diff options
106 files changed, 2946 insertions, 2474 deletions
diff --git a/.gitignore b/.gitignore index 33d03296db..40f6475a26 100644 --- a/.gitignore +++ b/.gitignore @@ -28,7 +28,6 @@ /aclocal.m4 /libtool /libtool.orig -/changelog-auto /test-driver /test-suite.log diff --git a/Makefile.am b/Makefile.am index 8c9d7df77c..9bc5dd7d22 100644 --- a/Makefile.am +++ b/Makefile.am @@ -195,8 +195,6 @@ EXTRA_DIST += \ m4/README.txt \ m4/libtool-whole-archive.patch \ config.version \ - changelog-auto \ - changelog-auto.in \ \ python/clidef.py \ python/clippy/__init__.py \ diff --git a/alpine/APKBUILD.in b/alpine/APKBUILD.in index dfedf0b52b..e6776cb3a2 100644 --- a/alpine/APKBUILD.in +++ b/alpine/APKBUILD.in @@ -41,7 +41,6 @@ build() { --sysconfdir=$_sysconfdir \ --libdir=$_libdir \ --localstatedir=$_localstatedir \ - --enable-systemd=no \ --enable-rpki \ --enable-vtysh \ --enable-multipath=64 \ diff --git a/bfdd/dplane.c b/bfdd/dplane.c index 6fb301d46a..4b7f9ba7ac 100644 --- a/bfdd/dplane.c +++ b/bfdd/dplane.c @@ -651,8 +651,6 @@ static struct bfd_dplane_ctx *bfd_dplane_ctx_new(int sock) struct bfd_dplane_ctx *bdc; bdc = XCALLOC(MTYPE_BFDD_DPLANE_CTX, sizeof(*bdc)); - if (bdc == NULL) - return NULL; bdc->sock = sock; bdc->inbuf = stream_new(BFD_DPLANE_CLIENT_BUF_SIZE); diff --git a/bgpd/bgp_aspath.c b/bgpd/bgp_aspath.c index 25109e030b..3c67017dc7 100644 --- a/bgpd/bgp_aspath.c +++ b/bgpd/bgp_aspath.c @@ -193,7 +193,8 @@ static struct assegment *assegment_prepend_asns(struct assegment *seg, if (num >= AS_SEGMENT_MAX) return seg; /* we don't do huge prepends */ - if ((newas = assegment_data_new(seg->length + num)) == NULL) + newas = assegment_data_new(seg->length + num); + if (newas == NULL) return seg; for (i = 0; i < num; i++) diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index 2f0751a5f0..24b48178d2 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -1509,16 +1509,6 @@ static int bgp_attr_aspath(struct bgp_attr_parser_args *args) 0); } - /* Codification of AS 0 Processing */ - if (aspath_check_as_zero(attr->aspath)) { - flog_err( - EC_BGP_ATTR_MAL_AS_PATH, - "Malformed AS path, AS number is 0 in the path from %s", - peer->host); - return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH, - 0); - } - /* Set aspath attribute flag. */ attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH); @@ -1558,6 +1548,15 @@ static bgp_attr_parse_ret_t bgp_attr_aspath_check(struct peer *const peer, } } + /* Codification of AS 0 Processing */ + if (peer->sort == BGP_PEER_EBGP && aspath_check_as_zero(attr->aspath)) { + flog_err( + EC_BGP_ATTR_MAL_AS_PATH, + "Malformed AS path, AS number is 0 in the path from %s", + peer->host); + return BGP_ATTR_PARSE_WITHDRAW; + } + /* local-as prepend */ if (peer->change_local_as && !CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) { @@ -1590,16 +1589,6 @@ static int bgp_attr_as4_path(struct bgp_attr_parser_args *args, 0); } - /* Codification of AS 0 Processing */ - if (aspath_check_as_zero(*as4_path)) { - flog_err( - EC_BGP_ATTR_MAL_AS_PATH, - "Malformed AS path, AS number is 0 in the path from %s", - peer->host); - return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_AS_PATH, - 0); - } - /* Set aspath attribute flag. */ attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH); @@ -3317,7 +3306,8 @@ bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr, } /* Check all mandatory well-known attributes are present */ - if ((ret = bgp_attr_check(peer, attr)) < 0) + ret = bgp_attr_check(peer, attr); + if (ret < 0) goto done; /* diff --git a/bgpd/bgp_evpn_mh.c b/bgpd/bgp_evpn_mh.c index 4b90937f62..34094a0bde 100644 --- a/bgpd/bgp_evpn_mh.c +++ b/bgpd/bgp_evpn_mh.c @@ -1311,7 +1311,7 @@ static void bgp_evpn_es_vtep_re_eval_active(struct bgp *bgp, bool old_active; bool new_active; - old_active = !!CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE); + old_active = CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE); /* currently we need an active EVI reference to use the VTEP as * a nexthop. this may change... */ @@ -1320,7 +1320,7 @@ static void bgp_evpn_es_vtep_re_eval_active(struct bgp *bgp, else UNSET_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE); - new_active = !!CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE); + new_active = CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE); if ((old_active != new_active) || (new_active && param_change)) { @@ -3119,7 +3119,7 @@ static void bgp_evpn_es_evi_vtep_re_eval_active(struct bgp *bgp, bool new_active; uint32_t ead_activity_flags; - old_active = !!CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE); + old_active = CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE); if (bgp_mh_info->ead_evi_rx) /* Both EAD-per-ES and EAD-per-EVI routes must be rxed from a PE @@ -3135,7 +3135,7 @@ static void bgp_evpn_es_evi_vtep_re_eval_active(struct bgp *bgp, else UNSET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE); - new_active = !!CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE); + new_active = CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE); if (old_active == new_active) return; diff --git a/bgpd/bgp_fsm.c b/bgpd/bgp_fsm.c index 4cc096d8e7..79dc0aec9d 100644 --- a/bgpd/bgp_fsm.c +++ b/bgpd/bgp_fsm.c @@ -256,6 +256,7 @@ static struct peer *peer_xfer_conn(struct peer *from_peer) from_peer->last_major_event = last_maj_evt; peer->remote_id = from_peer->remote_id; peer->last_reset = from_peer->last_reset; + peer->max_packet_size = from_peer->max_packet_size; peer->peer_gr_present_state = from_peer->peer_gr_present_state; peer->peer_gr_new_status_flag = from_peer->peer_gr_new_status_flag; diff --git a/bgpd/bgp_mpath.c b/bgpd/bgp_mpath.c index d5fce115de..8127428bc7 100644 --- a/bgpd/bgp_mpath.c +++ b/bgpd/bgp_mpath.c @@ -411,7 +411,8 @@ static void bgp_path_info_mpath_lb_update(struct bgp_path_info *path, bool set, { struct bgp_path_info_mpath *mpath; - if ((mpath = path->mpath) == NULL) { + mpath = path->mpath; + if (mpath == NULL) { if (!set || (cum_bw == 0 && !all_paths_lb)) return; diff --git a/bgpd/bgp_nht.c b/bgpd/bgp_nht.c index 742ef217d9..eb00a4641c 100644 --- a/bgpd/bgp_nht.c +++ b/bgpd/bgp_nht.c @@ -793,7 +793,18 @@ static int make_prefix(int afi, struct bgp_path_info *pi, struct prefix *p) || IN6_IS_ADDR_LINKLOCAL( &pi->attr->mp_nexthop_global))) p->u.prefix6 = pi->attr->mp_nexthop_local; - else + /* If we receive MR_REACH with (GA)::(LL) + * then check for route-map to choose GA or LL + */ + else if (pi->attr->mp_nexthop_len + == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL) { + if (pi->attr->mp_nexthop_prefer_global) + p->u.prefix6 = + pi->attr->mp_nexthop_global; + else + p->u.prefix6 = + pi->attr->mp_nexthop_local; + } else p->u.prefix6 = pi->attr->mp_nexthop_global; p->prefixlen = IPV6_MAX_BITLEN; } @@ -1042,7 +1053,7 @@ void evaluate_paths(struct bgp_nexthop_cache *bnc) || path->attr->srte_color != 0) SET_FLAG(path->flags, BGP_PATH_IGP_CHANGED); - path_valid = !!CHECK_FLAG(path->flags, BGP_PATH_VALID); + path_valid = CHECK_FLAG(path->flags, BGP_PATH_VALID); if (path_valid != bnc_is_valid_nexthop) { if (path_valid) { /* No longer valid, clear flag; also for EVPN diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index 4637cef3eb..107aa1eb12 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -11643,7 +11643,8 @@ static int bgp_show_route_in_table(struct vty *vty, struct bgp *bgp, if (!table) continue; - if ((rm = bgp_node_match(table, &match)) == NULL) + rm = bgp_node_match(table, &match); + if (rm == NULL) continue; const struct prefix *rm_p = bgp_dest_get_prefix(rm); @@ -11735,7 +11736,8 @@ static int bgp_show_route_in_table(struct vty *vty, struct bgp *bgp, json_object_free(json_paths); } } else { - if ((dest = bgp_node_match(rib, &match)) != NULL) { + dest = bgp_node_match(rib, &match); + if (dest != NULL) { const struct prefix *dest_p = bgp_dest_get_prefix(dest); if (!prefix_check || dest_p->prefixlen == match.prefixlen) { @@ -14377,6 +14379,7 @@ int bgp_distance_unset(uint8_t distance, const char *ip_str, if (bdistance->distance != distance) { snprintf(errmsg, errmsg_len, "Distance does not match configured\n"); + bgp_dest_unlock_node(dest); return CMD_WARNING_CONFIG_FAILED; } @@ -14758,7 +14761,8 @@ static int bgp_clear_damp_route(struct vty *vty, const char *view_name, table = bgp_dest_get_bgp_table_info(dest); if (!table) continue; - if ((rm = bgp_node_match(table, &match)) == NULL) + rm = bgp_node_match(table, &match); + if (rm == NULL) continue; const struct prefix *rm_p = bgp_dest_get_prefix(dest); @@ -14782,8 +14786,8 @@ static int bgp_clear_damp_route(struct vty *vty, const char *view_name, bgp_dest_unlock_node(rm); } } else { - if ((dest = bgp_node_match(bgp->rib[afi][safi], &match)) - != NULL) { + dest = bgp_node_match(bgp->rib[afi][safi], &match); + if (dest != NULL) { const struct prefix *dest_p = bgp_dest_get_prefix(dest); if (!prefix_check diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c index 9a7b7b3cf2..529abcbea0 100644 --- a/bgpd/bgp_routemap.c +++ b/bgpd/bgp_routemap.c @@ -29,6 +29,7 @@ #include "memory.h" #include "log.h" #include "frrlua.h" +#include "frrscript.h" #ifdef HAVE_LIBPCREPOSIX #include <pcreposix.h> #else @@ -373,42 +374,29 @@ route_match_script(void *rule, const struct prefix *prefix, void *object) return RMAP_NOMATCH; } - enum frrlua_rm_status status_failure = LUA_RM_FAILURE, + enum frrlua_rm_status lrm_status = LUA_RM_FAILURE, status_nomatch = LUA_RM_NOMATCH, status_match = LUA_RM_MATCH, status_match_and_change = LUA_RM_MATCH_AND_CHANGE; - /* Make result values available */ - struct frrscript_env env[] = { - {"integer", "RM_FAILURE", &status_failure}, - {"integer", "RM_NOMATCH", &status_nomatch}, - {"integer", "RM_MATCH", &status_match}, - {"integer", "RM_MATCH_AND_CHANGE", &status_match_and_change}, - {"integer", "action", &status_failure}, - {"prefix", "prefix", prefix}, - {"attr", "attributes", path->attr}, - {"peer", "peer", path->peer}, - {}}; - - struct frrscript_env results[] = { - {"integer", "action"}, - {"attr", "attributes"}, - {}, - }; - - int result = frrscript_call(fs, env); + struct attr newattr = *path->attr; + + int result = frrscript_call( + fs, ("RM_FAILURE", (long long *)&lrm_status), + ("RM_NOMATCH", (long long *)&status_nomatch), + ("RM_MATCH", (long long *)&status_match), + ("RM_MATCH_AND_CHANGE", (long long *)&status_match_and_change), + ("action", (long long *)&lrm_status), ("prefix", prefix), + ("attributes", &newattr), ("peer", path->peer)); if (result) { zlog_err("Issue running script rule; defaulting to no match"); return RMAP_NOMATCH; } - enum frrlua_rm_status *lrm_status = - frrscript_get_result(fs, &results[0]); - int status = RMAP_NOMATCH; - switch (*lrm_status) { + switch (lrm_status) { case LUA_RM_FAILURE: zlog_err( "Executing route-map match script '%s' failed; defaulting to no match", @@ -423,27 +411,22 @@ route_match_script(void *rule, const struct prefix *prefix, void *object) zlog_debug("Updating attribute based on script's values"); uint32_t locpref = 0; - struct attr *newattr = frrscript_get_result(fs, &results[1]); - path->attr->med = newattr->med; + path->attr->med = newattr.med; if (path->attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) locpref = path->attr->local_pref; - if (locpref != newattr->local_pref) { + if (locpref != newattr.local_pref) { SET_FLAG(path->attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)); - path->attr->local_pref = newattr->local_pref; + path->attr->local_pref = newattr.local_pref; } - - aspath_free(newattr->aspath); - XFREE(MTYPE_TMP, newattr); break; case LUA_RM_MATCH: status = RMAP_MATCH; break; } - XFREE(MTYPE_TMP, lrm_status); frrscript_unload(fs); return status; diff --git a/bgpd/bgp_routemap_nb_config.c b/bgpd/bgp_routemap_nb_config.c index e541d117be..88e3f6438f 100644 --- a/bgpd/bgp_routemap_nb_config.c +++ b/bgpd/bgp_routemap_nb_config.c @@ -70,8 +70,8 @@ static int bgp_route_match_delete(struct route_map_index *index, if (type != RMAP_EVENT_MATCH_DELETED) { /* ignore the mundane, the types without any dependency */ if (arg == NULL) { - if ((tmpstr = route_map_get_match_arg(index, command)) - != NULL) + tmpstr = route_map_get_match_arg(index, command); + if (tmpstr != NULL) dep_name = XSTRDUP(MTYPE_ROUTE_MAP_RULE, tmpstr); } else { diff --git a/bgpd/bgp_script.c b/bgpd/bgp_script.c index 0cda1927f8..9446a25a05 100644 --- a/bgpd/bgp_script.c +++ b/bgpd/bgp_script.c @@ -28,9 +28,8 @@ #include "bgp_aspath.h" #include "frratomic.h" #include "frrscript.h" -#include "frrlua.h" -static void lua_pushpeer(lua_State *L, const struct peer *peer) +void lua_pushpeer(lua_State *L, const struct peer *peer) { lua_newtable(L); lua_pushinteger(L, peer->as); @@ -142,7 +141,7 @@ static void lua_pushpeer(lua_State *L, const struct peer *peer) lua_setfield(L, -2, "stats"); } -static void lua_pushattr(lua_State *L, const struct attr *attr) +void lua_pushattr(lua_State *L, const struct attr *attr) { lua_newtable(L); lua_pushinteger(L, attr->med); @@ -155,10 +154,8 @@ static void lua_pushattr(lua_State *L, const struct attr *attr) lua_setfield(L, -2, "localpref"); } -static void *lua_toattr(lua_State *L, int idx) +void lua_decode_attr(lua_State *L, int idx, struct attr *attr) { - struct attr *attr = XCALLOC(MTYPE_TMP, sizeof(struct attr)); - lua_getfield(L, -1, "metric"); attr->med = lua_tointeger(L, -1); lua_pop(L, 1); @@ -171,7 +168,13 @@ static void *lua_toattr(lua_State *L, int idx) lua_getfield(L, -1, "localpref"); attr->local_pref = lua_tointeger(L, -1); lua_pop(L, 1); +} + +void *lua_toattr(lua_State *L, int idx) +{ + struct attr *attr = XCALLOC(MTYPE_TMP, sizeof(struct attr)); + lua_decode_attr(L, idx, attr); return attr; } diff --git a/bgpd/bgp_script.h b/bgpd/bgp_script.h index 6682c2eebd..f8178aa983 100644 --- a/bgpd/bgp_script.h +++ b/bgpd/bgp_script.h @@ -21,14 +21,25 @@ #define __BGP_SCRIPT__ #include <zebra.h> +#include "bgpd.h" #ifdef HAVE_SCRIPTING +#include "frrlua.h" + /* * Initialize scripting stuff. */ void bgp_script_init(void); +void lua_pushpeer(lua_State *L, const struct peer *peer); + +void lua_pushattr(lua_State *L, const struct attr *attr); + +void lua_decode_attr(lua_State *L, int idx, struct attr *attr); + +void *lua_toattr(lua_State *L, int idx); + #endif /* HAVE_SCRIPTING */ #endif /* __BGP_SCRIPT__ */ diff --git a/bgpd/bgp_updgrp.c b/bgpd/bgp_updgrp.c index b8545188a4..dd3309dad9 100644 --- a/bgpd/bgp_updgrp.c +++ b/bgpd/bgp_updgrp.c @@ -339,6 +339,7 @@ static unsigned int updgrp_hash_key_make(const void *p) key); key = jhash_1word(peer->v_routeadv, key); key = jhash_1word(peer->change_local_as, key); + key = jhash_1word(peer->max_packet_size, key); if (peer->group) key = jhash_1word(jhash(peer->group->name, @@ -572,6 +573,7 @@ static int update_group_show_walkcb(struct update_group *updgrp, void *arg) struct update_subgroup *subgrp; struct peer_af *paf; struct bgp_filter *filter; + struct peer *peer = UPDGRP_PEER(updgrp); int match = 0; if (!ctx) @@ -663,6 +665,9 @@ static int update_group_show_walkcb(struct update_group *updgrp, void *arg) CHECK_FLAG(subgrp->flags, SUBGRP_FLAG_NEEDS_REFRESH) ? "R" : ""); + if (peer) + vty_out(vty, " Max packet size: %d\n", + peer->max_packet_size); if (subgrp->peer_count > 0) { vty_out(vty, " Peers:\n"); SUBGRP_FOREACH_PEER (subgrp, paf) diff --git a/bgpd/bgp_updgrp_adv.c b/bgpd/bgp_updgrp_adv.c index 18829aa747..9c2288cba3 100644 --- a/bgpd/bgp_updgrp_adv.c +++ b/bgpd/bgp_updgrp_adv.c @@ -572,7 +572,8 @@ void bgp_adj_out_unset_subgroup(struct bgp_dest *dest, return; /* Lookup existing adjacency */ - if ((adj = adj_lookup(dest, subgrp, addpath_tx_id)) != NULL) { + adj = adj_lookup(dest, subgrp, addpath_tx_id); + if (adj != NULL) { /* Clean up previous advertisement. */ if (adj->adv) bgp_advertise_clean_subgroup(subgrp, adj); diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index e713894eb1..9d7e88bb1c 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -1857,9 +1857,8 @@ void cli_show_router_bgp_med_config(struct vty *vty, struct lyd_node *dnode, uint32_t med_admin_val; vty_out(vty, " bgp max-med administrative"); - if ((med_admin_val = - yang_dnode_get_uint32(dnode, "./max-med-admin")) - != BGP_MAXMED_VALUE_DEFAULT) + med_admin_val = yang_dnode_get_uint32(dnode, "./max-med-admin"); + if (med_admin_val != BGP_MAXMED_VALUE_DEFAULT) vty_out(vty, " %u", med_admin_val); vty_out(vty, "\n"); } @@ -10196,7 +10195,8 @@ static int bgp_clear_prefix(struct vty *vty, const char *view_name, if (table == NULL) continue; - if ((rm = bgp_node_match(table, &match)) != NULL) { + rm = bgp_node_match(table, &match); + if (rm != NULL) { const struct prefix *rm_p = bgp_dest_get_prefix(rm); @@ -10209,7 +10209,8 @@ static int bgp_clear_prefix(struct vty *vty, const char *view_name, } } } else { - if ((dest = bgp_node_match(rib, &match)) != NULL) { + dest = bgp_node_match(rib, &match); + if (dest != NULL) { const struct prefix *dest_p = bgp_dest_get_prefix(dest); if (dest_p->prefixlen == match.prefixlen) { diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c index 197133cbb4..acade16ef2 100644 --- a/bgpd/bgpd.c +++ b/bgpd/bgpd.c @@ -1369,7 +1369,7 @@ struct peer *peer_new(struct bgp *bgp) peer->bgp = bgp_lock(bgp); peer = peer_lock(peer); /* initial reference */ peer->password = NULL; - peer->max_packet_size = BGP_MAX_PACKET_SIZE; + peer->max_packet_size = BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE; /* Set default flags. */ FOREACH_AFI_SAFI (afi, safi) { @@ -1466,6 +1466,8 @@ void peer_xfer_config(struct peer *peer_dst, struct peer *peer_src) (void)peer_sort(peer_dst); peer_dst->rmap_type = peer_src->rmap_type; + peer_dst->max_packet_size = peer_src->max_packet_size; + /* Timers */ peer_dst->holdtime = peer_src->holdtime; peer_dst->keepalive = peer_src->keepalive; @@ -3097,8 +3099,7 @@ static struct bgp *bgp_create(as_t *as, const char *name, afi_t afi; safi_t safi; - if ((bgp = XCALLOC(MTYPE_BGP, sizeof(struct bgp))) == NULL) - return NULL; + bgp = XCALLOC(MTYPE_BGP, sizeof(struct bgp)); if (BGP_DEBUG(zebra, ZEBRA)) { if (inst_type == BGP_INSTANCE_TYPE_DEFAULT) diff --git a/changelog-auto.in b/changelog-auto.in deleted file mode 100644 index 50bd5f6d4d..0000000000 --- a/changelog-auto.in +++ /dev/null @@ -1,1487 +0,0 @@ -frr (@VERSION@-0) UNRELEASED; urgency=medium - - * autoconf changelog entry -- for git autobuilds only. - remove and replace when creating releases! - (tools/tarsource.sh will handle this) - - -- FRRouting-Dev <dev@lists.frrouting.org> Thu, 25 Oct 2018 16:36:50 +0200 - -frr (7.5-0) RELEASED; urgency=medium - BFD - Profile support - Minimum ttl support - BGP - rpki VRF support - GR fixes - Add wide option to display of routes - Add `maximum-prefix <num> force` - Add `bestpath-routes` to neighbor command - Add `bgp shutdown message MSG...` command - Add v6 Flowspec support - Add `neighbor <neigh> shutdown rtt` command - Allow update-delay to be applied globaly - EVPN - Beginning of MultiHoming Support - ISIS - Segment Routing Support - VRF Support - Guard against adj timer display overflow - Add support for Anycast-SIDs - Add support for Topology Independent LFA (TI-LFA) - Add `lsp-gen-interval 2` to isis configuration - OSPF - Segment Routing support for ECMP - Various LSA fixes - Prevent crash if transferring config amongst instances - PBR - Adding json support to commands - DSCP/ECN based PBR Matching - PIM - Add more json support to commands - Fix missing mesh-group commands - MSDP SA forwarding - Clear (s,g,rpt) ifchannel on (*, G) prune received - Fix igmp querier election and IP address mapping - Crash fix when RP is removed - STATIC - Northbound Support - YANG - Filter and route-map Support - OSPF model definition - BGP model definition - VTYSH - Speed up output across daemons - Fix build-time errors for some --enable flags - Speed up output of configuration across daemons - ZEBRA - nexthop group support for FPM - northbound support for rib model - Backup nexthop support - netlink batching support - Allow upper level protocols to request ARP - Add json output for zebra ES, ES-EVI and access vlan dumps - - Upgrade to using libyang1.0.184 - - RPM - Moved RPKI to subpackage - Added SNMP subpackage - - As always there are too many bugfixes to list individually. This release - compromises just over 1k of commits by the community, with contributors from - 70 people. - - -- FRRouting-Dev <dev@lists.frrouting.org> Tue, 2 Nov 2020 08:04:23 +0400 - -frr (6.0-2) testing; urgency=medium - - * add install-info to build deps - * remove trailing whitespace from control - * cleanup tcp-zebra configure options - * drop unused SMUX client OID MIBs - * remove /proc check - * remove --enable-poll - * remove libtool .la files - * drop texlive-latex-base, texlive-generic-recommended build deps - * consistently allow python2 or python3 - * remove bad USE_* options, add WERROR - * drop libncurses5 dep - * remove backports mechanism - * use better dependency for pythontools (binNMU compatible) - * remove bogus shlib:Depends on frr-dbg - * create frr-snmp and frr-rpki-rtrlib - * make frr-pythontools a "Recommends:" - * use redistclean target - * update to Debian Policy version 4.2.1 - * raise debhelper compat level to 9 - * ditch development-only files - * modernise dh_missing and use fail mode - * disable zeromq and FPM - * always install /etc/init.d/frr - * put frr-doc package in 'doc' section - * install HTML docs, drop tools/ - * fix install for {frr,rfptest,ospfclient} - * add watch file - * change python dependency and shebang to python3:any - * use set -e in maintscripts - * put myself in as maintainer - * update copyright file - * closes: #863249 - - -- David Lamparter <equinox-debian@diac24.net> Thu, 25 Oct 2018 16:36:50 +0200 - -frr (6.0-1) RELEASED; urgency=medium - - * New Enabled: PIM draft Unnumbered - - -- FRRouting-Dev <dev@lists.frrouting.org> Wed, 18 Oct 2017 17:01:42 -0700 - -frr (3.0-1) RELEASED; urgency=medium - - * Added Debian 9 Backport - - -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 16 Oct 2017 03:28:00 -0700 - -frr (3.0-0) RELEASED; urgency=medium - - * New Enabled: BGP Shutdown Message - * New Enabled: BGP Large Community - * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN - * New Enabled: BGP EVPN RT-5 - * New Enabled: LDP RFC 5561 - * New Enabled: LDP RFC 5918 - * New Enabled: LDP RFC 5919 - * New Enabled: LDP RFC 6667 - * New Enabled: LDP RFC 7473 - * New Enabled: OSPF RFC 4552 - * New Enabled: ISIS SPF Backoff draft - * New Enabled: PIM Unnumbered Interfaces - * New Enabled: PIM RFC 4611 - * New Enabled: PIM Sparse Mode - * New Enabled: NHRP RFC 2332 - * New Enabled: Label Manager - * Switched from hardening-wrapper to dpkg-buildflags. - - -- FRRouting-Dev <dev@lists.frrouting.org> Fri, 13 Oct 2017 16:17:26 -0700 - -frr (2.0-0) RELEASED; urgency=medium - - * Switchover to FRR - - -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 23 Jan 2017 16:30:22 -0400 - -quagga (0.99.24+cl3u5) RELEASED; urgency=medium - - * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json' - * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all' - * Closes: CM-5794 - Add support for IPv6 static to null0 - * Closes: CM-13060 - Reduce JSON memory usage. - * Closes: CM-10394 - protect 'could not get instance' error messages with debug - * Closes: CM-11173 - Move netlink error messages undeer a debug - * Closes: CM-13328 - Fixes route missing in hardware after reboot - - -- dev-support <dev-support@cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400 - -quagga (0.99.24+cl3u4) RELEASED; urgency=medium - - * Closes: CM-12687 - Buffer overflow in zebra RA code - - -- dev-support <dev-support@cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400 - -quagga (0.99.24+cl3u3) RELEASED; urgency=medium - - * New Enabled: Merge up-to 0.99.24 code from upstream - * New Enabled: Additional CLI simplification - * New Enabled: Various Bug Fixes - - -- dev-support <dev-support@cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700 - -quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium - - * New Enabled: VRF - See Documentation for how to use - * New Enabled: Improved interface statistics - * New Enabled: Various vtysh improvements - * New Enabled: Numerous compile warnings and SA fixes - * New Enabled: Improved priviledge handlingA - * New Enabled: Various OSPF CLI fixes - * New Enabled: Prefix-list Performance Improvements. - * New Enabled: Allow more than 1k peers in Quagga - and Performance Improvements - * New Enabled: Systemd integration - * New Enabled: Various ISIS fixes - * New Enabled: BGP MRT improvements - * New Enabled: Lowered default MRAI timers - * New Enabled: Lowered default 'timers connect' - * New Enabled: 'bgp log-neighbor-changes' enabled by default - * New Enabled: BGP default keepalive to 3s and holdtime to 9s - * New Enabled: OSPF spf timers are now '0 50 5000' by default - * New Enabled: BGP hostname is displayed by default - * New Enabled: BGP 'no-as-set' is the default for - 'bgp as-path multipath-relax" - * New Enabled: RA is on by default if using 5549 on an interface - * New Enabled: peer-group restrictions relaxed, update-groups determine - outbund policy anyway - * New Enabled: BGP enabled 'maximum-paths 64' by default - * New Enabled: OSPF "log-adjacency-changes" on by default - * New Enabled: Zebra: Add IPv6 protocol filtering support - * and setting src of IPv6 routes. - * New Enabled: BGP and OSPF JSON commands added. - * New Enabled: BGP Enable multiple instances support by default - * New Enabled: 'banner motd file' command - * New Enabled: Remove bad default passwords from default conf - * New Enabled: BGP addpath TX - * New Enabled: Simplified configuration for BGP Unnumbered - - * New Deprecated: Remove unused 'show memory XXX' functionality - * New Deprecated: Remove babel protocol - - * Closes: CM-10435 Addition on hidden command - "bfd multihop/singlehop" and "ptm-enable" per interface command - * Closes: CM-9974 Get route counts right for show ip route summary - * Closes: CM-9786 BGP memory leak in peer hostname - * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit - * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip - * Closes: CM-9255 BGPD crash around bgp_config_write () - * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network - entered first - * Closes: CM-8934 OSPFv3: Check area before scheduling SPF - * Closes: CM-8514 zebra: Crash upon disabling a link - * Closes: CM-8295 BGP crash in group_announce_route_walkcb - * Closes: CM-8191 BGP: crash in update_subgroup_merge() - * Closes: CM-8015 lib: Memory reporting fails over 2GB - * Closes: CM-7926 BGP: crash from not NULLing freed pointers - - -- dev-support <dev-support@cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700 - -quagga (0.99.23.1-1) unstable; urgency=medium - - * New upstream release - * Added .png figures for info files to quagga-doc package. - * Changed dependency from iproute to iproute2 (thanks to Andreas - Henriksson). Closes: #753736 - * Added texlive-fonts-recommended to build-depends to get ecrm1095 font - (thanks to Christoph Biedl). Closes: #651545 - - -- Christian Brunotte <ch@debian.org> Tue, 30 Sep 2014 00:20:12 +0200 - -quagga (0.99.23-1) unstable; urgency=low - - * New upstream release - * Removed debian/patches/readline-6.3.diff which was already in upstream. - - -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2014 09:15:48 +0200 - -quagga (0.99.22.4-4) unstable; urgency=medium - - * Fix build failure with readline-6.3 (thanks to Matthias Klose). - Closes: #741774 - - -- Christian Hammers <ch@debian.org> Sun, 23 Mar 2014 15:28:42 +0100 - -quagga (0.99.22.4-3) unstable; urgency=low - - * Added status to init script (thanks to Peter J. Holzer). Closes: #730625 - * Init script now sources /lib/lsb/init-functions. - * Switched from hardening-wrapper to dpkg-buildflags. - - -- Christian Hammers <ch@debian.org> Wed, 01 Jan 2014 19:12:01 +0100 - -quagga (0.99.22.4-2) unstable; urgency=low - - * Fixed typo in package