pim6d: drop off MLAG code

pim6d: drop off IGMP code

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust BSM code

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust static multicast routes

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust mroute code

This is just hitting the pim_mroute code with a hammer until it doesn't
print warnings anymore.  This is NOT quite tested or working yet, it
just compiles.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust northbound code

Just fixing a bunch of compiler errors, this will NOT actually configure
IPv6 PIM properly.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust RPF lookups

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust upstream_rpf_genid_changed

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

Merge pull request #10356 from opensourcerouting/pim6-adjust-20220117

pim6d: conversion work batch

Merge pull request #10575 from donaldsharp/bgp_requires_policy

bgp: Add a 6 hour warning to missing policy

Merge pull request #10571 from rameshabhinay/ospf6_auth_trailer

ospf6d: fix coverity issues.

Merge pull request #10546 from ton31337/fix/check_for_null_inside_unintern

bgpd: Check for NULL inside aspath_unintern()

Merge pull request #10555 from anlancs/doc-comment

doc: add "cost" to ospfd "range" command

Merge pull request #10562 from donaldsharp/starv_warn

lib: Save number of times a thread is starved

bgp: Add a 15 minute warning to missing policy

Add a 15 minute warning to the logging system when
bgp policy is not setup properly.  Operators keep asking
about the missing policy( on upgrade typically ).  Let's
try to give them a bit more of a hint when something is
going wrong as that they are clearly missing the other
various places FRR tells them about it.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

Merge pull request #10573 from ton31337/fix/doc_rc_tag

doc: An example how we do RC tagging for stabilization branch

Merge pull request #10577 from donaldsharp/speeling

Speeling

zebra: Fix spelling mistake

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

yang: Fix spelling mistake

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

vtysh: Fix spelling mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

tests: Fix spelling and grammar mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

pceplib: Fix spelling mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

pathd: Fix spelling mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

ospfd: Fix spelling mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

ospf6d: Fix spelling mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

doc: Fix spelling mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

bgpd: Fix spelling mistakes

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

ospf6d: fix coverity issues.

Fixed below coverity issues
________________________________________________________________________________________________________
*** CID 1511366:    (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625                          + OSPF6_HEADER_SIZE)
2626                         > ospf6_packet_max(on->ospf6_if)) {
2627                             ospf6_fill_header(on->ospf6_if, (*op)->s,
2628                                               length + OSPF6_HEADER_SIZE);
2629                             (*op)->length = length + OSPF6_HEADER_SIZE;
2630                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>>     CID 1511366:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2631                             ospf6_send_lsupdate(on, NULL, *op);
2632
2633                             /* refresh packet */
2634                             *op = ospf6_packet_new(on->ospf6_if->ifmtu);
2635                             length = OSPF6_LS_UPD_MIN_SIZE;
2636                             *lsa_cnt = 0;
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625                          + OSPF6_HEADER_SIZE)
2626                         > ospf6_packet_max(on->ospf6_if)) {
2627                             ospf6_fill_header(on->ospf6_if, (*op)->s,
2628                                               length + OSPF6_HEADER_SIZE);
2629                             (*op)->length = length + OSPF6_HEADER_SIZE;
2630                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>>     CID 1511366:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2631                             ospf6_send_lsupdate(on, NULL, *op);

________________________________________________________________________________________________________
*** CID 1511365:    (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2668                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);

________________________________________________________________________________________________________
*** CID 1511364:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2125 in ospf6_write()
2120                     if (oi->at_data.flags != 0) {
2121                             at_len = ospf6_auth_len_get(oi);
2122                             if (at_len) {
2123                                     iovector[0].iov_len =
2124                                             ntohs(oh->length) + at_len;
>>>     CID 1511364:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "iovector[0].iov_len" to a tainted sink.
2125                                     ospf6_auth_digest_send(oi->linklocal_addr, oi,
2126                                                            oh, at_len,
2127                                                            iovector[0].iov_len);
2128                             } else {
2129                                     iovector[0].iov_len = ntohs(oh->length);
2130                             }

________________________________________________________________________________________________________
*** CID 1511363:    (DEADCODE)
/ospf6d/ospf6_auth_trailer.c: 275 in ospf6_hash_hmac_sha_digest()
269      case KEYCHAIN_ALGO_HMAC_SHA512:
270     #ifdef CRYPTO_OPENSSL
271              sha512_digest(mes, len, digest);
272     #endif
273              break;
274      case KEYCHAIN_ALGO_NULL:
>>>     CID 1511363:    (DEADCODE)
>>>     Execution cannot reach this statement: "case KEYCHAIN_ALGO_MAX:".
275      case KEYCHAIN_ALGO_MAX:
276      default:

/ospf6d/ospf6_auth_trailer.c: 274 in ospf6_hash_hmac_sha_digest()
269      case KEYCHAIN_ALGO_HMAC_SHA512:
270     #ifdef CRYPTO_OPENSSL
271              sha512_digest(mes, len, digest);
272     #endif
273              break;
>>>     CID 1511363:    (DEADCODE)
>>>     Execution cannot reach this statement: "case KEYCHAIN_ALGO_NULL:".
274      case KEYCHAIN_ALGO_NULL:
275      case KEYCHAIN_ALGO_MAX:
276      default:

________________________________________________________________________________________________________
*** CID 1511362:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 541 in ospf6_auth_check_digest()
535
536      auth_len = ntohs(ospf6_auth->length);
537
538      memcpy(temp_hash, ospf6_auth->data, hash_len);
539      memcpy(ospf6_auth->data, apad, hash_len);
540
>>>     CID 1511362:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "oh_len + auth_len + lls_block_len" to a tainted sink.
541      ospf6_auth_update_digest(oi, oh, ospf6_auth, auth_str,
542                               (oh_len + auth_len + lls_block_len),
543                               hash_algo);

________________________________________________________________________________________________________
*** CID 1511361:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 124 in ospf6_auth_hdr_dump_recv()
118      at_len = length - (oh_len + lls_len);
119      if (at_len > 0) {
120              ospf6_at_hdr =
121                      (struct ospf6_auth_hdr *)((uint8_t *)ospfh + oh_len);
122              at_hdr_len = ntohs(ospf6_at_hdr->length);
123              hash_len = at_hdr_len - OSPF6_AUTH_HDR_MIN_SIZE;
>>>     CID 1511361:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "hash_len" to a tainted sink.
124              memcpy(temp, ospf6_at_hdr->data, hash_len);
125              temp[hash_len] = '\0';

________________________________________________________________________________________________________
*** CID 1482146:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2787 in ospf6_lsupdate_send_neighbor_now()
2781
2782             if (IS_OSPF6_DEBUG_FLOODING
2783                 || IS_OSPF6_DEBUG_MESSAGE(OSPF6_MESSAGE_TYPE_LSUPDATE, SEND_HDR))
2784                     zlog_debug("%s: Send lsupdate with lsa %s (age %u)", __func__,
2785                                lsa->name, ntohs(lsa->header->age));
2786
>>>     CID 1482146:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "op->length" to a tainted sink.
2787             ospf6_send_lsupdate(on, NULL, op);

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

pim6d: IPv6-adjust pim_msg_send() and related

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust pim_ifchannel_*

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust assert-related addrs

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust jp_agg->group

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust iface primary/DR addrs

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust pim_upstream addr

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust Hello/TLV processing

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust neigh->source_addr

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: IPv6-adjust various pim_sgaddr uses

Since `pim_sgaddr` is `pim_addr` now, that causes a whole lot of fallout
anywhere S,G pairs are handled.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: prepare SSM/filter functions

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: prepare/stub pim_rp_* functions for IPv6

These are sprinkled relatively widely through the PIM codebase, so for
the time being reduce the "compiler warning surface" by moving them
forward to proper types without actual implementations.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: more TLV parse/encode IPv6 preparation

More proliferation of pim_addr to work towards IPV6.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: prepare IPv6 address encoding functions

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

pim6d: convert address comparison in I_am_DR macro

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

doc: An example how we do RC tagging for stabilization branch

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>

Merge pull request #10533 from taspelund/ip_rule_nl_debugs

zebra: add netlink debugs for ip rules

Merge pull request #9697 from SaiGomathiN/igmp-sources

pimd: json support added

zebra: cleanup multiline strings in debug_nl.c

NetDEF CI has been whining about multiline string style.
Make the strings single-line and call it a day.

Signed-off-by: Trey Aspelund <taspelund@nvidia.com>

zebra: add netlink debugs for ip rules

Adds functions to parse + decode netlink rules.
Adds RTM_NEWRULE + RTM_DELRULE to "debug zebra kernel".

