Quentin Young [Tue, 20 Jun 2017 23:56:50 +0000 (23:56 +0000)]
*: simplify log message lookup
log.c provides functionality for associating a constant (typically a
protocol constant) with a string and finding the string given the
constant. However this is highly delicate code that is extremely prone
to stack overflows and off-by-one's due to requiring the developer to
always remember to update the array size constant and to do so correctly
which, as shown by example, is never a good idea.b
The original goal of this code was to try to implement lookups in O(1)
time without a linear search through the message array. Since this code
is used 99% of the time for debugs, it's worth the 5-6 additional cmp's
worst case if it means we avoid explitable bugs due to oversights...
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Renato Westphal [Tue, 13 Jun 2017 13:32:24 +0000 (10:32 -0300)]
ldpd: fix issues with dual-stack adjacencies
Handling configuration changes from single-stack mode to dual-stack mode
(and vice-versa) is tricky. This patch attempts to solve all issues that
might happen on such circumstances.
Chirag Shah [Mon, 12 Jun 2017 16:53:21 +0000 (09:53 -0700)]
ospfd: ospf bandwidth handling
if bandwidth is not set from Zebra use speed as bandwidth
for ospf route.
Testing Done:
Verfied over bond which has aggregated speed of all member interfaces,
cost is reflected in ospf route and ip route.
Manually changed interface bandwidth which replaces speed as bw, instead
uses cli entered value as bw, verifid output of ospf route and ip route.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Renato Westphal [Wed, 7 Jun 2017 00:24:02 +0000 (21:24 -0300)]
ldpd: remove pledge calls
In OpenBSD pledge is a mitigation mechanism used to restrict the syscalls
a program can use, enforcing its correct behavior.
In this port of OpenBSD's ldpd(8), it's hard to run under the same
tight pledge promises because of libfrr and additional components we
introduced, like a zclient in lde. Since ldpd is already privsep'ed,
removing the pledge calls shouldn't be a big compromise security-wise.
Martin Winter [Mon, 22 May 2017 11:07:22 +0000 (04:07 -0700)]
redhat: Disallow reload function for unsupported systems
Before the change, a reload triggered a restart if the python reload script wasn't installed or for non-integrated configs
With this change, the reload is rejected with an error in this case (and suggests the installation of the python script package)
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
redhat: use %initsystem check that works when chrooted
`systemctl' returns different, non-useful output while in a chroot.
Switch to checking if /sbin/init is a symlink to the systemd binary.
With this change the build works in a mock chroot.
Martin Winter [Thu, 20 Apr 2017 01:12:10 +0000 (18:12 -0700)]
redhat: Fix BuildRequires for FRR/2.0 and duplicate /etc/frr/daemons
- add make & gcc
- remove autoconf and automake (not needed to build from src.rpm)
- fix texi2html version detection for case when no texi2html is installed (broke yum-builddep)
- fix duplicate listing of /etc/frr/daemons
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
Renato Westphal [Fri, 2 Jun 2017 14:14:54 +0000 (11:14 -0300)]
ldpd: fix bug in pseudowire control-word negotiation
Bingen discovered a bug in the pseudowire control-word negotiation that
might happen when the "control-word exclude" command is used. Under some
very specific conditions, ldpd might ignore a PWID label mapping when
it shouldn't.
This patch removes a wrong optimization that was preventing ldpd to call
l2vpn_pw_reset() every time we change the configuration of a pseudowire.
When the transport address is changed, all interfaces and targeted
neighbors are temporary disabled in the ldpe process until new sockets
bound to the new transport address are received from the parent.
This patch fixes a problem in which adjacencies weren't being removed
after the associated targeted neighbors were disabled. This was causing
ldpd not to set some MD5 sockoptions for new neighbors are thus preventing
MD5-protected sessions to come up after a change in the transport-address.
It's doesn't make sense to enforce that a targeted-hello is received
on an LDP-enabled interface. It should be possible, for example, to use
LDP only to signal pseudowires and other another protocol (e.g. RSVP-TE)
to create end-to-end LSPs.
ldpd: schedule the sending of label messages when necessary
Once we send a Label Withdraw, we can't send a Label Mapping for the
same FEC until we receive a Label Release from the peer. This is due to
some limitations in the LDP algorithms described in Appendix A. ("LDP
Label Distribution Procedures") of RFC 5036.
To workaround this issue, make it possible to schedule the sending of
a Label Mapping as soon as a Label Release is received for the same FEC.
The easiest way to test this patch is by typing the "label local advertise
explicit-null" command. ldpd will withdraw all null labels using a
Wildcard FEC and then send new Label Mappings as soon the corresponding
Label Releases are received.
On unstable networks, routes can be lost and relearned very often. If
we deallocate the input label every time a route is lost and allocate
a new one when the route is relearned, a lot of changes are made in vain.
This patch introduces a logic in which labels are preserved for at least
five minutes before being deallocated by the LIB garbage collector. This
is consistent with what other implementations do.
ldpd: accept notifications during the session establishment process
If we don't do this, we'll never trigger the backoff exponential timer
since it's impossible to distinguish between Initialization NAK's and
general errors.
Also:
* Implement some missing bits from RFC 5036;
* remove superfluous log message in session_shutdown()
(send_notification() logs that we're sending a fatal notification).
ldpd: use synchronous channels for sending log messages
This is necessary to guarantee that all log messages sent from the child
processes are received in the parent process right away.
Without this patch, when a child process calls fatal() or fatalx(),
the log messages don't make it to the parent because the child doesn't
have a chance to flush its buffers before exiting.
When ldpd fails to start for some reason, like failing to create a pid
file, the child processes call their shutdown functions without being
completely initialized. This patch adds some protections to prevent a
segmentation fault on such circumstances.
ldpd: simplify initialization of the child processes
In order to have separate ASLR/cookies per process, ldpd calls exec()
in the child processes after fork() (this is also known as the fork+exec
model).
This is an important security feature but it makes the initialization
of the child processes a bit more complicated as they're not a copy of
the parent anymore, so all parameters given via command line are lost.
To solve this problem, we were creating an argv array by hand with all
necessary parameters and providing it to the exec() syscall. This works
but it's a very ugly solution. This patch introduces a different approach
to solve the problem: send an IMSG_INIT message to the child processes
with all parameters they need in order to initialize properly. This
makes adding additional initialization parameters much more convenient
and less error prone.
vtysh: fix a compile error when user/group are disabled
If FRR is configured explicilty with --disable-user and
--disable-group, FRR_USER and FRR_GROUP will not be defined
and can be safely skipped in vtysh.
projects / mirror / frr.git / log