description (thanks to Davide Prina). - Closes: #625860 - * Added Italian Debconf translation (thanks to Beatrice Torracca) - Closes: #729798 - - -- Christian Hammers <ch@debian.org> Tue, 26 Nov 2013 00:47:11 +0100 - -quagga (0.99.22.4-1) unstable; urgency=high - - * SECURITY: - "ospfd: CVE-2013-2236, stack overrun in apiserver - - the OSPF API-server (exporting the LSDB and allowing announcement of - Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads - to an exploitable stack overflow. - - For this condition to occur, the following two conditions must be true: - - Quagga is configured with --enable-opaque-lsa - - ospfd is started with the "-a" command line option - - If either of these does not hold, the relevant code is not executed and - the issue does not get triggered." - Closes: #726724 - - * New upstream release - - ospfd: protect vs. VU#229804 (malformed Router-LSA) - (Quagga is said to be non-vulnerable but still adds some protection) - - -- Christian Hammers <ch@debian.org> Thu, 24 Oct 2013 22:58:37 +0200 - -quagga (0.99.22.1-2) unstable; urgency=low - - * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147 - * Added "status" command to init script (thanks to James Andrewartha). - Closes: #690013 - * Added "libsnmp-dev" to Build-Deps. There not needed for the official - builds but for people who compile Quagga themselves to activate the - SNMP feature (which for licence reasons cannot be done by Debian). - Thanks to Ben Winslow). Closes: #694852 - * Changed watchquagga_options to an array so that quotes can finally - be used as expected. Closes: #681088 - * Fixed bug that prevented restarting only the watchquagga daemon - (thanks to Harald Kappe). Closes: #687124 - - -- Christian Hammers <ch@debian.org> Sat, 27 Jul 2013 16:06:25 +0200 - -quagga (0.99.22.1-1) unstable; urgency=low - - * New upstream release - - ospfd restore nexthop IP for p2p interfaces - - ospfd: fix LSA initialization for build without opaque LSA - - ripd: correctly redistribute ifindex routes (BZ#664) - - bgpd: fix lost passwords of grouped neighbors - * Removed 91_ld_as_needed.diff as it was found in the upstream source. - - -- Christian Hammers <ch@debian.org> Mon, 22 Apr 2013 22:21:20 +0200 - -quagga (0.99.22-1) unstable; urgency=low - - * New upstream release. - - [bgpd] The semantics of default-originate route-map have changed. - The route-map is now used to advertise the default route conditionally. - The old behaviour which allowed to set attributes on the originated - default route is no longer supported. - - [bgpd] this version of bgpd implements draft-idr-error-handling. This was - added in 0.99.21 and may not be desirable. If you need a version - without this behaviour, please use 0.99.20.1. There will be a - runtime configuration switch for this in future versions. - - [isisd] is in "beta" state. - - [ospf6d] is in "alpha/experimental" state - - More changes are documented in the upstream changelog! - * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart - Martens. - * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its - in the changelog. - * debian/patches/99_distribute_list.diff removed as its in the changelog. - * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it - was just for Debian woody. - - -- Christian Hammers <ch@debian.org> Thu, 14 Feb 2013 00:22:00 +0100 - -quagga (0.99.21-4) unstable; urgency=medium - - * Fixed regression bug that caused OSPF "distribute-list" statements to be - silently ignored. The patch has already been applied upstream but there - has been no new Quagga release since then. - Thanks to Hans van Kranenburg for reporting. Closes: #697240 - - -- Christian Hammers <ch@debian.org> Sun, 06 Jan 2013 15:50:32 +0100 - -quagga (0.99.21-3) unstable; urgency=high - - * SECURITY: - CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling. - A denial-of-service condition could be caused by an attacker controlling - one of the pre-configured BGP peers. In most cases this means, that the - attack must be originated from an adjacent network. Closes: #676510 - - -- Christian Hammers <ch@debian.org> Fri, 08 Jun 2012 01:15:32 +0200 - -quagga (0.99.21-2) unstable; urgency=low - - * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the - original mapage of the babeld package which users might want to - install in parallel as it is slightly more capable. Closes: #671916 - - -- Christian Hammers <ch@debian.org> Thu, 10 May 2012 07:53:01 +0200 - -quagga (0.99.21-1) unstable; urgency=low - - * New upstream release - - [bgpd] BGP multipath support has been merged - - [bgpd] SAFI (Multicast topology) support has been extended to propagate - the topology to zebra. - - [bgpd] AS path limit functionality has been removed - - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing - protocol has been merged. - - [isisd] a major overhaul has been picked up. Please note that isisd is - STILL NOT SUITABLE FOR PRODUCTION USE. - - a lot of bugs have been fixed - * Added watchquagga daemon. - * Added DEP-3 conforming patch comments. - - -- Christian Hammers <ch@debian.org> Sun, 06 May 2012 15:33:33 +0200 - -quagga (0.99.20.1-1) unstable; urgency=high - - * SECURITY: - CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet - CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data - CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message - * New upstream release. Closes: #664033 - - -- Christian Hammers <ch@debian.org> Fri, 16 Mar 2012 22:14:05 +0100 - -quagga (0.99.20-4) unstable; urgency=low - - * Switch to dpkg-source 3.0 (quilt) format. - * Switch to changelog-format-1.0. - - -- Christian Hammers <ch@debian.org> Sat, 25 Feb 2012 18:52:06 +0100 - -quagga (0.99.20-3) unstable; urgency=low - - * Added --sysconfdir back to the configure options (thanks to Sven-Haegar - Koch). Closes: #645649 - - -- Christian Hammers <ch@debian.org> Tue, 18 Oct 2011 00:24:37 +0200 - -quagga (0.99.20-2) unstable; urgency=low - - * Bumped standards version to 0.9.2. - * Migrated to "dh" build system. - * Added quagga-dbg package. - - -- Christian Hammers <ch@debian.org> Fri, 14 Oct 2011 23:59:26 +0200 - -quagga (0.99.20-1) unstable; urgency=low - - * New upstream release: - "The primary focus of this release is a fix of SEGV regression in ospfd, - which was introduced in 0.99.19. It also features a series of minor - improvements, including better RFC compliance in bgpd, better support - of FreeBSD and some enhancements to isisd." - * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488 - - -- Christian Hammers <ch@debian.org> Fri, 30 Sep 2011 00:59:24 +0200 - -quagga (0.99.19-1) unstable; urgency=high - - * SECURITY: - "This release provides security fixes, which address assorted - vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323, - CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327). - * New upstream release. - * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch. - * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch. - * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5. - - -- Christian Hammers <ch@debian.org> Tue, 27 Sep 2011 00:16:27 +0200 - -quagga (0.99.18-1) unstable; urgency=low - - * SECURITY: - "This release fixes 2 denial of services in bgpd, which can be remotely - triggered by malformed AS-Pathlimit or Extended-Community attributes. - These issues have been assigned CVE-2010-1674 and CVE-2010-1675. - Support for AS-Pathlimit has been removed with this release." - * Added Brazilian Portuguese debconf translation. Closes: #617735 - * Changed section for quagga-doc from "doc" to "net". - * Added patch to fix FTBFS with latest GCC. Closes: #614459 - - -- Christian Hammers <ch@debian.org> Tue, 22 Mar 2011 23:13:34 +0100 - -quagga (0.99.17-4) unstable; urgency=low - - * Added comment to init script (thanks to Marc Haber). Closes: #599524 - - -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:53:29 +0100 - -quagga (0.99.17-3) unstable; urgency=low - - * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu). - Closes: #609555 - - -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:27:06 +0100 - -quagga (0.99.17-2) unstable; urgency=low - - * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259 - - -- Christian Hammers <ch@debian.org> Sat, 18 Sep 2010 12:20:07 +0200 - -quagga (0.99.17-1) unstable; urgency=high - - * SECURITY: - "This release provides two important bugfixes, which address remote crash - possibility in bgpd discovered by CROSS team.": - 1. Stack buffer overflow by processing certain Route-Refresh messages - CVE-2010-2948 - 2. DoS (crash) while processing certain BGP update AS path messages - CVE-2010-2949 - Closes: #594262 - - -- Christian Hammers <ch@debian.org> Wed, 25 Aug 2010 00:52:48 +0200 - -quagga (0.99.16-1) unstable; urgency=low - - * New upstream release. Closes: #574527 - * Added chrpath to debian/rules to fix rpath problems that lintian spottet. - - -- Christian Hammers <ch@debian.org> Sun, 21 Mar 2010 17:05:40 +0100 - -quagga (0.99.15-2) unstable; urgency=low - - * Applied patch for off-by-one bug in ospf6d that caused a segmentation - fault when using the "area a.b.c.d filter-list prefix" command (thanks - to Steinar H. Gunderson). Closes: 519488 - - -- Christian Hammers <ch@debian.org> Sun, 14 Feb 2010 20:02:03 +0100 - -quagga (0.99.15-1) unstable; urgency=low - - * New upstream release - "This fixes some annoying little ospfd and ospf6d regressions, which made - 0.99.14 a bit of a problem release (...) This release still contains a - regression in the "no ip address ..." command, at least on Linux. - See bug #486, which contains a workaround patch. This release should be - considered a 1.0.0 release candidate. Please test this release as widely - as possible." - * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst). - Closes: #517860 - * Added Russian Debconf tanslation (thanks to Yuri Kozlov). - Closes: #539464 - * Removed so-version in build-dep to libreadline-dev on request of - Matthias Klose. - * Added README.source with reference to dpatch as suggested by lintian. - * Bumped standards versionto 3.8.3. - - -- Christian Hammers <ch@debian.org> Sun, 13 Sep 2009 18:12:06 +0200 - -quagga (0.99.14-1) unstable; urgency=low - - * New upstream release - "This release contains a regression fix for ospf6d, various small fixes - and some hopefully very significant bgpd stability fixes. - This release should be considered a 1.0.0 release candidate. Please test - this release as widely as possible." - * Fixes bug with premature LSA aging in ospf6d. Closes: #535030 - * Fixes section number in zebra.8 manpage. Closes: #517860 - - -- Christian Hammers <ch@debian.org> Sat, 25 Jul 2009 00:40:38 +0200 - -quagga (0.99.13-2) unstable; urgency=low - - * Added Japanese Debconf translation (thanks to Hideki Yamane). - Closes: #510714 - * When checking for obsoleted config options in preinst, print filename - where it occures (thanks to Michael Bussmann). Closes: #339489 - - -- Christian Hammers <ch@debian.org> Sun, 19 Jul 2009 17:13:23 +0200 - -quagga (0.99.13-1) unstable; urgency=low - - * New upstream release - "This release is contains a number of small fixes, for potentially - irritating issues, as well as small enhancements to vtysh and support - for linking to PCRE (a much faster regex library)." - * Added build-dep to gawk as configure required it for memtypes.awk - * Replaced build-dep to gs-gpl with ghostscript as requested by lintian - * Minor changes to copyright and control files to make lintian happy. - - -- Christian Hammers <ch@debian.org> Wed, 24 Jun 2009 17:53:28 +0200 - -quagga (0.99.12-1) unstable; urgency=high - - * New upstream release - "This release fixes an urgent bug in bgpd where it could hit an assert - if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes: - + [bgpd] Fix bgp ipv4/ipv6 accept handling - + [bgpd] AS4 bugfix by Chris Caputo - + [bgpd] Allow accepted peers to progress even if realpeer is in Connect - + [ospfd] Switch Fletcher checksum back to old ospfd version - - -- Christian Hammers <ch@debian.org> Mon, 22 Jun 2009 00:16:33 +0200 - -quagga (0.99.11-1) unstable; urgency=low - - * New upstream release - "Most regressions in 0.99 over 0.98 are now believed to be fixed. This - release should be considered a release-candidate for a new stable series." - + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged - + zebra: ignore dead routes in RIB update - + [ospfd] Default route needs to be refreshed after neighbour state change - + [zebra:netlink] Set proto/scope on all route update messages - * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support. - - -- Christian Hammers <ch@debian.org> Thu, 09 Oct 2008 22:56:38 +0200 - -quagga (0.99.10-1) unstable; urgency=medium - - * New upstream release - + bgpd: 4-Byte AS Number support - + Sessions were incorrectly reset if a partial AS-Pathlimit attribute - was received. - + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been - broken in the 0.99.9 release. Closes: #467656 - - -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2008 23:32:42 +0200 - -quagga (0.99.9-6) unstable; urgency=low - - * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes). - Closes: #469891 - - -- Christian Hammers <ch@debian.org> Sat, 12 Apr 2008 12:53:51 +0200 - -quagga (0.99.9-5) unstable; urgency=low - - * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3 - which is supposed to be faster. - - -- Christian Hammers <ch@debian.org> Sun, 02 Mar 2008 13:19:42 +0100 - -quagga (0.99.9-4) unstable; urgency=low - - * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff). - - -- Christian Hammers <ch@debian.org> Tue, 29 Jan 2008 22:33:56 +0100 - -quagga (0.99.9-3) unstable; urgency=low - - * Replaced the BGP patch by a new one so that the package builds again - with kernels above 2.6.21! - * debian/control: - + Moved quagga-doc to section doc to make lintian happy. - * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo). - Closes: #428574 - * debian/control: (thanks to Marco Rodrigues) - + Bump Standards-Version to 3.7.3 (no changes needed). - + Add Homepage field. - - -- Christian Hammers <ch@debian.org> Mon, 28 Jan 2008 22:29:18 +0100 - -quagga (0.99.9-2.1) unstable; urgency=low - - * Non-maintainer upload. - * debian/rules: fixed bashisms. (Closes: #459122) - - -- Miguel Angel Ruiz Manzano <debianized@gmail.com> Tue, 22 Jan 2008 14:37:21 -0300 - -quagga (0.99.9-2) unstable; urgency=low - - * Added CVE id for the security bug to the last changelog entry. - Closes: 442133 - - -- Christian Hammers <ch@debian.org> Tue, 25 Sep 2007 22:01:31 +0200 - -quagga (0.99.9-1) unstable; urgency=high - - * SECURITY: - "This release fixes two potential DoS conditions in bgpd, reported by Mu - Security, where a bgpd could be crashed if a peer sent a malformed OPEN - message or a malformed COMMUNITY attribute. Only configured peers can do - this, hence we consider these issues to be very low impact." CVE-2007-4826 - - -- Christian Hammers <ch@debian.org> Wed, 12 Sep 2007 21:12:41 +0200 - -quagga (0.99.8-1) unstable; urgency=low - - * New upstream version. - - -- Christian Hammers <ch@debian.org> Fri, 17 Aug 2007 00:07:04 +0200 - -quagga (0.99.7-3) unstable; urgency=medium - - * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr - and Lucas Nussbaum). Closes: #429003 - - -- Christian Hammers <ch@debian.org> Fri, 22 Jun 2007 21:34:55 +0200 - -quagga (0.99.7-2) unstable; urgency=low - - * Added Florian Weimar as co-maintainer. Closes: 421977 - * Added Dutch debconf translation (thanks to Bart Cornelis). - Closes: #420932 - * Added Portuguese debconf translation (thanks to Rui Branco). - Closes: #421185 - * Improved package description (thanks to Reuben Thomas). - Closes: #418933 - * Added CVE Id to 0.99.6-5 changelog entry. - - -- Christian Hammers <ch@debian.org> Wed, 02 May 2007 20:27:12 +0200 - -quagga (0.99.7-1) unstable; urgency=low - - * New upstream release. Closes: #421553 - - -- Christian Hammers <ch@debian.org> Mon, 30 Apr 2007 14:22:34 +0200 - -quagga (0.99.6-6) unstable; urgency=medium - - * Fixes FTBFS with tetex-live. Closes: #420468 - - -- Christian Hammers <ch@debian.org> Mon, 23 Apr 2007 21:34:13 +0200 - -quagga (0.99.6-5) unstable; urgency=high - - * SECURITY: - The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers - could cause a Quagga bgpd to, typically, assert() and abort. The DoS - could be triggered by peers by sending an UPDATE message with a crafted, - malformed Multi-Protocol reachable/unreachable NLRI attribute. - This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323 - - -- Christian Hammers <ch@debian.org> Thu, 12 Apr 2007 23:21:58 +0200 - -quagga (0.99.6-4) unstable; urgency=low - - * Improved note in README.Debian for SNMP self-builders (thanks to Matthias - Wamser). Closes: #414788 - - -- Christian Hammers <ch@debian.org> Wed, 14 Mar 2007 02:18:57 +0100 - -quagga (0.99.6-3) unstable; urgency=low - - * Updated German Debconf translation (thanks to Matthias Julius). - Closes: #409327 - - -- Christian Hammers <ch@debian.org> Sat, 10 Feb 2007 15:06:16 +0100 - -quagga (0.99.6-2) unstable; urgency=low - - * Updated config.guess/config.sub as suggested by lintian. - * Corrected README.Debian text regarding the WANT_SNMP flag. - - -- Christian Hammers <ch@debian.org> Sun, 17 Dec 2006 01:45:37 +0100 - -quagga (0.99.6-1) unstable; urgency=low - - * New upstream release. Closes: #402361 - - -- Christian Hammers <ch@debian.org> Mon, 11 Dec 2006 00:28:09 +0100 - -quagga (0.99.5-5) unstable; urgency=high - - * Changed Depends on adduser to Pre-Depends to avoid uninstallability - in certain cases (thanks to Steve Langasek, Lucas Nussbaum). - Closes: #398562 - - -- Christian Hammers <ch@debian.org> Wed, 15 Nov 2006 17:46:34 +0100 - -quagga (0.99.5-4) unstable; urgency=low - - * Added default PAM file and some explanations regarding PAM authentication - of vtysh which could prevent the start at boot-time when used wrong. - Now PAM permits anybody to access the vtysh tool (a malicious user could - build his own vtysh without PAM anyway) and the access is controled by - the read/write permissions of the vtysh socket which are only granted to - users belonging to the quaggavty group (thanks to Wakko Warner). - Closes: #389496 - * Added "case" to prerm script so that the Debconf question is not called a - second time in e.g. "new-prerm abort-upgrade" after being NACKed in the - old-prerm. - - -- Christian Hammers <ch@debian.org> Fri, 3 Nov 2006 01:22:15 +0100 - -quagga (0.99.5-3) unstable; urgency=medium - - * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt - Brown). Closes: #391040 - - -- Christian Hammers <ch@debian.org> Wed, 25 Oct 2006 19:47:11 +0200 - -quagga (0.99.5-2) unstable; urgency=medium - - * Added LSB info section to initscript. - * Removed unnecessary depends to libncurses5 to make checklib happy. - The one to libcap should remain though as it is just temporarily - unused. - - -- Christian Hammers <ch@debian.org> Thu, 21 Sep 2006 00:04:07 +0200 - -quagga (0.99.5-1) unstable; urgency=low - - * New upstream release. Closes: #38704 - * Upstream fixes ospfd documentary inconsistency. Closes: #347897 - * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak). - - -- Christian Hammers <ch@debian.org> Mon, 11 Sep 2006 23:43:42 +0200 - -quagga (0.99.4-4) unstable; urgency=low - - * Recreate /var/run if not present because /var is e.g. on a tmpfs - filesystem (thanks to Martin Pitt). Closes: #376142 - * Removed nonexistant option from ospfd.8 manpage (thanks to - David Medberry). Closes: 378274 - - -- Christian Hammers <ch@debian.org> Sat, 15 Jul 2006 20:22:12 +0200 - -quagga (0.99.4-3) unstable; urgency=low - - * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle). - - -- Christian Hammers <ch@debian.org> Tue, 27 Jun 2006 23:36:07 +0200 - -quagga (0.99.4-2) unstable; urgency=high - - * Set urgency to high as 0.99.4-1 fixes a security problem! - * Fixed building of the info file. - - -- Christian Hammers <ch@debian.org> Sun, 14 May 2006 23:04:28 +0200 - -quagga (0.99.4-1) unstable; urgency=low - - * New upstream release to fix a security problem in the telnet interface - of the BGP daemon which could be used for DoS attacks (CVE-2006-2276). - Closes: 366980 - - -- Christian Hammers <ch@debian.org> Sat, 13 May 2006 19:54:40 +0200 - -quagga (0.99.3-3) unstable; urgency=low - - * Added CVE numbers for the security patch in 0.99.3-2. - - -- Christian Hammers <ch@debian.org> Sat, 6 May 2006 17:14:22 +0200 - -quagga (0.99.3-2) unstable; urgency=high - - * SECURITY: - Added security bugfix patch from upstream BTS for security problem - that could lead to injected routes when using RIPv1. - CVE-2006-2223 - missing configuration to disable RIPv1 or require - plaintext or MD5 authentication - CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements - Closes: #365940 - * First amd64 upload. - - -- Christian Hammers <ch@debian.org> Thu, 4 May 2006 00:22:09 +0200 - -quagga (0.99.3-1) unstable; urgency=low - - * New upstream release - - -- Christian Hammers <ch@debian.org> Wed, 25 Jan 2006 13:37:27 +0100 - -quagga (0.99.2-1) unstable; urgency=low - - * New upstream release - Closes: #330248, #175553 - - -- Christian Hammers <ch@debian.org> Wed, 16 Nov 2005 00:25:52 +0100 - -quagga (0.99.1-7) unstable; urgency=low - - * Changed debian/rules check for mounted /proc directory to check - for /proc/1 as not all systems (e.g. 2.6 arm kernels) have - /proc/kcore which is a optional feature only (thanks to Lennert - Buytenhek). Closes: #335695 - * Added Swedish Debconf translation (thanks to Daniel Nylander). - Closes: #331367 - - -- Christian Hammers <ch@debian.org> Thu, 27 Oct 2005 20:53:19 +0200 - -quagga (0.99.1-6) unstable; urgency=low - - * Fixed debconf dependency as requested by Joey Hess. - - -- Christian Hammers <ch@debian.org> Mon, 26 Sep 2005 20:47:35 +0200 - -quagga (0.99.1-5) unstable; urgency=low - - * Rebuild with libreadline5-dev as build-dep as requested by - Matthias Klose. Closes: #326306 - * Made initscript more fault tolerant against missing lines in - /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774 - * Added dependency to adduser. - - -- Christian Hammers <ch@debian.org> Tue, 13 Sep 2005 21:42:17 +0200 - -quagga (0.99.1-4) unstable; urgency=low - - * Added French Debconf translation (thanks to Mohammed Adnene Trojette). - Closes: #319324 - * Added Czech Debconf translation (thanks to Miroslav Kure). - Closes: #318127 - - -- Christian Hammers <ch@debian.org> Sun, 31 Jul 2005 04:19:41 +0200 - -quagga (0.99.1-3) unstable; urgency=low - - * A Debconf question now asks the admin before upgrading if the daemon - should really be stopped as this could lead to the loss of network - connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis). - Also added a hint about setting Quagga "on hold" to README.Debian. - Closes: #315467 - * Added patch to build on Linux/ARM. - - -- Christian Hammers <ch@debian.org> Sun, 10 Jul 2005 22:19:38 +0200 - -quagga (0.99.1-2) unstable; urgency=low - - * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter). - Closes: #306840 - - -- Christian Hammers <ch@debian.org> Sat, 4 Jun 2005 14:04:01 +0200 - -quagga (0.99.1-1) unstable; urgency=low - - * New upstream version. Among others: - - BGP graceful restart and "match ip route-source" added - - support for interface renaming - - improved threading for better responsivness under load - * Switched to dpatch to make diffs cleaner. - * Made autoreconf unnecessary. - * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc. - (the PostScript would have needed Makefile corrections and PDF - is more preferable anyway) - * Added isisd to the list of daemons in /etc/init.d/quagga (thanks - to Ernesto Elbe). - * Added hint for "netlink-listen: overrun" messages (thanks to - Hasso Tepper). - * Added preinst check that bails out if old smux options are in use - as Quagga would not start up else anyway (thanks to Bjorn Mork). - Closes: #308320 - - -- Christian Hammers <ch@debian.org> Fri, 13 May 2005 01:18:24 +0200 - -quagga (0.98.3-7) unstable; urgency=high - - * Removed SNMP support as linking against NetSNMP introduced a dependency - to OpenSSL which is not compatible to the GPL which governs this - application (thanks to Faidon Liambotis). See README.Debian for more - information. Closes: #306840 - * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1". - * Added build-dep to groff to let drafz-zebra-00.txt build correctly. - - -- Christian Hammers <ch@debian.org> Wed, 4 May 2005 20:08:14 +0200 - -quagga (0.98.3-6) testing-proposed-updates; urgency=high - - * Removed "Recommends kernel-image-2.4" as aptitude then - installes a kernel-image for an arbitrary architecture as long - as it fullfill that recommendation which can obviously fatal - at the next reboot :) Also it is a violation of the policy - which mandates a reference to real packages (thanks to Holger Levsen). - Closes: #307281 - - -- Christian Hammers <ch@debian.org> Tue, 3 May 2005 22:53:39 +0200 - -quagga (0.98.3-5) unstable; urgency=high - - * The patch which tried to remove the OpenSSL dependency, which is - not only unneccessary but also a violation of the licence and thus RC, - stopped working a while ago, since autoreconf is no longer run before - building the binaries. So now ./configure is patched directly (thanks - to Faidon Liambotis for reporting). Closes: #306840 - * Raised Debhelper compatibility level from 3 to 4. Nothing changed. - * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org. - - -- Christian Hammers <ch@debian.org> Fri, 29 Apr 2005 02:31:03 +0200 - -quagga (0.98.3-4) unstable; urgency=low - - * Removed Debconf upgrade note as it was considered a Debconf abuse - and apart from that so obvious that it was not even worth to be - put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384 - - -- Christian Hammers <ch@debian.org> Wed, 27 Apr 2005 00:10:24 +0200 - -quagga (0.98.3-3) unstable; urgency=medium - - * Adding the debconf module due to a lintian suggestion is a very - bad idea if no db_stop is called as the script hangs then (thanks - to Tore Anderson for reporting). Closes: #306324 - - -- Christian Hammers <ch@debian.org> Mon, 25 Apr 2005 21:55:58 +0200 - -quagga (0.98.3-2) unstable; urgency=low - - * Added debconf confmodule to postinst as lintian suggested. - - -- Christian Hammers <ch@debian.org> Sun, 24 Apr 2005 13:16:00 +0200 - -quagga (0.98.3-1) unstable; urgency=low - - * New upstream release. - Mmost notably fixes last regression in bgpd (reannounce of prefixes - with changed attributes works again), race condition in netlink - handling while using IPv6, MTU changes handling in ospfd and several - crashes in ospfd, bgpd and ospf6d. - - -- Christian Hammers <ch@debian.org> Mon, 4 Apr 2005 12:51:24 +0200 - -quagga (0.98.2-2) unstable; urgency=low - - * Added patch to let Quagga compile with gcc-4.0 (thanks to - Andreas Jochens). Closes: #300949 - - -- Christian Hammers <ch@debian.org> Fri, 25 Mar 2005 19:33:30 +0100 - -quagga (0.98.2-1) unstable; urgency=medium - - * Quoting the upstream announcement: - The 0.98.1 release unfortunately was a brown paper bag release with - respect to ospfd. [...] 