Zebra.
    5. 

  5. 

  6. GNU Zebra is free software; you can redistribute it and/or modify it
    7. 

  7. under the terms of the GNU General Public License as published by the
    8. 

  8. Free Software Foundation; either version 2, or (at your option) any
    9. 

  9. later version.
    10. 

  10. 

  11. GNU Zebra is distributed in the hope that it will be useful, but
    12. 

  12. WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    14. 

  14. General Public License for more details.
    15. 

  15. 

  16. You should have received a copy of the GNU General Public License
    17. 

  17. along with GNU Zebra; see the file COPYING.  If not, write to the Free
    18. 

  18. Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
    19. 

  19. 02111-1307, USA.  */
    20. 

  20. 

  21. #include <zebra.h>
    22. 

  22. 

  23. #include "linklist.h"
    24. 

  24. #include "prefix.h"
    25. 

  25. #include "stream.h"
    26. 

  26. #include "thread.h"
    27. 

  27. #include "log.h"
    28. 

  28. #include "command.h"
    29. 

  29. #include "memory.h"
    30. 

  30. #include "filter.h"
    31. 

  31. 

  32. #include "bgpd/bgpd.h"
    33. 

  33. #include "bgpd/bgp_attr.h"
    34. 

  34. #include "bgpd/bgp_debug.h"
    35. 

  35. #include "bgpd/bgp_fsm.h"
    36. 

  36. #include "bgpd/bgp_packet.h"
    37. 

  37. #include "bgpd/bgp_open.h"
    38. 

  38. #include "bgpd/bgp_aspath.h"
    39. 

  39. #include "bgpd/bgp_vty.h"
    40. 

  40. 

  41. /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
    42. 

  42.    negotiate remote peer supports extentions or not. But if
    43. 

  43.    remote-peer doesn't supports negotiation process itself.  We would
    44. 

  44.    like to do manual configuration.
    45. 

  45. 

  46.    So there is many configurable point.  First of all we want set each
    47. 

  47.    peer whether we send capability negotiation to the peer or not.
    48. 

  48.    Next, if we send capability to the peer we want to set my capabilty
    49. 

  49.    inforation at each peer. */
    50. 

  50. 

  51. void
    52. 

  52. bgp_capability_vty_out (struct vty *vty, struct peer *peer)
    53. 

  53. {
    54. 

  54.   char *pnt;
    55. 

  55.   char *end;
    56. 

  56.   struct capability_mp_data mpc;
    57. 

  57.   struct capability_header *hdr;
    58. 

  58. 

  59.   pnt = peer->notify.data;
    60. 

  60.   end = pnt + peer->notify.length;
    61. 

  61.   
    62. 

  62.   while (pnt < end)
    63. 

  63.     {
    64. 

  64.       if (pnt + sizeof (struct capability_mp_data) + 2 > end)
    65. 

  65. 	return;
    66. 

  66.       
    67. 

  67.       hdr = (struct capability_header *)pnt;
    68. 

  68.       if (pnt + hdr->length + 2 > end)
    69. 

  69. 	return;
    70. 

  70. 

  71.       memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
    72. 

  72. 

  73.       if (hdr->code == CAPABILITY_CODE_MP)
    74. 

  74. 	{
    75. 

  75. 	  vty_out (vty, "  Capability error for: Multi protocol ");
    76. 

  76. 

  77. 	  switch (ntohs (mpc.afi))
    78. 

  78. 	    {
    79. 

  79. 	    case AFI_IP:
    80. 

  80. 	      vty_out (vty, "AFI IPv4, ");
    81. 

  81. 	      break;
    82. 

  82. 	    case AFI_IP6:
    83. 

  83. 	      vty_out (vty, "AFI IPv6, ");
    84. 

  84. 	      break;
    85. 

  85. 	    default:
    86. 

  86. 	      vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
    87. 

  87. 	      break;
    88. 

  88. 	    }
    89. 

  89. 	  switch (mpc.safi)
    90. 

  90. 	    {
    91. 

  91. 	    case SAFI_UNICAST:
    92. 

  92. 	      vty_out (vty, "SAFI Unicast");
    93. 

  93. 	      break;
    94. 

  94. 	    case SAFI_MULTICAST:
    95. 

  95. 	      vty_out (vty, "SAFI Multicast");
    96. 

  96. 	      break;
    97. 

  97. 	    case SAFI_MPLS_LABELED_VPN:
    98. 

  98. 	      vty_out (vty, "SAFI MPLS-labeled VPN");
    99. 

  99. 	      break;
    100. 

  100. 	    case SAFI_ENCAP:
    101. 

  101. 	      vty_out (vty, "SAFI ENCAP");
    102. 

  102. 	      break;
    103. 

  103. 	    default:
    104. 

  104. 	      vty_out (vty, "SAFI Unknown %d ", mpc.safi);
    105. 

  105. 	      break;
    106. 

  106. 	    }
    107. 

  107. 	  vty_out (vty, "%s", VTY_NEWLINE);
    108. 

  108. 	}
    109. 

  109.       else if (hdr->code >= 128)
    110. 

  110. 	vty_out (vty, "  Capability error: vendor specific capability code %d",
    111. 

  111. 		 hdr->code);
    112. 

  112.       else
    113. 

  113. 	vty_out (vty, "  Capability error: unknown capability code %d", 
    114. 

  114. 		 hdr->code);
    115. 

  115. 

  116.       pnt += hdr->length + 2;
    117. 

  117.     }
    118. 

  118. }
    119. 

  119. 

  120. static void 
    121. 

  121. bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
    122. 

  122. {
    123. 

  123.   mpc->afi = stream_getw (s);
    124. 

  124.   mpc->reserved = stream_getc (s);
    125. 

  125.   mpc->safi = stream_getc (s);
    126. 

  126. }
    127. 

  127. 

  128. int
    129. 

  129. bgp_afi_safi_valid_indices (afi_t afi, safi_t *safi)
    130. 

  130. {
    131. 

  131.   switch (afi)
    132. 

  132.     {
    133. 

  133.     case AFI_IP:
    134. 

  134.     case AFI_IP6:
    135. 

  135.       switch (*safi)
    136. 

  136. 	{
    137. 

  137. 	  /* BGP MPLS-labeled VPN SAFI isn't contigious with others, remap */
    138. 

  138. 	case SAFI_MPLS_LABELED_VPN:
    139. 

  139. 	  *safi = SAFI_MPLS_VPN;
    140. 

  140. 	case SAFI_UNICAST:
    141. 

  141. 	case SAFI_MULTICAST:
    142. 

  142. 	case SAFI_MPLS_VPN:
    143. 

  143. 	case SAFI_ENCAP:
    144. 

  144. 	  return 1;
    145. 

  145. 	}
    146. 

  146.       break;
    147. 

  147.     }
    148. 

  148. 

  149.   zlog_debug ("unknown afi/safi (%u/%u)", afi, *safi);
    150. 

  150. 

  151.   return 0;
    152. 

  152. }
    153. 

  153. 

  154. /* Set negotiated capability value. */
    155. 

  155. static int
    156. 

  156. bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
    157. 

  157. {
    158. 

  158.   struct capability_mp_data mpc;
    159. 

  159.   struct stream *s = BGP_INPUT (peer);
    160. 