Signed-off-by: Trey Aspelund <taspelund@nvidia.com>

Merge pull request #8890 from rameshabhinay/ospf6_auth_trailer

OSPF6: Support OSPF6 authentication trailer RFC 7166

lib: Save number of times a thread is starved

Add a counter to the number of times a thread is starved from
a timer event and add the output to `show thread cpu`

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

Merge pull request #10537 from mjstapp/fix_dplane_strdup

zebra: use frr mem apis in dplane

Merge pull request #10552 from idryzhov/frr-reload-nodes

tools: fix frr-reload context keywords

Merge pull request #10540 from idryzhov/attr-extra-revert

revert recent bgp attr->extra changes

Merge pull request #10545 from ton31337/feature/get_set_for_lcommunity

bgpd: Use get/set helpers for attr->lcommunity

bgpd: Use get/set helpers for attr->lcommunity

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>

Revert "bgpd: Move out ipv6_ecommunity struct from attr to attr_extra"

This reverts commit 2703b7db19cebad82772d5210132dab412b855c3.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

Revert "bgpd: Move attr->pmsi_tnl_type to attr->extra->pmsi_tnl_type"

This reverts commit fc6ba64f04696416a1216bb57a7fd72efc5a0904.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

Revert "bgpd: Free only subattributes, not the whole attr_extra pointer"

This reverts commit 0911206097dc04315bcd6b3accd6236a047a1e06.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

Merge pull request #10549 from idryzhov/bgp-coverity

bgpd: fix null pointer dereferences

Merge pull request #10550 from idryzhov/bgp-attr-undup

bgpd: remove bgp_attr_undup

Merge pull request #10551 from idryzhov/bgpd-memleaks

bgpd: fix a couple of memleaks

tools: fix frr-reload context keywords

There are singline-line commands inside `router bgp` that start with
`vnc ` or `bmp `. Those commands are currently treated as node-entering
commands. We need to specify such commands more precisely.

Fixes #10548.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

bgpd: remove bgp_attr_undup

bgp_attr_undup does the same thing as bgp_attr_flush – frees the
temporary data that might be allocated when applying a route-map. There
is no need to have two separate functions for that.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

bgpd: fix aspath memleak on error in vnc_direct_bgp_add_nve

bgp_attr_default_set creates a new empty aspath. If family error happens,
this aspath is not freed. Move attr initialization after we checked the
family.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

bgpd: fix aspath memory leak in aggr_suppress_map_test

aspth_empty a couple of lines earlier creates an aspath and it must be
freed.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

bgpd: fix missing bgp_attr_flush on errors in bgp_update

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

bgpd: fix null pointer dereferences

They were introduced during recent ecommunity rework in b53e67a3.

CID 1511347 and 1511348.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

Merge pull request #10482 from donaldsharp/zebra_buffering

Zebra buffering

Merge pull request #9631 from donaldsharp/more_workflow

doc: Update workflow.rst for release management

bgpd: Check for NULL inside aspath_unintern()

It's not always guarded, just check inside.

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>

doc: Update workflow.rst for release management

Some release management updates

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

tests: Added ospf6 authentication trailer topotest

Have added topotest to verify below combination.
Auth support for md5
Auth support for hmac-sha-256
Auth support with keychain for md5
Auth support with keychain for hmac-sha-256

Have sussessfully run all 4 test cases in my local setup.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

ospf6d: Enable the feature using configure.ac

Problem Statement:
=================
The feature is not enabled, needs to be enabled by doing required
initialization.

RCA:
====
Changes to support the feature is present, but the feature macro
needs to be enabled.

Fix:
====
This commit has changes to enable the code.

Risk:
=====
Medium

Need to ensure all existing ospf6 related topotests pass. to ensure
packet processing is not impacted.

Tests Executed:
===============
Have tested the functionality with enabling openssl and also disabling
openssl.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

ospf6d: Documentation for authentication trailer support.

Problem Statement:
=================
This commit is to add document support for OSPF6 authentication
trailer feature, which is adding support for RFC7166.

RCA:
====
NA

Fix:
====
To add detailed description for feature support.
This document caputres
Configuration CLI
Show commands
Debug commands
Clear command

That are added as part of the feature with examples.

Risk:
=====
Low

Tests Executed:
===============
NA

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

ospf6d: Stitching the auth trailer code with rest of ospf6.

Problem Statement:
==================
RFC 7166 support for OSPF6 in FRR code.

RCA:
====
This feature is newly supported in FRR

Fix:
====
Core functionality implemented in previous commit is
stitched with rest of ospf6 code as part of this commit.

Risk:
=====
Low risk

Tests Executed:
===============
Have executed the combination of commands.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

ospf6d: Core functionality of auth trailer implementation..

Problem Statement:
==================
Implement RFC 7166 support for OSPF6 in FRR code.