0.98.2 has been released, with one crucial change - to fix the unfortunate mistake in 0.98.1, which caused problems if - ospfd became DR. - * Note: the upstream tarball had a strange problem, apparently redhat.spec - was twice in it? At least debuild gave a strange error message so I - unpacked it by hand. No changes were made to the .orig.tar.gz! - - -- Christian Hammers <ch@debian.org> Fri, 4 Feb 2005 01:31:36 +0100 - -quagga (0.98.1-1) unstable; urgency=medium - - * New upstream version - "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load - regression in bgpd which were present in the 0.98.0 release." - * Upstream version fixes bug in ospfd that could lead to crash when OSPF - packages had a MTU > 1500. Closes: #290566 - * Added notice regarding capability kernel support to README.Debian - (thanks to Florian Weimer). Closes: #291509 - * Changed permission setting in postinst script (thanks to Bastian Blank). - Closes: #292690 - - -- Christian Hammers <ch@debian.org> Tue, 1 Feb 2005 02:01:27 +0100 - -quagga (0.98.0-3) unstable; urgency=low - - * Fixed problem in init script. Closes: #290317 - * Removed obsolete "smux peer enable" patch. - - -- Christian Hammers <ch@debian.org> Fri, 14 Jan 2005 17:37:27 +0100 - -quagga (0.98.0-2) unstable; urgency=low - - * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney - for telling me). - - -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2005 02:03:54 +0100 - -quagga (0.98.0-1) unstable; urgency=low - - * New upstream release - * Added kernel-image-2.6 as alternative to 2.4 to the recommends - (thanks to Faidon Liambotis). Closes: #289530 - - -- Christian Hammers <ch@debian.org> Mon, 10 Jan 2005 19:36:17 +0100 - -quagga (0.97.5-1) unstable; urgency=low - - * New upstream version. - * Added Czech debconf translation (thanks to Miroslav Kure). - Closes: #287293 - * Added Brazilian debconf translation (thanks to Andre Luis Lopes). - Closes: #279352 - - -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 23:49:57 +0100 - -quagga (0.97.4-2) unstable; urgency=low - - * Fixed quagga.info build problem. - - -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 22:38:01 +0100 - -quagga (0.97.4-1) unstable; urgency=low - - * New upstream release. - - -- Christian Hammers <ch@debian.org> Tue, 4 Jan 2005 01:45:22 +0100 - -quagga (0.97.3-2) unstable; urgency=low - - * Included isisd in the daemon list. - * Wrote an isisd manpage. - * It is now ensured that zebra is always the last daemon to be stopped. - * (Thanks to Hasso Tepper for mailing me a long list of suggestions - which lead to this release) - - -- Christian Hammers <ch@debian.org> Sat, 18 Dec 2004 13:14:55 +0100 - -quagga (0.97.3-1) unstable; urgency=medium - - * New upstream version. - - Fixes important OSPF bug. - * Added ht-20040911-smux.patch regarding Quagga bug #112. - * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5 - (thanks to Matthias Wamser). - - -- Christian Hammers <ch@debian.org> Tue, 9 Nov 2004 17:45:26 +0100 - -quagga (0.97.2-4) unstable; urgency=low - - * Added Portuguese debconf translation (thanks to Andre Luis Lopes). - Closes: #279352 - * Disabled ospfapi server by default on recommendation of Paul Jakma. - - -- Christian Hammers <ch@debian.org> Sun, 7 Nov 2004 15:07:05 +0100 - -quagga (0.97.2-3) unstable; urgency=low - - * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729]. - - -- Christian Hammers <ch@debian.org> Tue, 2 Nov 2004 00:46:56 +0100 - -quagga (0.97.2-2) unstable; urgency=low - - * Changed file and directory permissions and ownerships according to a - suggestion from Paul Jakma. Still not perfect though. - * Fixed upstream vtysh.conf.sample file. - * "ip ospf network broadcast" is now saved correctly. Closes: #244116 - * Daemon options are now in /etc/quagga/debian.conf to be user - configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715 - - -- Christian Hammers <ch@debian.org> Tue, 26 Oct 2004 23:35:45 +0200 - -quagga (0.97.2-1) unstable; urgency=low - - * New upstream version. - Closes: #254541 - * Fixed warning on unmodular kernels (thanks to Christoph Biedl). - Closes: #277973 - - -- Christian Hammers <ch@debian.org> Mon, 25 Oct 2004 00:47:04 +0200 - -quagga (0.97.1-2) unstable; urgency=low - - * Version 0.97 introduced shared libraries. They are now included. - (thanks to Raf D'Halleweyn). Closes: #277446 - - -- Christian Hammers <ch@debian.org> Wed, 20 Oct 2004 15:32:06 +0200 - -quagga (0.97.1-1) unstable; urgency=low - - * New upstream version. - * Removed some obsolete files from debian/patches. - * Added patch from upstream bug 113. Closes: #254541 - * Added patch from upstream that fixes a compilation problem in the - ospfclient code (thanks to Hasso Tepper). - * Updated German debconf translation (thanks to Jens Nachtigall) - Closes: #277059 - - -- Christian Hammers <ch@debian.org> Mon, 18 Oct 2004 01:16:35 +0200 - -quagga (0.96.5-11) unstable; urgency=low - - * Fixed /tmp/buildd/* paths in binaries. - For some unknown reason the upstream Makefile modified a .h file at - the end of the "debian/rules build" target. During the following - "make install" one library got thus be re*compiled* - with /tmp/buildd - paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050 - - -- Christian Hammers <ch@debian.org> Fri, 1 Oct 2004 01:21:02 +0200 - -quagga (0.96.5-10) unstable; urgency=medium - - * The BGP routing daemon might freeze on network disturbances when - their peer is also a Quagga/Zebra router. - Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102 - which has been confirmed by the upstream author. - (thanks to Gunther Stammwitz) - * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper). - Closes: #264562 - * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919 - - -- Christian Hammers <ch@debian.org> Mon, 9 Aug 2004 15:33:02 +0200 - -quagga (0.96.5-9) unstable; urgency=low - - * Rewrote the documentation chapter about SNMP support. Closes: #195653 - * Added MPLS docs. - - -- Christian Hammers <ch@debian.org> Thu, 29 Jul 2004 21:01:52 +0200 - -quagga (0.96.5-8) unstable; urgency=low - - * Adjusted a grep in the initscript to also match a modprobe message - from older modutils packages (thanks to Faidon Paravoid). - - -- Christian Hammers <ch@debian.org> Wed, 28 Jul 2004 21:19:02 +0200 - -quagga (0.96.5-7) unstable; urgency=low - - * Added a "cd /etc/quagga/" to the init script as quagga tries to load - the config file first from the current working dir and then from the - config dir which could lead to confusion (thanks to Marco d'Itri). - Closes: #255078 - * Removed warning regarding problems with the Debian kernels from - README.Debian as they are no longer valid (thanks to Raphael Hertzog). - Closes: #257580 - * Added patch from Hasso Tepper that makes "terminal length 0" work - in vtysh (thanks to Matthias Wamser). Closes: #252579 - - -- Christian Hammers <ch@debian.org> Thu, 8 Jul 2004 21:53:21 +0200 - -quagga (0.96.5-6) unstable; urgency=low - - * Try to load the capability module as it is needed now. - - -- Christian Hammers <ch@debian.org> Tue, 8 Jun 2004 23:25:29 +0200 - -quagga (0.96.5-5) unstable; urgency=low - - * Changed the homedir of the quagga user to /etc/quagga/ to allow - admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser). - Closes: #252577 - - -- Christian Hammers <ch@debian.org> Sat, 5 Jun 2004 14:47:31 +0200 - -quagga (0.96.5-4) unstable; urgency=medium - - * Fixed rules file to use the renamed ./configure option --enable-tcp-md5 - (thanks to Matthias Wamser). Closes: #252141 - - -- Christian Hammers <ch@debian.org> Tue, 1 Jun 2004 22:58:32 +0200 - -quagga (0.96.5-3) unstable; urgency=low - - * Provided default binary package name to all build depends that were - virtual packages (thanks to Goswin von Brederlow). Closes: #251625 - - -- Christian Hammers <ch@debian.org> Sat, 29 May 2004 22:48:53 +0200 - -quagga (0.96.5-2) unstable; urgency=low - - * New upstream version. - * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper). - Closes: #250985 - * Fixes info file generation (thanks to Peder Chr. Norgaard). - Closes: #250992 - * Added catalan debconf translation (thanks to Aleix Badia i Bosch). - Closes: #250118 - * PATCHES: - This release contains BGP4 MD5 support which requires a kernel patch - to work. See /usr/share/doc/quagga/README.Debian.MD5. - (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper) - - -- Christian Hammers <ch@debian.org> Thu, 27 May 2004 20:09:37 +0200 - -quagga (0.96.5-1) unstable; urgency=low - - * New upstream version. - * PATCHES: - This release contains BGP4 MD5 support which also requires a kernel patch. - See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230. - - -- Christian Hammers <ch@debian.org> Sun, 16 May 2004 17:40:40 +0200 - -quagga (0.96.4x-10) unstable; urgency=low - - * SECURITY: - This release contains support for MD5 for BGP which is one suggested - prevention of the actually long known TCP SYN/RST attacks which got - much news in the last days as ideas were revealed that made them much - easier probable agains especially the BGP sessions than commonly known. - There are a lot of arguments agains the MD5 approach but some ISPs - started to require it. - See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html - * PATCHES: - This release contains the MD5 patch from Hasso Tepper. It also seems to - required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5. - - -- Christian Hammers <ch@debian.org> Thu, 29 Apr 2004 01:01:38 +0200 - -quagga (0.96.4x-9) unstable; urgency=low - - * Fixed daemon loading order (thanks to Matt Kemner). - * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582 - - -- Christian Hammers <ch@debian.org> Sun, 4 Apr 2004 15:32:18 +0200 - -quagga (0.96.4x-8) unstable; urgency=low - - * Patched upstream source so that quagga header files end up in - /usr/include/quagga/. Closes: #233792 - - -- Christian Hammers <ch@debian.org> Mon, 23 Feb 2004 01:42:53 +0100 - -quagga (0.96.4x-7) unstable; urgency=low - - * Fixed info file installation (thanks to Holger Dietze). Closes: #227579 - * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812 - - -- Christian Hammers <ch@debian.org> Sun, 18 Jan 2004 17:28:29 +0100 - -quagga (0.96.4x-6) unstable; urgency=low - - * Added dependency to iproute. - * Initscript now checks not only for the pid file but also for the - daemons presence (thanks to Phil Gregory). Closes: #224389 - * Added my patch to configure file permissions. - - -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 22:34:29 +0100 - -quagga (0.96.4x-5) unstable; urgency=low - - * Added patch which gives bgpd the CAP_NET_RAW capability to allow it - to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank). - Closes: #222930 - * Made woody backport easier by applying Colin Watsons po-debconf hack. - Thanks to Marc Haber for suggesting it. Closes: #223527 - * Made woody backport easier by applying a patch that removes some - obscure whitespaces inside an C macro. (Thanks to Marc Haber). - Closes: #223529 - * Now uses /usr/bin/pager. Closes: #204070 - * Added note about the "official woody backports" on my homepage. - - -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 20:39:06 +0100 - -quagga (0.96.4x-4) unstable; urgency=high - - * SECURITY: - Fixes another bug that was originally reported against Zebra. - . - http://rhn.redhat.com/errata/RHSA-2003-307.html - Herbert Xu reported that Zebra can accept spoofed messages sent on the - kernel netlink interface by other users on the local machine. This could - lead to a local denial of service attack. The Common Vulnerabilities and - Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to - this issue. - - * Minor improvements to init script (thanks to Iustin Pop). - Closes: #220938 - - -- Christian Hammers <ch@debian.org> Sat, 22 Nov 2003 13:27:57 +0100 - -quagga (0.96.4x-3) unstable; urgency=low - - * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or - $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070 - * Made the directory (but not the config/log files!) world accessible - again on user request (thanks to Anand Kumria)). Closes: #213129 - * No longer providing sample configuration in /etc/quagga/. They are - now only available in /usr/share/doc/quagga/ to avoid accidently - using them without changing the adresses (thanks to Marc Haber). - Closes: #215918 - - -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 16:59:30 +0100 - -quagga (0.96.4x-2) unstable; urgency=low - - * Fixed permission problem with pidfile (thanks to Kir Kostuchenko). - Closes: #220938 - - -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 14:24:08 +0100 - -quagga (0.96.4x-1) unstable; urgency=low - - * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally - crappy .tar.gz file. Closes: #220621 - - -- Christian Hammers <ch@debian.org> Fri, 14 Nov 2003 19:45:57 +0100 - -quagga (0.96.4-1) unstable; urgency=high - - * SECURITY: Remote DoS of protocol daemons. - Fix for a remote triggerable crash in vty layer. The management - ports ("telnet myrouter ospfd") should not be open to the internet! - - * New upstream version. - - OSPF bugfixes. - - Some improvements for bgp and rip. - - -- Christian Hammers <ch@debian.org> Thu, 13 Nov 2003 11:52:27 +0100 - -quagga (0.96.3-3) unstable; urgency=low - - * Fixed pid file generation by substituting the daemons "-d" by the - start-stop-daemon option "--background" (thanks to Micha Gaisser). - Closes: #218103 - - -- Christian Hammers <ch@debian.org> Wed, 29 Oct 2003 05:17:49 +0100 - -quagga (0.96.3-2) unstable; urgency=low - - * Readded GNOME-PRODUCT-ZEBRA-MIB. - - -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 06:17:03 +0200 - -quagga (0.96.3-1) unstable; urgency=medium - - * New upstream version. - * Removed -u and -e in postrm due to problems with debhelper and userdel - (thanks to Adam Majer and Jaakko Niemi). Closes: #216770 - * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to - David Engel and Peter Gervai). Closes: #216138, #216086 - * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915 - * Improved /proc check (thanks to Marc Haber). Closes: #212331 - - -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 03:42:02 +0200 - -quagga (0.96.2-9) unstable; urgency=medium - - * Removed /usr/share/info/dir.* which were accidently there and prevented - the installation by dpkg (thanks to Simon Raven). Closes: #212614 - * Reworded package description (thanks to Anand Kumria). Closes: #213125 - * Added french debconf translation (thanks to Christian Perrier). - Closes: #212803 - - -- Christian Hammers <ch@debian.org> Tue, 7 Oct 2003 13:26:58 +0200 - -quagga (0.96.2-8) unstable; urgency=low - - * debian/rules now checks if /proc is mounted as ./configure needs - it but just fails with an obscure error message if it is absent. - (Thanks to Norbert Tretkowski). Closes: #212331 - - -- Christian Hammers <ch@debian.org> Tue, 23 Sep 2003 12:57:38 +0200 - -quagga (0.96.2-7) unstable; urgency=low - - * Last build was rejected due to a buggy dpkg-dev version. Rebuild. - - -- Christian Hammers <ch@debian.org> Mon, 22 Sep 2003 20:34:12 +0200 - -quagga (0.96.2-6) unstable; urgency=low - - * Fixed init script so that is is now possible to just start - the bgpd but not the zebra daemon. Also daemons are now actually - started in the order defined their priority. (Thanks to Thomas Kaehn - and Jochen Friedrich) Closes: #210924 - - -- Christian Hammers <ch@debian.org> Fri, 19 Sep 2003 21:17:02 +0200 - -quagga (0.96.2-5) unstable; urgency=low - - * For using quagga as BGP route server or similar, it is not - wanted to have the zebra daemon running too. For this reason - it can now be disabled in /etc/quagga/daemons, too. - (Thanks to Jochen Friedrich). Closes: #210924 - * Attached *unapplied* patch for the ISIS protocol. I did not dare - to apply it as long as upstream does not do it but this way give - users the possibilities to use it if they like to. - (Thanks to Remco van Mook) - - -- Christian Hammers <ch@debian.org> Wed, 17 Sep 2003 19:57:31 +0200 - -quagga (0.96.2-4) unstable; urgency=low - - * Enabled IPV6 router advertisement feature by default on user request - (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732 - * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to - lamont). Closes: #210492 - - -- Christian Hammers <ch@debian.org> Sat, 13 Sep 2003 14:11:13 +0200 - -quagga (0.96.2-3) unstable; urgency=medium - - * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL - which would require further copyright addtions. - - -- Christian Hammers <ch@debian.org> Wed, 10 Sep 2003 01:37:28 +0200 - -quagga (0.96.2-2) unstable; urgency=low - - * Added note that config files of quagga are in /etc/quagga and - not /etc/zebra for the zebra users that migrate to quagga. - (Thanks to Roberto Suarez Soto for the idea) - * Fixed setgid rights in /etc/quagga. - - -- Christian Hammers <ch@debian.org> Wed, 27 Aug 2003 14:05:39 +0200 - -quagga (0.96.2-1) unstable; urgency=low - - * This package has formally been known as "zebra-pj"! - * New upstream release. - Fixes "anoying OSPF problem". - * Modified group ownerships so that vtysh can now be used by normal - uses if they are in the quaggavty group. - - -- Christian Hammers <ch@debian.org> Mon, 25 Aug 2003 23:40:14 +0200 - -quagga (0.96.1-1) unstable; urgency=low - - * Zebra-pj, the fork of zebra has been renamed to quagga as the original - upstream author asked the new project membed not to use "zebra" in the - name. zebra-pj is obsolete. - - -- Christian Hammers <ch@debian.org> Mon, 18 Aug 2003 23:37:20 +0200 - -zebra-pj (0.94+cvs20030721-1) unstable; urgency=low - - * New CVS build. - - OSPF changes (integration of the OSPF API?) - - code cleanups (for ipv6?) - * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd. - This is a known problem and has been discussed on the mailing list. - No other solutions so far. - - -- Christian Hammers <ch@debian.org> Mon, 21 Jul 2003 23:52:00 +0200 - -zebra-pj (0.94+cvs20030701-1) unstable; urgency=low - - * Initial Release. - - -- Christian Hammers <ch@debian.org> Tue, 1 Jul 2003 01:58:06 +0200 diff --git a/configure.ac b/configure.ac index 0ea209bbfa..a23011b755 100644 --- a/configure.ac +++ b/configure.ac @@ -280,6 +280,8 @@ if test "$enable_clang_coverage" = "yes"; then ]) fi +AM_CONDITIONAL([SCRIPTING], [test "$enable_scripting" = "yes"]) + if test "$enable_scripting" = "yes"; then AX_PROG_LUA([5.3], [5.4], [], [ AC_MSG_ERROR([Lua 5.3 is required to build with Lua support. No other version is supported.]) @@ -290,7 +292,9 @@ if test "$enable_scripting" = "yes"; then AX_LUA_LIBS([ AC_DEFINE([HAVE_SCRIPTING], [1], [Have support for scripting]) LIBS="$LIBS $LUA_LIB" + SCRIPTING=true ], [ + SCRIPTING=false AC_MSG_ERROR([Lua 5.3 libraries are required to build with Lua support. No other version is supported.]) ]) fi @@ -668,8 +672,6 @@ AC_ARG_ENABLE([fpm], AS_HELP_STRING([--enable-fpm], [enable Forwarding Plane Manager support])) AC_ARG_ENABLE([pcep], AS_HELP_STRING([--enable-pcep], [enable PCEP support for pathd])) -AC_ARG_ENABLE([systemd], - AS_HELP_STRING([--enable-systemd], [enable Systemd support])) AC_ARG_ENABLE([werror], AS_HELP_STRING([--enable-werror], [enable -Werror (recommended for developers only)])) AC_ARG_ENABLE([cumulus], @@ -764,19 +766,6 @@ case "${enable_cpu_time}" in ;; esac -case "${enable_systemd}" in - "no") ;; - "yes") - AC_CHECK_LIB([systemd], [sd_notify], [LIBS="$LIBS -lsystemd"]) - if test "$ac_cv_lib_systemd_sd_notify" = "no"; then - AC_MSG_ERROR([enable systemd has been specified but systemd development env not found on your system]) - else - AC_DEFINE([HAVE_SYSTEMD], [1], [Compile systemd support in]) - fi - ;; - "*") ;; -esac - if test "$enable_rr_semantics" != "no" ; then AC_DEFINE([HAVE_V6_RR_SEMANTICS], [1], [Compile in v6 Route Replacement Semantics]) fi @@ -2628,7 +2617,6 @@ AC_CONFIG_FILES([Makefile],[ AC_CONFIG_FILES([ config.version - changelog-auto redhat/frr.spec alpine/APKBUILD snapcraft/snapcraft.yaml diff --git a/debian/README.Debian b/debian/README.Debian index a23a0efcac..53fb6c9d0e 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -31,10 +31,6 @@ The following Build Profiles have been added: controls whether the RPKI module is built. Will be enabled by default at some point, adds some extra dependencies. -- pkg.frr.nosystemd - Disables both systemd unit file installation as well as watchfrr sd_notify - support at startup. Removes libsystemd dependency. - Note that all options have a "no" form; if you want to have your decision be sticky regardless of changes to what it defaults to, then always use one of the two. For example, all occurrences of <pkg.frr.rtrlib> will at some @@ -43,10 +39,6 @@ point be replaced with <!pkg.frr.nortrlib>. The main frr package has the exact same contents regardless of rtrlib or snmp choices. The options only control frr-snmp and frr-rpki-rtrlib packages. -The main frr package does NOT have the same contents if pkg.frr.nosystemd is -used. This option should only be used for systems that do not have systemd, -e.g. Ubuntu 14.04. - * Debian Policy compliance notes ================================ diff --git a/debian/changelog b/debian/changelog index 021c52c2f3..99c75106db 120000..100644 --- a/debian/changelog +++ b/debian/changelog @@ -1 +1,1523 @@ -../changelog-auto
\ No newline at end of file +frr (8.1~dev-1) UNRELEASED; urgency=medium + + * New upstream release... + + -- Ondřej Surý <ondrej@debian.org> Tue, 04 May 2021 22:52:47 +0200 + +frr (7.5.1-1) unstable; urgency=medium + + * Update the d/gbp.conf for 7.5.1 release + * Use wrap-and-sort -a to unify debian/ wrapping and sorting + * Work around the sphinx-build error that doesn't copy images to texinfo + * Change the upstream-tag in d/gbp.conf to track the upstream tarballs + + -- Ondřej Surý <ondrej@debian.org> Mon, 08 Mar 2021 09:40:19 +0100 + +frr (7.5-1) unstable; urgency=medium + + * New upstream version 7.5 + + -- Ondřej Surý <ondrej@debian.org> Sun, 14 Feb 2021 21:38:50 +0100 + +frr (7.4-2) unstable; urgency=medium + + * Bump libyang dependency to >= 1.0.184-1~ + * Make the autopkgtest more resilient (Closes: #980111) + * Adjust the ax_python.m4 to hardcode python3.9 + + -- Ondřej Surý <ondrej@debian.org> Sun, 07 Feb 2021 13:15:07 +0100 + +frr (7.4-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix for FTBFS with Python 3.9. (Closes: #972767) + + -- Adrian Bunk <bunk@debian.org> Thu, 21 Jan 2021 16:06:12 +0200 + +frr (7.4-1) unstable; urgency=medium + + [ Ondřej Surý ] + * Use dh_installinit capabilities to install frr.tmpfile + * Remove unused debian/watchfrr.rc file + * Add missing lsof dependency + * Remove mention of pkg.frr.snmp build profile from debian/README.Debian + * Make lsb-base a hard dependency + * Update gbp.conf for 7.4 release + * Update and simplify d/watch + * Change the debian source format from 3.0 (git) to 3.0 (quilt) + * Convert the package to dh compat level 10 + * Add myself to Uploaders + * Bump standards version to 4.5.0.2 (latest) - no change + * Use wrap-and-sort -a to unify debian/ wrapping and sorting + * Work around the sphinx-build error that doesn't copy images to texinfo + (Properly closes: #955067) + * Depend on debhelper >= 9.20160709 and drop dh-systemd dependency + (Closes: #958626) + + -- Ondřej Surý <ondrej@debian.org> Mon, 10 Aug 2020 11:50:45 +0200 + +frr (7.3.1-1) unstable; urgency=medium + + [ David Lamparter ] + * allow cross-compile with sbuild --host + + [ Ondřej Surý ] + * Add myself to Uploaders + * Add d/gbp.conf + * Update changelog for 7.3.1-1~1.gbp2292a4 release + * Change the source format from git to quilt to use git-buildpackage + * Don't install frr-doc texinfo images, they are gone (Closes: #955067) + * Bump the dh_compat to 10 + + -- Ondřej Surý <ondrej@debian.org> Mon, 01 Jun 2020 08:41:03 +0200 + +frr (7.3-1) unstable; urgency=medium + + * new upstream release + + -- David Lamparter <equinox-debian@diac24.net> Tue, 25 Feb 2020 17:45:16 +0100 + +frr (7.2.1-1) unstable; urgency=medium + + * new upstream release + * daemon man pages renamed to frr-* (closes: #944392) + * fix/improve multi-arch markers on doc + * fix git URLs to point to debian branch + + -- David Lamparter <equinox-debian@diac24.net> Mon, 20 Jan 2020 17:06:21 +0100 + +frr (7.2-1) unstable; urgency=medium + + * New upstream release + + -- Jafar Al-Gharaibeh <jafar@atcorp.com> Sun, 03 Nov 2019 18:45:23 +0100 + +frr (6.0.2-2) unstable; urgency=medium + + * remove bogus libjson0 build-dep (closes: #921349) + * fix broken systemd dependency spec + * add proper Conflicts: for quagga and pimd (closes: #921376) + + -- David Lamparter <equinox-debian@diac24.net> Mon, 04 Feb 2019 22:16:07 +0100 + +frr (6.0.2-1) unstable; urgency=medium + + * Packaging has been more or less completely reworked, based off the old + Quagga packaging that hung around in git. Refer to "changelog-auto.in" + in the source root directory for the old changelog. + * Initial release of FRR for Debian. (closes: #863249) + + -- David Lamparter <equinox-debian@diac24.net> Sun, 27 Jan 2019 17:27:02 +0100 + +frr (6.0-2) testing; urgency=medium + + * add install-info to build deps + * remove trailing whitespace from control + * cleanup tcp-zebra configure options + * drop unused SMUX client OID MIBs + * remove /proc check + * remove --enable-poll + * remove libtool .la files + * drop texlive-latex-base, texlive-generic-recommended build deps + * consistently allow python2 or python3 + * remove bad USE_* options, add WERROR + * drop libncurses5 dep + * remove backports mechanism + * use better dependency for pythontools (binNMU compatible) + * remove bogus shlib:Depends on frr-dbg + * create frr-snmp and frr-rpki-rtrlib + * make frr-pythontools a "Recommends:" + * use redistclean target + * update to Debian Policy version 4.2.1 + * raise debhelper compat level to 9 + * ditch development-only files + * modernise dh_missing and use fail mode + * disable zeromq and FPM + * always install /etc/init.d/frr + * put frr-doc package in 'doc' section + * install HTML docs, drop tools/ + * fix install for {frr,rfptest,ospfclient} + * add watch file + * change python dependency and shebang to python3:any + * use set -e in maintscripts + * put myself in as maintainer + * update copyright file + * closes: #863249 + + -- David Lamparter <equinox-debian@diac24.net> Thu, 25 Oct 2018 16:36:50 +0200 + +frr (6.0-1) RELEASED; urgency=medium + + * New Enabled: PIM draft Unnumbered + + -- FRRouting-Dev <dev@lists.frrouting.org> Wed, 18 Oct 2017 17:01:42 -0700 + +frr (3.0-1) RELEASED; urgency=medium + + * Added Debian 9 Backport + + -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 16 Oct 2017 03:28:00 -0700 + +frr (3.0-0) RELEASED; urgency=medium + + * New Enabled: BGP Shutdown Message + * New Enabled: BGP Large Community + * New Enabled: BGP RFC 7432 Partial Support w/ Ethernet VPN + * New Enabled: BGP EVPN RT-5 + * New Enabled: LDP RFC 5561 + * New Enabled: LDP RFC 5918 + * New Enabled: LDP RFC 5919 + * New Enabled: LDP RFC 6667 + * New Enabled: LDP RFC 7473 + * New Enabled: OSPF RFC 4552 + * New Enabled: ISIS SPF Backoff draft + * New Enabled: PIM Unnumbered Interfaces + * New Enabled: PIM RFC 4611 + * New Enabled: PIM Sparse Mode + * New Enabled: NHRP RFC 2332 + * New Enabled: Label Manager + * Switched from hardening-wrapper to dpkg-buildflags. + + -- FRRouting-Dev <dev@lists.frrouting.org> Fri, 13 Oct 2017 16:17:26 -0700 + +frr (2.0-0) RELEASED; urgency=medium + + * Switchover to FRR + + -- FRRouting-Dev <dev@lists.frrouting.org> Mon, 23 Jan 2017 16:30:22 -0400 + +quagga (0.99.24+cl3u5) RELEASED; urgency=medium + + * Closes: CM-12846 - Resolve Memory leaks in 'show ip bgp neighbor json' + * Closes: CM-5878 - Display all ospf peers with 'show ip ospf neighbor detail all' + * Closes: CM-5794 - Add support for IPv6 static to null0 + * Closes: CM-13060 - Reduce JSON memory usage. + * Closes: CM-10394 - protect 'could not get instance' error messages with debug + * Closes: CM-11173 - Move netlink error messages undeer a debug + * Closes: CM-13328 - Fixes route missing in hardware after reboot + + -- dev-support <dev-support@cumulusnetworks.com> Fri, 11 Nov 2016 22:13:29 -0400 + +quagga (0.99.24+cl3u4) RELEASED; urgency=medium + + * Closes: CM-12687 - Buffer overflow in zebra RA code + + -- dev-support <dev-support@cumulusnetworks.com> Wed, 31 Aug 2016 12:36:10 -0400 + +quagga (0.99.24+cl3u3) RELEASED; urgency=medium + + * New Enabled: Merge up-to 0.99.24 code from upstream + * New Enabled: Additional CLI simplification + * New Enabled: Various Bug Fixes + + -- dev-support <dev-support@cumulusnetworks.com> Thu, 04 Aug 2016 08:43:36 -0700 + +quagga (0.99.23.1-1+cl3u2) RELEASED; urgency=medium + + * New Enabled: VRF - See Documentation for how to use + * New Enabled: Improved interface