  160.   
    161. 

  161.   bgp_capability_mp_data (s, &mpc);
    162. 

  162.   
    163. 

  163.   if (BGP_DEBUG (normal, NORMAL))
    164. 

  164.     zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
    165. 

  165.                peer->host, mpc.afi, mpc.safi);
    166. 

  166.   
    167. 

  167.   if (!bgp_afi_safi_valid_indices (mpc.afi, &mpc.safi))
    168. 

  168.     return -1;
    169. 

  169.    
    170. 

  170.   /* Now safi remapped, and afi/safi are valid array indices */
    171. 

  171.   peer->afc_recv[mpc.afi][mpc.safi] = 1;
    172. 

  172.   
    173. 

  173.   if (peer->afc[mpc.afi][mpc.safi])
    174. 

  174.     peer->afc_nego[mpc.afi][mpc.safi] = 1;
    175. 

  175.   else 
    176. 

  176.     return -1;
    177. 

  177. 

  178.   return 0;
    179. 

  179. }
    180. 

  180. 

  181. static void
    182. 

  182. bgp_capability_orf_not_support (struct peer *peer, afi_t afi, safi_t safi,
    183. 

  183. 				u_char type, u_char mode)
    184. 

  184. {
    185. 

  185.   if (BGP_DEBUG (normal, NORMAL))
    186. 

  186.     zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
    187. 

  187. 	       peer->host, afi, safi, type, mode);
    188. 

  188. }
    189. 

  189. 

  190. static const struct message orf_type_str[] =
    191. 

  191. {
    192. 

  192.   { ORF_TYPE_PREFIX,		"Prefixlist"		},
    193. 

  193.   { ORF_TYPE_PREFIX_OLD,	"Prefixlist (old)"	},
    194. 

  194. };
    195. 

  195. static const int orf_type_str_max = array_size(orf_type_str);
    196. 

  196. 

  197. static const struct message orf_mode_str[] =
    198. 

  198. {
    199. 

  199.   { ORF_MODE_RECEIVE,	"Receive"	},
    200. 

  200.   { ORF_MODE_SEND,	"Send"		},
    201. 

  201.   { ORF_MODE_BOTH,	"Both"		},
    202. 

  202. };
    203. 

  203. static const int orf_mode_str_max = array_size(orf_mode_str);
    204. 

  204. 

  205. static int
    206. 

  206. bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
    207. 

  207. {
    208. 

  208.   struct stream *s = BGP_INPUT (peer);
    209. 

  209.   struct capability_orf_entry entry;
    210. 

  210.   afi_t afi;
    211. 

  211.   safi_t safi;
    212. 

  212.   u_char type;
    213. 

  213.   u_char mode;
    214. 

  214.   u_int16_t sm_cap = 0; /* capability send-mode receive */
    215. 

  215.   u_int16_t rm_cap = 0; /* capability receive-mode receive */ 
    216. 

  216.   int i;
    217. 

  217. 

  218.   /* ORF Entry header */
    219. 

  219.   bgp_capability_mp_data (s, &entry.mpc);
    220. 

  220.   entry.num = stream_getc (s);
    221. 

  221.   afi = entry.mpc.afi;
    222. 

  222.   safi = entry.mpc.safi;
    223. 

  223.   
    224. 

  224.   if (BGP_DEBUG (normal, NORMAL))
    225. 

  225.     zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
    226. 

  226. 	        peer->host, entry.mpc.afi, entry.mpc.safi);
    227. 

  227. 

  228.   /* Check AFI and SAFI. */
    229. 

  229.   if (!bgp_afi_safi_valid_indices (entry.mpc.afi, &safi))
    230. 

  230.     {
    231. 

  231.       zlog_info ("%s Addr-family %d/%d not supported."
    232. 

  232.                  " Ignoring the ORF capability",
    233. 

  233.                  peer->host, entry.mpc.afi, entry.mpc.safi);
    234. 

  234.       return 0;
    235. 

  235.     }
    236. 

  236.   
    237. 

  237.   /* validate number field */
    238. 

  238.   if (CAPABILITY_CODE_ORF_LEN + (entry.num * 2) > hdr->length)
    239. 

  239.     {
    240. 

  240.       zlog_info ("%s ORF Capability entry length error,"
    241. 

  241.                  " Cap length %u, num %u",
    242. 

  242.                  peer->host, hdr->length, entry.num);
    243. 

  243.       bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_UNSPECIFIC);
    244. 

  244.       return -1;
    245. 

  245.     }
    246. 

  246. 

  247.   for (i = 0 ; i < entry.num ; i++)
    248. 

  248.     {
    249. 

  249.       type = stream_getc(s);
    250. 

  250.       mode = stream_getc(s);
    251. 

  251.       
    252. 

  252.       /* ORF Mode error check */
    253. 

  253.       switch (mode)
    254. 

  254.         {
    255. 

  255.           case ORF_MODE_BOTH:
    256. 

  256.           case ORF_MODE_SEND:
    257. 

  257.           case ORF_MODE_RECEIVE:
    258. 

  258.             break;
    259. 

  259.           default:
    260. 

  260. 	    bgp_capability_orf_not_support (peer, afi, safi, type, mode);
    261. 

  261. 	    continue;
    262. 

  262. 	}
    263. 

  263.       /* ORF Type and afi/safi error checks */
    264. 

  264.       /* capcode versus type */
    265. 

  265.       switch (hdr->code)
    266. 

  266.         {
    267. 

  267.           case CAPABILITY_CODE_ORF:
    268. 

  268.             switch (type)
    269. 

  269.               {
    270. 

  270.                 case ORF_TYPE_PREFIX:
    271. 

  271.                   break;
    272. 

  272.                 default:
    273. 

  273.                   bgp_capability_orf_not_support (peer, afi, safi, type, mode);
    274. 

  274.                   continue;
    275. 

  275.               }
    276. 

  276.             break;
    277. 

  277.           case CAPABILITY_CODE_ORF_OLD:
    278. 

  278.             switch (type)
    279. 

  279.               {
    280. 

  280.                 case ORF_TYPE_PREFIX_OLD:
    281. 

  281.                   break;
    282. 

  282.                 default:
    283. 

  283.                   bgp_capability_orf_not_support (peer, afi, safi, type, mode);
    284. 

  284.                   continue;
    285. 

  285.               }
    286. 

  286.             break;
    287. 

  287.           default:
    288. 

  288.             bgp_capability_orf_not_support (peer, afi, safi, type, mode);
    289. 

  289.             continue;
    290. 

  290.         }
    291. 

  291.                 
    292. 

  292.       /* AFI vs SAFI */
    293. 

  293.       if (!((afi == AFI_IP && safi == SAFI_UNICAST)
    294. 

  294.             || (afi == AFI_IP && safi == SAFI_MULTICAST)
    295. 

  295.             || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
    296. 

  296.         {
    297. 

  297.           bgp_capability_orf_not_support (peer, afi, safi, type, mode);
    298. 

  298.           continue;
    299. 

  299.         }
    300. 

  300.       
    301. 

  301.       if (BGP_DEBUG (normal, NORMAL))
    302. 

  302.         zlog_debug ("%s OPEN has %s ORF capability"
    303. 

  303.                     " as %s for afi/safi: %d/%d",
    304. 