RCA:
====
This feature is newly supported in FRR.

Fix:
====
Changes are done to implement ospf6 ingress and egress
packet processing.
This commit has the core functionality.

It supports below debugability commands:
---------------------------------------
debug ospf6 authentication [<tx|rx>]

It supports below clear command:
--------------------------------
clear ipv6 ospf6 auth-counters interface [IFNAME]

It supports below show commands:
--------------------------------
frr# show ipv6 ospf6 interface ens192
ens192 is up, type BROADCAST
  Interface ID: 5
  Number of I/F scoped LSAs is 2
    0 Pending LSAs for LSUpdate in Time 00:00:00 [thread off]
    0 Pending LSAs for LSAck in Time 00:00:00 [thread off]
  Authentication trailer is enabled with manual key         ==> new info added
    Packet drop Tx 0, Packet drop Rx 0     ==> drop counters

frr# show ipv6 ospf6 neighbor 2.2.2.2 detail
 Neighbor 2.2.2.2%ens192
    Area 1 via interface ens192 (ifindex 3)
    0 Pending LSAs for LSUpdate in Time 00:00:00 [thread off]
    0 Pending LSAs for LSAck in Time 00:00:00 [thread off]
    Authentication header present                           ==> new info added
                         hello        DBDesc       LSReq        LSUpd        LSAck
      Higher sequence no 0x0          0x0          0x0          0x0          0x0
      Lower sequence no  0x242E       0x1DC4       0x1DC3       0x23CC       0x1DDA

frr# show ipv6 ospf6
 OSPFv3 Routing Process (0) with Router-ID 2.2.2.2
 Number of areas in this router is 1
 Authentication Sequence number info                       ==> new info added
  Higher sequence no 3, Lower sequence no 1656

Risk:
=====
Low risk

Tests Executed:
===============
Have executed the combination of commands.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

ospf6d: Auth trailer CLI implementation.

Problem Statement:
==================
RFC 7166 support for OSPF6 in FRR code.

RCA:
====
This feature is newly supported in FRR

Fix:
====
Changes are done to add support for two new CLIs to configure
ospf6 authentication trailer feature.
One CLI is to support manual key configuration.
Other CLI is to configure key using keychain.

below CLIs are implemented as part of this commit. this configuration
is applied on interface level.

Without openssl:
ipv6 ospf6 authentication key-id (1-65535) hash-algo <md5|hmac-sha-256> key WORD

With openssl:
ipv6 ospf6 authentication key-id (1-65535) hash-algo <md5|hmac-sha-256|hmac-sha-1|hmac-sha-384|hmac-sha-512> key WORD

With keychain support:
ipv6 ospf6 authentication keychain KEYCHAIN_NAME

Running config for these command:

frr# show running-config
Building configuration...

Current configuration:
!
interface ens192
 ipv6 address 2001:DB8:1::2/64
 ipv6 ospf6 authentication key-id 10 hash-algo hmac-sha-256 key abhinay
!
interface ens224
 ipv6 address 2001:DB8:2::2/64
 ipv6 ospf6 authentication keychain abhinay
!

Risk:
=====
Low risk

Tests Executed:
===============
Have executed the combination of commands.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

ospf6d: support keychain for ospf6 authentication

Problem Statement:
==================
As of now there is no support for ospf6 authentication.
To support ospf6 authentication need to have keychain support for
managing the auth key. 
 
RCA:
====
New support
 
Fix:
====
Enabling keychain for ospf6 authentication feature.
 
Risk:
=====
Low risk
 
Tests Executed:
===============
Have verified the support for ospf6 auth trailer feature.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

lib: Changes to support hash algo in keychain.

Problem Statement:
==================
Currently there is no support for configuring hash algorithm in
keychain. 
 
RCA:
====
Not implemented yet.
 
Fix:
====
Changes are done to configure hash algorithm as part of keychain.
which will easy the configuration from modules using keychain.
 
Risk:
=====
Low risk
 
Tests Executed:
===============
Have tested the configuration and unconfiguration flow for newly
implemented CLI.

!
key chain abcd
 key 100
  key-string password
  cryptographic-algorithm sha1
 exit
 key 200
  key-string password
  cryptographic-algorithm sha256
 exit
!

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

lib: Support auto completion of configured keychain.

Problem Statement:
=================
When modules use keychain there is no option for auto completion
of configured keychains.

RCA:
====
Not implemented.

Fix:
====
Changes to support auto completion of configured keychain names.