statistics + * New Enabled: Various vtysh improvements + * New Enabled: Numerous compile warnings and SA fixes + * New Enabled: Improved priviledge handlingA + * New Enabled: Various OSPF CLI fixes + * New Enabled: Prefix-list Performance Improvements. + * New Enabled: Allow more than 1k peers in Quagga + and Performance Improvements + * New Enabled: Systemd integration + * New Enabled: Various ISIS fixes + * New Enabled: BGP MRT improvements + * New Enabled: Lowered default MRAI timers + * New Enabled: Lowered default 'timers connect' + * New Enabled: 'bgp log-neighbor-changes' enabled by default + * New Enabled: BGP default keepalive to 3s and holdtime to 9s + * New Enabled: OSPF spf timers are now '0 50 5000' by default + * New Enabled: BGP hostname is displayed by default + * New Enabled: BGP 'no-as-set' is the default for + 'bgp as-path multipath-relax" + * New Enabled: RA is on by default if using 5549 on an interface + * New Enabled: peer-group restrictions relaxed, update-groups determine + outbund policy anyway + * New Enabled: BGP enabled 'maximum-paths 64' by default + * New Enabled: OSPF "log-adjacency-changes" on by default + * New Enabled: Zebra: Add IPv6 protocol filtering support + * and setting src of IPv6 routes. + * New Enabled: BGP and OSPF JSON commands added. + * New Enabled: BGP Enable multiple instances support by default + * New Enabled: 'banner motd file' command + * New Enabled: Remove bad default passwords from default conf + * New Enabled: BGP addpath TX + * New Enabled: Simplified configuration for BGP Unnumbered + + * New Deprecated: Remove unused 'show memory XXX' functionality + * New Deprecated: Remove babel protocol + + * Closes: CM-10435 Addition on hidden command + "bfd multihop/singlehop" and "ptm-enable" per interface command + * Closes: CM-9974 Get route counts right for show ip route summary + * Closes: CM-9786 BGP memory leak in peer hostname + * Closes: CM-9340 BGP: Ensure correct sequence of processing at exit + * Closes: CM-9270 ripd: Fix crash when a default route is passed to rip + * Closes: CM-9255 BGPD crash around bgp_config_write () + * Closes: CM-9134 ospf6d: Fix for crash when non area 0 network + entered first + * Closes: CM-8934 OSPFv3: Check area before scheduling SPF + * Closes: CM-8514 zebra: Crash upon disabling a link + * Closes: CM-8295 BGP crash in group_announce_route_walkcb + * Closes: CM-8191 BGP: crash in update_subgroup_merge() + * Closes: CM-8015 lib: Memory reporting fails over 2GB + * Closes: CM-7926 BGP: crash from not NULLing freed pointers + + -- dev-support <dev-support@cumulusnetworks.com> Wed, 04 May 2016 16:22:52 -0700 + +quagga (0.99.23.1-1) unstable; urgency=medium + + * New upstream release + * Added .png figures for info files to quagga-doc package. + * Changed dependency from iproute to iproute2 (thanks to Andreas + Henriksson). Closes: #753736 + * Added texlive-fonts-recommended to build-depends to get ecrm1095 font + (thanks to Christoph Biedl). Closes: #651545 + + -- Christian Brunotte <ch@debian.org> Tue, 30 Sep 2014 00:20:12 +0200 + +quagga (0.99.23-1) unstable; urgency=low + + * New upstream release + * Removed debian/patches/readline-6.3.diff which was already in upstream. + + -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2014 09:15:48 +0200 + +quagga (0.99.22.4-4) unstable; urgency=medium + + * Fix build failure with readline-6.3 (thanks to Matthias Klose). + Closes: #741774 + + -- Christian Hammers <ch@debian.org> Sun, 23 Mar 2014 15:28:42 +0100 + +quagga (0.99.22.4-3) unstable; urgency=low + + * Added status to init script (thanks to Peter J. Holzer). Closes: #730625 + * Init script now sources /lib/lsb/init-functions. + * Switched from hardening-wrapper to dpkg-buildflags. + + -- Christian Hammers <ch@debian.org> Wed, 01 Jan 2014 19:12:01 +0100 + +quagga (0.99.22.4-2) unstable; urgency=low + + * Fixed typo in package description (thanks to Davide Prina). + Closes: #625860 + * Added Italian Debconf translation (thanks to Beatrice Torracca) + Closes: #729798 + + -- Christian Hammers <ch@debian.org> Tue, 26 Nov 2013 00:47:11 +0100 + +quagga (0.99.22.4-1) unstable; urgency=high + + * SECURITY: + "ospfd: CVE-2013-2236, stack overrun in apiserver + + the OSPF API-server (exporting the LSDB and allowing announcement of + Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads + to an exploitable stack overflow. + + For this condition to occur, the following two conditions must be true: + - Quagga is configured with --enable-opaque-lsa + - ospfd is started with the "-a" command line option + + If either of these does not hold, the relevant code is not executed and + the issue does not get triggered." + Closes: #726724 + + * New upstream release + - ospfd: protect vs. VU#229804 (malformed Router-LSA) + (Quagga is said to be non-vulnerable but still adds some protection) + + -- Christian Hammers <ch@debian.org> Thu, 24 Oct 2013 22:58:37 +0200 + +quagga (0.99.22.1-2) unstable; urgency=low + + * Added autopkgtests (thanks to Yolanda Robla). Closes: #710147 + * Added "status" command to init script (thanks to James Andrewartha). + Closes: #690013 + * Added "libsnmp-dev" to Build-Deps. There not needed for the official + builds but for people who compile Quagga themselves to activate the + SNMP feature (which for licence reasons cannot be done by Debian). + Thanks to Ben Winslow). Closes: #694852 + * Changed watchquagga_options to an array so that quotes can finally + be used as expected. Closes: #681088 + * Fixed bug that prevented restarting only the watchquagga daemon + (thanks to Harald Kappe). Closes: #687124 + + -- Christian Hammers <ch@debian.org> Sat, 27 Jul 2013 16:06:25 +0200 + +quagga (0.99.22.1-1) unstable; urgency=low + + * New upstream release + - ospfd restore nexthop IP for p2p interfaces + - ospfd: fix LSA initialization for build without opaque LSA + - ripd: correctly redistribute ifindex routes (BZ#664) + - bgpd: fix lost passwords of grouped neighbors + * Removed 91_ld_as_needed.diff as it was found in the upstream source. + + -- Christian Hammers <ch@debian.org> Mon, 22 Apr 2013 22:21:20 +0200 + +quagga (0.99.22-1) unstable; urgency=low + + * New upstream release. + - [bgpd] The semantics of default-originate route-map have changed. + The route-map is now used to advertise the default route conditionally. + The old behaviour which allowed to set attributes on the originated + default route is no longer supported. + - [bgpd] this version of bgpd implements draft-idr-error-handling. This was + added in 0.99.21 and may not be desirable. If you need a version + without this behaviour, please use 0.99.20.1. There will be a + runtime configuration switch for this in future versions. + - [isisd] is in "beta" state. + - [ospf6d] is in "alpha/experimental" state + - More changes are documented in the upstream changelog! + * debian/watch: Adjusted to new savannah.gnu.org site, thanks to Bart + Martens. + * debian/patches/99_CVE-2012-1820_bgp_capability_orf.diff removed as its + in the changelog. + * debian/patches/99_distribute_list.diff removed as its in the changelog. + * debian/patches/10_doc__Makefiles__makeinfo-force.diff removed as it + was just for Debian woody. + + -- Christian Hammers <ch@debian.org> Thu, 14 Feb 2013 00:22:00 +0100 + +quagga (0.99.21-4) unstable; urgency=medium + + * Fixed regression bug that caused OSPF "distribute-list" statements to be + silently ignored. The patch has already been applied upstream but there + has been no new Quagga release since then. + Thanks to Hans van Kranenburg for reporting. Closes: #697240 + + -- Christian Hammers <ch@debian.org> Sun, 06 Jan 2013 15:50:32 +0100 + +quagga (0.99.21-3) unstable; urgency=high + + * SECURITY: + CVE-2012-1820 - Quagga contained a bug in BGP OPEN message handling. + A denial-of-service condition could be caused by an attacker controlling + one of the pre-configured BGP peers. In most cases this means, that the + attack must be originated from an adjacent network. Closes: #676510 + + -- Christian Hammers <ch@debian.org> Fri, 08 Jun 2012 01:15:32 +0200 + +quagga (0.99.21-2) unstable; urgency=low + + * Renamed babeld.8 to quagga-babeld.8 as it conflicted with the + original mapage of the babeld package which users might want to + install in parallel as it is slightly more capable. Closes: #671916 + + -- Christian Hammers <ch@debian.org> Thu, 10 May 2012 07:53:01 +0200 + +quagga (0.99.21-1) unstable; urgency=low + + * New upstream release + - [bgpd] BGP multipath support has been merged + - [bgpd] SAFI (Multicast topology) support has been extended to propagate + the topology to zebra. + - [bgpd] AS path limit functionality has been removed + - [babeld] a new routing daemon implementing the BABEL ad-hoc mesh routing + protocol has been merged. + - [isisd] a major overhaul has been picked up. Please note that isisd is + STILL NOT SUITABLE FOR PRODUCTION USE. + - a lot of bugs have been fixed + * Added watchquagga daemon. + * Added DEP-3 conforming patch comments. + + -- Christian Hammers <ch@debian.org> Sun, 06 May 2012 15:33:33 +0200 + +quagga (0.99.20.1-1) unstable; urgency=high + + * SECURITY: + CVE-2012-0249 - Quagga ospfd DoS on malformed LS-Update packet + CVE-2012-0250 - Quagga ospfd DoS on malformed Network-LSA data + CVE-2012-0255 - Quagga bgpd DoS on malformed OPEN message + * New upstream release. Closes: #664033 + + -- Christian Hammers <ch@debian.org> Fri, 16 Mar 2012 22:14:05 +0100 + +quagga (0.99.20-4) unstable; urgency=low + + * Switch to dpkg-source 3.0 (quilt) format. + * Switch to changelog-format-1.0. + + -- Christian Hammers <ch@debian.org> Sat, 25 Feb 2012 18:52:06 +0100 + +quagga (0.99.20-3) unstable; urgency=low + + * Added --sysconfdir back to the configure options (thanks to Sven-Haegar + Koch). Closes: #645649 + + -- Christian Hammers <ch@debian.org> Tue, 18 Oct 2011 00:24:37 +0200 + +quagga (0.99.20-2) unstable; urgency=low + + * Bumped standards version to 0.9.2. + * Migrated to "dh" build system. + * Added quagga-dbg package. + + -- Christian Hammers <ch@debian.org> Fri, 14 Oct 2011 23:59:26 +0200 + +quagga (0.99.20-1) unstable; urgency=low + + * New upstream release: + "The primary focus of this release is a fix of SEGV regression in ospfd, + which was introduced in 0.99.19. It also features a series of minor + improvements, including better RFC compliance in bgpd, better support + of FreeBSD and some enhancements to isisd." + * Fixes off-by-one bug (removed 20_ospf6_area_argv.dpatch). Closes: #519488 + + -- Christian Hammers <ch@debian.org> Fri, 30 Sep 2011 00:59:24 +0200 + +quagga (0.99.19-1) unstable; urgency=high + + * SECURITY: + "This release provides security fixes, which address assorted + vulnerabilities in bgpd, ospfd and ospf6d (CVE-2011-3323, + CVE-2011-3324, CVE-2011-3325, CVE-2011-3326 and CVE-2011-3327). + * New upstream release. + * Removed incorporated debian/patches/92_opaque_lsa_enable.dpatch. + * Removed incorporated debian/patches/93_opaque_lsa_fix.dpatch. + * Removed obsolete debian/README.Debian.Woody and README.Debian.MD5. + + -- Christian Hammers <ch@debian.org> Tue, 27 Sep 2011 00:16:27 +0200 + +quagga (0.99.18-1) unstable; urgency=low + + * SECURITY: + "This release fixes 2 denial of services in bgpd, which can be remotely + triggered by malformed AS-Pathlimit or Extended-Community attributes. + These issues have been assigned CVE-2010-1674 and CVE-2010-1675. + Support for AS-Pathlimit has been removed with this release." + * Added Brazilian Portuguese debconf translation. Closes: #617735 + * Changed section for quagga-doc from "doc" to "net". + * Added patch to fix FTBFS with latest GCC. Closes: #614459 + + -- Christian Hammers <ch@debian.org> Tue, 22 Mar 2011 23:13:34 +0100 + +quagga (0.99.17-4) unstable; urgency=low + + * Added comment to init script (thanks to Marc Haber). Closes: #599524 + + -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:53:29 +0100 + +quagga (0.99.17-3) unstable; urgency=low + + * Fix FTBFS with ld --as-needed (thanks to Matthias Klose at Ubuntu). + Closes: #609555 + + -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2011 23:27:06 +0100 + +quagga (0.99.17-2) unstable; urgency=low + + * Added Danisch Debconf translation (thanks to Joe Dalton). Closes: #596259 + + -- Christian Hammers <ch@debian.org> Sat, 18 Sep 2010 12:20:07 +0200 + +quagga (0.99.17-1) unstable; urgency=high + + * SECURITY: + "This release provides two important bugfixes, which address remote crash + possibility in bgpd discovered by CROSS team.": + 1. Stack buffer overflow by processing certain Route-Refresh messages + CVE-2010-2948 + 2. DoS (crash) while processing certain BGP update AS path messages + CVE-2010-2949 + Closes: #594262 + + -- Christian Hammers <ch@debian.org> Wed, 25 Aug 2010 00:52:48 +0200 + +quagga (0.99.16-1) unstable; urgency=low + + * New upstream release. Closes: #574527 + * Added chrpath to debian/rules to fix rpath problems that lintian spottet. + + -- Christian Hammers <ch@debian.org> Sun, 21 Mar 2010 17:05:40 +0100 + +quagga (0.99.15-2) unstable; urgency=low + + * Applied patch for off-by-one bug in ospf6d that caused a segmentation + fault when using the "area a.b.c.d filter-list prefix" command (thanks + to Steinar H. Gunderson). Closes: 519488 + + -- Christian Hammers <ch@debian.org> Sun, 14 Feb 2010 20:02:03 +0100 + +quagga (0.99.15-1) unstable; urgency=low + + * New upstream release + "This fixes some annoying little ospfd and ospf6d regressions, which made + 0.99.14 a bit of a problem release (...) This release still contains a + regression in the "no ip address ..." command, at least on Linux. + See bug #486, which contains a workaround patch. This release should be + considered a 1.0.0 release candidate. Please test this release as widely + as possible." + * Fixed wrong port number in zebra.8 (thanks to Thijs Kinkhorst). + Closes: #517860 + * Added Russian Debconf tanslation (thanks to Yuri Kozlov). + Closes: #539464 + * Removed so-version in build-dep to libreadline-dev on request of + Matthias Klose. + * Added README.source with reference to dpatch as suggested by lintian. + * Bumped standards versionto 3.8.3. + + -- Christian Hammers <ch@debian.org> Sun, 13 Sep 2009 18:12:06 +0200 + +quagga (0.99.14-1) unstable; urgency=low + + * New upstream release + "This release contains a regression fix for ospf6d, various small fixes + and some hopefully very significant bgpd stability fixes. + This release should be considered a 1.0.0 release candidate. Please test + this release as widely as possible." + * Fixes bug with premature LSA aging in ospf6d. Closes: #535030 + * Fixes section number in zebra.8 manpage. Closes: #517860 + + -- Christian Hammers <ch@debian.org> Sat, 25 Jul 2009 00:40:38 +0200 + +quagga (0.99.13-2) unstable; urgency=low + + * Added Japanese Debconf translation (thanks to Hideki Yamane). + Closes: #510714 + * When checking for obsoleted config options in preinst, print filename + where it occures (thanks to Michael Bussmann). Closes: #339489 + + -- Christian Hammers <ch@debian.org> Sun, 19 Jul 2009 17:13:23 +0200 + +quagga (0.99.13-1) unstable; urgency=low + + * New upstream release + "This release is contains a number of small fixes, for potentially + irritating issues, as well as small enhancements to vtysh and support + for linking to PCRE (a much faster regex library)." + * Added build-dep to gawk as configure required it for memtypes.awk + * Replaced build-dep to gs-gpl with ghostscript as requested by lintian + * Minor changes to copyright and control files to make lintian happy. + + -- Christian Hammers <ch@debian.org> Wed, 24 Jun 2009 17:53:28 +0200 + +quagga (0.99.12-1) unstable; urgency=high + + * New upstream release + "This release fixes an urgent bug in bgpd where it could hit an assert + if it received a long AS_PATH with a 4-byte ASN." Noteworthy bugfixes: + + [bgpd] Fix bgp ipv4/ipv6 accept handling + + [bgpd] AS4 bugfix by Chris Caputo + + [bgpd] Allow accepted peers to progress even if realpeer is in Connect + + [ospfd] Switch Fletcher checksum back to old ospfd version + + -- Christian Hammers <ch@debian.org> Mon, 22 Jun 2009 00:16:33 +0200 + +quagga (0.99.11-1) unstable; urgency=low + + * New upstream release + "Most regressions in 0.99 over 0.98 are now believed to be fixed. This + release should be considered a release-candidate for a new stable series." + + bgpd: Preliminary UI and Linux-IPv4 support for TCP-MD5 merged + + zebra: ignore dead routes in RIB update + + [ospfd] Default route needs to be refreshed after neighbour state change + + [zebra:netlink] Set proto/scope on all route update messages + * Removed debian/patches/20_*bgp*md5*.dpatch due to upstream support. + + -- Christian Hammers <ch@debian.org> Thu, 09 Oct 2008 22:56:38 +0200 + +quagga (0.99.10-1) unstable; urgency=medium + + * New upstream release + + bgpd: 4-Byte AS Number support + + Sessions were incorrectly reset if a partial AS-Pathlimit attribute + was received. + + Advertisement of Multi-Protocol prefixes (i.e. non-IPv4) had been + broken in the 0.99.9 release. Closes: #467656 + + -- Christian Hammers <ch@debian.org> Tue, 08 Jul 2008 23:32:42 +0200 + +quagga (0.99.9-6) unstable; urgency=low + + * Fixed FTBFS by adding a build-dep to libpcre3-dev (thanks to Luk Claes). + Closes: #469891 + + -- Christian Hammers <ch@debian.org> Sat, 12 Apr 2008 12:53:51 +0200 + +quagga (0.99.9-5) unstable; urgency=low + + * C.J. Adams-Collier and Paul Jakma suggested to build against libpcre3 + which is supposed to be faster. + + -- Christian Hammers <ch@debian.org> Sun, 02 Mar 2008 13:19:42 +0100 + +quagga (0.99.9-4) unstable; urgency=low + + * Added hardening-wrapper to the build-deps (thanks to Moritz Muehlenhoff). + + -- Christian Hammers <ch@debian.org> Tue, 29 Jan 2008 22:33:56 +0100 + +quagga (0.99.9-3) unstable; urgency=low + + * Replaced the BGP patch by a new one so that the package builds again + with kernels above 2.6.21! + * debian/control: + + Moved quagga-doc to section doc to make lintian happy. + * Added Spanish debconf translation (thanks to Carlos Galisteo de Cabo). + Closes: #428574 + * debian/control: (thanks to Marco Rodrigues) + + Bump Standards-Version to 3.7.3 (no changes needed). + + Add Homepage field. + + -- Christian Hammers <ch@debian.org> Mon, 28 Jan 2008 22:29:18 +0100 + +quagga (0.99.9-2.1) unstable; urgency=low + + * Non-maintainer upload. + * debian/rules: fixed bashisms. (Closes: #459122) + + -- Miguel Angel Ruiz Manzano <debianized@gmail.com> Tue, 22 Jan 2008 14:37:21 -0300 + +quagga (0.99.9-2) unstable; urgency=low + + * Added CVE id for the security bug to the last changelog entry. + Closes: 442133 + + -- Christian Hammers <ch@debian.org> Tue, 25 Sep 2007 22:01:31 +0200 + +quagga (0.99.9-1) unstable; urgency=high + + * SECURITY: + "This release fixes two potential DoS conditions in bgpd, reported by Mu + Security, where a bgpd could be crashed if a peer sent a malformed OPEN + message or a malformed COMMUNITY attribute. Only configured peers can do + this, hence we consider these issues to be very low impact." CVE-2007-4826 + + -- Christian Hammers <ch@debian.org> Wed, 12 Sep 2007 21:12:41 +0200 + +quagga (0.99.8-1) unstable; urgency=low + + * New upstream version. + + -- Christian Hammers <ch@debian.org> Fri, 17 Aug 2007 00:07:04 +0200 + +quagga (0.99.7-3) unstable; urgency=medium + + * Applied patch for FTBFS with linux-libc-dev (thanks to Andrew J. Schorr + and Lucas Nussbaum). Closes: #429003 + + -- Christian Hammers <ch@debian.org> Fri, 22 Jun 2007 21:34:55 +0200 + +quagga (0.99.7-2) unstable; urgency=low + + * Added Florian Weimar as co-maintainer. Closes: 421977 + * Added Dutch debconf translation (thanks to Bart Cornelis). + Closes: #420932 + * Added Portuguese debconf translation (thanks to Rui Branco). + Closes: #421185 + * Improved package description (thanks to Reuben Thomas). + Closes: #418933 + * Added CVE Id to 0.99.6-5 changelog entry. + + -- Christian Hammers <ch@debian.org> Wed, 02 May 2007 20:27:12 +0200 + +quagga (0.99.7-1) unstable; urgency=low + + * New upstream release. Closes: #421553 + + -- Christian Hammers <ch@debian.org> Mon, 30 Apr 2007 14:22:34 +0200 + +quagga (0.99.6-6) unstable; urgency=medium + + * Fixes FTBFS with tetex-live. Closes: #420468 + + -- Christian Hammers <ch@debian.org> Mon, 23 Apr 2007 21:34:13 +0200 + +quagga (0.99.6-5) unstable; urgency=high + + * SECURITY: + The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers + could cause a Quagga bgpd to, typically, assert() and abort. The DoS + could be triggered by peers by sending an UPDATE message with a crafted, + malformed Multi-Protocol reachable/unreachable NLRI attribute. + This is CVE-2007-1995 and Quagga Bug#354. Closes: #418323 + + -- Christian Hammers <ch@debian.org> Thu, 12 Apr 2007 23:21:58 +0200 + +quagga (0.99.6-4) unstable; urgency=low + + * Improved note in README.Debian for SNMP self-builders (thanks to Matthias + Wamser). Closes: #414788 + + -- Christian Hammers <ch@debian.org> Wed, 14 Mar 2007 02:18:57 +0100 + +quagga (0.99.6-3) unstable; urgency=low + + * Updated German Debconf translation (thanks to Matthias Julius). + Closes: #409327 + + -- Christian Hammers <ch@debian.org> Sat, 10 Feb 2007 15:06:16 +0100 + +quagga (0.99.6-2) unstable; urgency=low + + * Updated config.guess/config.sub as suggested by lintian. + * Corrected README.Debian text regarding the WANT_SNMP flag. + + -- Christian Hammers <ch@debian.org> Sun, 17 Dec 2006 01:45:37 +0100 + +quagga (0.99.6-1) unstable; urgency=low + + * New upstream release. Closes: #402361 + + -- Christian Hammers <ch@debian.org> Mon, 11 Dec 2006 00:28:09 +0100 + +quagga (0.99.5-5) unstable; urgency=high + + * Changed Depends on adduser to Pre-Depends to avoid uninstallability + in certain cases (thanks to Steve Langasek, Lucas Nussbaum). + Closes: #398562 + + -- Christian Hammers <ch@debian.org> Wed, 15 Nov 2006 17:46:34 +0100 + +quagga (0.99.5-4) unstable; urgency=low + + * Added default PAM file and some explanations regarding PAM authentication + of vtysh which could prevent the start at boot-time when used wrong. + Now PAM permits anybody to access the vtysh tool (a malicious user could + build his own vtysh without PAM anyway) and the access is controled by + the read/write permissions of the vtysh socket which are only granted to + users belonging to the quaggavty group (thanks to Wakko Warner). + Closes: #389496 + * Added "case" to prerm script so that the Debconf question is not called a + second time in e.g. "new-prerm abort-upgrade" after being NACKed in the + old-prerm. + + -- Christian Hammers <ch@debian.org> Fri, 3 Nov 2006 01:22:15 +0100 + +quagga (0.99.5-3) unstable; urgency=medium + + * Backport CVS fix for an OSPF DD Exchange regression (thanks to Matt + Brown). Closes: #391040 + + -- Christian Hammers <ch@debian.org> Wed, 25 Oct 2006 19:47:11 +0200 + +quagga (0.99.5-2) unstable; urgency=medium + + * Added LSB info section to initscript. + * Removed unnecessary depends to libncurses5 to make checklib happy. + The one to libcap should remain though as it is just temporarily + unused. + + -- Christian Hammers <ch@debian.org> Thu, 21 Sep 2006 00:04:07 +0200 + +quagga (0.99.5-1) unstable; urgency=low + + * New upstream release. Closes: #38704 + * Upstream fixes ospfd documentary inconsistency. Closes: #347897 + * Changed debconf question in prerm to "high" (thanks to Rafal Pietrak). + + -- Christian Hammers <ch@debian.org> Mon, 11 Sep 2006 23:43:42 +0200 + +quagga (0.99.4-4) unstable; urgency=low + + * Recreate /var/run if not present because /var is e.g. on a tmpfs + filesystem (thanks to Martin Pitt). Closes: #376142 + * Removed nonexistant option from ospfd.8 manpage (thanks to + David Medberry). Closes: 378274 + + -- Christian Hammers <ch@debian.org> Sat, 15 Jul 2006 20:22:12 +0200 + +quagga (0.99.4-3) unstable; urgency=low + + * Removed invalid semicolon from rules file (thanks to Philippe Gramoulle). + + -- Christian Hammers <ch@debian.org> Tue, 27 Jun 2006 23:36:07 +0200 + +quagga (0.99.4-2) unstable; urgency=high + + * Set urgency to high as 0.99.4-1 fixes a security problem! + * Fixed building of the info file. + + -- Christian Hammers <ch@debian.org> Sun, 14 May 2006 23:04:28 +0200 + +quagga (0.99.4-1) unstable; urgency=low + + * New upstream release to fix a security problem in the telnet interface + of the BGP daemon which could be used for DoS attacks (CVE-2006-2276). + Closes: 366980 + + -- Christian Hammers <ch@debian.org> Sat, 13 May 2006 19:54:40 +0200 + +quagga (0.99.3-3) unstable; urgency=low + + * Added CVE numbers for the security patch in 0.99.3-2. + + -- Christian Hammers <ch@debian.org> Sat, 6 May 2006 17:14:22 +0200 + +quagga (0.99.3-2) unstable; urgency=high + + * SECURITY: + Added security bugfix patch from upstream BTS for security problem + that could lead to injected routes when using RIPv1. + CVE-2006-2223 - missing configuration to disable RIPv1 or require + plaintext or MD5 authentication + CVE-2006-2224 - lack of enforcement of RIPv2 authentication requirements + Closes: #365940 + * First amd64 upload. + + -- Christian Hammers <ch@debian.org> Thu, 4 May 2006 00:22:09 +0200 + +quagga (0.99.3-1) unstable; urgency=low + + * New upstream release + + -- Christian Hammers <ch@debian.org> Wed, 25 Jan 2006 13:37:27 +0100 + +quagga (0.99.2-1) unstable; urgency=low + + * New upstream release + Closes: #330248, #175553 + + -- Christian Hammers <ch@debian.org> Wed, 16 Nov 2005 00:25:52 +0100 + +quagga (0.99.1-7) unstable; urgency=low + + * Changed debian/rules check for mounted /proc directory to check + for /proc/1 as not all systems (e.g. 2.6 arm kernels) have + /proc/kcore which is a optional feature only (thanks to Lennert + Buytenhek). Closes: #335695 + * Added Swedish Debconf translation (thanks to Daniel Nylander). + Closes: #331367 + + -- Christian Hammers <ch@debian.org> Thu, 27 Oct 2005 20:53:19 +0200 + +quagga (0.99.1-6) unstable; urgency=low + + * Fixed debconf dependency as requested by Joey Hess. + + -- Christian Hammers <ch@debian.org> Mon, 26 Sep 2005 20:47:35 +0200 + +quagga (0.99.1-5) unstable; urgency=low + + * Rebuild with libreadline5-dev as build-dep as requested by + Matthias Klose. Closes: #326306 + * Made initscript more fault tolerant against missing lines in + /etc/quagga/daemons (thanks to Ralf Hildebrandt). Closes: #323774 + * Added dependency to adduser. + + -- Christian Hammers <ch@debian.org> Tue, 13 Sep 2005 21:42:17 +0200 + +quagga (0.99.1-4) unstable; urgency=low + + * Added French Debconf translation (thanks to Mohammed Adnene Trojette). + Closes: #319324 + * Added Czech Debconf translation (thanks to Miroslav Kure). + Closes: #318127 + + -- Christian Hammers <ch@debian.org> Sun, 31 Jul 2005 04:19:41 +0200 + +quagga (0.99.1-3) unstable; urgency=low + + * A Debconf question now asks the admin before upgrading if the daemon + should really be stopped as this could lead to the loss of network + connectivity or BGP flaps (thanks to Michael Horn and Achilleas Kotsis). + Also added a hint about setting Quagga "on hold" to README.Debian. + Closes: #315467 + * Added patch to build on Linux/ARM. + + -- Christian Hammers <ch@debian.org> Sun, 10 Jul 2005 22:19:38 +0200 + +quagga (0.99.1-2) unstable; urgency=low + + * Fixed SNMP enabled command in debian/rules (thanks to Christoph Kluenter). + Closes: #306840 + + -- Christian Hammers <ch@debian.org> Sat, 4 Jun 2005 14:04:01 +0200 + +quagga (0.99.1-1) unstable; urgency=low + + * New upstream version. Among others: + - BGP graceful restart and "match ip route-source" added + - support for interface renaming + - improved threading for better responsivness under load + * Switched to dpatch to make diffs cleaner. + * Made autoreconf unnecessary. + * Replaced quagga.dvi and quagga.ps by quagga.pdf in quagga-doc. + (the PostScript would have needed Makefile corrections and PDF + is more preferable anyway) + * Added isisd to the list of daemons in /etc/init.d/quagga (thanks + to Ernesto Elbe). + * Added hint for "netlink-listen: overrun" messages (thanks to + Hasso Tepper). + * Added preinst check that bails out if old smux options are in use + as Quagga would not start up else anyway (thanks to Bjorn Mork). + Closes: #308320 + + -- Christian Hammers <ch@debian.org> Fri, 13 May 2005 01:18:24 +0200 + +quagga (0.98.3-7) unstable; urgency=high + + * Removed SNMP support as linking against NetSNMP introduced a dependency + to OpenSSL which is not compatible to the GPL which governs this + application (thanks to Faidon Liambotis). See README.Debian for more + information. Closes: #306840 + * Changed listening address of ospf6d and ripngd from 127.0.0.1 to "::1". + * Added build-dep to groff to let drafz-zebra-00.txt build correctly. + + -- Christian Hammers <ch@debian.org> Wed, 4 May 2005 20:08:14 +0200 + +quagga (0.98.3-6) testing-proposed-updates; urgency=high + + * Removed "Recommends kernel-image-2.4" as aptitude then + installes a kernel-image for an arbitrary architecture as long + as it fullfill that recommendation which can obviously fatal + at the next reboot :) Also it is a violation of the policy + which mandates a reference to real packages (thanks to Holger Levsen). + Closes: #307281 + + -- Christian Hammers <ch@debian.org> Tue, 3 May 2005 22:53:39 +0200 + +quagga (0.98.3-5) unstable; urgency=high + + * The patch which tried to remove the OpenSSL dependency, which is + not only unneccessary but also a violation of the licence and thus RC, + stopped working a while ago, since autoreconf is no longer run before + building the binaries. So now ./configure is patched directly (thanks + to Faidon Liambotis for reporting). Closes: #306840 + * Raised Debhelper compatibility level from 3 to 4. Nothing changed. + * Added build-dep to texinfo (>= 4.7) to ease work for www.backports.org. + + -- Christian Hammers <ch@debian.org> Fri, 29 Apr 2005 02:31:03 +0200 + +quagga (0.98.3-4) unstable; urgency=low + + * Removed Debconf upgrade note as it was considered a Debconf abuse + and apart from that so obvious that it was not even worth to be + put into NEWS.Debian (thanks to Steve Langasek). Closes: #306384 + + -- Christian Hammers <ch@debian.org> Wed, 27 Apr 2005 00:10:24 +0200 + +quagga (0.98.3-3) unstable; urgency=medium + + * Adding the debconf module due to a lintian suggestion is a very + bad idea if no db_stop is called as the script hangs then (thanks + to Tore Anderson for reporting). Closes: #306324 + + -- Christian Hammers <ch@debian.org> Mon, 25 Apr 2005 21:55:58 +0200 + +quagga (0.98.3-2) unstable; urgency=low + + * Added debconf confmodule to postinst as lintian suggested. + + -- Christian Hammers <ch@debian.org> Sun, 24 Apr 2005 13:16:00 +0200 + +quagga (0.98.3-1) unstable; urgency=low + + * New upstream release. + Mmost notably fixes last regression in bgpd (reannounce of prefixes + with changed attributes works again), race condition in netlink + handling while using IPv6, MTU changes handling in ospfd and several + crashes in ospfd, bgpd and ospf6d. + + -- Christian Hammers <ch@debian.org> Mon, 4 Apr 2005 12:51:24 +0200 + +quagga (0.98.2-2) unstable; urgency=low + + * Added patch to let Quagga compile with gcc-4.0 (thanks to + Andreas Jochens). Closes: #300949 + + -- Christian Hammers <ch@debian.org> Fri, 25 Mar 2005 19:33:30 +0100 + +quagga (0.98.2-1) unstable; urgency=medium + + * Quoting the upstream announcement: + The 0.98.1 release unfortunately was a brown paper bag release with + respect to ospfd. [...] 