  304.                     peer->host, LOOKUP (orf_type_str, type),
    305. 

  305.                     LOOKUP (orf_mode_str, mode),
    306. 

  306.                     entry.mpc.afi, safi);
    307. 

  307. 

  308.       if (hdr->code == CAPABILITY_CODE_ORF)
    309. 

  309. 	{
    310. 

  310.           sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
    311. 

  311.           rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
    312. 

  312. 	}
    313. 

  313.       else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
    314. 

  314. 	{
    315. 

  315.           sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
    316. 

  316.           rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
    317. 

  317. 	}
    318. 

  318.       else
    319. 

  319. 	{
    320. 

  320. 	  bgp_capability_orf_not_support (peer, afi, safi, type, mode);
    321. 

  321. 	  continue;
    322. 

  322. 	}
    323. 

  323. 

  324.       switch (mode)
    325. 

  325. 	{
    326. 

  326. 	  case ORF_MODE_BOTH:
    327. 

  327. 	    SET_FLAG (peer->af_cap[afi][safi], sm_cap);
    328. 

  328. 	    SET_FLAG (peer->af_cap[afi][safi], rm_cap);
    329. 

  329. 	    break;
    330. 

  330. 	  case ORF_MODE_SEND:
    331. 

  331. 	    SET_FLAG (peer->af_cap[afi][safi], sm_cap);
    332. 

  332. 	    break;
    333. 

  333. 	  case ORF_MODE_RECEIVE:
    334. 

  334. 	    SET_FLAG (peer->af_cap[afi][safi], rm_cap);
    335. 

  335. 	    break;
    336. 

  336. 	}
    337. 

  337.     }
    338. 

  338.   return 0;
    339. 

  339. }
    340. 

  340. 

  341. static int
    342. 

  342. bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
    343. 

  343. {
    344. 

  344.   struct stream *s = BGP_INPUT (peer);
    345. 

  345.   u_int16_t restart_flag_time;
    346. 

  346.   size_t end = stream_get_getp (s) + caphdr->length;
    347. 

  347. 

  348.   SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
    349. 

  349.   restart_flag_time = stream_getw(s);
    350. 

  350.   if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
    351. 

  351.     SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
    352. 

  352.   
    353. 

  353.   UNSET_FLAG (restart_flag_time, 0xF000);
    354. 

  354.   peer->v_gr_restart = restart_flag_time;
    355. 

  355. 

  356.   if (BGP_DEBUG (normal, NORMAL))
    357. 

  357.     {
    358. 

  358.       zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
    359. 

  359.       zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
    360. 

  360.                   peer->host,
    361. 

  361.                   CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " " 
    362. 

  362.                                                                    : " not ",
    363. 

  363.                   peer->v_gr_restart);
    364. 

  364.     }
    365. 

  365. 

  366.   while (stream_get_getp (s) + 4 <= end)
    367. 

  367.     {
    368. 

  368.       afi_t afi = stream_getw (s);
    369. 

  369.       safi_t safi = stream_getc (s);
    370. 

  370.       u_char flag = stream_getc (s);
    371. 

  371.       
    372. 

  372.       if (!bgp_afi_safi_valid_indices (afi, &safi))
    373. 

  373.         {
    374. 

  374.           if (BGP_DEBUG (normal, NORMAL))
    375. 

  375.             zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
    376. 

  376.                         " Ignore the Graceful Restart capability",
    377. 

  377.                         peer->host, afi, safi);
    378. 

  378.         }
    379. 

  379.       else if (!peer->afc[afi][safi])
    380. 

  380.         {
    381. 

  381.           if (BGP_DEBUG (normal, NORMAL))
    382. 

  382.             zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
    383. 

  383.                         " Ignore the Graceful Restart capability",
    384. 

  384.                         peer->host, afi, safi);
    385. 

  385.         }
    386. 

  386.       else
    387. 

  387.         {
    388. 

  388.           if (BGP_DEBUG (normal, NORMAL))
    389. 

  389.             zlog_debug ("%s Address family %s is%spreserved", peer->host,
    390. 

  390.                         afi_safi_print (afi, safi),
    391. 

  391.                         CHECK_FLAG (peer->af_cap[afi][safi],
    392. 

  392.                                     PEER_CAP_RESTART_AF_PRESERVE_RCV)
    393. 

  393.                         ? " " : " not ");
    394. 

  394. 

  395.           SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
    396. 

  396.           if (CHECK_FLAG (flag, RESTART_F_BIT))
    397. 

  397.             SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
    398. 

  398.           
    399. 

  399.         }
    400. 

  400.     }
    401. 

  401.   return 0;
    402. 

  402. }
    403. 

  403. 

  404. static as_t
    405. 

  405. bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
    406. 

  406. {
    407. 

  407.   SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
    408. 

  408.   
    409. 

  409.   if (hdr->length != CAPABILITY_CODE_AS4_LEN)
    410. 

  410.     {
    411. 

  411.       zlog_err ("%s AS4 capability has incorrect data length %d",
    412. 

  412.                 peer->host, hdr->length);
    413. 

  413.       return 0;
    414. 

  414.     }
    415. 

  415.   
    416. 

  416.   as_t as4 = stream_getl (BGP_INPUT(peer));
    417. 

  417.   
    418. 

  418.   if (BGP_DEBUG (as4, AS4))
    419. 

  419.     zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
    420. 

  420.                 peer->host, as4);
    421. 

  421.   return as4;
    422. 

  422. }
    423. 

  423. 

  424. static const struct message capcode_str[] =
    425. 

  425. {
    426. 

  426.   { CAPABILITY_CODE_MP,			"MultiProtocol Extensions"	},
    427. 

  427.   { CAPABILITY_CODE_REFRESH,		"Route Refresh"			},
    428. 

  428.   { CAPABILITY_CODE_ORF,		"Cooperative Route Filtering" 	},
    429. 

  429.   { CAPABILITY_CODE_RESTART,		"Graceful Restart"		},
    430. 

  430.   { CAPABILITY_CODE_AS4,		"4-octet AS number"		},
    431. 

  431.   { CAPABILITY_CODE_DYNAMIC,		"Dynamic"			},
    432. 

  432.   { CAPABILITY_CODE_REFRESH_OLD,	"Route Refresh (Old)"		},
    433. 

  433.   { CAPABILITY_CODE_ORF_OLD,		"ORF (Old)"			},
    434. 

  434. };
    435. 

  435. static const int capcode_str_max = array_size(capcode_str);
    436. 

  436. 

  437. /* Minimum sizes for length field of each cap (so not inc. the header) */
    438. 

  438. static const size_t cap_minsizes[] = 
    439. 

  439. {
    440. 

  440.   [CAPABILITY_CODE_MP]		= CAPABILITY_CODE_MP_LEN,
    441. 

  441.   [CAPABILITY_CODE_REFRESH]	= CAPABILITY_CODE_REFRESH_LEN,
    442. 

  442.   [CAPABILITY_CODE_ORF]		= CAPABILITY_CODE_ORF_LEN,
    443. 

  443.   [CAPABILITY_CODE_RESTART]	= CAPABILITY_CODE_RESTART_LEN,
    444. 

  444.   [CAPABILITY_CODE_AS4]		= CAPABILITY_CODE_AS4_LEN,
    445. 

