diff options
| author | lynne <lynne@voltanet.io> | 2020-04-15 13:49:41 -0400 |
|---|---|---|
| committer | lynne <lynne@voltanet.io> | 2020-04-29 12:27:17 -0400 |
| commit | 2d1aa1e8875ea38d6d2c2c79cca849399044261a (patch) | |
| tree | 03bbd5094f44f0cbf3c51dc483951c27442ea20f /ldpd/ldpe.c | |
| parent | 5406061b2df1e7c57d514540007a53bb0ee74c00 (diff) | |
ldpd: fix ACL rule modification
Changes to ACL rules were not applied to LDP. This fix allows
LDP to be notified when a rule in an ACL filter is modified by
the user. The filter is properly applied to the LDP session.
The filter may cause a LDP session to go down/up or to remove/add
labels being advertised/received from a neighbor.
Signed-off-by: Lynne Morrison <lynne@voltanet.io>
Signed-off-by: Karen Schoener <karen@voltanet.io>
Diffstat (limited to 'ldpd/ldpe.c')
| -rw-r--r-- | ldpd/ldpe.c | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/ldpd/ldpe.c b/ldpd/ldpe.c index b34a1ecdd7..bae8a6e5c3 100644 --- a/ldpd/ldpe.c +++ b/ldpd/ldpe.c @@ -42,6 +42,7 @@ static int ldpe_dispatch_pfkey(struct thread *); static void ldpe_setup_sockets(int, int, int, int); static void ldpe_close_sockets(int); static void ldpe_iface_af_ctl(struct ctl_conn *c, int af, ifindex_t ifidx); +static void ldpe_check_filter_af(int, struct ldpd_af_conf *, const char *); struct ldpd_conf *leconf; #ifdef __OpenBSD__ @@ -292,7 +293,8 @@ ldpe_dispatch_main(struct thread *thread) struct nbr_params *nbrp; #endif int n, shut = 0; - + struct ldp_access *laccess; + iev->ev_read = NULL; if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN) @@ -544,6 +546,18 @@ ldpe_dispatch_main(struct thread *thread) } memcpy(&ldp_debug, imsg.data, sizeof(ldp_debug)); break; + case IMSG_FILTER_UPDATE: + if (imsg.hdr.len != IMSG_HEADER_SIZE + + sizeof(struct ldp_access)) { + log_warnx("%s: wrong imsg len", __func__); + break; + } + laccess = imsg.data; + ldpe_check_filter_af(AF_INET, &leconf->ipv4, + laccess->name); + ldpe_check_filter_af(AF_INET6, &leconf->ipv6, + laccess->name); + break; default: log_debug("ldpe_dispatch_main: error handling imsg %d", imsg.hdr.type); @@ -680,6 +694,17 @@ ldpe_dispatch_lde(struct thread *thread) case IMSG_CTL_SHOW_L2VPN_BINDING: control_imsg_relay(&imsg); break; + case IMSG_NBR_SHUTDOWN: + nbr = nbr_find_peerid(imsg.hdr.peerid); + if (nbr == NULL) { + log_debug("ldpe_dispatch_lde: cannot find " + "neighbor"); + break; + } + if (nbr->state != NBR_STA_OPER) + break; + session_shutdown(nbr,S_SHUTDOWN,0,0); + break; default: log_debug("ldpe_dispatch_lde: error handling imsg %d", imsg.hdr.type); @@ -980,3 +1005,11 @@ mapping_list_clr(struct mapping_head *mh) free(me); } } + +void +ldpe_check_filter_af(int af, struct ldpd_af_conf *af_conf, + const char *filter_name) +{ + if (strcmp(af_conf->acl_thello_accept_from, filter_name) == 0) + ldpe_remove_dynamic_tnbrs(af); +} |