0.98.2 has been released, with one crucial change + to fix the unfortunate mistake in 0.98.1, which caused problems if + ospfd became DR. + * Note: the upstream tarball had a strange problem, apparently redhat.spec + was twice in it? At least debuild gave a strange error message so I + unpacked it by hand. No changes were made to the .orig.tar.gz! + + -- Christian Hammers <ch@debian.org> Fri, 4 Feb 2005 01:31:36 +0100 + +quagga (0.98.1-1) unstable; urgency=medium + + * New upstream version + "fixing a fatal OSPF + MD5 auth regression, and a non-fatal high-load + regression in bgpd which were present in the 0.98.0 release." + * Upstream version fixes bug in ospfd that could lead to crash when OSPF + packages had a MTU > 1500. Closes: #290566 + * Added notice regarding capability kernel support to README.Debian + (thanks to Florian Weimer). Closes: #291509 + * Changed permission setting in postinst script (thanks to Bastian Blank). + Closes: #292690 + + -- Christian Hammers <ch@debian.org> Tue, 1 Feb 2005 02:01:27 +0100 + +quagga (0.98.0-3) unstable; urgency=low + + * Fixed problem in init script. Closes: #290317 + * Removed obsolete "smux peer enable" patch. + + -- Christian Hammers <ch@debian.org> Fri, 14 Jan 2005 17:37:27 +0100 + +quagga (0.98.0-2) unstable; urgency=low + + * Updated broken TCP MD5 patch for BGP (thanks to John P. Looney + for telling me). + + -- Christian Hammers <ch@debian.org> Thu, 13 Jan 2005 02:03:54 +0100 + +quagga (0.98.0-1) unstable; urgency=low + + * New upstream release + * Added kernel-image-2.6 as alternative to 2.4 to the recommends + (thanks to Faidon Liambotis). Closes: #289530 + + -- Christian Hammers <ch@debian.org> Mon, 10 Jan 2005 19:36:17 +0100 + +quagga (0.97.5-1) unstable; urgency=low + + * New upstream version. + * Added Czech debconf translation (thanks to Miroslav Kure). + Closes: #287293 + * Added Brazilian debconf translation (thanks to Andre Luis Lopes). + Closes: #279352 + + -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 23:49:57 +0100 + +quagga (0.97.4-2) unstable; urgency=low + + * Fixed quagga.info build problem. + + -- Christian Hammers <ch@debian.org> Wed, 5 Jan 2005 22:38:01 +0100 + +quagga (0.97.4-1) unstable; urgency=low + + * New upstream release. + + -- Christian Hammers <ch@debian.org> Tue, 4 Jan 2005 01:45:22 +0100 + +quagga (0.97.3-2) unstable; urgency=low + + * Included isisd in the daemon list. + * Wrote an isisd manpage. + * It is now ensured that zebra is always the last daemon to be stopped. + * (Thanks to Hasso Tepper for mailing me a long list of suggestions + which lead to this release) + + -- Christian Hammers <ch@debian.org> Sat, 18 Dec 2004 13:14:55 +0100 + +quagga (0.97.3-1) unstable; urgency=medium + + * New upstream version. + - Fixes important OSPF bug. + * Added ht-20040911-smux.patch regarding Quagga bug #112. + * Updated ht-20041109-0.97.3-bgp-md5.patch for BGP with TCP MD5 + (thanks to Matthias Wamser). + + -- Christian Hammers <ch@debian.org> Tue, 9 Nov 2004 17:45:26 +0100 + +quagga (0.97.2-4) unstable; urgency=low + + * Added Portuguese debconf translation (thanks to Andre Luis Lopes). + Closes: #279352 + * Disabled ospfapi server by default on recommendation of Paul Jakma. + + -- Christian Hammers <ch@debian.org> Sun, 7 Nov 2004 15:07:05 +0100 + +quagga (0.97.2-3) unstable; urgency=low + + * Added Andrew Schorrs VTY Buffer patch from the [quagga-dev 1729]. + + -- Christian Hammers <ch@debian.org> Tue, 2 Nov 2004 00:46:56 +0100 + +quagga (0.97.2-2) unstable; urgency=low + + * Changed file and directory permissions and ownerships according to a + suggestion from Paul Jakma. Still not perfect though. + * Fixed upstream vtysh.conf.sample file. + * "ip ospf network broadcast" is now saved correctly. Closes: #244116 + * Daemon options are now in /etc/quagga/debian.conf to be user + configurable (thanks to Simon Raven and Hasso Tepper). Closes: #266715 + + -- Christian Hammers <ch@debian.org> Tue, 26 Oct 2004 23:35:45 +0200 + +quagga (0.97.2-1) unstable; urgency=low + + * New upstream version. + Closes: #254541 + * Fixed warning on unmodular kernels (thanks to Christoph Biedl). + Closes: #277973 + + -- Christian Hammers <ch@debian.org> Mon, 25 Oct 2004 00:47:04 +0200 + +quagga (0.97.1-2) unstable; urgency=low + + * Version 0.97 introduced shared libraries. They are now included. + (thanks to Raf D'Halleweyn). Closes: #277446 + + -- Christian Hammers <ch@debian.org> Wed, 20 Oct 2004 15:32:06 +0200 + +quagga (0.97.1-1) unstable; urgency=low + + * New upstream version. + * Removed some obsolete files from debian/patches. + * Added patch from upstream bug 113. Closes: #254541 + * Added patch from upstream that fixes a compilation problem in the + ospfclient code (thanks to Hasso Tepper). + * Updated German debconf translation (thanks to Jens Nachtigall) + Closes: #277059 + + -- Christian Hammers <ch@debian.org> Mon, 18 Oct 2004 01:16:35 +0200 + +quagga (0.96.5-11) unstable; urgency=low + + * Fixed /tmp/buildd/* paths in binaries. + For some unknown reason the upstream Makefile modified a .h file at + the end of the "debian/rules build" target. During the following + "make install" one library got thus be re*compiled* - with /tmp/buildd + paths as sysconfdir (thanks to Peder Chr. Norgaard). Closes: #274050 + + -- Christian Hammers <ch@debian.org> Fri, 1 Oct 2004 01:21:02 +0200 + +quagga (0.96.5-10) unstable; urgency=medium + + * The BGP routing daemon might freeze on network disturbances when + their peer is also a Quagga/Zebra router. + Applied patch from http://bugzilla.quagga.net/show_bug.cgi?id=102 + which has been confirmed by the upstream author. + (thanks to Gunther Stammwitz) + * Changed --enable-pam to --with-libpam (thanks to Hasso Tepper). + Closes: #264562 + * Added patch for vtysh (thanks to Hasso Tepper). Closes: #215919 + + -- Christian Hammers <ch@debian.org> Mon, 9 Aug 2004 15:33:02 +0200 + +quagga (0.96.5-9) unstable; urgency=low + + * Rewrote the documentation chapter about SNMP support. Closes: #195653 + * Added MPLS docs. + + -- Christian Hammers <ch@debian.org> Thu, 29 Jul 2004 21:01:52 +0200 + +quagga (0.96.5-8) unstable; urgency=low + + * Adjusted a grep in the initscript to also match a modprobe message + from older modutils packages (thanks to Faidon Paravoid). + + -- Christian Hammers <ch@debian.org> Wed, 28 Jul 2004 21:19:02 +0200 + +quagga (0.96.5-7) unstable; urgency=low + + * Added a "cd /etc/quagga/" to the init script as quagga tries to load + the config file first from the current working dir and then from the + config dir which could lead to confusion (thanks to Marco d'Itri). + Closes: #255078 + * Removed warning regarding problems with the Debian kernels from + README.Debian as they are no longer valid (thanks to Raphael Hertzog). + Closes: #257580 + * Added patch from Hasso Tepper that makes "terminal length 0" work + in vtysh (thanks to Matthias Wamser). Closes: #252579 + + -- Christian Hammers <ch@debian.org> Thu, 8 Jul 2004 21:53:21 +0200 + +quagga (0.96.5-6) unstable; urgency=low + + * Try to load the capability module as it is needed now. + + -- Christian Hammers <ch@debian.org> Tue, 8 Jun 2004 23:25:29 +0200 + +quagga (0.96.5-5) unstable; urgency=low + + * Changed the homedir of the quagga user to /etc/quagga/ to allow + admins to put ~/.ssh/authorized_keys there (thanks to Matthias Wamser). + Closes: #252577 + + -- Christian Hammers <ch@debian.org> Sat, 5 Jun 2004 14:47:31 +0200 + +quagga (0.96.5-4) unstable; urgency=medium + + * Fixed rules file to use the renamed ./configure option --enable-tcp-md5 + (thanks to Matthias Wamser). Closes: #252141 + + -- Christian Hammers <ch@debian.org> Tue, 1 Jun 2004 22:58:32 +0200 + +quagga (0.96.5-3) unstable; urgency=low + + * Provided default binary package name to all build depends that were + virtual packages (thanks to Goswin von Brederlow). Closes: #251625 + + -- Christian Hammers <ch@debian.org> Sat, 29 May 2004 22:48:53 +0200 + +quagga (0.96.5-2) unstable; urgency=low + + * New upstream version. + * New md5 patch version (thanks to Niklas Jakobsson and Hasso Tepper). + Closes: #250985 + * Fixes info file generation (thanks to Peder Chr. Norgaard). + Closes: #250992 + * Added catalan debconf translation (thanks to Aleix Badia i Bosch). + Closes: #250118 + * PATCHES: + This release contains BGP4 MD5 support which requires a kernel patch + to work. See /usr/share/doc/quagga/README.Debian.MD5. + (The patch is ht-20040525-0.96.5-bgp-md5.patch from Hasso Tepper) + + -- Christian Hammers <ch@debian.org> Thu, 27 May 2004 20:09:37 +0200 + +quagga (0.96.5-1) unstable; urgency=low + + * New upstream version. + * PATCHES: + This release contains BGP4 MD5 support which also requires a kernel patch. + See /usr/share/doc/quagga/README.Debian.MD5 and search for CAN-2004-0230. + + -- Christian Hammers <ch@debian.org> Sun, 16 May 2004 17:40:40 +0200 + +quagga (0.96.4x-10) unstable; urgency=low + + * SECURITY: + This release contains support for MD5 for BGP which is one suggested + prevention of the actually long known TCP SYN/RST attacks which got + much news in the last days as ideas were revealed that made them much + easier probable agains especially the BGP sessions than commonly known. + There are a lot of arguments agains the MD5 approach but some ISPs + started to require it. + See: CAN-2004-0230, http://www.us-cert.gov/cas/techalerts/TA04-111A.html + * PATCHES: + This release contains the MD5 patch from Hasso Tepper. It also seems to + required a kernel patch. See /usr/share/doc/quagga/README.Debian.MD5. + + -- Christian Hammers <ch@debian.org> Thu, 29 Apr 2004 01:01:38 +0200 + +quagga (0.96.4x-9) unstable; urgency=low + + * Fixed daemon loading order (thanks to Matt Kemner). + * Fixed typo in init script (thanks to Charlie Brett). Closes: #238582 + + -- Christian Hammers <ch@debian.org> Sun, 4 Apr 2004 15:32:18 +0200 + +quagga (0.96.4x-8) unstable; urgency=low + + * Patched upstream source so that quagga header files end up in + /usr/include/quagga/. Closes: #233792 + + -- Christian Hammers <ch@debian.org> Mon, 23 Feb 2004 01:42:53 +0100 + +quagga (0.96.4x-7) unstable; urgency=low + + * Fixed info file installation (thanks to Holger Dietze). Closes: #227579 + * Added Japanese translation (thanks to Hideki Yamane). Closes: #227812 + + -- Christian Hammers <ch@debian.org> Sun, 18 Jan 2004 17:28:29 +0100 + +quagga (0.96.4x-6) unstable; urgency=low + + * Added dependency to iproute. + * Initscript now checks not only for the pid file but also for the + daemons presence (thanks to Phil Gregory). Closes: #224389 + * Added my patch to configure file permissions. + + -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 22:34:29 +0100 + +quagga (0.96.4x-5) unstable; urgency=low + + * Added patch which gives bgpd the CAP_NET_RAW capability to allow it + to bind to special IPv6 link-local interfaces (Thanks to Bastian Blank). + Closes: #222930 + * Made woody backport easier by applying Colin Watsons po-debconf hack. + Thanks to Marc Haber for suggesting it. Closes: #223527 + * Made woody backport easier by applying a patch that removes some + obscure whitespaces inside an C macro. (Thanks to Marc Haber). + Closes: #223529 + * Now uses /usr/bin/pager. Closes: #204070 + * Added note about the "official woody backports" on my homepage. + + -- Christian Hammers <ch@debian.org> Mon, 15 Dec 2003 20:39:06 +0100 + +quagga (0.96.4x-4) unstable; urgency=high + + * SECURITY: + Fixes another bug that was originally reported against Zebra. + . + http://rhn.redhat.com/errata/RHSA-2003-307.html + Herbert Xu reported that Zebra can accept spoofed messages sent on the + kernel netlink interface by other users on the local machine. This could + lead to a local denial of service attack. The Common Vulnerabilities and + Exposures project (cve.mitre.org) has assigned the name CAN-2003-0858 to + this issue. + + * Minor improvements to init script (thanks to Iustin Pop). + Closes: #220938 + + -- Christian Hammers <ch@debian.org> Sat, 22 Nov 2003 13:27:57 +0100 + +quagga (0.96.4x-3) unstable; urgency=low + + * Changed "more" to "/usr/bin/pager" as default pager if $PAGER or + $VTYSH_PAGER is not set (thanks to Bastian Blank). Closes: #204070 + * Made the directory (but not the config/log files!) world accessible + again on user request (thanks to Anand Kumria)). Closes: #213129 + * No longer providing sample configuration in /etc/quagga/. They are + now only available in /usr/share/doc/quagga/ to avoid accidently + using them without changing the adresses (thanks to Marc Haber). + Closes: #215918 + + -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 16:59:30 +0100 + +quagga (0.96.4x-2) unstable; urgency=low + + * Fixed permission problem with pidfile (thanks to Kir Kostuchenko). + Closes: #220938 + + -- Christian Hammers <ch@debian.org> Sun, 16 Nov 2003 14:24:08 +0100 + +quagga (0.96.4x-1) unstable; urgency=low + + * Reupload of 0.96.4. Last upload-in-a-hurry produced a totally + crappy .tar.gz file. Closes: #220621 + + -- Christian Hammers <ch@debian.org> Fri, 14 Nov 2003 19:45:57 +0100 + +quagga (0.96.4-1) unstable; urgency=high + + * SECURITY: Remote DoS of protocol daemons. + Fix for a remote triggerable crash in vty layer. The management + ports ("telnet myrouter ospfd") should not be open to the internet! + + * New upstream version. + - OSPF bugfixes. + - Some improvements for bgp and rip. + + -- Christian Hammers <ch@debian.org> Thu, 13 Nov 2003 11:52:27 +0100 + +quagga (0.96.3-3) unstable; urgency=low + + * Fixed pid file generation by substituting the daemons "-d" by the + start-stop-daemon option "--background" (thanks to Micha Gaisser). + Closes: #218103 + + -- Christian Hammers <ch@debian.org> Wed, 29 Oct 2003 05:17:49 +0100 + +quagga (0.96.3-2) unstable; urgency=low + + * Readded GNOME-PRODUCT-ZEBRA-MIB. + + -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 06:17:03 +0200 + +quagga (0.96.3-1) unstable; urgency=medium + + * New upstream version. + * Removed -u and -e in postrm due to problems with debhelper and userdel + (thanks to Adam Majer and Jaakko Niemi). Closes: #216770 + * Removed SNMP MIBs as they are now included in libsnmp-base (thanks to + David Engel and Peter Gervai). Closes: #216138, #216086 + * Fixed seq command in init script (thanks to Marc Haber). Closes: #215915 + * Improved /proc check (thanks to Marc Haber). Closes: #212331 + + -- Christian Hammers <ch@debian.org> Thu, 23 Oct 2003 03:42:02 +0200 + +quagga (0.96.2-9) unstable; urgency=medium + + * Removed /usr/share/info/dir.* which were accidently there and prevented + the installation by dpkg (thanks to Simon Raven). Closes: #212614 + * Reworded package description (thanks to Anand Kumria). Closes: #213125 + * Added french debconf translation (thanks to Christian Perrier). + Closes: #212803 + + -- Christian Hammers <ch@debian.org> Tue, 7 Oct 2003 13:26:58 +0200 + +quagga (0.96.2-8) unstable; urgency=low + + * debian/rules now checks if /proc is mounted as ./configure needs + it but just fails with an obscure error message if it is absent. + (Thanks to Norbert Tretkowski). Closes: #212331 + + -- Christian Hammers <ch@debian.org> Tue, 23 Sep 2003 12:57:38 +0200 + +quagga (0.96.2-7) unstable; urgency=low + + * Last build was rejected due to a buggy dpkg-dev version. Rebuild. + + -- Christian Hammers <ch@debian.org> Mon, 22 Sep 2003 20:34:12 +0200 + +quagga (0.96.2-6) unstable; urgency=low + + * Fixed init script so that is is now possible to just start + the bgpd but not the zebra daemon. Also daemons are now actually + started in the order defined their priority. (Thanks to Thomas Kaehn + and Jochen Friedrich) Closes: #210924 + + -- Christian Hammers <ch@debian.org> Fri, 19 Sep 2003 21:17:02 +0200 + +quagga (0.96.2-5) unstable; urgency=low + + * For using quagga as BGP route server or similar, it is not + wanted to have the zebra daemon running too. For this reason + it can now be disabled in /etc/quagga/daemons, too. + (Thanks to Jochen Friedrich). Closes: #210924 + * Attached *unapplied* patch for the ISIS protocol. I did not dare + to apply it as long as upstream does not do it but this way give + users the possibilities to use it if they like to. + (Thanks to Remco van Mook) + + -- Christian Hammers <ch@debian.org> Wed, 17 Sep 2003 19:57:31 +0200 + +quagga (0.96.2-4) unstable; urgency=low + + * Enabled IPV6 router advertisement feature by default on user request + (thanks to Jochen Friedrich and Hasso Tepper). Closes: #210732 + * Updated GNU autoconf to let it build on hppa/parisc64 (thanks to + lamont). Closes: #210492 + + -- Christian Hammers <ch@debian.org> Sat, 13 Sep 2003 14:11:13 +0200 + +quagga (0.96.2-3) unstable; urgency=medium + + * Removed unnecessary "-lcrypto" to avoid dependency against OpenSSL + which would require further copyright addtions. + + -- Christian Hammers <ch@debian.org> Wed, 10 Sep 2003 01:37:28 +0200 + +quagga (0.96.2-2) unstable; urgency=low + + * Added note that config files of quagga are in /etc/quagga and + not /etc/zebra for the zebra users that migrate to quagga. + (Thanks to Roberto Suarez Soto for the idea) + * Fixed setgid rights in /etc/quagga. + + -- Christian Hammers <ch@debian.org> Wed, 27 Aug 2003 14:05:39 +0200 + +quagga (0.96.2-1) unstable; urgency=low + + * This package has formally been known as "zebra-pj"! + * New upstream release. + Fixes "anoying OSPF problem". + * Modified group ownerships so that vtysh can now be used by normal + uses if they are in the quaggavty group. + + -- Christian Hammers <ch@debian.org> Mon, 25 Aug 2003 23:40:14 +0200 + +quagga (0.96.1-1) unstable; urgency=low + + * Zebra-pj, the fork of zebra has been renamed to quagga as the original + upstream author asked the new project membed not to use "zebra" in the + name. zebra-pj is obsolete. + + -- Christian Hammers <ch@debian.org> Mon, 18 Aug 2003 23:37:20 +0200 + +zebra-pj (0.94+cvs20030721-1) unstable; urgency=low + + * New CVS build. + - OSPF changes (integration of the OSPF API?) + - code cleanups (for ipv6?) + * Tightened Build-Deps to gcc-2.95 as 3.x does not compile a stable ospfd. + This is a known problem and has been discussed on the mailing list. + No other solutions so far. + + -- Christian Hammers <ch@debian.org> Mon, 21 Jul 2003 23:52:00 +0200 + +zebra-pj (0.94+cvs20030701-1) unstable; urgency=low + + * Initial Release. + + -- Christian Hammers <ch@debian.org> Tue, 1 Jul 2003 01:58:06 +0200 diff --git a/debian/control b/debian/control index 0bbe99b312..0e67ff3730 100644 --- a/debian/control +++ b/debian/control @@ -22,7 +22,6 @@ Build-Depends: bison, librtr-dev <!pkg.frr.nortrlib>, libsnmp-dev, libssh-dev <!pkg.frr.nortrlib>, - libsystemd-dev <!pkg.frr.nosystemd>, libyang2-dev, lsb-base, pkg-config, diff --git a/debian/gbp.conf b/debian/gbp.conf index 990c4d226e..23917b9b8f 100644 --- a/debian/gbp.conf +++ b/debian/gbp.conf @@ -1,4 +1,4 @@ [DEFAULT] pristine-tar = False debian-branch = master -upstream-tree=SLOPPY +upstream-tree = SLOPPY diff --git a/debian/rules b/debian/rules index 93d0cdb2a0..0fa9c3a3b0 100755 --- a/debian/rules +++ b/debian/rules @@ -21,14 +21,6 @@ else CONF_RPKI=--disable-rpki endif -ifeq ($(filter pkg.frr.nosystemd,$(DEB_BUILD_PROFILES)),) - DH_WITHOUT_SYSTEMD= - CONF_SYSTEMD=--enable-systemd=yes -else - DH_WITHOUT_SYSTEMD=--without=systemd - CONF_SYSTEMD=--enable-systemd=no -endif - ifeq ($(filter pkg.frr.lua,$(DEB_BUILD_PROFILES)),) CONF_LUA=--disable-scripting else @@ -38,7 +30,7 @@ endif export PYTHON=python3 %: - dh $@ $(DH_WITHOUT_SYSTEMD) + dh $@ override_dh_auto_configure: $(shell dpkg-buildflags --export=sh); \ @@ -52,7 +44,6 @@ override_dh_auto_configure: LIBTOOLFLAGS="-rpath /usr/lib/$(DEB_HOST_MULTIARCH)/frr" \ --disable-dependency-tracking \ \ - $(CONF_SYSTEMD) \ $(CONF_RPKI) \ $(CONF_LUA) \ --with-libpam \ @@ -80,9 +71,7 @@ override_dh_auto_install: sed -e '1c #!/usr/bin/python3' -i debian/tmp/usr/lib/frr/generate_support_bundle.py # let dh_systemd_* and dh_installinit do their thing automatically -ifeq ($(filter pkg.frr.nosystemd,$(DEB_BUILD_PROFILES)),) cp tools/frr.service debian/frr.service -endif cp tools/frrinit.sh debian/frr.init -rm -f debian/tmp/usr/lib/frr/frr diff --git a/debian/tests/py-frr-reload b/debian/tests/py-frr-reload index e2c97e8744..6dfef33f08 100755 --- a/debian/tests/py-frr-reload +++ b/debian/tests/py-frr-reload @@ -22,7 +22,15 @@ sed -e '/^ip route 198.51.100.0\/28 127.0.0.1/ c ip route 198.51.100.64/28 127.0 service frr reload -vtysh -c 'show running-config' | grep -q 'ip route 198.51.100.64/28 127.0.0.1' +# wait for the new config to load +for __t in $(seq 1 10); do + if vtysh -c 'show running-config' | grep -q 'ip route 198.51.100.64/28 127.0.0.1'; then + break + fi + sleep "$__t" +done + +# fail if the old config is still loaded if vtysh -c 'show running-config' | grep -q 'ip route 198.51.100.0/28 127.0.0.1'; then exit 1 fi diff --git a/doc/developer/building-frr-for-archlinux.rst b/doc/developer/building-frr-for-archlinux.rst index e589a9f724..af1677e89e 100644 --- a/doc/developer/building-frr-for-archlinux.rst +++ b/doc/developer/building-frr-for-archlinux.rst @@ -10,8 +10,8 @@ Installing Dependencies sudo pacman -S \ git autoconf automake libtool make cmake pcre readline texinfo \ pkg-config pam json-c bison flex python-pytest \ - c-ares python systemd python2-ipaddress python-sphinx \ - systemd-libs net-snmp perl libcap libelf + c-ares python python2-ipaddress python-sphinx \ + net-snmp perl libcap libelf .. include:: building-libyang.rst diff --git a/doc/developer/building-frr-for-centos7.rst b/doc/developer/building-frr-for-centos7.rst index 93b9993a38..ce11126f70 100644 --- a/doc/developer/building-frr-for-centos7.rst +++ b/doc/developer/building-frr-for-centos7.rst @@ -21,7 +21,7 @@ Add packages: sudo yum install git autoconf automake libtool make \ readline-devel texinfo net-snmp-devel groff pkgconfig \ json-c-devel pam-devel bison flex pytest c-ares-devel \ - python-devel systemd-devel python-sphinx libcap-devel \ + python-devel python-sphinx libcap-devel \ elfutils-libelf-devel .. include:: building-libyang.rst @@ -66,7 +66,6 @@ an example.) --enable-user=frr \ --enable-group=frr \ --enable-vty-group=frrvty \ - --enable-systemd=yes \ --disable-ldpd \ --enable-fpm \ --with-pkg-git-version \ diff --git a/doc/developer/building-frr-for-centos8.rst b/doc/developer/building-frr-for-centos8.rst index 65c93286b7..109a7866d9 100644 --- a/doc/developer/building-frr-for-centos8.rst +++ b/doc/developer/building-frr-for-centos8.rst @@ -14,7 +14,7 @@ Add packages: sudo dnf install --enablerepo=PowerTools git autoconf pcre-devel \ automake libtool make readline-devel texinfo net-snmp-devel pkgconfig \ groff pkgconfig json-c-devel pam-devel bison flex python2-pytest \ - c-ares-devel python2-devel systemd-devel libcap-devel \ + c-ares-devel python2-devel libcap-devel \ elfutils-libelf-devel .. include:: building-libyang.rst @@ -59,7 +59,6 @@ an example.) --enable-user=frr \ --enable-group=frr \ --enable-vty-group=frrvty \ - --enable-systemd=yes \ --disable-ldpd \ --enable-fpm \ --with-pkg-git-version \ diff --git a/doc/developer/building-frr-for-debian8.rst b/doc/developer/building-frr-for-debian8.rst index 475e0303fc..5e58854ed7 100644 --- a/doc/developer/building-frr-for-debian8.rst +++ b/doc/developer/building-frr-for-debian8.rst @@ -17,7 +17,7 @@ Add packages: sudo apt-get install git autoconf automake libtool make \ libreadline-dev texinfo libjson-c-dev pkg-config bison flex python3-pip \ - libc-ares-dev python3-dev python3-sphinx build-essential libsystemd-dev \ + libc-ares-dev python3-dev python3-sphinx build-essential \ libsnmp-dev libcap-dev libelf-dev Install newer pytest (>3.0) from pip diff --git a/doc/developer/building-frr-for-debian9.rst b/doc/developer/building-frr-for-debian9.rst index 1981127b3d..f8d8025f62 100644 --- a/doc/developer/building-frr-for-debian9.rst +++ b/doc/developer/building-frr-for-debian9.rst @@ -11,7 +11,7 @@ Add packages: sudo apt-get install git autoconf automake libtool make \ libreadline-dev texinfo libjson-c-dev pkg-config bison flex \ libc-ares-dev python3-dev python3-pytest python3-sphinx build-essential \ - libsnmp-dev libsystemd-dev libcap-dev libelf-dev + libsnmp-dev libcap-dev libelf-dev .. include:: building-libyang.rst diff --git a/doc/developer/building-frr-for-fedora.rst b/doc/developer/building-frr-for-fedora.rst index 5fecd8a826..6ce76ba158 100644 --- a/doc/developer/building-frr-for-fedora.rst +++ b/doc/developer/building-frr-for-fedora.rst @@ -14,7 +14,7 @@ Installing