  445.   [CAPABILITY_CODE_DYNAMIC]	= CAPABILITY_CODE_DYNAMIC_LEN,
    446. 

  446.   [CAPABILITY_CODE_REFRESH_OLD]	= CAPABILITY_CODE_REFRESH_LEN,
    447. 

  447.   [CAPABILITY_CODE_ORF_OLD]	= CAPABILITY_CODE_ORF_LEN,
    448. 

  448. };
    449. 

  449. 

  450. /* value the capability must be a multiple of.
    451. 

  451.  * 0-data capabilities won't be checked against this.
    452. 

  452.  * Other capabilities whose data doesn't fall on convenient boundaries for this
    453. 

  453.  * table should be set to 1.
    454. 

  454.  */
    455. 

  455. static const size_t cap_modsizes[] =
    456. 

  456. {
    457. 

  457.   [CAPABILITY_CODE_MP]          = 4,
    458. 

  458.   [CAPABILITY_CODE_REFRESH]     = 1,
    459. 

  459.   [CAPABILITY_CODE_ORF]         = 1,
    460. 

  460.   [CAPABILITY_CODE_RESTART]     = 1,
    461. 

  461.   [CAPABILITY_CODE_AS4]         = 4,
    462. 

  462.   [CAPABILITY_CODE_DYNAMIC]     = 1,
    463. 

  463.   [CAPABILITY_CODE_REFRESH_OLD] = 1,
    464. 

  464.   [CAPABILITY_CODE_ORF_OLD]     = 1,
    465. 

  465. };
    466. 

  466. 

  467. /**
    468. 

  468.  * Parse given capability.
    469. 

  469.  * XXX: This is reading into a stream, but not using stream API
    470. 

  470.  *
    471. 

  471.  * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
    472. 

  472.  *                           capabilities were encountered.
    473. 

  473.  */
    474. 

  474. static int
    475. 

  475. bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
    476. 

  476. 		      u_char **error)
    477. 

  477. {
    478. 

  478.   int ret;
    479. 

  479.   struct stream *s = BGP_INPUT (peer);
    480. 

  480.   size_t end = stream_get_getp (s) + length;
    481. 

  481.   
    482. 

  482.   assert (STREAM_READABLE (s) >= length);
    483. 

  483.   
    484. 

  484.   while (stream_get_getp (s) < end)
    485. 

  485.     {
    486. 

  486.       size_t start;
    487. 

  487.       u_char *sp = stream_pnt (s);
    488. 

  488.       struct capability_header caphdr;
    489. 

  489.       
    490. 

  490.       /* We need at least capability code and capability length. */
    491. 

  491.       if (stream_get_getp(s) + 2 > end)
    492. 

  492. 	{
    493. 

  493. 	  zlog_info ("%s Capability length error (< header)", peer->host);
    494. 

  494. 	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_UNSPECIFIC);
    495. 

  495. 	  return -1;
    496. 

  496. 	}
    497. 

  497.       
    498. 

  498.       caphdr.code = stream_getc (s);
    499. 

  499.       caphdr.length = stream_getc (s);
    500. 

  500.       start = stream_get_getp (s);
    501. 

  501.       
    502. 

  502.       /* Capability length check sanity check. */
    503. 

  503.       if (start + caphdr.length > end)
    504. 

  504. 	{
    505. 

  505. 	  zlog_info ("%s Capability length error (< length)", peer->host);
    506. 

  506. 	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_UNSPECIFIC);
    507. 

  507. 	  return -1;
    508. 

  508. 	}
    509. 

  509.       
    510. 

  510.       if (BGP_DEBUG (normal, NORMAL))
    511. 

  511. 	zlog_debug ("%s OPEN has %s capability (%u), length %u",
    512. 

  512. 		   peer->host,
    513. 

  513. 		   LOOKUP (capcode_str, caphdr.code),
    514. 

  514. 		   caphdr.code, caphdr.length);
    515. 

  515.       
    516. 

  516.       /* Length sanity check, type-specific, for known capabilities */
    517. 

  517.       switch (caphdr.code)
    518. 

  518.         {
    519. 

  519.           case CAPABILITY_CODE_MP:
    520. 

  520.           case CAPABILITY_CODE_REFRESH:
    521. 

  521.           case CAPABILITY_CODE_REFRESH_OLD:
    522. 

  522.           case CAPABILITY_CODE_ORF:
    523. 

  523.           case CAPABILITY_CODE_ORF_OLD:
    524. 

  524.           case CAPABILITY_CODE_RESTART:
    525. 

  525.           case CAPABILITY_CODE_AS4:
    526. 

  526.           case CAPABILITY_CODE_DYNAMIC:
    527. 

  527.               /* Check length. */
    528. 

  528.               if (caphdr.length < cap_minsizes[caphdr.code])
    529. 

  529.                 {
    530. 

  530.                   zlog_info ("%s %s Capability length error: got %u,"
    531. 

  531.                              " expected at least %u",
    532. 

  532.                              peer->host, 
    533. 

  533.                              LOOKUP (capcode_str, caphdr.code),
    534. 

  534.                              caphdr.length, 
    535. 

  535. 			     (unsigned) cap_minsizes[caphdr.code]);
    536. 

  536.                   bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
    537. 

  537.                                   BGP_NOTIFY_OPEN_UNSPECIFIC);
    538. 

  538.                   return -1;
    539. 

  539.                 }
    540. 

  540.               if (caphdr.length
    541. 

  541.                   && caphdr.length % cap_modsizes[caphdr.code] != 0)
    542. 

  542.                 {
    543. 

  543.                   zlog_info ("%s %s Capability length error: got %u,"
    544. 

  544.                              " expected a multiple of %u",
    545. 

  545.                              peer->host,
    546. 

  546.                              LOOKUP (capcode_str, caphdr.code),
    547. 

  547.                              caphdr.length,
    548. 

  548. 			     (unsigned) cap_modsizes[caphdr.code]);
    549. 

  549.                   bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
    550. 

  550.                                          BGP_NOTIFY_OPEN_UNSPECIFIC);
    551. 

  551.                   return -1;
    552. 

  552.                 }
    553. 

  553.           /* we deliberately ignore unknown codes, see below */
    554. 

  554.           default:
    555. 

  555.             break;
    556. 

  556.         }
    557. 

  557.       
    558. 

  558.       switch (caphdr.code)
    559. 

  559.         {
    560. 

  560.           case CAPABILITY_CODE_MP:
    561. 

  561.             {
    562. 

  562. 	      *mp_capability = 1;
    563. 

  563. 

  564.               /* Ignore capability when override-capability is set. */
    565. 

  565.               if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
    566. 

  566.                 {
    567. 

  567.                   /* Set negotiated value. */
    568. 

  568.                   ret = bgp_capability_mp (peer, &caphdr);
    569. 

  569. 

  570.                   /* Unsupported Capability. */
    571. 

  571.                   if (ret < 0)
    572. 

  572.                     {
    573. 

  573.                       /* Store return data. */
    574. 

  574.                       memcpy (*error, sp, caphdr.length + 2);
    575. 

  575.                       *error += caphdr.length + 2;
    576. 

  576.                     }
    577. 

  577.                 }
    578. 

  578.             }
    579. 

  579.             break;
    580. 