Risk:
=====
Low risk

Tests Executed:
===============
Have tested auto completion of configured keychain names with newly
implemented auth CLI.

frr(config-if)# ipv6 ospf6 authentication keychain
  KEYCHAIN_NAME  Keychain name
     abcd pqr 12345

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>

zebra: Make netlink buffer reads resizeable when needed

Currently when the kernel sends netlink messages to FRR
the buffers to receive this data is of fixed length.
The kernel, with certain configurations, will send
netlink messages that are larger than this fixed length.
This leads to situations where, on startup, zebra gets
really confused about the state of the kernel.  Effectively
the current algorithm is this:

read up to buffer in size
while (data to parse)
     get netlink message header, look at size
        parse if you can

The problem is that there is a 32k buffer we read.
We get the first message that is say 1k in size,
subtract that 1k to 31k left to parse.  We then
get the next header and notice that the length
of the message is 33k.  Which is obviously larger
than what we read in.  FRR has no recover mechanism
nor is there a way to know, a priori, what the maximum
size the kernel will send us.

Modify FRR to look at the kernel message and see if the
buffer is large enough, if not, make it large enough to
read in the message.

This code has to be per netlink socket because of the usage
of pthreads.  So add to `struct nlsock` the buffer and current
buffer length.  Growing it as necessary.

Fixes: #10404
Signed-off-by: Donald Sharp <sharpd@nvidia.com>

zebra: Remove `struct nlsock` from dataplane information and use `int fd`

Store the fd that corresponds to the appropriate `struct nlsock` and pass
that around in the dplane context instead of the pointer to the nlsock.
Modify the kernel_netlink.c code to store in a hash the `struct nlsock`
with the socket fd as the key.

Why do this?  The dataplane context is used to pass around the `struct nlsock`
but the zebra code has a bug where the received buffer for kernel netlink
messages from the kernel is not big enough.  So we need to dynamically
grow the receive buffer per socket, instead of having a non-dynamic buffer
that we read into.  By passing around the fd we can look up the `struct nlsock`
that will soon have the associated buffer and not have to worry about `const`
issues that will arise.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

zebra: Store the sequence number to use as part of the dp_info

Store and use the sequence number instead of using what is in
the `struct nlsock`.  Future commits are going away from storing
the `struct nlsock` and the copy of the nlsock was guaranteeing
unique sequence numbers per message.  So let's store the
sequence number to use instead.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>

zebra: use frr mem apis

Replace a couple of strdup/free with XSTRDUP/XFREE.

Signed-off-by: Mark Stapp <mstapp@nvidia.com>

Merge pull request #8458 from opensourcerouting/xref-5424

lib: RFC5424 syslog support

Merge pull request #9066 from donaldsharp/ships_in_the_night

zebra: Fix ships in the night issue

Merge pull request #10531 from idryzhov/bgp-nexthop-cmp

bgpd: avoid memcmp comparison of struct nexthop

Merge pull request #10530 from idryzhov/ipaddr-cmp

*: use ipaddr_cmp instead of memcmp

Merge pull request #10445 from ton31337/fix/frr-reload_stop_disabled_daemons

tools: Stop disabled daemons when doing reload

Merge pull request #10492 from ton31337/feature/pmsi_tnl_type_attr_extra

bgpd: Move attr->pmsi_tnl_type to attr->extra->pmsi_tnl_type

Merge pull request #10496 from ton31337/fix/move_struct_ecommunity_to_extra

bgpd: Use bgp_attr_[sg]et_ecommunity for struct ecommunity

Merge pull request #10509 from mobash-rasool/fixes2

pimd: Querier to non-querier transistion to be ignored in a case

Merge pull request #10529 from Jafaral/doc-fix-order

doc: the dev tag should come after the new version commit step

Merge pull request #10527 from idryzhov/topotest-literals

tests: fix strings with topologies

Merge pull request #10292 from opensourcerouting/pim6-addr-aux

pimd: start tackling IPv6 address operations

Merge pull request #10511 from anlancs/ospf-substitute

ospfd: fix loss of mixed form in "range" command

bgpd: avoid memcmp comparison of struct nexthop

Using memcmp is wrong because struct nexthop may contain unitialized
padding bytes that should not be compared.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

*: use ipaddr_cmp instead of memcmp

Using memcmp is wrong because struct ipaddr may contain unitialized
padding bytes that should not be compared.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

doc: the dev tag should come after the new version commit step

Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>

Merge pull request #10504 from qingkaishi/master

babeld: fix the checks for truncated packets

tests: fix strings with topologies

Add `r` prefix to treat backslashes as literals.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>