Dependencies sudo dnf install git autoconf automake libtool make \ readline-devel texinfo net-snmp-devel groff pkgconfig json-c-devel \ pam-devel python3-pytest bison flex c-ares-devel python3-devel \ - python3-sphinx perl-core patch systemd-devel libcap-devel \ + python3-sphinx perl-core patch libcap-devel \ elfutils-libelf-devel .. include:: building-libyang.rst diff --git a/doc/developer/building-frr-for-opensuse.rst b/doc/developer/building-frr-for-opensuse.rst index 4e886e9c25..ee6a36a14b 100644 --- a/doc/developer/building-frr-for-opensuse.rst +++ b/doc/developer/building-frr-for-opensuse.rst @@ -13,7 +13,7 @@ Installing Dependencies zypper in git autoconf automake libtool make \ readline-devel texinfo net-snmp-devel groff pkgconfig libjson-c-devel\ pam-devel python3-pytest bison flex c-ares-devel python3-devel\ - python3-Sphinx perl patch systemd-devel libcap-devel libyang-devel \ + python3-Sphinx perl patch libcap-devel libyang-devel \ libelf-devel Building & Installing FRR diff --git a/doc/developer/building-frr-for-ubuntu1604.rst b/doc/developer/building-frr-for-ubuntu1604.rst index 2cb9536f9b..d79545c859 100644 --- a/doc/developer/building-frr-for-ubuntu1604.rst +++ b/doc/developer/building-frr-for-ubuntu1604.rst @@ -13,8 +13,8 @@ Installing Dependencies apt-get install \ git autoconf automake libtool make libreadline-dev texinfo \ pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest \ - libc-ares-dev python3-dev libsystemd-dev python-ipaddress python3-sphinx \ - install-info build-essential libsystemd-dev libsnmp-dev perl libcap-dev \ + libc-ares-dev python3-dev python-ipaddress python3-sphinx \ + install-info build-essential libsnmp-dev perl libcap-dev \ libelf-dev .. include:: building-libyang.rst diff --git a/doc/developer/building-frr-for-ubuntu1804.rst b/doc/developer/building-frr-for-ubuntu1804.rst index eb3991c139..39a17fc01c 100644 --- a/doc/developer/building-frr-for-ubuntu1804.rst +++ b/doc/developer/building-frr-for-ubuntu1804.rst @@ -13,8 +13,8 @@ Installing Dependencies sudo apt-get install \ git autoconf automake libtool make libreadline-dev texinfo \ pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest \ - libc-ares-dev python3-dev libsystemd-dev python-ipaddress python3-sphinx \ - install-info build-essential libsystemd-dev libsnmp-dev perl libcap-dev \ + libc-ares-dev python3-dev python-ipaddress python3-sphinx \ + install-info build-essential libsnmp-dev perl libcap-dev \ libelf-dev .. include:: building-libyang.rst diff --git a/doc/developer/building-frr-for-ubuntu2004.rst b/doc/developer/building-frr-for-ubuntu2004.rst index 58d72e2891..92ddead4a5 100644 --- a/doc/developer/building-frr-for-ubuntu2004.rst +++ b/doc/developer/building-frr-for-ubuntu2004.rst @@ -13,8 +13,8 @@ Installing Dependencies sudo apt-get install \ git autoconf automake libtool make libreadline-dev texinfo \ pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest \ - libc-ares-dev python3-dev libsystemd-dev python-ipaddress python3-sphinx \ - install-info build-essential libsystemd-dev libsnmp-dev perl \ + libc-ares-dev python3-dev python-ipaddress python3-sphinx \ + install-info build-essential libsnmp-dev perl \ libcap-dev python2 libelf-dev Note that Ubuntu 20 no longer installs python 2.x, so it must be diff --git a/doc/developer/frr-release-procedure.rst b/doc/developer/frr-release-procedure.rst index 5da73f61f6..08e3057ae6 100644 --- a/doc/developer/frr-release-procedure.rst +++ b/doc/developer/frr-release-procedure.rst @@ -49,23 +49,14 @@ FRR Release Procedure 5. Update Changelog for Debian Packages: - Edit :file:`changelog-auto.in`: + Update :file:`debian/changelog`: - - Change last (top of list) entry from ``@VERSION@`` to the **last** - released version number. For example, if ``<version>`` is ``7.3`` and the - last public release was ``7.2``, you would use ``7.2``, changing the file - like so:: + - Run following with **last** release version number and debian revision + (usually -1) as argument to ``dch --newversion VERSION``. For example, if + ``<version>`` is ``7.3`` then you will run ``dch --newversion 7.3-1``. - frr (@VERSION@) RELEASED; urgency=medium - - to:: - - frr (7.2) RELEASED; urgency=medium - - - Add a new entry to the top of the list with a ``@VERSION@`` tag. Make sure - to watch the format. - - - Add the changelog text below this entry. + - The ``dch`` will run an editor, and you should add the changelog text below + this entry, usually that would be: **New upstream version**. - Verify the changelog format using ``dpkg-parsechangelog``. In the repository root: diff --git a/doc/developer/include-compile.rst b/doc/developer/include-compile.rst index d9fa260221..513cac6179 100644 --- a/doc/developer/include-compile.rst +++ b/doc/developer/include-compile.rst @@ -2,11 +2,6 @@ Clone the FRR git repo and use the included ``configure`` script to configure FRR's build time options to your liking. The full option listing can be obtained by running ``./configure -h``. The options shown below are examples. -.. note:: - - If your platform uses ``systemd``, please make sure to add - ``--enable-systemd=yes`` to your configure options. - .. code-block:: console git clone https://github.com/frrouting/frr.git frr diff --git a/doc/developer/packaging-debian.rst b/doc/developer/packaging-debian.rst index b57286d5a1..a81e052490 100644 --- a/doc/developer/packaging-debian.rst +++ b/doc/developer/packaging-debian.rst @@ -30,33 +30,30 @@ buster.) .. code-block:: shell - sudo mk-build-deps --install debian/control + sudo mk-build-deps --install --remove debian/control Alternatively, you can manually install build dependencies for your platform as outlined in :ref:`building`. -4. Run ``tools/tarsource.sh -V``: +4. Install `git-buildpackage` package: .. code-block:: shell - ./tools/tarsource.sh -V - - This script sets up the ``debian/changelog-auto`` file with proper version - information. + sudo apt-get install git-buildpackage 5. (optional) Append a distribution identifier if needed (see below under :ref:`multi-dist`.) -6. Build Debian Package: +6. Build Debian Binary and/or Source Packages: .. code-block:: shell - dpkg-buildpackage $options + gbp buildpackage --git-builder=dpkg-buildpackage --git-debian-branch="$(git rev-parse --abbrev-ref HEAD)" $options Where `$options` may contain any or all of the following items: * build profiles specified with ``-P``, e.g. - ``-Ppkg.frr.nortrlib,pkg.frr.nosystemd``. + ``-Ppkg.frr.nortrlib,pkg.frr.rtrlib``. Multiple values are separated by commas and there must not be a space after the ``-P``. @@ -67,20 +64,24 @@ buster.) +================+===================+=========================================+ | pkg.frr.rtrlib | pkg.frr.nortrlib | builds frr-rpki-rtrlib package (or not) | +----------------+-------------------+-----------------------------------------+ - | n/a | pkg.frr.nosystemd | removes libsystemd dependency and | - | | | disables unit file installation | - +----------------+-------------------+-----------------------------------------+ - - .. note:: - - The ``pkg.frr.nosystemd`` option is only intended to support Ubuntu - 14.04 (and should be enabled when building for that.) * the ``-uc -us`` options to disable signing the packages with your GPG key (git builds of the `master` or `stable/X.X` branches won't be signed by default since their target release is set to ``UNRELEASED``.) + * the ``--build=type`` accepts following options (see ``dpkg-buildpackage`` manual page): + + * ``source`` builds the source package + * ``any`` builds the architecture specific binary packages + * ``all`` build the architecture independent binary packages + * ``binary`` build the architecture specific and independent binary packages (alias for ``any,all``) + * ``full`` builds everything (alias for ``source,any,all``) + + Alternatively, you might want to replace ``dpkg-buildpackage`` with + ``debuild`` wrapper that also runs ``lintian`` and ``debsign`` on the final + packages. + 7. Done! If all worked correctly, then you should end up with the Debian packages in @@ -97,12 +98,6 @@ buster.) a manually maintained changelog that contains proper Debian release versioning. - Furthermore, official Debian packages are built in ``3.0 (quilt)`` format - with an "orig" tarball and a "debian" tarball. These tarballs are created - by the ``tarsource.sh`` tool on any branch. The git repository however - contains a ``3.0 (git)`` source format specifier to easily allow direct - git builds. - .. _multi-dist: @@ -111,7 +106,6 @@ Multi-Distribution builds You can optionally append a distribution identifier in case you want to make multiple versions of the package available in the same repository. -Do the following after creating the changelog with `tarsource.sh`: .. code-block:: shell diff --git a/doc/developer/packaging-redhat.rst b/doc/developer/packaging-redhat.rst index 458cfa0ad4..9e64b912f3 100644 --- a/doc/developer/packaging-redhat.rst +++ b/doc/developer/packaging-redhat.rst @@ -18,10 +18,6 @@ Tested on CentOS 6, CentOS 7, CentOS 8 and Fedora 24. yum install rpm-build net-snmp-devel pam-devel libcap-devel - If your platform uses systemd:: - - yum install systemd-devel - For CentOS 7 and CentOS 8, the package will be built using python3 and requires additional python3 packages:: diff --git a/doc/developer/scripting.rst b/doc/developer/scripting.rst index 708f65ff7d..1757d41feb 100644 --- a/doc/developer/scripting.rst +++ b/doc/developer/scripting.rst @@ -135,24 +135,20 @@ A typical execution call looks something like this: int status_ok = 0, status_fail = 1; struct prefix p = ...; - struct frrscript_env env[] = { - {"integer", "STATUS_FAIL", &status_fail}, - {"integer", "STATUS_OK", &status_ok}, - {"prefix", "myprefix", &p}, - {}}; - - int result = frrscript_call(fs, env); + int result = frrscript_call(fs, + ("STATUS_FAIL", &status_fail), + ("STATUS_OK", &status_ok), + ("prefix", &p)); To execute a loaded script, we need to define the inputs. These inputs are -passed by binding values to variable names that will be accessible within the +passed in by binding values to variable names that will be accessible within the Lua environment. Basically, all communication with the script takes place via global variables within the script, and to provide inputs we predefine globals -before the script runs. This is done by passing ``frrscript_call()`` an array -of ``struct frrscript_env``. Each struct has three fields. The first identifies -the type of the value being passed; more on this later. The second defines the -name of the global variable within the script environment to bind the third -argument (the value) to. +before the script runs. This is done by passing ``frrscript_call()`` a list of +parenthesized pairs, where the first and second fields identify, respectively, +the name of the global variable within the script environment and the value it +is bound to. The script is then executed and returns a general status code. In the success case this will be 0, otherwise it will be nonzero. The script itself does not @@ -162,32 +158,10 @@ determine this code, it is provided by the Lua interpreter. Querying State ^^^^^^^^^^^^^^ -When a chunk is executed, its state at exit is preserved and can be inspected. - -After running a script, results may be retrieved by querying the script's -state. Again this is done by retrieving the values of global variables, which -are known to the script author to be "output" variables. - -A result is retrieved like so: - -.. code-block:: c - - struct frrscript_env myresult = {"string", "myresult"}; - - char *myresult = frrscript_get_result(fs, &myresult); - - ... do something ... - - XFREE(MTYPE_TMP, myresult); - +.. todo:: -As with arguments, results are retrieved by providing a ``struct -frrscript_env`` specifying a type and a global name. No value is necessary, nor -is it modified by ``frrscript_get_result()``. That function simply extracts the -requested value from the script state and returns it. - -In most cases the returned value will be allocated with ``MTYPE_TMP`` and will -need to be freed after use. + This section will be updated once ``frrscript_get_result`` has been + updated to work with the new ``frrscript_call`` and the rest of the new API. Unloading @@ -199,21 +173,14 @@ To destroy a script and its associated state: frrscript_unload(fs); -Values returned by ``frrscript_get_result`` are still valid after the script -they were retrieved from is unloaded. - -Note that you must unload and then load the script if you want to reset its -state, for example to run it again with different inputs. Otherwise the state -from the previous run carries over into subsequent runs. - .. _marshalling: Marshalling ^^^^^^^^^^^ -Earlier sections glossed over the meaning of the type name field in ``struct -frrscript_env`` and how data is passed between C and Lua. Lua, as a dynamically +Earlier sections glossed over the types of values that can be passed into +``frrscript_call`` and how data is passed between C and Lua. Lua, as a dynamically typed, garbage collected language, cannot directly use C values without some kind of marshalling / unmarshalling system to translate types between the two runtimes. @@ -222,31 +189,10 @@ Lua communicates with C code using a stack. C code wishing to provide data to Lua scripts must provide a function that marshalls the C data into a Lua representation and pushes it on the stack. C code wishing to retrieve data from Lua must provide a corresponding unmarshalling function that retrieves a Lua -value from the stack and converts it to the corresponding C type. These two -functions, together with a chosen name of the type they operate on, are -referred to as ``codecs`` in FRR. - -A codec is defined as: - -.. code-block:: c - - typedef void (*encoder_func)(lua_State *, const void *); - typedef void *(*decoder_func)(lua_State *, int); - - struct frrscript_codec { - const char *typename; - encoder_func encoder; - decoder_func decoder; - }; +value from the stack and converts it to the corresponding C type. These +functions are known as encoders and decoders in FRR. -A typename string and two function pointers. - -``typename`` can be anything you want. For example, for the combined types of -``struct prefix`` and its equivalent in Lua I have chosen the name ``prefix``. -There is no restriction on naming here, it is just a human name used as a key -and specified when passing and retrieving values. - -``encoder`` is a function that takes a ``lua_State *`` and a C type and pushes +An encoder is a function that takes a ``lua_State *`` and a C type and pushes onto the Lua stack a value representing the C type. For C structs, the usual case, this will typically be a Lua table (tables are the only datastructure Lua has). For example, here is the encoder function for ``struct prefix``: @@ -254,7 +200,7 @@ has). For example, here is the encoder function for ``struct prefix``: .. code-block:: c - void lua_pushprefix(lua_State *L, const struct prefix *prefix) + void lua_pushprefix(lua_State *L, struct prefix *prefix) { char buffer[PREFIX_STRLEN]; @@ -269,17 +215,48 @@ has). For example, here is the encoder function for ``struct prefix``: lua_setfield(L, -2, "family"); } -This function pushes a single value onto the Lua stack. It is a table whose equivalent in Lua is: +This function pushes a single value onto the Lua stack. It is a table whose +equivalent in Lua is: .. code-block:: c { ["network"] = "1.2.3.4/24", ["prefixlen"] = 24, ["family"] = 2 } -``decoder`` does the reverse; it takes a ``lua_State *`` and an index into the -stack, and unmarshalls a Lua value there into the corresponding C type. Again -for ``struct prefix``: +Decoders are a bit more involved. They do the reverse; a decoder function takes +a ``lua_State *``, pops a value off the Lua stack and converts it back into its +C type. +However, since Lua programs have the ability to directly modify their inputs +(i.e. values passed in via ``frrscript_call``), we need two separate decoder +functions, called ``lua_decode_*`` and ``lua_to*``. +A ``lua_decode_*`` function takes a ``lua_State*``, an index, and a C type, and +unmarshalls a Lua value into that C type. +Again, for ``struct prefix``: + +.. code-block:: c + + void lua_decode_prefix(lua_State *L, int idx, struct prefix *prefix) + { + lua_getfield(L, idx, "network"); + (void)str2prefix(lua_tostring(L, -1), prefix); + lua_pop(L, 1); + /* pop the table */ + lua_pop(L, 1); + } + +.. warning:: + + ``lua_decode_prefix`` functions should leave the Lua stack completely empty + when they return. + For decoders that unmarshall fields from tables, remember to pop the table + at the end. + + +A ``lua_to*`` function perform a similar role except that it first allocates +memory for the new C type before decoding the value from the Lua stack, then +returns a pointer to the newly allocated C type. +This function can and should be implemented using ``lua_decode_*``: .. code-block:: c @@ -287,39 +264,70 @@ for ``struct prefix``: { struct prefix *p = XCALLOC(MTYPE_TMP, sizeof(struct prefix)); - lua_getfield(L, idx, "network"); - str2prefix(lua_tostring(L, -1), p); - lua_pop(L, 1); - + lua_decode_prefix(L, idx, p); return p; } -By convention these functions should be called ``lua_to*``, as this is the -naming convention used by the Lua C library for the basic types e.g. -``lua_tointeger`` and ``lua_tostring``. The returned data must always be copied off the stack and the copy must be allocated with ``MTYPE_TMP``. This way it is possible to unload the script (destroy the state) without invalidating any references to values stored in it. +Note that it is the caller's responsibility to free the data. -To register a new type with its corresponding encoding functions: - -.. code-block:: c - - struct frrscript_codec frrscript_codecs_lib[] = { - {.typename = "prefix", - .encoder = (encoder_func)lua_pushprefix, - .decoder = lua_toprefix}, - {.typename = "sockunion", - .encoder = (encoder_func)lua_pushsockunion, - .decoder = lua_tosockunion}, - ... - {}}; +For consistency, we should always name functions of the first type +``lua_decode_*``. +Functions of the second type should be named ``lua_to*``, as this is the +naming convention used by the Lua C library for the basic types e.g. +``lua_tointeger`` and ``lua_tostring``. - frrscript_register_type_codecs(frrscript_codecs_lib); +This two-function design allows the compiler to warn if a value passed into +``frrscript_call`` does not have a encoder and decoder for that type. +The ``lua_to*`` functions enable us to easily create decoders for nested +structures. + +To register a new type with its corresponding encoding and decoding functions, +add the mapping in the following macros in ``frrscript.h``: + +.. code-block:: diff + + #define ENCODE_ARGS_WITH_STATE(L, value) \ + _Generic((value), \ + ... + - struct peer * : lua_pushpeer \ + + struct peer * : lua_pushpeer, \ + + struct prefix * : lua_pushprefix \ + )(L, value) + + #define DECODE_ARGS_WITH_STATE(L, value) \ + _Generic((value), \ + ... + - struct peer * : lua_decode_peer \ + + struct peer * : lua_decode_peer, \ + + struct prefix * : lua_decode_prefix \ + )(L, -1, value) + + +At compile time, the compiler will search for encoders/decoders for the type of +each value passed in via ``frrscript_call``. If a encoder/decoder cannot be +found, it will appear as a compile warning. Note that the types must +match *exactly*. +In the above example, we defined encoders/decoders for a value of +``struct prefix *``, but not ``struct prefix`` or ``const struct prefix *``. + +``const`` values are a special case. We want to use them in our Lua scripts +but not modify them, so creating a decoder for them would be meaningless. +But we still need a decoder for the type of value so that the compiler will be +satisfied. +For that, use ``lua_decode_noop``: + +.. code-block:: diff + + #define DECODE_ARGS_WITH_STATE(L, value) \ + _Generic((value), \ + ... + + const struct prefix * : lua_decode_noop \ + )(L, -1, value) -From this point on the type names are available to be used when calling any -script and getting its results. .. note:: diff --git a/doc/user/installation.rst b/doc/user/installation.rst index 63254555d9..fdf5bab9c9 100644 --- a/doc/user/installation.rst +++ b/doc/user/installation.rst @@ -146,11 +146,6 @@ options from the list below. software available on your machine. This is needed for systemd integration, if you disable watchfrr you cannot have any systemd integration. -.. option:: --enable-systemd - - Build watchfrr with systemd integration, this will allow FRR to communicate with - systemd to tell systemd if FRR has come up properly. - .. option:: --enable-werror Build with all warnings converted to errors as a compile option. This @@ -404,6 +399,12 @@ options to the configuration script. Set StrongSWAN vici interface socket path [/var/run/charon.vici]. +.. note:: + + The former ``--enable-systemd`` option does not exist anymore. Support for + systemd is now always available through built-in functions, without + depending on libsystemd. + Python dependency, documentation and tests ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/docker/centos-7/Dockerfile b/docker/centos-7/Dockerfile index 303a33fe4a..73097df8fa 100644 --- a/docker/centos-7/Dockerfile +++ b/docker/centos-7/Dockerfile @@ -4,7 +4,7 @@ RUN yum install -y epel-release RUN yum install -y rpm-build autoconf automake libtool make \ readline-devel texinfo net-snmp-devel groff pkgconfig \ json-c-devel pam-devel bison flex pytest c-ares-devel \ - python3-devel python3-sphinx systemd-devel libcap-devel \ + python3-devel python3-sphinx libcap-devel \ https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-7-x86_64-Packages/libyang2-2.0.0.10.g2eb910e4-1.el7.x86_64.rpm \ https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-7-x86_64-Packages/libyang2-devel-2.0.0.10.g2eb910e4-1.el7.x86_64.rpm \ https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-110/CentOS-7-x86_64-Packages/librtr-0.7.0-1.el7.centos.x86_64.rpm \ diff --git a/docker/centos-8/Dockerfile b/docker/centos-8/Dockerfile index 8a0c28e13b..71378c2451 100644 --- a/docker/centos-8/Dockerfile +++ b/docker/centos-8/Dockerfile @@ -4,7 +4,7 @@ FROM centos:centos8 as centos-8-builder RUN dnf install --enablerepo=powertools -y rpm-build git autoconf pcre-devel \ automake libtool make readline-devel texinfo net-snmp-devel pkgconfig \ groff pkgconfig json-c-devel pam-devel bison flex python3-pytest \ - c-ares-devel python3-devel python3-sphinx systemd-devel libcap-devel platform-python-devel \ + c-ares-devel python3-devel python3-sphinx libcap-devel platform-python-devel \ https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \ https://ci1.netdef.org/artifact/LIBYANG-LIBYANGV2/shared/build-2/CentOS-8-x86_64-Packages/libyang2-devel-2.0.0.10.g2eb910e4-1.el8.x86_64.rpm \ https://ci1.netdef.org/artifact/RPKI-RTRLIB/shared/build-110/CentOS-7-x86_64-Packages/librtr-0.7.0-1.el7.centos.x86_64.rpm \ diff --git a/docker/ubuntu18-ci/Dockerfile b/docker/ubuntu18-ci/Dockerfile index 680b9172ad..766f06dfc2 100644 --- a/docker/ubuntu18-ci/Dockerfile +++ b/docker/ubuntu18-ci/Dockerfile @@ -7,8 +7,8 @@ RUN apt update && \ apt-get install -y \ git autoconf automake libtool make libreadline-dev texinfo \ pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest \ - libc-ares-dev python3-dev libsystemd-dev python-ipaddress python3-sphinx \ - install-info build-essential libsystemd-dev libsnmp-dev perl libcap-dev \ + libc-ares-dev python3-dev python-ipaddress python3-sphinx \ + install-info build-essential libsnmp-dev perl libcap-dev \ libelf-dev \ sudo gdb iputils-ping time \ mininet python-pip iproute2 iperf && \ diff --git a/docker/ubuntu20-ci/Dockerfile b/docker/ubuntu20-ci/Dockerfile index 8b7557db1d..b5df98f23e 100644 --- a/docker/ubuntu20-ci/Dockerfile +++ b/docker/ubuntu20-ci/Dockerfile @@ -7,11 +7,12 @@ RUN apt update && \ apt-get install -y \ git autoconf automake libtool make libreadline-dev texinfo \ pkg-config libpam0g-dev libjson-c-dev bison flex python3-pytest \ - libc-ares-dev python3-dev libsystemd-dev python-ipaddress python3-sphinx \ - install-info build-essential libsystemd-dev libsnmp-dev perl \ + libc-ares-dev python3-dev python-ipaddress python3-sphinx \ + install-info build-essential libsnmp-dev perl \ libcap-dev python2 libelf-dev \ sudo gdb curl iputils-ping time \ libgrpc++-dev libgrpc-dev protobuf-compiler-grpc \ + lua5.3 liblua5.3-dev \ mininet iproute2 iperf && \ curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output /tmp/get-pip.py && \ python2 /tmp/get-pip.py && \ @@ -66,6 +67,7 @@ RUN cd ~/frr && \ --enable-group=frr \ --enable-vty-group=frrvty \ --enable-snmp=agentx \ + --enable-scripting \ --with-pkg-extra-version=-my-manual-build && \ make -j $(nproc) && \ sudo make install diff --git a/lib/buffer.c b/lib/buffer.c index 7929b3709d..41b1adc9fc 100644 --- a/lib/buffer.c +++ b/lib/buffer.c @@ -357,7 +357,8 @@ buffer_status_t buffer_flush_window(struct buffer *b, int fd, int width, iov_size = ((iov_index > IOV_MAX) ? IOV_MAX : iov_index); - if ((nbytes = writev(fd, c_iov, iov_size)) < 0) { + nbytes = writev(fd, c_iov, iov_size); + if (nbytes < 0) { flog_err(EC_LIB_SOCKET, "%s: writev to fd %d failed: %s", __func__, fd, safe_strerror(errno)); @@ -370,7 +371,8 @@ buffer_status_t buffer_flush_window(struct buffer *b, int fd, int width, } } #else /* IOV_MAX */ - if ((nbytes = writev(fd, iov, iov_index)) < 0) + nbytes = writev(fd, iov, iov_index); + if (nbytes < 0) flog_err(EC_LIB_SOCKET, "%s: writev to fd %d failed: %s", __func__, fd, safe_strerror(errno)); #endif /* IOV_MAX */ @@ -472,13 +474,17 @@ buffer_status_t buffer_write(struct buffer *b, int fd, const void *p, /* Buffer is not empty, so do not attempt to write the new data. */ nbytes = 0; - else if ((nbytes = write(fd, p, size)) < 0) { - if (ERRNO_IO_RETRY(errno)) - nbytes = 0; - else { - flog_err(EC_LIB_SOCKET, "%s: write error on fd %d: %s", - __func__, fd, safe_strerror(errno)); - return BUFFER_ERROR; + else { + nbytes = write(fd, p, size); + if (nbytes < 0) { + if (ERRNO_IO_RETRY(errno)) + nbytes = 0; + else { + flog_err(EC_LIB_SOCKET, + "%s: write error on fd %d: %s", + __func__, fd, safe_strerror(errno)); + return BUFFER_ERROR; + } } } /* Add any remaining data to the buffer. */ diff --git a/lib/command.c b/lib/command.c index 560d4a09f8..9dac60599c 100644 --- a/lib/command.c +++ b/lib/command.c @@ -2428,14 +2428,16 @@ DEFUN(script, struct prefix p; (void)str2prefix("1.2.3.4/24", &p); - struct frrscript *fs = frrscript_load(argv[1]->arg, NULL); if (fs == NULL) { vty_out(vty, "Script '/etc/frr/scripts/%s.lua' not found\n", argv[1]->arg); } else { - int ret = frrscript_call(fs, NULL); + int ret = frrscript_call(fs, ("p", &p)); + char buf[40]; + prefix2str(&p, buf, sizeof(buf)); + vty_out(vty, "p: %s\n", buf); vty_out(vty, "Script result: %d\n", ret); } diff --git a/lib/compiler.h b/lib/compiler.h index 970ed297fc..bf443906eb 100644 --- a/lib/compiler.h +++ b/lib/compiler.h @@ -173,6 +173,29 @@ extern "C" { #define MACRO_REPEAT(NAME, ...) \ MACRO_VARIANT(_MACRO_REPEAT, ##__VA_ARGS__)(NAME, ##__VA_ARGS__) +/* per-arglist repeat macro, use like this: + * #define foo(...) MAP_LISTS(F, ##__VA_ARGS__) + * where F is a n-ary function where n is the number of args in each arglist. + * e.g.: MAP_LISTS(f, (a, b), (c, d)) + * expands to: f(a, b); f(c, d) + */ + +#define ESC(...) __VA_ARGS__ +#define MAP_LISTS(M, ...) \ + _CONCAT(_MAP_LISTS_, PP_NARG(__VA_ARGS__))(M, ##__VA_ARGS__) +#define _MAP_LISTS_0(M) +#define _MAP_LISTS_1(M, _1) ESC(M _1) +#define _MAP_LISTS_2(M, _1, _2) ESC(M _1; M _2) +#define _MAP_LISTS_3(M, _1, _2, _3) ESC(M _1; M _2; M _3) +#define _MAP_LISTS_4(M, _1, _2, _3, _4) ESC(M _1; M _2; M _3; M _4) +#define _MAP_LISTS_5(M, _1, _2, _3, _4, _5) ESC(M _1; M _2; M _3; M _4; M _5) +#define _MAP_LISTS_6(M, _1, _2, _3, _4, _5, _6) \ + ESC(M _1; M _2; M _3; M _4; M _5; M _6) +#define _MAP_LISTS_7(M, _1, _2, _3, _4, _5, _6, _7) \ + ESC(M _1; M _2; M _3; M _4; M _5; M _6; M _7) +#define _MAP_LISTS_8(M, _1, _2, _3, _4, _5, _6, _7, _8) \ + ESC(M _1; M _2; M _3; M _4; M _5; M _6; M _7; M _8) + /* * for warnings on macros, put in the macro content like this: * #define MACRO BLA CPP_WARN("MACRO has been deprecated") @@ -641,7 +641,8 @@ static int get_memory_usage(pid_t pid) char *vm; snprintf(status_child, sizeof(status_child), "/proc/%d/status", pid); - if ((fd = open(status_child, O_RDONLY)) < 0) + fd = open(status_child, O_RDONLY); + if (fd < 0) return -1; read(fd, buf, 4095); diff --git a/lib/frrlua.c b/lib/frrlua.c index d8aaa3aa3c..e97e48121c 100644 --- a/lib/frrlua.c +++ b/lib/frrlua.c @@ -52,10 +52,9 @@ int frrlua_table_get_integer(lua_State *L, const char *key) } /* - * Encoders. - * * This section has functions that convert internal FRR datatypes into Lua - * datatypes. + * datatypes: one encoder function and two decoder functions for each type. + * */ void lua_pushprefix(lua_State *L, const struct prefix *prefix) @@ -71,14 +70,19 @@ void lua_pushprefix(lua_State *L, const struct prefix *prefix) lua_setfield(L, -2, "family"); } -void *lua_toprefix(lua_State *L, int idx) +void lua_decode_prefix(lua_State *L, int idx, struct prefix *prefix) { - struct prefix *p = XCALLOC(MTYPE_TMP, sizeof(struct prefix)); - lua_getfield(L, idx, "network"); - (void)str2prefix(lua_tostring(L, -1), p); + (void)str2prefix(lua_tostring(L, -1), prefix); lua_pop(L, 1); + /* pop the table */ + lua_pop(L, 1); +} +void *lua_toprefix(lua_State *L, int idx) +{ + struct prefix *p = XCALLOC(MTYPE_TMP, sizeof(struct prefix)); + lua_decode_prefix(L, idx, p); return p; } @@ -109,10 +113,8 @@ void lua_pushinterface(lua_State *L, const struct interface *ifp) lua_setfield(L, -2, "linklayer_type"); } -void *lua_tointerface(lua_State *L, int idx) +void lua_decode_interface(lua_State *L, int idx, struct interface *ifp) { - struct interface *ifp = XCALLOC(MTYPE_TMP, sizeof(struct interface)); - lua_getfield(L, idx, "name"); strlcpy(ifp->name, lua_tostring(L, -1), sizeof(ifp->name)); lua_pop(L, 1); @@ -146,13 +148,21 @@ void *lua_tointerface(lua_State *L, int idx) lua_getfield(L, idx, "linklayer_type"); ifp->ll_type = lua_tointeger(L, -1); lua_pop(L, 1); + /* pop the table */ + lua_pop(L, 1); +} +void *lua_tointerface(lua_State *L, int idx) +{ + struct interface *ifp = XCALLOC(MTYPE_TMP, sizeof(struct interface)); + lua_decode_interface(L, idx, ifp); return ifp; } void lua_pushinaddr(lua_State *L, const struct in_addr *addr) { char buf[INET_ADDRSTRLEN]; + inet_ntop(AF_INET, addr, buf, sizeof(buf)); lua_newtable(L); @@ -162,14 +172,19 @@ void lua_pushinaddr(lua_State *L, const struct in_addr *addr) lua_setfield(L, -2, "string"); } -void *lua_toinaddr(lua_State *L, int idx) +void lua_decode_inaddr(lua_State *L, int idx, struct in_addr *inaddr) { - struct in_addr *inaddr = XCALLOC(MTYPE_TMP, sizeof(struct in_addr)); - lua_getfield(L, idx, "value"); inaddr->s_addr = lua_tointeger(L, -1); lua_pop(L, 1); + /* pop the table */ + lua_pop(L, 1); +} +void *lua_toinaddr(lua_State *L, int idx) +{ + struct in_addr *inaddr = XCALLOC(MTYPE_TMP, sizeof(struct in_addr)); + lua_decode_inaddr(L, idx, inaddr); return inaddr; } @@ -177,6 +192,7 @@ void *lua_toinaddr(lua_State *L, int idx) void lua_pushin6addr(lua_State *L, const struct in6_addr *addr) { char buf[INET6_ADDRSTRLEN]; + inet_ntop(AF_INET6, addr, buf, sizeof(buf)); lua_newtable(L); @@ -186,20 +202,26 @@ void lua_pushin6addr(lua_State *L, const struct in6_addr *addr) lua_setfield(L, -2, "string"); } -void *lua_toin6addr(lua_State *L, int idx) +void lua_decode_in6addr(lua_State *L, int idx, struct in6_addr *in6addr) { - struct in6_addr *in6addr = XCALLOC(MTYPE_TMP, sizeof(struct in6_addr)); - lua_getfield(L, idx, "string"); inet_pton(AF_INET6, lua_tostring(L, -1), in6addr); lua_pop(L, 1); + /* pop the table */ + lua_pop(L, 1); +} +void *lua_toin6addr(lua_State *L, int idx) +{ + struct in6_addr *in6addr = XCALLOC(MTYPE_TMP, sizeof(struct in6_addr)); + lua_decode_in6addr(L, idx, in6addr); return in6addr; } void lua_pushsockunion(lua_State *L, const union sockunion *su) { char buf[SU_ADDRSTRLEN]; + sockunion2str(su, buf, sizeof(buf)); lua_newtable(L); @@ -210,13 +232,20 @@ void lua_pushsockunion(lua_State *L, const union sockunion *su) lua_setfield(L, -2, "string"); } -void *lua_tosockunion(lua_State *L, int idx) +void lua_decode_sockunion(lua_State *L, int idx, union sockunion *su) { - union sockunion *su = XCALLOC(MTYPE_TMP, sizeof(union sockunion)); - lua_getfield(L, idx, "string"); str2sockunion(lua_tostring(L, -1), su); + lua_pop(L, 1); + /* pop the table */ + lua_pop(L, 1); +} + +void *lua_tosockunion(lua_State *L, int idx) +{ + union sockunion *su = XCALLOC(MTYPE_TMP, sizeof(union sockunion)); + lua_decode_sockunion(L, idx, su); return su; } @@ -225,12 +254,17 @@ void lua_pushtimet(lua_State *L, const time_t *time) lua_pushinteger(L, *time); } +void lua_decode_timet(lua_State *L, int idx, time_t *t) +{ + *t = lua_tointeger(L, idx); + lua_pop(L, 1); +} + void *lua_totimet(lua_State *L, int idx) { time_t *t = XCALLOC(MTYPE_TMP, sizeof(time_t)); - *t = lua_tointeger(L, idx); - + lua_decode_timet(L, idx, t); return t; } @@ -239,17 +273,28 @@ void lua_pushintegerp(lua_State *L, const long long *num) lua_pushinteger(L, *num); } -void *lua_tointegerp(lua_State *L, int idx) +void lua_decode_integerp(lua_State *L, int idx, long long *num) { int isnum; - long long *num = XCALLOC(MTYPE_TMP, sizeof(long long)); - *num = lua_tonumberx(L, idx, &isnum); + lua_pop(L, 1); assert(isnum); +} + +void *lua_tointegerp(lua_State *L, int idx) +{ + long long *num = XCALLOC(MTYPE_TMP, sizeof(long long)); + lua_decode_integerp(L, idx, num); return num; } +void lua_decode_stringp(lua_State *L, int idx, char *str) +{ + strlcpy(str, lua_tostring(L, idx), strlen(str) + 1); + lua_pop(L, 1); +} + void *lua_tostringp(lua_State *L, int idx) { char *string = XSTRDUP(MTYPE_TMP, lua_tostring(L, idx)); @@ -258,6 +303,13 @@ void *lua_tostringp(lua_State *L, int idx) } /* + * Decoder for const values, since we cannot modify them. + */ +void lua_decode_noop(lua_State *L, int idx, const void *ptr) +{ +} + +/* * Logging. * * Lua-compatible wrappers for FRR logging functions. diff --git a/lib/frrlua.h b/lib/frrlua.h index 6fb30938b0..c4de82740c 100644 --- a/lib/frrlua.h +++ b/lib/frrlua.h @@ -50,6 +50,8 @@ static inline void lua_pushstring_wrapper(lua_State *L, const char *str) */ void lua_pushprefix(lua_State *L, const struct prefix *prefix); +void lua_decode_prefix(lua_State *L, int idx, struct prefix *prefix); + /* * Converts the Lua value at idx to a prefix. * @@ -63,6 +65,8 @@ void *lua_toprefix(lua_State *L, int idx); */ void lua_pushinterface(lua_State *L, const struct interface *ifp); +void lua_decode_interface(lua_State *L, int idx, struct interface *ifp); + /* * Converts the Lua value at idx to an interface. * @@ -77,6 +81,8 @@ void *lua_tointerface(lua_State *L, int idx); */ void lua_pushinaddr(lua_State *L, const struct in_addr *addr); +void lua_decode_inaddr(lua_State *L, int idx, struct in_addr *addr); + /* * Converts the Lua value at idx to an in_addr. * @@ -90,6 +96,8 @@ void *lua_toinaddr(lua_State *L, int idx); */ void lua_pushin6addr(lua_State *L, const struct in6_addr *addr); +void lua_decode_in6addr(lua_State *L, int idx, struct in6_addr *addr); + /* * Converts the Lua value at idx to an in6_addr. * @@ -103,6 +111,8 @@ void *lua_toin6addr(lua_State *L, int idx); */ void lua_pushtimet(lua_State *L, const time_t *time); +void lua_decode_timet(lua_State *L, int idx, time_t *time); + /* * Converts the Lua value at idx to a time_t. * @@ -116,6 +126,8 @@ void *lua_totimet(lua_State *L, int idx); */ void lua_pushsockunion(lua_State *L, const union sockunion *su); +void lua_decode_sockunion(lua_State *L, int idx, union sockunion *su); + /* * Converts the Lua value at idx to a sockunion. * @@ -129,6 +141,8 @@ void *lua_tosockunion(lua_State *L, int idx); */ void lua_pushintegerp(lua_State *L, const long long *num); +void lua_decode_integerp(lua_State *L, int idx, long long *num); + /* * Converts the Lua value at idx to an int. * @@ -137,6 +151,8 @@ void lua_pushintegerp(lua_State *L, const long long *num); */ void *lua_tointegerp(lua_State *L, int idx); +void lua_decode_stringp(lua_State *L, int idx, char *str); + /* * Pop string. * @@ -146,6 +162,11 @@ void *lua_tointegerp(lua_State *L, int idx); void *lua_tostringp(lua_State *L, int idx); /* + * No-op decocder + */ +void lua_decode_noop(lua_State *L, int idx, const void *ptr); + +/* * Retrieve an integer from table on the top of the stack. * * key diff --git a/lib/frrscript.c b/lib/frrscript.c index 10d400886d..1a9f3639dd 100644 --- a/lib/frrscript.c +++ b/lib/frrscript.c @@ -104,24 +104,8 @@ static void codec_free(struct codec *c) /* Generic script APIs */ -int frrscript_call(struct frrscript *fs, struct frrscript_env *env) +int _frrscript_call(struct frrscript *fs) { - struct frrscript_codec c = {}; - const void *arg; - const char *bindname; - - /* Encode script arguments */ - for (int i = 0; env && env[i].val != NULL; i++) { - bindname = env[i].name; - c.typename = env[i].typename; - arg = env[i].val; - - struct frrscript_codec *codec = hash_lookup(codec_hash, &c); - assert(codec && "No encoder for type"); - codec->encoder(fs->L, arg); - - lua_setglobal(fs->L, bindname); - } int ret = lua_pcall(fs->L, 0, 0, 0); diff --git a/lib/frrscript.h b/lib/frrscript.h index f4057f531b..8612c602f3 100644 --- a/lib/frrscript.h +++ b/lib/frrscript.h @@ -25,6 +25,7 @@ #include <lua.h> #include "frrlua.h" +#include "../bgpd/bgp_script.h" #ifdef __cplusplus extern "C" { @@ -96,6 +97,56 @@ void frrscript_register_type_codecs(struct frrscript_codec *codecs); */ void frrscript_init(const char *scriptdir); +#define ENCODE_ARGS(name, value) \ + do { \ + ENCODE_ARGS_WITH_STATE(L, value); \ + lua_setglobal(L, name); \ + } while (0) + +#define DECODE_ARGS(name, value) \ + do { \ + lua_getglobal(L, name); \ + DECODE_ARGS_WITH_STATE(L, value); \ + } while (0) + +/* + * Maps the type of value to its encoder/decoder. + * Add new mappings here. + * + * L + * Lua state + * scriptdir + * Directory in which to look for scripts + */ +#define ENCODE_ARGS_WITH_STATE(L, value) \ + _Generic((value), \ +long long * : lua_pushintegerp, \ +struct prefix * : lua_pushprefix, \ +struct interface * : lua_pushinterface, \ +struct in_addr * : lua_pushinaddr, \ +struct in6_addr * : lua_pushin6addr, \ +union sockunion * : lua_pushsockunion, \ +time_t * : lua_pushtimet, \ +char * : lua_pushstring_wrapper, \ +struct attr * : lua_pushattr, \ +struct peer * : lua_pushpeer, \ +const struct prefix * : lua_pushprefix \ +)(L, value) + +#define DECODE_ARGS_WITH_STATE(L, value) \ + _Generic((value), \ +long long * : lua_decode_integerp, \ +struct prefix * : lua_decode_prefix, \ +struct interface * : lua_decode_interface, \ +struct in_addr * : lua_decode_inaddr, \ +struct in6_addr * : lua_decode_in6addr, \ +union sockunion * : lua_decode_sockunion, \ +time_t * : lua_decode_timet, \ +char * : lua_decode_stringp, \ +struct attr * : lua_decode_attr, \ +struct peer * : lua_decode_noop, \ +const struct prefix * : lua_decode_noop \ +)(L, -1, value) /* * Call script. @@ -103,14 +154,31 @@ void frrscript_init(const char *scriptdir); * fs * The script to call; this is obtained from frrscript_load(). * - * env - * The script's environment. Specify this as an array of frrscript_env. - * * Returns: * 0 if the script ran successfully, nonzero otherwise. */ -int frrscript_call(struct frrscript *fs, struct frrscript_env *env); +int _frrscript_call(struct frrscript *fs); +/* + * Wrapper for call script. Maps values passed in to their encoder + * and decoder types. + * + * fs + * The script to call; this is obtained from frrscript_load(). + * + * Returns: + * 0 if the script ran successfully, nonzero otherwise. + */ +#define frrscript_call(fs, ...) \ + ({ \ + lua_State *L = fs->L; \ + MAP_LISTS(ENCODE_ARGS, ##__VA_ARGS__); \ + int ret = _frrscript_call(fs); \ + if (ret == 0) { \ + MAP_LISTS(DECODE_ARGS, ##__VA_ARGS__); \ + } \ + ret; \ + }) /* * Get result from finished script. diff --git a/lib/libfrr.c b/lib/libfrr.c index 0817182f7a..97dab74d9b 100644 --- a/lib/libfrr.c +++ b/lib/libfrr.c @@ -44,6 +44,7 @@ #include "frr_pthread.h" #include "defaults.h" #include "frrscript.h" +#include "systemd.h" DEFINE_HOOK(frr_late_init, (struct thread_master * tm), (tm)); DEFINE_HOOK(frr_config_pre, (struct thread_master * tm), (tm)); @@ -363,6 +364,11 @@ void frr_preinit(struct frr_daemon_info *daemon, int argc, char **argv) startup_fds |= UINT64_C(0x1) << (uint64_t)i; } + + /* note this doesn't do anything, it just grabs state, so doing it + * early in _preinit is perfect. + */ + systemd_init_env(); } bool frr_is_startup_fd(int fd) diff --git a/lib/link_state.c b/lib/link_state.c index e8a6b89f89..062384aac7 100644 --- a/lib/link_state.c +++ b/lib/link_state.c @@ -538,8 +538,6 @@ struct ls_edge *ls_edge_add(struct ls_ted *ted, /* Create Edge and add it to the TED */ new = XCALLOC(MTYPE_LS_DB, sizeof(struct ls_edge)); - if (!new) - return NULL; new->attributes = attributes; new->key = key; @@ -804,8 +802,6 @@ struct ls_ted *ls_ted_new(const uint32_t key, const char *name, struct ls_ted *new; new = XCALLOC(MTYPE_LS_DB, sizeof(struct ls_ted)); - if (new == NULL) - return new; /* Set basic information for this ted */ new->key = key; @@ -1005,8 +1001,6 @@ static struct ls_node *ls_parse_node(struct stream *s) size_t len; node = XCALLOC(MTYPE_LS_DB, sizeof(struct ls_node)); - if (node == NULL) - return NULL; STREAM_GET(&node->adv, s, sizeof(struct ls_node_id)); STREAM_GETW(s, node->flags); @@ -1051,8 +1045,6 @@ static struct ls_attributes *ls_parse_attributes(struct stream *s) size_t len; attr = XCALLOC(MTYPE_LS_DB, sizeof(struct ls_attributes)); - if (attr == NULL) - return NULL; attr->srlgs = NULL; STREAM_GET(&attr->adv, s, sizeof(struct ls_node_id)); @@ -1157,8 +1149,6 @@ static struct ls_prefix *ls_parse_prefix(struct stream *s) size_t len; ls_pref = XCALLOC(MTYPE_LS_DB, sizeof(struct ls_prefix)); - if (ls_pref == NULL) - return NULL; STREAM_GET(&ls_pref->adv, s, sizeof(struct ls_node_id)); STREAM_GETW(s, ls_pref->flags); @@ -1193,8 +1183,6 @@ struct ls_message *ls_parse_msg(struct stream *s) struct ls_message *msg; msg = XCALLOC(MTYPE_LS_DB, sizeof(struct ls_message)); - if (msg == NULL) - return NULL; /* Read LS Message header */ STREAM_GETC(s, msg->event); diff --git a/lib/network.c b/lib/network.c index 411661a5e1..b60ad9a57c 100644 --- a/lib/network.c +++ b/lib/network.c @@ -78,7 +78,8 @@ int set_nonblocking(int fd) /* According to the Single UNIX Spec, the return value for F_GETFL should never be negative. */ - if ((flags = fcntl(fd, F_GETFL)) < 0) { + flags = fcntl(fd, F_GETFL); + if (flags < 0) { flog_err(EC_LIB_SYSTEM_CALL, "fcntl(F_GETFL) failed for fd %d: %s", fd, safe_strerror(errno)); diff --git a/lib/ntop.c b/lib/ntop.c index ccbf8793d3..1b2dd7a6d1 100644 --- a/lib/ntop.c +++ b/lib/ntop.c @@ -40,14 +40,18 @@ static inline void putbyte(uint8_t bytex, char **posx) bool zero = false; int byte = bytex, tmp, a, b; - if ((tmp = byte - 200) >= 0) { + tmp = byte - 200; + if (tmp >= 0) { *pos++ = '2'; zero = true; byte = tmp; - } else if ((tmp = byte - 100) >= 0) { - *pos++ = '1'; - zero = true; - byte = tmp; + } else { + tmp = byte - 100; + if (tmp >= 0) { + *pos++ = '1'; + zero = true; + byte = tmp; + } } /* make sure the compiler knows the value range of "byte" */ diff --git a/lib/prefix.c b/lib/prefix.c index 1c57715e8f..ef7d2e59da 100644 --- a/lib/prefix.c +++ b/lib/prefix.c @@ -1034,7 +1034,8 @@ const char *prefix2str(union prefixconstptr pu, char *str, int size) l = strlen(buf); buf[l++] = '/'; byte = p->prefixlen; - if ((tmp = p->prefixlen - 100) >= 0) { + tmp = p->prefixlen - 100; + if (tmp >= 0) { buf[l++] = '1'; z = true; byte = tmp; diff --git a/lib/sockopt.c b/lib/sockopt.c index 98bfda5079..150736e00c 100644 --- a/lib/sockopt.c +++ b/lib/sockopt.c @@ -379,14 +379,14 @@ static int setsockopt_ipv4_ifindex(int sock, ifindex_t val) int ret; #if defined(IP_PKTINFO) - if ((ret = setsockopt(sock, IPPROTO_IP, IP_PKTINFO, &val, sizeof(val))) - < 0) + ret = setsockopt(sock, IPPROTO_IP, IP_PKTINFO, &val, sizeof(val)); + if (ret < 0) flog_err(EC_LIB_SOCKET, "Can't set IP_PKTINFO option for fd %d to %d: %s", sock, val, safe_strerror(errno)); #elif defined(IP_RECVIF) - if ((ret = setsockopt(sock, IPPROTO_IP, IP_RECVIF, &val, sizeof(val))) - < 0) + ret = setsockopt(sock, IPPROTO_IP, IP_RECVIF, &val, sizeof(val)); + if (ret < 0) flog_err(EC_LIB_SOCKET, "Can't set IP_RECVIF option for fd %d to %d: %s", sock, val, safe_strerror(errno)); @@ -639,12 +639,8 @@ int sockopt_tcp_signature_ext(int sock, union sockunion *su, uint16_t prefixlen, #endif /* GNU_LINUX */ - if ((ret = setsockopt(sock, IPPROTO_TCP, optname, &md5sig, - sizeof(md5sig))) - < 0) { - /* ENOENT is harmless. It is returned when we clear a password - for which - one was not previously set. */ + ret = setsockopt(sock, IPPROTO_TCP, optname, &md5sig, sizeof(md5sig)); + if (ret < 0) { if (ENOENT == errno) ret = 0; else diff --git a/lib/sockunion.c b/lib/sockunion.c index e6340a1743..c7af458e9e 100644 --- a/lib/sockunion.c +++ b/lib/sockunion.c @@ -606,8 +606,7 @@ static void __attribute__((unused)) sockunion_print(const union sockunion *su) } } -static int in6addr_cmp(const struct in6_addr *addr1, - const struct in6_addr *addr2) +int in6addr_cmp(const struct in6_addr *addr1, const struct in6_addr *addr2) { unsigned int i; const uint8_t *p1, *p2; diff --git a/lib/sockunion.h b/lib/sockunion.h index 2cc80bb70f..9e6719ccf9 100644 --- a/lib/sockunion.h +++ b/lib/sockunion.h @@ -73,6 +73,7 @@ enum connect_result { connect_error, connect_success, connect_in_progress }; /* Prototypes. */ extern int str2sockunion(const char *, union sockunion *); extern const char *sockunion2str(const union sockunion *, char *, size_t); +int in6addr_cmp(const struct in6_addr *addr1, const struct in6_addr *addr2); extern int sockunion_cmp(const union sockunion *, const union sockunion *); extern int sockunion_same(const union sockunion *, const union sockunion *); extern unsigned int sockunion_hash(const union sockunion *); diff --git a/lib/stream.c b/lib/stream.c index 904ee73b10..1557500c60 100644 --- a/lib/stream.c +++ b/lib/stream.c @@ -1097,7 +1097,8 @@ ssize_t stream_read_try(struct stream *s, int fd, size_t size) return -1; } - if ((nbytes = read(fd, s->data + s->endp, size)) >= 0) { + nbytes = read(fd, s->data + s->endp, size); + if (nbytes >= 0) { s->endp += nbytes; return nbytes; } @@ -1126,9 +1127,8 @@ ssize_t stream_recvfrom(struct stream *s, int fd, size_t size, int flags, return -1; } - if ((nbytes = recvfrom(fd, s->data + s->endp, size, flags, from, - fromlen)) - >= 0) { + nbytes = recvfrom(fd, s->data + s->endp, size, flags, from, fromlen); + if (nbytes >= 0) { s->endp += nbytes; return nbytes; } diff --git a/lib/systemd.c b/lib/systemd.c index c5cc3aa447..2238dc9f3d 100644 --- a/lib/systemd.c +++ b/lib/systemd.c @@ -20,68 +20,56 @@ */ #include <zebra.h> +#include <sys/un.h> #include "thread.h" #include "systemd.h" +#include "lib_errors.h" -#if defined HAVE_SYSTEMD -#include <systemd/sd-daemon.h> -#endif +/* these are cleared from env so they don't "leak" into things we fork(), + * particularly for watchfrr starting individual daemons + * + * watchdog_pid is currently not used since watchfrr starts forking. + * (TODO: handle that better, somehow?) + */ +static pid_t watchdog_pid = -1; +static intmax_t watchdog_msec; + +/* not used yet, but can trigger auto-switch to journald logging */ +bool sd_stdout_is_journal; +bool sd_stderr_is_journal; + +static char *notify_socket; -/* - * Wrapper this silliness if we - * don't have systemd +/* talk to whatever entity claims to be systemd ;) + * + * refer to sd_notify docs for messages systemd accepts over this socket. + * This function should be functionally equivalent to sd_notify(). */ static void systemd_send_information(const char *info) { -#if defined HAVE_SYSTEMD - sd_notify(0, info); -#else - return; -#endif -} + int sock; + struct sockaddr_un sun; -/* - * A return of 0 means that we are not watchdoged - */ -static int systemd_get_watchdog_time(int the_process) -{ -#if defined HAVE_SYSTEMD - uint64_t usec; - char *watchdog = NULL; - int ret; - - ret = sd_watchdog_enabled(0, &usec); - - /* - * If return is 0 -> we don't want watchdog - * if return is < 0, some sort of failure occurred - */ - if (ret < 0) - return 0; - - /* - * systemd can return that this process - * is not the expected sender of the watchdog timer - * If we set the_process = 0 then we expect to - * be able to send the watchdog to systemd - * irrelevant of the pid of this process. - */ - if (ret == 0 && the_process) - return 0; - - if (ret == 0 && !the_process) { - watchdog = getenv("WATCHDOG_USEC"); - if (!watchdog) - return 0; - - usec = atol(watchdog); - } + if (!notify_socket) + return; + + sock = socket(AF_UNIX, SOCK_DGRAM, 0); + if (sock < 0) + return; + + sun.sun_family = AF_UNIX; + strlcpy(sun.sun_path, notify_socket, sizeof(sun.sun_path)); - return (usec / 1000000) / 3; -#else - return 0; -#endif + /* linux abstract unix socket namespace */ + if (sun.sun_path[0] == '@') + sun.sun_path[0] = '\0'; + + /* nothing we can do if this errors out... */ + (void)sendto(sock, info, strlen(info), 0, (struct sockaddr *)&sun, + sizeof(sun)); + + close(sock); } void systemd_send_stopping(void) @@ -90,34 +78,27 @@ void systemd_send_stopping(void) systemd_send_information("STOPPING=1"); } -/* - * How many seconds should we wait between watchdog sends - */ -static int wsecs = 0; static struct thread_master *systemd_master = NULL; static int systemd_send_watchdog(struct thread *t) { systemd_send_information("WATCHDOG=1"); - thread_add_timer(systemd_master, systemd_send_watchdog, NULL, wsecs, - NULL); - + assert(watchdog_msec > 0); + thread_add_timer_msec(systemd_master, systemd_send_watchdog, NULL, + watchdog_msec, NULL); return 1; } -void systemd_send_started(struct thread_master *m, int the_process) +void systemd_send_started(struct thread_master *m) { assert(m != NULL); - wsecs = systemd_get_watchdog_time(the_process); systemd_master = m; systemd_send_information("READY=1"); - if (wsecs != 0) { - systemd_send_information("WATCHDOG=1"); - thread_add_timer(m, systemd_send_watchdog, m, wsecs, NULL); - } + if (watchdog_msec > 0) + systemd_send_watchdog(NULL); } void systemd_send_status(const char *status) @@ -127,3 +108,65 @@ void systemd_send_status(const char *status) snprintf(buffer, sizeof(buffer), "STATUS=%s", status); systemd_send_information(buffer); } + +static intmax_t getenv_int(const char *varname, intmax_t dflt) +{ + char *val, *err; + intmax_t intval; + + val = getenv(varname); + if (!val) + return dflt; + + intval = strtoimax(val, &err, 0); + if (*err || !*val) + return dflt; + return intval; +} + +void systemd_init_env(void) +{ + char *tmp; + uintmax_t dev, ino; + int len; + struct stat st; + + notify_socket = getenv("NOTIFY_SOCKET"); + + /* no point in setting up watchdog w/o notify socket */ + if (notify_socket) { + intmax_t watchdog_usec; + + watchdog_pid = getenv_int("WATCHDOG_PID", -1); + if (watchdog_pid <= 0) + watchdog_pid = -1; + + /* note this is the deadline, hence the divide by 3 */ + watchdog_usec = getenv_int("WATCHDOG_USEC", 0); + if (watchdog_usec >= 3000) + watchdog_msec = watchdog_usec / 3000; + else { + if (watchdog_usec != 0) + flog_err( + EC_LIB_UNAVAILABLE, + "systemd expects a %jd microsecond watchdog timer, but FRR only supports millisecond resolution!", + watchdog_usec); + watchdog_msec = 0; + } + } + + tmp = getenv("JOURNAL_STREAM"); + if (tmp && sscanf(tmp, "%ju:%ju%n", &dev, &ino, &len) == 2 + && (size_t)len == strlen(tmp)) { + if (fstat(1, &st) == 0 && st.st_dev == (dev_t)dev + && st.st_ino == (ino_t)ino) + sd_stdout_is_journal = true; + if (fstat(2, &st) == 0 && st.st_dev == (dev_t)dev + && st.st_ino == (ino_t)ino) + sd_stderr_is_journal = true; + } + + /* these should *not* be passed to any other process we start */ + unsetenv("WATCHDOG_PID"); + unsetenv("WATCHDOG_USEC"); +} diff --git a/lib/systemd.h b/lib/systemd.h index d9885c5d9c..1933f4f688 100644 --- a/lib/systemd.h +++ b/lib/systemd.h @@ -28,9 +28,6 @@ extern "C" { * * Design point is that if systemd is not being used on this system * then these functions becomes a no-op. - * - * To turn on systemd compilation, use --enable-systemd on - * configure run. */ void systemd_send_stopping(void); @@ -39,13 +36,18 @@ void systemd_send_stopping(void); * the_process - Should we send watchdog if we are not the requested * process? */ -void systemd_send_started(struct thread_master *master, int the_process); +void systemd_send_started(struct thread_master *master); /* * status - A status string to send to systemd */ void systemd_send_status(const char *status); +/* + * grab startup state from env vars + */ +void systemd_init_env(void); + #ifdef __cplusplus } #endif diff --git a/lib/zclient.c b/lib/zclient.c index 1b4ac080cd..0815e77d4e 100644 --- a/lib/zclient.c +++ b/lib/zclient.c @@ -1537,7 +1537,7 @@ int zapi_route_decode(struct stream *s, struct zapi_route *api) if (CHECK_FLAG(api->message, ZAPI_MESSAGE_OPAQUE)) { STREAM_GETW(s, api->opaque.length); - assert(api->opaque.length < ZAPI_MESSAGE_OPAQUE_LENGTH); + assert(api->opaque.length <= ZAPI_MESSAGE_OPAQUE_LENGTH); STREAM_GET(api->opaque.data, s, api->opaque.length); } @@ -3812,7 +3812,8 @@ static int zclient_read(struct thread *thread) zclient->t_read = NULL; /* Read zebra header (if we don't have it already). */ - if ((already = stream_get_endp(zclient->ibuf)) < ZEBRA_HEADER_SIZE) { + already = stream_get_endp(zclient->ibuf); + if (already < ZEBRA_HEADER_SIZE) { ssize_t nbyte; if (((nbyte = stream_read_try(zclient->ibuf, zclient->sock, ZEBRA_HEADER_SIZE - already)) @@ -3825,7 +3826,6 @@ static int zclient_read(struct thread *thread) return zclient_failed(zclient); } if (nbyte != (ssize_t)(ZEBRA_HEADER_SIZE - already)) { - /* Try again later. */ zclient_event(ZCLIENT_READ, zclient); return 0; } diff --git a/ospf6d/ospf6_asbr.c b/ospf6d/ospf6_asbr.c index d4e52f0ede..aad4e7571d 100644 --- a/ospf6d/ospf6_asbr.c +++ b/ospf6d/ospf6_asbr.c @@ -690,7 +690,7 @@ void ospf6_asbr_lsa_remove(struct ospf6_lsa *lsa, if (ospf6_check_and_set_router_abr(ospf6)) oa = ospf6->backbone; else - oa = listgetdata(listhead(ospf6->area_list)); + oa = listnode_head(ospf6->area_list); } if (oa == NULL) { diff --git a/ospf6d/ospf6_flood.c b/ospf6d/ospf6_flood.c index 05b43189e9..738c2218fa 100644 --- a/ospf6d/ospf6_flood.c +++ b/ospf6d/ospf6_flood.c @@ -299,7 +299,7 @@ void ospf6_flood_interface(struct ospf6_neighbor *from, struct ospf6_lsa *lsa, { struct listnode *node, *nnode; struct ospf6_neighbor *on; - struct ospf6_lsa *req; + struct ospf6_lsa *req, *old; int retrans_added = 0; int is_debug = 0; @@ -408,12 +408,27 @@ void ospf6_flood_interface(struct ospf6_neighbor *from, struct ospf6_lsa *lsa, if (is_debug) zlog_debug("Add retrans-list of neighbor %s ", on->name); - ospf6_increment_retrans_count(lsa); - ospf6_lsdb_add(ospf6_lsa_copy(lsa), on->retrans_list); - thread_add_timer(master, ospf6_lsupdate_send_neighbor, - on, on->ospf6_if->rxmt_interval, - &on->thread_send_lsupdate); - retrans_added++; + + /* Do not increment the retrans count if the lsa is + * already present in the retrans list. + */ + old = ospf6_lsdb_lookup( + lsa->header->type, lsa->header->id, + lsa->header->adv_router, on->retrans_list); + if (!old) { + if (is_debug) + zlog_debug( + "Increment %s from retrans_list of %s", + lsa->name, on->name); + ospf6_increment_retrans_count(lsa); + ospf6_lsdb_add(ospf6_lsa_copy(lsa), + on->retrans_list); + thread_add_timer( + master, ospf6_lsupdate_send_neighbor, + on, on->ospf6_if->rxmt_interval, + &on->thread_send_lsupdate); + retrans_added++; + } } } diff --git a/ospf6d/ospf6_message.c b/ospf6d/ospf6_message.c index f98bd31fd8..1f2618ec83 