  580.           case CAPABILITY_CODE_REFRESH:
    581. 

  581.           case CAPABILITY_CODE_REFRESH_OLD:
    582. 

  582.             {
    583. 

  583.               /* BGP refresh capability */
    584. 

  584.               if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
    585. 

  585.                 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
    586. 

  586.               else
    587. 

  587.                 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
    588. 

  588.             }
    589. 

  589.             break;
    590. 

  590.           case CAPABILITY_CODE_ORF:
    591. 

  591.           case CAPABILITY_CODE_ORF_OLD:
    592. 

  592.             if (bgp_capability_orf_entry (peer, &caphdr))
    593. 

  593.               return -1;
    594. 

  594.             break;
    595. 

  595.           case CAPABILITY_CODE_RESTART:
    596. 

  596.             if (bgp_capability_restart (peer, &caphdr))
    597. 

  597.               return -1;
    598. 

  598.             break;
    599. 

  599.           case CAPABILITY_CODE_DYNAMIC:
    600. 

  600.             SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
    601. 

  601.             break;
    602. 

  602.           case CAPABILITY_CODE_AS4:
    603. 

  603.               /* Already handled as a special-case parsing of the capabilities
    604. 

  604.                * at the beginning of OPEN processing. So we care not a jot
    605. 

  605.                * for the value really, only error case.
    606. 

  606.                */
    607. 

  607.               if (!bgp_capability_as4 (peer, &caphdr))
    608. 

  608.                 return -1;
    609. 

  609.               break;            
    610. 

  610.           default:
    611. 

  611.             if (caphdr.code > 128)
    612. 

  612.               {
    613. 

  613.                 /* We don't send Notification for unknown vendor specific
    614. 

  614.                    capabilities.  It seems reasonable for now...  */
    615. 

  615.                 zlog_warn ("%s Vendor specific capability %d",
    616. 

  616.                            peer->host, caphdr.code);
    617. 

  617.               }
    618. 

  618.             else
    619. 

  619.               {
    620. 

  620.                 zlog_warn ("%s unrecognized capability code: %d - ignored",
    621. 

  621.                            peer->host, caphdr.code);
    622. 

  622.                 memcpy (*error, sp, caphdr.length + 2);
    623. 

  623.                 *error += caphdr.length + 2;
    624. 

  624.               }
    625. 

  625.           }
    626. 

  626.       if (stream_get_getp(s) != (start + caphdr.length))
    627. 

  627.         {
    628. 

  628.           if (stream_get_getp(s) > (start + caphdr.length))
    629. 

  629.             zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
    630. 

  630.                        peer->host, LOOKUP (capcode_str, caphdr.code),
    631. 

  631.                        caphdr.length);
    632. 

  632.           stream_set_getp (s, start + caphdr.length);
    633. 

  633.         }
    634. 

  634.     }
    635. 

  635.   return 0;
    636. 

  636. }
    637. 

  637. 

  638. static int
    639. 

  639. bgp_auth_parse (struct peer *peer, size_t length)
    640. 

  640. {
    641. 

  641.   bgp_notify_send (peer, 
    642. 

  642. 		   BGP_NOTIFY_OPEN_ERR, 
    643. 

  643. 		   BGP_NOTIFY_OPEN_AUTH_FAILURE); 
    644. 

  644.   return -1;
    645. 

  645. }
    646. 

  646. 

  647. static int
    648. 

  648. strict_capability_same (struct peer *peer)
    649. 

  649. {
    650. 

  650.   int i, j;
    651. 

  651. 

  652.   for (i = AFI_IP; i < AFI_MAX; i++)
    653. 

  653.     for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
    654. 

  654.       if (peer->afc[i][j] != peer->afc_nego[i][j])
    655. 

  655. 	return 0;
    656. 

  656.   return 1;
    657. 

  657. }
    658. 

  658. 

  659. /* peek into option, stores ASN to *as4 if the AS4 capability was found.
    660. 

  660.  * Returns  0 if no as4 found, as4cap value otherwise.
    661. 

  661.  */
    662. 

  662. as_t
    663. 

  663. peek_for_as4_capability (struct peer *peer, u_char length)
    664. 

  664. {
    665. 

  665.   struct stream *s = BGP_INPUT (peer);
    666. 

  666.   size_t orig_getp = stream_get_getp (s);
    667. 

  667.   size_t end = orig_getp + length;
    668. 

  668.   as_t as4 = 0;
    669. 

  669.   
    670. 

  670.   /* The full capability parser will better flag the error.. */
    671. 

  671.   if (STREAM_READABLE(s) < length)
    672. 

  672.     return 0;
    673. 

  673. 

  674.   if (BGP_DEBUG (as4, AS4))
    675. 

  675.     zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
    676. 

  676.                 " peeking for as4",
    677. 

  677. 	        peer->host, length);
    678. 

  678.   /* the error cases we DONT handle, we ONLY try to read as4 out of
    679. 

  679.    * correctly formatted options.
    680. 

  680.    */
    681. 

  681.   while (stream_get_getp(s) < end) 
    682. 

  682.     {
    683. 

  683.       u_char opt_type;
    684. 

  684.       u_char opt_length;
    685. 

  685.       
    686. 

  686.       /* Check the length. */
    687. 

  687.       if (stream_get_getp (s) + 2 > end)
    688. 

  688.         goto end;
    689. 

  689.       
    690. 

  690.       /* Fetch option type and length. */
    691. 

  691.       opt_type = stream_getc (s);
    692. 

  692.       opt_length = stream_getc (s);
    693. 

  693.       
    694. 

  694.       /* Option length check. */
    695. 

  695.       if (stream_get_getp (s) + opt_length > end)
    696. 

  696.         goto end;
    697. 

  697.       
    698. 

  698.       if (opt_type == BGP_OPEN_OPT_CAP)
    699. 

  699.         {
    700. 

  700.           unsigned long capd_start = stream_get_getp (s);
    701. 

  701.           unsigned long capd_end = capd_start + opt_length;
    702. 

  702.           
    703. 

  703.           assert (capd_end <= end);
    704. 

  704.           
    705. 

  705. 	  while (stream_get_getp (s) < capd_end)
    706. 

  706. 	    {
    707. 

  707. 	      struct capability_header hdr;
    708. 

  708. 	      
    709. 

  709. 	      if (stream_get_getp (s) + 2 > capd_end)
    710. 

  710.                 goto end;
    711. 

  711.               
    712. 

  712.               hdr.code = stream_getc (s);
    713. 

  713.               hdr.length = stream_getc (s);
    714. 

  714.               
    715. 

  715. 	      if ((stream_get_getp(s) +  hdr.length) > capd_end)
    716. 

  716. 		goto end;
    717. 

  717. 

  718. 	      if (hdr.code == CAPABILITY_CODE_AS4)
    719. 

  719. 	        {
    720. 

  720. 	          if (BGP_DEBUG (as4, AS4))
    721. 

  721. 	            zlog_info ("[AS4] found AS4 capability, about to parse");
    722. 

  722. 	          as4 = bgp_capability_as4 (peer, &hdr);
    723. 

  723. 	          
    724. 

  724. 	          goto end;
    725. 

  725.                 }
    726. 

  726.               stream_forward_getp (s, hdr.length);
    727. 

  727. 	    }
    728. 

