ripd was using zclient_redistribute for installation but not
for removal. As such the lib/zclient.c was not properly tracking
add/removal. I think it would be best to just let rip to track
this instead of zclient.
Fixes: #5599 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
ripngd was using zclient_redistribute for installation but not
for removal. As such the lib/zclient.c was not properly tracking
add/removal. I think it would be best to just let ripng to track
this instead of zclient.
Fixes: #5599 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donatas Abraitis [Mon, 30 Dec 2019 15:11:04 +0000 (17:11 +0200)]
bgpd: Send notification to the peer on FSM error
We should send a NOTIFICATION message with the Error Code Finite State
Machine Error if we receive NOTIFICATION in OpenSent state
as defined in https://tools.ietf.org/html/rfc4271#section-8.2.2
Chirag Shah [Tue, 3 Dec 2019 20:08:01 +0000 (12:08 -0800)]
bgpd: skip ra for blackhole nexthop type
bgp nexthop cache update triggers RA for global ipv6
nexthop update.
In case of blackhole route type the outgoing interface
information is NULL which leads to bgpd crash.
Skip sending RA for blackhole nexthop type.
Ticket:CM-27299
Reviewed By:
Testing Done:
Configure bgp neighbor over global ipv6 address.
Configure static blackhole route with prefix includes
connected ipv6 global address.
Upon link flap, zebra sends nexthop update to bgp.
Bgp nexthop cache skips sending RA for blackhole nexthop type.
Donald Sharp [Fri, 27 Dec 2019 14:20:38 +0000 (09:20 -0500)]
doc: Add bgp neighbor password command
The bgp neighbor password command was not documented additionally
the fact that you may need to instruct the kernel to have more
memory available for tcp sockets when using this feature on a large
number of peers.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Sun, 22 Dec 2019 01:19:47 +0000 (20:19 -0500)]
pimd: readd iph length checks
Kernel might not hand us a bad packet, but better safe than sorry here.
Validate the IP header length field. Also adds an additional check that
the packet length is sufficient for an IGMP packet, and a check that we
actually have enough for an ip header at all.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donatas Abraitis [Thu, 19 Dec 2019 20:09:47 +0000 (22:09 +0200)]
bgpd: Make sure we can use `no bgp listen range ...`
Fixes:
```
exit1-debian-9(config-router)# no bgp listen range 192.168.10.0/24 peer-group TEST
% Peer-group does not exist
exit1-debian-9(config-router)#
```
Closes https://github.com/FRRouting/frr/issues/5570
Renato Westphal [Thu, 19 Dec 2019 15:44:37 +0000 (12:44 -0300)]
lib: fix build of the northbound plugins
Commit 1b3e9a21dd4 removed the global visibility of the yang_modules
variable, breaking the build of all northbound plugins. Revert a
small part of that commit to fix this issue.
Trey Aspelund [Wed, 18 Dec 2019 20:58:26 +0000 (15:58 -0500)]
bgpd: Remove misleading 'NOTIFICATION' string from End-of-RIB log
'NOTIFICATION' string in this message incorrectly implies a BGP
Notification message was the cause of this log. Removing it to
reduce confusion and replacing with function name.
Donald Sharp [Wed, 18 Dec 2019 14:23:38 +0000 (09:23 -0500)]
ospfd: Prevent use after free on shutdown
Address Sanitizer is reporting this issue:
==26177==ERROR: AddressSanitizer: heap-use-after-free on address 0x6120000238d8 at pc 0x7f88f7c4fa93 bp 0x7fff9a641830 sp 0x7fff9a641820
READ of size 8 at 0x6120000238d8 thread T0
#0 0x7f88f7c4fa92 in if_delete lib/if.c:290
#1 0x42192e in ospf_vl_if_delete ospfd/ospf_interface.c:912
#2 0x42192e in ospf_vl_delete ospfd/ospf_interface.c:990
#3 0x4a6208 in no_ospf_area_vlink ospfd/ospf_vty.c:1227
#4 0x7f88f7c1553d in cmd_execute_command_real lib/command.c:1073
#5 0x7f88f7c19b1e in cmd_execute_command lib/command.c:1132
#6 0x7f88f7c19e8e in cmd_execute lib/command.c:1288
#7 0x7f88f7cd7523 in vty_command lib/vty.c:516
#8 0x7f88f7cd79ff in vty_execute lib/vty.c:1285
#9 0x7f88f7cde4f9 in vtysh_read lib/vty.c:2119
#10 0x7f88f7ccb845 in thread_call lib/thread.c:1549
#11 0x7f88f7c5d6a7 in frr_run lib/libfrr.c:1093
#12 0x412976 in main ospfd/ospf_main.c:221
#13 0x7f88f73b082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#14 0x413c78 in _start (/usr/local/master/sbin/ospfd+0x413c78)
Effectively we are in a shutdown phase and as part of shutdown we delete the
ospf interface pointer ( ifp->info ). The interface deletion code
was modified in the past year to pass in the address of operator
to allow us to NULL out the holding pointer. The catch here
is that we free the oi and then delete the interface passing
in the address of the oi->ifp pointer, causing a use after free.