  728. 	}
    729. 

  729.     }
    730. 

  730. 

  731. end:
    732. 

  732.   stream_set_getp (s, orig_getp);
    733. 

  733.   return as4;
    734. 

  734. }
    735. 

  735. 

  736. /**
    737. 

  737.  * Parse open option.
    738. 

  738.  *
    739. 

  739.  * @param[out] mp_capability @see bgp_capability_parse() for semantics.
    740. 

  740.  */
    741. 

  741. int
    742. 

  742. bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
    743. 

  743. {
    744. 

  744.   int ret;
    745. 

  745.   u_char *error;
    746. 

  746.   u_char error_data[BGP_MAX_PACKET_SIZE];
    747. 

  747.   struct stream *s = BGP_INPUT(peer);
    748. 

  748.   size_t end = stream_get_getp (s) + length;
    749. 

  749. 

  750.   ret = 0;
    751. 

  751.   error = error_data;
    752. 

  752. 

  753.   if (BGP_DEBUG (normal, NORMAL))
    754. 

  754.     zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
    755. 

  755. 	       peer->host, length);
    756. 

  756.   
    757. 

  757.   while (stream_get_getp(s) < end)
    758. 

  758.     {
    759. 

  759.       u_char opt_type;
    760. 

  760.       u_char opt_length;
    761. 

  761.       
    762. 

  762.       /* Must have at least an OPEN option header */
    763. 

  763.       if (STREAM_READABLE(s) < 2)
    764. 

  764. 	{
    765. 

  765. 	  zlog_info ("%s Option length error", peer->host);
    766. 

  766. 	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
    767. 

  767. 	                         BGP_NOTIFY_OPEN_UNSPECIFIC);
    768. 

  768. 	  return -1;
    769. 

  769. 	}
    770. 

  770. 

  771.       /* Fetch option type and length. */
    772. 

  772.       opt_type = stream_getc (s);
    773. 

  773.       opt_length = stream_getc (s);
    774. 

  774.       
    775. 

  775.       /* Option length check. */
    776. 

  776.       if (STREAM_READABLE (s) < opt_length)
    777. 

  777. 	{
    778. 

  778. 	  zlog_info ("%s Option length error", peer->host);
    779. 

  779. 	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
    780. 

  780. 	                         BGP_NOTIFY_OPEN_UNSPECIFIC);
    781. 

  781. 	  return -1;
    782. 

  782. 	}
    783. 

  783. 

  784.       if (BGP_DEBUG (normal, NORMAL))
    785. 

  785. 	zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
    786. 

  786. 		   peer->host, opt_type,
    787. 

  787. 		   opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
    788. 

  788. 		   opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
    789. 

  789. 		   opt_length);
    790. 

  790.   
    791. 

  791.       switch (opt_type)
    792. 

  792. 	{
    793. 

  793. 	case BGP_OPEN_OPT_AUTH:
    794. 

  794. 	  ret = bgp_auth_parse (peer, opt_length);
    795. 

  795. 	  break;
    796. 

  796. 	case BGP_OPEN_OPT_CAP:
    797. 

  797. 	  ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
    798. 

  798. 	  break;
    799. 

  799. 	default:
    800. 

  800. 	  bgp_notify_send (peer, 
    801. 

  801. 			   BGP_NOTIFY_OPEN_ERR, 
    802. 

  802. 			   BGP_NOTIFY_OPEN_UNSUP_PARAM); 
    803. 

  803. 	  ret = -1;
    804. 

  804. 	  break;
    805. 

  805. 	}
    806. 

  806. 

  807.       /* Parse error.  To accumulate all unsupported capability codes,
    808. 

  808.          bgp_capability_parse does not return -1 when encounter
    809. 

  809.          unsupported capability code.  To detect that, please check
    810. 

  810.          error and erro_data pointer, like below.  */
    811. 

  811.       if (ret < 0)
    812. 

  812. 	return -1;
    813. 

  813.     }
    814. 

  814. 

  815.   /* All OPEN option is parsed.  Check capability when strict compare
    816. 

  816.      flag is enabled.*/
    817. 

  817.   if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
    818. 

  818.     {
    819. 

  819.       /* If Unsupported Capability exists. */
    820. 

  820.       if (error != error_data)
    821. 

  821. 	{
    822. 

  822. 	  bgp_notify_send_with_data (peer, 
    823. 

  823. 				     BGP_NOTIFY_OPEN_ERR, 
    824. 

  824. 				     BGP_NOTIFY_OPEN_UNSUP_CAPBL, 
    825. 

  825. 				     error_data, error - error_data);
    826. 

  826. 	  return -1;
    827. 

  827. 	}
    828. 

  828. 

  829.       /* Check local capability does not negotiated with remote
    830. 

  830.          peer. */
    831. 

  831.       if (! strict_capability_same (peer))
    832. 

  832. 	{
    833. 

  833. 	  bgp_notify_send (peer, 
    834. 

  834. 			   BGP_NOTIFY_OPEN_ERR, 
    835. 

  835. 			   BGP_NOTIFY_OPEN_UNSUP_CAPBL);
    836. 

  836. 	  return -1;
    837. 

  837. 	}
    838. 

  838.     }
    839. 

  839. 

  840.   /* Check there are no common AFI/SAFIs and send Unsupported Capability
    841. 

  841.      error. */
    842. 

  842.   if (*mp_capability &&
    843. 

  843.       ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
    844. 

  844.     {
    845. 

  845.       if (! peer->afc_nego[AFI_IP][SAFI_UNICAST] 
    846. 

  846. 	  && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
    847. 

  847. 	  && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
    848. 

  848. 	  && ! peer->afc_nego[AFI_IP][SAFI_ENCAP]
    849. 

  849. 	  && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
    850. 

  850. 	  && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
    851. 

  851. 	  && ! peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
    852. 

  852. 	  && ! peer->afc_nego[AFI_IP6][SAFI_ENCAP])
    853. 

  853. 	{
    854. 

  854. 	  plog_err (peer->log, "%s [Error] Configured AFI/SAFIs do not "
    855. 

  855. 		    "overlap with received MP capabilities",
    856. 

  856. 		    peer->host);
    857. 

  857. 

  858. 	  if (error != error_data)
    859. 

  859. 

  860. 	    bgp_notify_send_with_data (peer, 
    861. 

  861. 				       BGP_NOTIFY_OPEN_ERR, 
    862. 

  862. 				       BGP_NOTIFY_OPEN_UNSUP_CAPBL, 
    863. 

  863. 				       error_data, error - error_data);
    864. 

  864. 	  else
    865. 

  865. 	    bgp_notify_send (peer, 
    866. 

  866. 			     BGP_NOTIFY_OPEN_ERR, 
    867. 

  867. 			     BGP_NOTIFY_OPEN_UNSUP_CAPBL);
    868. 

  868. 	  return -1;
    869. 

  869. 	}
    870. 

  870.     }
    871. 

  871.   return 0;
    872. 

  872. }
    873. 

  873. 

  874. static void
    875. 

  875. bgp_open_capability_orf (struct stream *s, struct peer *peer,
    876. 

  876.                          afi_t afi, safi_t safi, u_char code)
    877. 

  877. {
    878. 

  878.   u_char cap_len;
    879. 

  879.   u_char orf_len;
    880. 

  880.   unsigned long capp;
    881. 

  881.   unsigned long orfp;
    882. 

  882.   unsigned long numberp;
    883. 

  883.   int number_of_orfs = 0;
    884. 

  884. 

  885.   if (safi == SAFI_MPLS_VPN)
    886. 

  886.     safi = SAFI_MPLS_LABELED_VPN;
    887. 

  887. 

  888.   stream_putc (s, BGP_OPEN_OPT_CAP);
    889. 

  889.   capp = stream_get_endp (s);           /* Set Capability Len Pointer */
    890. 

  890.   stream_putc (s, 0);                   /* Capability Length */
    891. 

  891.   stream_putc (s, code);                /* Capability Code */
    892. 

  892.   orfp = stream_get_endp (s);           /* Set ORF Len Pointer */
    893. 

  893.   stream_putc (s, 0);                   /* ORF Length */
    894. 

  894.   stream_putw (s, afi);
    895. 

  895.   stream_putc (s, 0);
    896. 

  896.   stream_putc (s, safi);
    897. 

  897.   numberp = stream_get_endp (s);        /* Set Number Pointer */
    898. 

  898.   stream_putc (s, 0);                   /* Number of ORFs */
    899. 

  899. 

  900.   /* Address Prefix ORF */
    901. 

  901.   if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
    902. 

  902.       || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
    903. 

  903.     {
    904. 

  904.       stream_putc (s, (code == CAPABILITY_CODE_ORF ?
    905. 

  905. 		   ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
    906. 

  906. 

  907.       if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
    908. 

  908. 	  && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
    909. 

  909. 	{
    910. 

  910. 	  SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
    911. 

  911. 	  SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
    912. 

  912. 	  stream_putc (s, ORF_MODE_BOTH);
    913. 

  913. 	}
    914. 

  914.       else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
    915. 

  915. 	{
    916. 

  916. 	  SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
    917. 

  917. 	  stream_putc (s, ORF_MODE_SEND);
    918. 

  918. 	}
    919. 

  919.       else
    920. 

  920. 	{
    921. 

  921. 	  SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
    922. 

  922. 	  stream_putc (s, ORF_MODE_RECEIVE);
    923. 

  923. 	}
    924. 

  924.       number_of_orfs++;
    925. 

  925.     }
    926. 

  926. 

  927.   /* Total Number of ORFs. */
    928. 

  928.   stream_putc_at (s, numberp, number_of_orfs);
    929. 

  929. 

  930.   /* Total ORF Len. */
    931. 

  931.   orf_len = stream_get_endp (s) - orfp - 1;
    932. 

  932.   stream_putc_at (s, orfp, orf_len);
    933. 

  933. 

  934.   /* Total Capability Len. */
    935. 

  935.   cap_len = stream_get_endp (s) - capp - 1;
    936. 

  936.   stream_putc_at (s, capp, cap_len);
    937. 

  937. }
    938. 

  938. 

  939. /* Fill in capability open option to the packet. */
    940. 

  940. void
    941. 

  941. bgp_open_capability (struct stream *s, struct peer *peer)
    942. 

  942. {
    943. 

  943.   u_char len;
    944. 

  944.   unsigned long cp, capp, rcapp;
    945. 

  945.   afi_t afi;
    946. 

  946.   safi_t safi;
    947. 

  947.   as_t local_as;
    948. 

  948.   u_int32_t restart_time;
    949. 

  949. 

  950.   /* Remember current pointer for Opt Parm Len. */
    951. 

  951.   cp = stream_get_endp (s);
    952. 

  952. 

  953.   /* Opt Parm Len. */
    954. 

  954.   stream_putc (s, 0);
    955. 

  955. 

  956.   /* Do not send capability. */
    957. 

  957.   if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN) 
    958. 

  958.       || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
    959. 

  959.     return;
    960. 

  960. 

  961.   /* IPv4 unicast. */
    962. 

  962.   if (peer->afc[AFI_IP][SAFI_UNICAST])
    963. 

  963.     {
    964. 

  964.       peer->afc_adv[AFI_IP][SAFI_UNICAST] = 1;
    965. 

  965.       stream_putc (s, BGP_OPEN_OPT_CAP);
    966. 

  966.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    967. 

  967.       stream_putc (s, CAPABILITY_CODE_MP);
    968. 

  968.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    969. 

  969.       stream_putw (s, AFI_IP);
    970. 

  970.       stream_putc (s, 0);
    971. 

  971.       stream_putc (s, SAFI_UNICAST);
    972. 

  972.     }
    973. 

  973.   /* IPv4 multicast. */
    974. 

  974.   if (peer->afc[AFI_IP][SAFI_MULTICAST])
    975. 

  975.     {
    976. 

  976.       peer->afc_adv[AFI_IP][SAFI_MULTICAST] = 1;
    977. 

  977.       stream_putc (s, BGP_OPEN_OPT_CAP);
    978. 

  978.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    979. 

  979.       stream_putc (s, CAPABILITY_CODE_MP);
    980. 

  980.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    981. 

  981.       stream_putw (s, AFI_IP);
    982. 

  982.       stream_putc (s, 0);
    983. 

  983.       stream_putc (s, SAFI_MULTICAST);
    984. 

  984.     }
    985. 

  985.   /* IPv4 VPN */
    986. 

  986.   if (peer->afc[AFI_IP][SAFI_MPLS_VPN])
    987. 

  987.     {
    988. 

  988.       peer->afc_adv[AFI_IP][SAFI_MPLS_VPN] = 1;
    989. 

  989.       stream_putc (s, BGP_OPEN_OPT_CAP);
    990. 

  990.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    991. 

  991.       stream_putc (s, CAPABILITY_CODE_MP);
    992. 

  992.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    993. 

  993.       stream_putw (s, AFI_IP);
    994. 

  994.       stream_putc (s, 0);
    995. 

  995.       stream_putc (s, SAFI_MPLS_LABELED_VPN);
    996. 

  996.     }
    997. 

  997.   /* ENCAP */
    998. 

  998.   if (peer->afc[AFI_IP][SAFI_ENCAP])
    999. 

  999.     {
    1000. 

  1000.       peer->afc_adv[AFI_IP][SAFI_ENCAP] = 1;
    1001. 

  1001.       stream_putc (s, BGP_OPEN_OPT_CAP);
    1002. 

  1002.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    1003. 

  1003.       stream_putc (s, CAPABILITY_CODE_MP);
    1004. 

  1004.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    1005. 

  1005.       stream_putw (s, AFI_IP);
    1006. 

  1006.       stream_putc (s, 0);
    1007. 

  1007.       stream_putc (s, SAFI_ENCAP);
    1008. 

  1008.     }
    1009. 

  1009. #ifdef HAVE_IPV6
    1010. 

  1010.   /* IPv6 unicast. */
    1011. 

  1011.   if (peer->afc[AFI_IP6][SAFI_UNICAST])
    1012. 

  1012.     {
    1013. 

  1013.       peer->afc_adv[AFI_IP6][SAFI_UNICAST] = 1;
    1014. 

  1014.       stream_putc (s, BGP_OPEN_OPT_CAP);
    1015. 

  1015.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    1016. 

  1016.       stream_putc (s, CAPABILITY_CODE_MP);
    1017. 