Fixes: #5555 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Stephen Worley [Mon, 16 Dec 2019 21:46:30 +0000 (16:46 -0500)]
zebra: pass type when finding individual nexthop
When we are doing a lookup on an individual nexthop,
we should still be passing along the type that gets passed
via the arguments. Otherwise, we will always think we own that
NHE when in reality anyone could have put that into the
kernel.
Before this patch, nexthops in the kernel will get swepped
out even if we didn't create them.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Stephen Worley [Mon, 16 Dec 2019 21:37:14 +0000 (16:37 -0500)]
zebra: null check re->nhe not re->nhe->nhg on attach
We should be NULL checking the entire re->nhe struct, not
the group inside of it. When we get routes from the kernel
using a nexthop group (and future protocols) they will only
pass us an ID to use. Hence, this struct can (and will be)
NULL on first attach when only passed an ID.
There shouldn't be a situation where we have an re->nhe
and don't have an re->nhe->nhg anyway.
Before this patch you can easily make zebra crash by creating a
route in the kernel using a nexthop group and starting zebra.
`ip next add dev lo id 111`
`ip route add 1.1.1.1/32 nhid 111`
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Stephen Worley [Mon, 16 Dec 2019 20:42:37 +0000 (15:42 -0500)]
lib: default nexthop weights to one
Default all nexthop weights to one. The linux kernel does
some weird stuff where it adds one to all nexthop weight values
it gets. So, we added df7fb5800b3798057747873c8be245eb13f3ec36 with
some special subtracing/adding to account for this. Though, that patch
did not account for the default case of the weight being zero for
elements in the group.
Hence, this patch defaults the nexthop weight to one during creation.
This should be a valid value on all platforms anyway so shouldn't
affect anything.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Donald Sharp [Tue, 10 Dec 2019 19:06:33 +0000 (14:06 -0500)]
zebra: Do not build mlag protobuf support if version 3 is not avail
Older versions of protobuf-c do not support version 3 of the
protocol. Add a check into the system to see if we have
version 3 available and if so, compile it in.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Tue, 10 Dec 2019 01:48:21 +0000 (20:48 -0500)]
zebra: Allow zebra_mlag to compile with no j factor
If you compile FRR with no j factor zebra_mlag.c fails to
build because the vtysh extraction methodology runs first
before the protobuf compiler runs and that compilation does
not have the proper dependancy chain built for the inclusions
that zebra_mlag.c had. Moving the DEF* code into a zebra_mlag_vty.c
which can be included in the vtysh extraction code and has
no mlag.proto dependancies makes the compilation work better.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
David Lamparter [Wed, 27 Nov 2019 21:52:50 +0000 (22:52 +0100)]
lib/linklist: flip the bitrot compost
The whole lib/linklist.c code shouldn't really be used for new code (the
lib/typesafe.h bits are better.) So, a new need for these unused
functions shouldn't be coming up.
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Wed, 13 Nov 2019 23:21:10 +0000 (00:21 +0100)]
lib: completely get rid of the MTYPE alias hack
Sometimes the easiest solution is hardest to find... the whole point of
all this "static const", aliasing, & co. was to make "MTYPE_FOO" usable
without adding the extra & as in "&MTYPE_FOO". Making it a size-1 array
does that perfectly through the magic of ISO C array decay...
Signed-off-by: David Lamparter <equinox@diac24.net>
Donald Sharp [Fri, 13 Dec 2019 00:30:21 +0000 (19:30 -0500)]
isisd: Free memory when confused
When you call into lsp_update with confusion, the lsp is purged
and we do not do anything with the created tlv's from parsing
the incoming data. To prevent the tlv's from being leaked
note confusion and delete the unneeded data.
Fixes: #5496 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Liam McBirnie [Thu, 5 Dec 2019 20:57:50 +0000 (21:57 +0100)]
pimd: Add command to join any-source multicast.
Allow 'ip igmp join' to join group for any source if no source is
specified.
Disallow joining source "0.0.0.0" as it is used to define an
any-source multicast group.
David Lamparter [Wed, 11 Dec 2019 12:33:36 +0000 (13:33 +0100)]
lib,nhrpd,bgpd/bmp: pass resolver failure details
To keep the calling code agnostic of the DNS resolver libary used, pass
a strerror-style string instead of a status code that would need extra
handling.
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Wed, 11 Dec 2019 11:27:05 +0000 (12:27 +0100)]
lib/resolver: support/bypass IP literals
libc-ares doesn't do IP literals, so we have to do that before running
off to do DNS. Since this isn't BMP specific, move to lib/ so NHRP can
benefit too.
Signed-off-by: David Lamparter <equinox@diac24.net>
Under some circumstances (apparently depends on several optimization
flags), gcc-9 throws an used-uninitialized warning for this variable in
the skiplist code. Just initialize to NULL.
Signed-off-by: David Lamparter <equinox@diac24.net>
projects / matthieu / frr.git / log