  1017.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    1018. 

  1018.       stream_putw (s, AFI_IP6);
    1019. 

  1019.       stream_putc (s, 0);
    1020. 

  1020.       stream_putc (s, SAFI_UNICAST);
    1021. 

  1021.     }
    1022. 

  1022.   /* IPv6 multicast. */
    1023. 

  1023.   if (peer->afc[AFI_IP6][SAFI_MULTICAST])
    1024. 

  1024.     {
    1025. 

  1025.       peer->afc_adv[AFI_IP6][SAFI_MULTICAST] = 1;
    1026. 

  1026.       stream_putc (s, BGP_OPEN_OPT_CAP);
    1027. 

  1027.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    1028. 

  1028.       stream_putc (s, CAPABILITY_CODE_MP);
    1029. 

  1029.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    1030. 

  1030.       stream_putw (s, AFI_IP6);
    1031. 

  1031.       stream_putc (s, 0);
    1032. 

  1032.       stream_putc (s, SAFI_MULTICAST);
    1033. 

  1033.     }
    1034. 

  1034.   /* IPv6 VPN. */
    1035. 

  1035.   if (peer->afc[AFI_IP6][SAFI_MPLS_VPN])
    1036. 

  1036.     {
    1037. 

  1037.       peer->afc_adv[AFI_IP6][SAFI_MPLS_VPN] = 1;
    1038. 

  1038.       stream_putc (s, BGP_OPEN_OPT_CAP);
    1039. 

  1039.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    1040. 

  1040.       stream_putc (s, CAPABILITY_CODE_MP);
    1041. 

  1041.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    1042. 

  1042.       stream_putw (s, AFI_IP6);
    1043. 

  1043.       stream_putc (s, 0);
    1044. 

  1044.       stream_putc (s, SAFI_MPLS_LABELED_VPN);
    1045. 

  1045.     }
    1046. 

  1046.   /* IPv6 ENCAP. */
    1047. 

  1047.   if (peer->afc[AFI_IP6][SAFI_ENCAP])
    1048. 

  1048.     {
    1049. 

  1049.       peer->afc_adv[AFI_IP6][SAFI_ENCAP] = 1;
    1050. 

  1050.       stream_putc (s, BGP_OPEN_OPT_CAP);
    1051. 

  1051.       stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
    1052. 

  1052.       stream_putc (s, CAPABILITY_CODE_MP);
    1053. 

  1053.       stream_putc (s, CAPABILITY_CODE_MP_LEN);
    1054. 

  1054.       stream_putw (s, AFI_IP6);
    1055. 

  1055.       stream_putc (s, 0);
    1056. 

  1056.       stream_putc (s, SAFI_ENCAP);
    1057. 

  1057.     }
    1058. 

  1058. #endif /* HAVE_IPV6 */
    1059. 

  1059. 

  1060.   /* Route refresh. */
    1061. 

  1061.   SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
    1062. 

  1062.   stream_putc (s, BGP_OPEN_OPT_CAP);
    1063. 

  1063.   stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
    1064. 

  1064.   stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
    1065. 

  1065.   stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
    1066. 

  1066.   stream_putc (s, BGP_OPEN_OPT_CAP);
    1067. 

  1067.   stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
    1068. 

  1068.   stream_putc (s, CAPABILITY_CODE_REFRESH);
    1069. 

  1069.   stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
    1070. 

  1070. 

  1071.   /* AS4 */
    1072. 

  1072.   SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
    1073. 

  1073.   stream_putc (s, BGP_OPEN_OPT_CAP);
    1074. 

  1074.   stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
    1075. 

  1075.   stream_putc (s, CAPABILITY_CODE_AS4);
    1076. 

  1076.   stream_putc (s, CAPABILITY_CODE_AS4_LEN);
    1077. 

  1077.   if ( peer->change_local_as )
    1078. 

  1078.     local_as = peer->change_local_as;
    1079. 

  1079.   else
    1080. 

  1080.     local_as = peer->local_as;
    1081. 

  1081.   stream_putl (s, local_as );
    1082. 

  1082. 

  1083.   /* ORF capability. */
    1084. 

  1084.   for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
    1085. 

  1085.     for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
    1086. 

  1086.       if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
    1087. 

  1087. 	  || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
    1088. 

  1088. 	{
    1089. 

  1089. 	  bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
    1090. 

  1090. 	  bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
    1091. 

  1091. 	}
    1092. 

  1092. 

  1093.   /* Dynamic capability. */
    1094. 

  1094.   if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
    1095. 

  1095.     {
    1096. 

  1096.       SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
    1097. 

  1097.       stream_putc (s, BGP_OPEN_OPT_CAP);
    1098. 

  1098.       stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
    1099. 

  1099.       stream_putc (s, CAPABILITY_CODE_DYNAMIC);
    1100. 

  1100.       stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
    1101. 

  1101.     }
    1102. 

  1102. 

  1103.   /* Sending base graceful-restart capability irrespective of the config */
    1104. 

  1104.   SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
    1105. 

  1105.   stream_putc (s, BGP_OPEN_OPT_CAP);
    1106. 

  1106.   capp = stream_get_endp (s);           /* Set Capability Len Pointer */
    1107. 

  1107.   stream_putc (s, 0);                   /* Capability Length */
    1108. 

  1108.   stream_putc (s, CAPABILITY_CODE_RESTART);
    1109. 

  1109.   rcapp = stream_get_endp (s);          /* Set Restart Capability Len Pointer */
    1110. 

  1110.   stream_putc (s, 0);
    1111. 

  1111.   restart_time = peer->bgp->restart_time;
    1112. 

  1112.   if (peer->bgp->t_startup)
    1113. 

  1113.     {
    1114. 

  1114.       SET_FLAG (restart_time, RESTART_R_BIT);
    1115. 

  1115.       SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
    1116. 

  1116.     }
    1117. 

  1117.   stream_putw (s, restart_time);
    1118. 

  1118. 

  1119.   /* Send address-family specific graceful-restart capability only when GR config
    1120. 

  1120.      is present */
    1121. 

  1121.   if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
    1122. 

  1122.     {
    1123. 

  1123.       for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
    1124. 

  1124.         for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
    1125. 

  1125.           if (peer->afc[afi][safi])
    1126. 

  1126.             {
    1127. 

  1127.               stream_putw (s, afi);
    1128. 

  1128.               stream_putc (s, safi);
    1129. 

  1129.               stream_putc (s, 0); //Forwarding is not retained as of now.
    1130. 

  1130.             }
    1131. 

  1131.     }
    1132. 

  1132. 

  1133.   /* Total Graceful restart capability Len. */
    1134. 

  1134.   len = stream_get_endp (s) - rcapp - 1;
    1135. 

  1135.   stream_putc_at (s, rcapp, len);
    1136. 

  1136. 

  1137.   /* Total Capability Len. */
    1138. 

  1138.   len = stream_get_endp (s) - capp - 1;
    1139. 

  1139.   stream_putc_at (s, capp, len);
    1140. 

  1140. 

  1141.   /* Total Opt Parm Len. */
    1142. 

  1142.   len = stream_get_endp (s) - cp - 1;
    1143. 

  1143.   stream_putc_at (s, cp, len);
    1144. 

  1144. }
    1145.