100644 --- a/ospf6d/ospf6_message.c +++ b/ospf6d/ospf6_message.c @@ -444,9 +444,9 @@ static void ospf6_hello_recv(struct in6_addr *src, struct in6_addr *dst, /* check latency against hello period */ if (on->hello_in) latency = monotime_since(&on->last_hello, NULL) - - (oi->hello_interval * 1000000); + - ((int64_t)oi->hello_interval * 1000000); /* log if latency exceeds the hello period */ - if (latency > (oi->hello_interval * 1000000)) + if (latency > ((int64_t)oi->hello_interval * 1000000)) zlog_warn("%s RX %pI4 high latency %" PRId64 "us.", __func__, &on->router_id, latency); on->last_hello = timestamp; @@ -1897,7 +1897,6 @@ static int ospf6_write(struct thread *thread) struct ospf6_header *oh; struct ospf6_packet *op; struct listnode *node; - char srcname[64], dstname[64]; struct iovec iovector[2]; int pkt_count = 0; int len; @@ -1934,26 +1933,45 @@ static int ospf6_write(struct thread *thread) flog_err(EC_LIB_DEVELOPMENT, "Could not send entire message"); - if (IS_OSPF6_DEBUG_MESSAGE(oh->type, SEND)) { - inet_ntop(AF_INET6, &op->dst, dstname, sizeof(dstname)); - inet_ntop(AF_INET6, oi->linklocal_addr, srcname, - sizeof(srcname)); + if (IS_OSPF6_DEBUG_MESSAGE(oh->type, SEND_HDR)) { zlog_debug("%s send on %s", lookup_msg(ospf6_message_type_str, oh->type, NULL), oi->interface->name); - zlog_debug(" src: %s", srcname); - zlog_debug(" dst: %s", dstname); + zlog_debug(" src: %pI6", oi->linklocal_addr); + zlog_debug(" dst: %pI6", &op->dst); + switch (oh->type) { + case OSPF6_MESSAGE_TYPE_HELLO: + ospf6_hello_print(oh, OSPF6_ACTION_SEND); + break; + case OSPF6_MESSAGE_TYPE_DBDESC: + ospf6_dbdesc_print(oh, OSPF6_ACTION_SEND); + break; + case OSPF6_MESSAGE_TYPE_LSREQ: + ospf6_lsreq_print(oh, OSPF6_ACTION_SEND); + break; + case OSPF6_MESSAGE_TYPE_LSUPDATE: + ospf6_lsupdate_print(oh, OSPF6_ACTION_SEND); + break; + case OSPF6_MESSAGE_TYPE_LSACK: + ospf6_lsack_print(oh, OSPF6_ACTION_SEND); + break; + default: + zlog_debug("Unknown message"); + assert(0); + break; + } } switch (oh->type) { case OSPF6_MESSAGE_TYPE_HELLO: monotime(×tamp); if (oi->hello_out) latency = monotime_since(&oi->last_hello, NULL) - - (oi->hello_interval * 1000000); + - ((int64_t)oi->hello_interval + * 1000000); /* log if latency exceeds the hello period */ - if (latency > (oi->hello_interval * 1000000)) + if (latency > ((int64_t)oi->hello_interval * 1000000)) zlog_warn("%s hello TX high latency %" PRId64 "us.", __func__, latency); @@ -1963,19 +1981,15 @@ static int ospf6_write(struct thread *thread) break; case OSPF6_MESSAGE_TYPE_DBDESC: oi->db_desc_out++; - ospf6_dbdesc_print(oh, OSPF6_ACTION_SEND); break; case OSPF6_MESSAGE_TYPE_LSREQ: oi->ls_req_out++; - ospf6_lsreq_print(oh, OSPF6_ACTION_SEND); break; case OSPF6_MESSAGE_TYPE_LSUPDATE: oi->ls_upd_out++; - ospf6_lsupdate_print(oh, OSPF6_ACTION_SEND); break; case OSPF6_MESSAGE_TYPE_LSACK: oi->ls_ack_out++; - ospf6_lsack_print(oh, OSPF6_ACTION_SEND); break; default: zlog_debug("Unknown message"); diff --git a/pathd/path_pcep_config.c b/pathd/path_pcep_config.c index 0349618304..4c16b83948 100644 --- a/pathd/path_pcep_config.c +++ b/pathd/path_pcep_config.c @@ -332,6 +332,7 @@ int path_pcep_config_initiate_path(struct path *path) candidate = srte_candidate_add( policy, path->nbkey.preference, SRTE_ORIGIN_PCEP, path->originator); + candidate->policy->srp_id = path->srp_id; strlcpy(candidate->name, path->name, sizeof(candidate->name)); SET_FLAG(candidate->flags, F_CANDIDATE_NEW); @@ -387,6 +388,7 @@ int path_pcep_config_update_path(struct path *path) if (!candidate) return 0; + candidate->policy->srp_id = path->srp_id; // first clean up old segment list if present if (candidate->lsp->segment_list) { SET_FLAG(candidate->lsp->segment_list->flags, diff --git a/pathd/path_pcep_pcc.c b/pathd/path_pcep_pcc.c index 81a338ac63..b72a536ef4 100644 --- a/pathd/path_pcep_pcc.c +++ b/pathd/path_pcep_pcc.c @@ -128,6 +128,8 @@ static struct req_entry *push_new_req(struct pcc_state *pcc_state, struct path *path); static void repush_req(struct pcc_state *pcc_state, struct req_entry *req); static struct req_entry *pop_req(struct pcc_state *pcc_state, uint32_t reqid); +static struct req_entry *pop_req_no_reqid(struct pcc_state *pcc_state, + uint32_t reqid); static bool add_reqid_mapping(struct pcc_state *pcc_state, struct path *path); static void remove_reqid_mapping(struct pcc_state *pcc_state, struct path *path); @@ -558,7 +560,6 @@ void pcep_pcc_send_report(struct ctrl_state *ctrl_state, if (is_stable && (real_status != PCEP_LSP_OPERATIONAL_DOWN)) { PCEP_DEBUG("(%s)%s Send report for candidate path (!DOWN) %s", __func__, pcc_state->tag, path->name); - path->srp_id = 0; path->status = real_status; send_report(pcc_state, path); } @@ -1340,7 +1341,11 @@ void handle_pcep_comp_reply(struct ctrl_state *ctrl_state, struct path *path; path = pcep_lib_parse_path(msg); - req = pop_req(pcc_state, path->req_id); + if (path->no_path) { + req = pop_req_no_reqid(pcc_state, path->req_id); + } else { + req = pop_req(pcc_state, path->req_id); + } if (req == NULL) { /* TODO: check the rate of bad computation reply and close * the connection if more that a given rate. @@ -1372,6 +1377,9 @@ void handle_pcep_comp_reply(struct ctrl_state *ctrl_state, if (path->no_path) { PCEP_DEBUG("%s Computation for path %s did not find any result", pcc_state->tag, path->name); + free_req_entry(req); + pcep_free_path(path); + return; } else if (validate_incoming_path(pcc_state, path, err, sizeof(err))) { /* Updating a dynamic path will automatically delegate it */ pcep_thread_update_path(ctrl_state, pcc_state->id, path); @@ -1847,6 +1855,20 @@ struct req_entry *pop_req(struct pcc_state *pcc_state, uint32_t reqid) return req; } +struct req_entry *pop_req_no_reqid(struct pcc_state *pcc_state, uint32_t reqid) +{ + struct path path = {.req_id = reqid}; + struct req_entry key = {.path = &path}; + struct req_entry *req; + + req = RB_FIND(req_entry_head, &pcc_state->requests, &key); + if (req == NULL) + return NULL; + RB_REMOVE(req_entry_head, &pcc_state->requests, req); + + return req; +} + bool add_reqid_mapping(struct pcc_state *pcc_state, struct path *path) { struct req_map_data *mapping; @@ -1883,6 +1905,33 @@ uint32_t lookup_reqid(struct pcc_state *pcc_state, struct path *path) bool has_pending_req_for(struct pcc_state *pcc_state, struct path *path) { + struct req_entry key = {.path = path}; + struct req_entry *req; + + + PCEP_DEBUG_PATH("(%s) %s", format_path(path), __func__); + /* Looking for request without result */ + if (path->no_path || !path->first_hop) { + PCEP_DEBUG_PATH("%s Path : no_path|!first_hop", __func__); + /* ...and already was handle */ + req = RB_FIND(req_entry_head, &pcc_state->requests, &key); + if (!req) { + /* we must purge remaining reqid */ + PCEP_DEBUG_PATH("%s Purge pending reqid: no_path(%s)", + __func__, + path->no_path ? "TRUE" : "FALSE"); + if (lookup_reqid(pcc_state, path) != 0) { + PCEP_DEBUG_PATH("%s Purge pending reqid: DONE ", + __func__); + remove_reqid_mapping(pcc_state, path); + return true; + } else { + return false; + } + } + } + + return lookup_reqid(pcc_state, path) != 0; } diff --git a/redhat/frr.spec.in b/redhat/frr.spec.in index e24a84d1e4..fbe4c4a1f1 100644 --- a/redhat/frr.spec.in +++ b/redhat/frr.spec.in @@ -199,8 +199,6 @@ Requires: initscripts BuildRequires: pam-devel %endif %if "%{initsystem}" == "systemd" -BuildRequires: systemd -BuildRequires: systemd-devel Requires(post): systemd Requires(preun): systemd Requires(postun): systemd @@ -396,9 +394,6 @@ routing state through standard SNMP MIBs. --disable-bgp-vnc \ %endif --enable-isisd \ -%if "%{initsystem}" == "systemd" - --enable-systemd \ -%endif --enable-rpki \ %if %{with_bfdd} --enable-bfdd \ diff --git a/tests/.gitignore b/tests/.gitignore index fb2edc939a..3fad1b0813 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -25,6 +25,8 @@ /lib/test_atomlist /lib/test_buffer /lib/test_checksum +/lib/test_frrscript +/lib/test_frrlua /lib/test_graph /lib/test_heavy /lib/test_heavy_thread diff --git a/tests/bgpd/test_aspath.c b/tests/bgpd/test_aspath.c index aaf3fd2aa4..c2d39752ab 100644 --- a/tests/bgpd/test_aspath.c +++ b/tests/bgpd/test_aspath.c @@ -469,7 +469,10 @@ static struct aspath_tests { 0, 0, { - COMMON_ATTRS, BGP_ATTR_FLAG_TRANS, BGP_ATTR_AS_PATH, 10, + COMMON_ATTRS, + BGP_ATTR_FLAG_TRANS, + BGP_ATTR_AS_PATH, + 10, }, COMMON_ATTR_SIZE + 3, }, @@ -482,7 +485,10 @@ static struct aspath_tests { -1, 0, { - COMMON_ATTRS, BGP_ATTR_FLAG_TRANS, BGP_ATTR_AS_PATH, 8, + COMMON_ATTRS, + BGP_ATTR_FLAG_TRANS, + BGP_ATTR_AS_PATH, + 8, }, COMMON_ATTR_SIZE + 3, }, @@ -495,7 +501,10 @@ static struct aspath_tests { -1, 0, { - COMMON_ATTRS, BGP_ATTR_FLAG_TRANS, BGP_ATTR_AS_PATH, 12, + COMMON_ATTRS, + BGP_ATTR_FLAG_TRANS, + BGP_ATTR_AS_PATH, + 12, }, COMMON_ATTR_SIZE + 3, }, @@ -510,7 +519,8 @@ static struct aspath_tests { { COMMON_ATTRS, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL, - BGP_ATTR_AS_PATH, 10, + BGP_ATTR_AS_PATH, + 10, }, COMMON_ATTR_SIZE + 3, }, @@ -525,7 +535,8 @@ static struct aspath_tests { { COMMON_ATTRS, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL, - BGP_ATTR_AS4_PATH, 10, + BGP_ATTR_AS4_PATH, + 10, }, COMMON_ATTR_SIZE + 3, }, @@ -540,7 +551,8 @@ static struct aspath_tests { { COMMON_ATTRS, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL, - BGP_ATTR_AS4_PATH, 10, + BGP_ATTR_AS4_PATH, + 10, }, COMMON_ATTR_SIZE + 3, }, @@ -553,7 +565,10 @@ static struct aspath_tests { 0, PEER_CAP_AS4_RCV | PEER_CAP_AS4_ADV, { - COMMON_ATTRS, BGP_ATTR_FLAG_TRANS, BGP_ATTR_AS_PATH, 18, + COMMON_ATTRS, + BGP_ATTR_FLAG_TRANS, + BGP_ATTR_AS_PATH, + 18, }, COMMON_ATTR_SIZE + 3, }, @@ -566,7 +581,10 @@ static struct aspath_tests { -1, PEER_CAP_AS4_RCV | PEER_CAP_AS4_ADV, { - COMMON_ATTRS, BGP_ATTR_FLAG_TRANS, BGP_ATTR_AS_PATH, 16, + COMMON_ATTRS, + BGP_ATTR_FLAG_TRANS, + BGP_ATTR_AS_PATH, + 16, }, COMMON_ATTR_SIZE + 3, }, @@ -579,7 +597,10 @@ static struct aspath_tests { -1, PEER_CAP_AS4_RCV | PEER_CAP_AS4_ADV, { - COMMON_ATTRS, BGP_ATTR_FLAG_TRANS, BGP_ATTR_AS_PATH, 20, + COMMON_ATTRS, + BGP_ATTR_FLAG_TRANS, + BGP_ATTR_AS_PATH, + 20, }, COMMON_ATTR_SIZE + 3, }, @@ -592,7 +613,10 @@ static struct aspath_tests { -1, PEER_CAP_AS4_RCV | PEER_CAP_AS4_ADV, { - COMMON_ATTRS, BGP_ATTR_FLAG_TRANS, BGP_ATTR_AS_PATH, 22, + COMMON_ATTRS, + BGP_ATTR_FLAG_TRANS, + BGP_ATTR_AS_PATH, + 22, }, COMMON_ATTR_SIZE + 3, }, @@ -607,7 +631,8 @@ static struct aspath_tests { { COMMON_ATTRS, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL, - BGP_ATTR_AS_PATH, 18, + BGP_ATTR_AS_PATH, + 18, }, COMMON_ATTR_SIZE + 3, }, @@ -622,7 +647,8 @@ static struct aspath_tests { { COMMON_ATTRS, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL, - BGP_ATTR_AS4_PATH, 14, + BGP_ATTR_AS4_PATH, + 14, }, COMMON_ATTR_SIZE + 3, }, @@ -637,7 +663,8 @@ static struct aspath_tests { { COMMON_ATTRS, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL, - BGP_ATTR_AS4_PATH, 14, + BGP_ATTR_AS4_PATH, + 14, }, COMMON_ATTR_SIZE + 3, &test_segments[0], @@ -648,12 +675,13 @@ static struct aspath_tests { &test_segments[28], "8466 3 52737 0 4096", AS4_DATA, - -1, + -2, PEER_CAP_AS4_RCV | PEER_CAP_AS4_ADV, { COMMON_ATTRS, BGP_ATTR_FLAG_TRANS | BGP_ATTR_FLAG_OPTIONAL, - BGP_ATTR_AS4_PATH, 22, + BGP_ATTR_AS4_PATH, + 22, }, COMMON_ATTR_SIZE + 3, }, diff --git a/tests/lib/script1.lua b/tests/lib/script1.lua new file mode 100644 index 0000000000..e9ebc29bd9 --- /dev/null +++ b/tests/lib/script1.lua @@ -0,0 +1 @@ +a = a + b diff --git a/tests/lib/test_frrlua.c b/tests/lib/test_frrlua.c new file mode 100644 index 0000000000..a81446f9ca --- /dev/null +++ b/tests/lib/test_frrlua.c @@ -0,0 +1,111 @@ +/* + * frrlua unit tests + * Copyright (C) 2021 Donald Lee + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; see the file COPYING; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include <zebra.h> +#include "string.h" +#include "stdio.h" +#include "lib/frrlua.h" + +static void test_encode_decode(void) +{ + lua_State *L = luaL_newstate(); + + long long a = 123; + long long b = a; + + lua_pushintegerp(L, &a); + lua_decode_integerp(L, -1, &a); + assert(a == b); + assert(lua_gettop(L) == 0); + + time_t time_a = 100; + time_t time_b = time_a; + + lua_pushtimet(L, &time_a); + lua_decode_timet(L, -1, &time_a); + assert(time_a == time_b); + assert(lua_gettop(L) == 0); + + char str_b[] = "Hello", str_a[6]; + + strlcpy(str_a, str_b, sizeof(str_b)); + lua_pushstring_wrapper(L, str_a); + lua_decode_stringp(L, -1, str_a); + assert(strncmp(str_a, str_b, sizeof(str_b)) == 0); + assert(lua_gettop(L) == 0); + + char p_b_str[] = "10.0.0.0/24", p_a_str[12]; + struct prefix p_a; + + strlcpy(p_a_str, p_b_str, sizeof(p_b_str)); + str2prefix(p_a_str, &p_a); + lua_pushprefix(L, &p_a); + lua_decode_prefix(L, -1, &p_a); + prefix2str(&p_a, p_a_str, sizeof(p_b_str)); + assert(strncmp(p_a_str, p_b_str, sizeof(p_b_str)) == 0); + assert(lua_gettop(L) == 0); + + struct interface ifp_a; + struct interface ifp_b = ifp_a; + + lua_pushinterface(L, &ifp_a); + lua_decode_interface(L, -1, &ifp_a); + assert(strncmp(ifp_a.name, ifp_b.name, sizeof(ifp_b.name)) == 0); + assert(ifp_a.ifindex == ifp_b.ifindex); + assert(ifp_a.status == ifp_b.status); + assert(ifp_a.flags == ifp_b.flags); + assert(ifp_a.metric == ifp_b.metric); + assert(ifp_a.speed == ifp_b.speed); + assert(ifp_a.mtu == ifp_b.mtu); + assert(ifp_a.mtu6 == ifp_b.mtu6); + assert(ifp_a.bandwidth == ifp_b.bandwidth); + assert(ifp_a.link_ifindex == ifp_b.link_ifindex); + assert(ifp_a.ll_type == ifp_b.ll_type); + assert(lua_gettop(L) == 0); + + struct in_addr addr_a; + struct in_addr addr_b = addr_a; + + lua_pushinaddr(L, &addr_a); + lua_decode_inaddr(L, -1, &addr_a); + assert(addr_a.s_addr == addr_b.s_addr); + assert(lua_gettop(L) == 0); + + struct in6_addr in6addr_a; + struct in6_addr in6addr_b = in6addr_a; + + lua_pushin6addr(L, &in6addr_a); + lua_decode_in6addr(L, -1, &in6addr_a); + assert(in6addr_cmp(&in6addr_a, &in6addr_b) == 0); + assert(lua_gettop(L) == 0); + + union sockunion su_a, su_b; + + memset(&su_a, 0, sizeof(union sockunion)); + memset(&su_b, 0, sizeof(union sockunion)); + lua_pushsockunion(L, &su_a); + lua_decode_sockunion(L, -1, &su_a); + assert(sockunion_cmp(&su_a, &su_b) == 0); + assert(lua_gettop(L) == 0); +} + +int main(int argc, char **argv) +{ + test_encode_decode(); +} diff --git a/tests/lib/test_frrlua.py b/tests/lib/test_frrlua.py new file mode 100644 index 0000000000..2f6ddc1c07 --- /dev/null +++ b/tests/lib/test_frrlua.py @@ -0,0 +1,14 @@ +import frrtest +import pytest + +if 'S["SCRIPTING_TRUE"]=""\n' not in open("../config.status").readlines(): + class TestFrrlua: + @pytest.mark.skipif(True, reason="Test unsupported") + def test_exit_cleanly(self): + pass +else: + + class TestFrrlua(frrtest.TestMultiOut): + program = "./test_frrlua" + + TestFrrlua.exit_cleanly() diff --git a/tests/lib/test_frrscript.c b/tests/lib/test_frrscript.c new file mode 100644 index 0000000000..bd75cc5552 --- /dev/null +++ b/tests/lib/test_frrscript.c @@ -0,0 +1,37 @@ +/* + * frrscript unit tests + * Copyright (C) 2021 Donald Lee + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; see the file COPYING; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include <zebra.h> + +#include "lib/frrscript.h" + +int main(int argc, char **argv) +{ + frrscript_init("./lib"); + + struct frrscript *fs = frrscript_load("script1", NULL); + long long a = 100, b = 200; + int result = frrscript_call(fs, ("a", &a), ("b", &b)); + + assert(result == 0); + assert(a == 300); + assert(b == 200); + + return 0; +} diff --git a/tests/lib/test_frrscript.py b/tests/lib/test_frrscript.py new file mode 100644 index 0000000000..046d97b014 --- /dev/null +++ b/tests/lib/test_frrscript.py @@ -0,0 +1,14 @@ +import frrtest +import pytest + +if 'S["SCRIPTING_TRUE"]=""\n' not in open("../config.status").readlines(): + class TestFrrscript: + @pytest.mark.skipif(True, reason="Test unsupported") + def test_exit_cleanly(self): + pass +else: + + class TestFrrscript(frrtest.TestMultiOut): + program = "./test_frrscript" + + TestFrrscript.exit_cleanly() diff --git a/tests/subdir.am b/tests/subdir.am index ca477851e3..c2153140f5 100644 --- a/tests/subdir.am +++ b/tests/subdir.am @@ -59,6 +59,15 @@ TESTS_ZEBRA = IGNORE_ZEBRA = --ignore=zebra/ endif +if SCRIPTING +TESTS_SCRIPTING = \ + tests/lib/test_frrlua \ + tests/lib/test_frrscript \ + #end +else +TESTS_SCRIPTING = +endif + clippy_scan += \ tests/lib/cli/test_cli.c \ tests/ospf6d/test_lsdb.c \ @@ -104,6 +113,7 @@ check_PROGRAMS = \ $(TESTS_OSPFD) \ $(TESTS_OSPF6D) \ $(TESTS_ZEBRA) \ + $(TESTS_SCRIPTING) \ # end if GRPC @@ -289,6 +299,16 @@ tests_lib_test_checksum_CFLAGS = $(TESTS_CFLAGS) tests_lib_test_checksum_CPPFLAGS = $(TESTS_CPPFLAGS) tests_lib_test_checksum_LDADD = $(ALL_TESTS_LDADD) tests_lib_test_checksum_SOURCES = tests/lib/test_checksum.c +if SCRIPTING +tests_lib_test_frrlua_CFLAGS = $(TESTS_CFLAGS) +tests_lib_test_frrlua_CPPFLAGS = $(TESTS_CPPFLAGS) +tests_lib_test_frrlua_LDADD = $(ALL_TESTS_LDADD) +tests_lib_test_frrlua_SOURCES = tests/lib/test_frrlua.c +tests_lib_test_frrscript_CFLAGS = $(TESTS_CFLAGS) +tests_lib_test_frrscript_CPPFLAGS = $(TESTS_CPPFLAGS) +tests_lib_test_frrscript_LDADD = $(ALL_TESTS_LDADD) +tests_lib_test_frrscript_SOURCES = tests/lib/test_frrscript.c +endif tests_lib_test_graph_CFLAGS = $(TESTS_CFLAGS) tests_lib_test_graph_CPPFLAGS = $(TESTS_CPPFLAGS) tests_lib_test_graph_LDADD = $(ALL_TESTS_LDADD) @@ -464,6 +484,14 @@ EXTRA_DIST += \ tests/zebra/test_lm_plugin.refout \ # end + +if SCRIPTING +EXTRA_DIST += \ + tests/lib/test_frrscript.py \ + tests/lib/test_frrlua.py \ + #end +endif + .PHONY: tests/tests.xml tests/tests.xml: $(check_PROGRAMS) ( cd tests; $(PYTHON) ../$(srcdir)/tests/runtests.py --junitxml=tests.xml -v ../$(srcdir)/tests $(IGNORE_BGPD) $(IGNORE_ISISD) $(IGNORE_OSPF6D); ) diff --git a/tests/topotests/bgp_aspath_zero/__init__.py b/tests/topotests/bgp_aspath_zero/__init__.py new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/tests/topotests/bgp_aspath_zero/__init__.py diff --git a/tests/topotests/bgp_aspath_zero/exabgp.env b/tests/topotests/bgp_aspath_zero/exabgp.env new file mode 100644 index 0000000000..28e642360a --- /dev/null +++ b/tests/topotests/bgp_aspath_zero/exabgp.env @@ -0,0 +1,53 @@ +[exabgp.api] +encoder = text +highres = false +respawn = false +socket = '' + +[exabgp.bgp] +openwait = 60 + +[exabgp.cache] +attributes = true +nexthops = true + +[exabgp.daemon] +daemonize = true +pid = '/var/run/exabgp/exabgp.pid' +user = 'exabgp' +##daemonize = false + +[exabgp.log] +all = false +configuration = true +daemon = true +destination = '/var/log/exabgp.log' +enable = true +level = INFO +message = false +network = true +packets = false +parser = false +processes = true +reactor = true +rib = false +routes = false +short = false +timers = false + +[exabgp.pdb] +enable = false + +[exabgp.profile] +enable = false +file = '' + +[exabgp.reactor] +speed = 1.0 + +[exabgp.tcp] +acl = false +bind = '' +delay = 0 +once = false +port = 179 diff --git a/tests/topotests/bgp_aspath_zero/peer1/exabgp.cfg b/tests/topotests/bgp_aspath_zero/peer1/exabgp.cfg new file mode 100644 index 0000000000..fe9ea01eca --- /dev/null +++ b/tests/topotests/bgp_aspath_zero/peer1/exabgp.cfg @@ -0,0 +1,17 @@ +neighbor 10.0.0.1 { + router-id 10.0.0.2; + local-address 10.0.0.2; + local-as 65001; + peer-as 65534; + + static { + route 192.168.100.101/32 { + next-hop 10.0.0.2; + } + + route 192.168.100.102/32 { + as-path [65000 0 65001]; + next-hop 10.0.0.2; + } + } +} diff --git a/tests/topotests/bgp_aspath_zero/r1/bgpd.conf b/tests/topotests/bgp_aspath_zero/r1/bgpd.conf new file mode 100644 index 0000000000..002a5c78c0 --- /dev/null +++ b/tests/topotests/bgp_aspath_zero/r1/bgpd.conf @@ -0,0 +1,6 @@ +! +router bgp 65534 + no bgp ebgp-requires-policy + neighbor 10.0.0.2 remote-as external + neighbor 10.0.0.2 timers 3 10 +! diff --git a/tests/topotests/bgp_aspath_zero/r1/zebra.conf b/tests/topotests/bgp_aspath_zero/r1/zebra.conf new file mode 100644 index 0000000000..22a26ac610 --- /dev/null +++ b/tests/topotests/bgp_aspath_zero/r1/zebra.conf @@ -0,0 +1,6 @@ +! +interface r1-eth0 + ip address 10.0.0.1/24 +! +ip forwarding +! diff --git a/tests/topotests/bgp_aspath_zero/test_bgp_aspath_zero.py b/tests/topotests/bgp_aspath_zero/test_bgp_aspath_zero.py new file mode 100644 index 0000000000..903ab12a13 --- /dev/null +++ b/tests/topotests/bgp_aspath_zero/test_bgp_aspath_zero.py @@ -0,0 +1,121 @@ +#!/usr/bin/env python + +# +# Copyright (c) 2021 by +# Donatas Abraitis <donatas.abraitis@gmail.com> +# +# Permission to use, copy, modify, and/or distribute this software +# for any purpose with or without fee is hereby granted, provided +# that the above copyright notice and this permission notice appear +# in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY +# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE +# OF THIS SOFTWARE. +# + +""" +Test if BGP UPDATE with AS-PATH attribute with value zero (0) +is threated as withdrawal. +""" + +import os +import sys +import json +import time +import pytest +import functools + +CWD = os.path.dirname(os.path.realpath(__file__)) +sys.path.append(os.path.join(CWD, "../")) + +# pylint: disable=C0413 +from lib import topotest +from lib.topogen import Topogen, TopoRouter, get_topogen +from lib.topolog import logger +from mininet.topo import Topo + +pytestmark = [pytest.mark.bgpd] + + +class BgpAggregatorAsnZero(Topo): + def build(self, *_args, **_opts): + tgen = get_topogen(self) + + r1 = tgen.add_router("r1") + peer1 = tgen.add_exabgp_peer( + "peer1", ip="10.0.0.2", defaultRoute="via 10.0.0.1" + ) + + switch = tgen.add_switch("s1") + switch.add_link(r1) + switch.add_link(peer1) + + +def setup_module(mod): + tgen = Topogen(BgpAggregatorAsnZero, mod.__name__) + tgen.start_topology() + + router = tgen.gears["r1"] + router.load_config(TopoRouter.RD_ZEBRA, os.path.join(CWD, "r1/zebra.conf")) + router.load_config(TopoRouter.RD_BGP, os.path.join(CWD, "r1/bgpd.conf")) + router.start() + + peer = tgen.gears["peer1"] + peer.start(os.path.join(CWD, "peer1"), os.path.join(CWD, "exabgp.env")) + + +def teardown_module(mod): + tgen = get_topogen() + tgen.stop_topology() + + +def test_bgp_aggregator_zero(): + tgen = get_topogen() + + if tgen.routers_have_failure(): + pytest.skip(tgen.errors) + + def _bgp_converge(): + output = json.loads( + tgen.gears["r1"].vtysh_cmd("show ip bgp neighbor 10.0.0.2 json") + ) + expected = { + "10.0.0.2": { + "bgpState": "Established", + "addressFamilyInfo": {"ipv4Unicast": {"acceptedPrefixCounter": 1}}, + } + } + return topotest.json_cmp(output, expected) + + test_func = functools.partial(_bgp_converge) + success, result = topotest.run_and_expect(test_func, None, count=60, wait=0.5) + assert result is None, "More than one prefix seen at r1, SHOULD be only one." + + def _bgp_has_correct_routes_without_asn_0(): + output = json.loads(tgen.gears["r1"].vtysh_cmd("show ip bgp json")) + expected = {"routes": {"192.168.100.101/32": [{"valid": True}]}} + return topotest.json_cmp(output, expected) + + test_func = functools.partial(_bgp_has_correct_routes_without_asn_0) + success, result = topotest.run_and_expect(test_func, None, count=60, wait=0.5) + assert result is None, "Failed listing 192.168.100.101/32, SHOULD be accepted." + + +def test_memory_leak(): + "Run the memory leak test and report results." + tgen = get_topogen() + if not tgen.is_memleak_enabled(): + pytest.skip("Memory leak test/report is disabled") + + tgen.report_memory_leaks() + + +if __name__ == "__main__": + args = ["-s"] + sys.argv[1:] + sys.exit(pytest.main(args)) diff --git a/tests/topotests/lib/common_config.py b/tests/topotests/lib/common_config.py index 9e38608631..d659b8d52d 100644 --- a/tests/topotests/lib/common_config.py +++ b/tests/topotests/lib/common_config.py @@ -712,20 +712,36 @@ def generate_support_bundle(): tgen = get_topogen() router_list = tgen.routers() - test_name = sys._getframe(2).f_code.co_name + test_name = os.environ.get('PYTEST_CURRENT_TEST').split(':')[-1].split(' ')[0] + TMPDIR = os.path.join(LOGDIR, tgen.modname) + bundle_procs = {} for rname, rnode in router_list.items(): - logger.info("Generating support bundle for {}".format(rname)) + logger.info("Spawn collection of support bundle for %s", rname) rnode.run("mkdir -p /var/log/frr") + bundle_procs[rname] = tgen.net[rname].popen( + "/usr/lib/frr/generate_support_bundle.py", + stdin=None, + stdout=SUB_PIPE, + stderr=SUB_PIPE, + ) - # Support only python3 going forward - bundle_log = rnode.run("env python3 /usr/lib/frr/generate_support_bundle.py") - - logger.info(bundle_log) - + for rname, rnode in router_list.items(): dst_bundle = "{}/{}/support_bundles/{}".format(TMPDIR, rname, test_name) src_bundle = "/var/log/frr" + + output, error = bundle_procs[rname].communicate() + + logger.info("Saving support bundle for %s", rname) + if output: + logger.info( + "Output from collecting support bundle for %s:\n%s", rname, output + ) + if error: + logger.warning( + "Error from collecting support bundle for %s:\n%s", rname, error + ) rnode.run("rm -rf {}".format(dst_bundle)) rnode.run("mkdir -p {}".format(dst_bundle)) rnode.run("mv -f {}/* {}".format(src_bundle, dst_bundle)) diff --git a/tests/topotests/msdp_mesh_topo1/r1/pimd.conf b/tests/topotests/msdp_mesh_topo1/r1/pimd.conf index 49341efa57..30cecee9e1 100644 --- a/tests/topotests/msdp_mesh_topo1/r1/pimd.conf +++ b/tests/topotests/msdp_mesh_topo1/r1/pimd.conf @@ -10,6 +10,7 @@ interface r1-eth1 ip igmp ! ip pim rp 10.254.254.1 +ip msdp timers 10 20 3 ip msdp mesh-group mg-1 source 10.254.254.1 ip msdp mesh-group mg-1 member 10.254.254.2 ip msdp mesh-group mg-1 member 10.254.254.3 diff --git a/tests/topotests/msdp_mesh_topo1/r2/pimd.conf b/tests/topotests/msdp_mesh_topo1/r2/pimd.conf index 9005263ed7..a51c6d58c7 100644 --- a/tests/topotests/msdp_mesh_topo1/r2/pimd.conf +++ b/tests/topotests/msdp_mesh_topo1/r2/pimd.conf @@ -9,6 +9,7 @@ interface r2-eth1 ip pim ! ip pim rp 10.254.254.2 +ip msdp timers 10 20 3 ip msdp mesh-group mg-1 source 10.254.254.2 ip msdp mesh-group mg-1 member 10.254.254.1 ip msdp mesh-group mg-1 member 10.254.254.3 diff --git a/tests/topotests/msdp_mesh_topo1/r3/pimd.conf b/tests/topotests/msdp_mesh_topo1/r3/pimd.conf index 30e1148561..663f78620e 100644 --- a/tests/topotests/msdp_mesh_topo1/r3/pimd.conf +++ b/tests/topotests/msdp_mesh_topo1/r3/pimd.conf @@ -10,6 +10,7 @@ interface r3-eth1 ip igmp ! ip pim rp 10.254.254.3 +ip msdp timers 10 20 3 ip msdp mesh-group mg-1 source 10.254.254.3 ip msdp mesh-group mg-1 member 10.254.254.1 ip msdp mesh-group mg-1 member 10.254.254.2 diff --git a/tests/topotests/msdp_topo1/r1/pimd.conf b/tests/topotests/msdp_topo1/r1/pimd.conf index 7f2958ac8c..fc289031f4 100644 --- a/tests/topotests/msdp_topo1/r1/pimd.conf +++ b/tests/topotests/msdp_topo1/r1/pimd.conf @@ -15,6 +15,7 @@ interface r1-eth2 ip pim ip igmp ! +ip msdp timers 10 20 3 ip msdp peer 192.168.0.2 source 192.168.0.1 ip msdp peer 192.168.1.2 source 192.168.1.1 ip pim rp 10.254.254.1 diff --git a/tests/topotests/msdp_topo1/r2/pimd.conf b/tests/topotests/msdp_topo1/r2/pimd.conf index dc4e0fa0ea..ffa80b12d3 100644 --- a/tests/topotests/msdp_topo1/r2/pimd.conf +++ b/tests/topotests/msdp_topo1/r2/pimd.conf @@ -11,6 +11,7 @@ interface r2-eth0 interface r2-eth1 ip pim ! +ip msdp timers 10 20 3 ip msdp peer 192.168.0.1 source 192.168.0.2 ip msdp peer 192.168.2.2 source 192.168.2.1 ip pim rp 10.254.254.2 diff --git a/tests/topotests/msdp_topo1/r3/pimd.conf b/tests/topotests/msdp_topo1/r3/pimd.conf index 7dae3d6da8..ab12f0573a 100644 --- a/tests/topotests/msdp_topo1/r3/pimd.conf +++ b/tests/topotests/msdp_topo1/r3/pimd.conf @@ -11,6 +11,7 @@ interface r3-eth0 interface r3-eth1 ip pim ! +ip msdp timers 10 20 3 ip msdp peer 192.168.1.1 source 192.168.1.2 ip msdp peer 192.168.3.2 source 192.168.3.1 ip pim rp 10.254.254.3 diff --git a/tests/topotests/msdp_topo1/r4/pimd.conf b/tests/topotests/msdp_topo1/r4/pimd.conf index 1b422f7780..b2e05cb3cb 100644 --- a/tests/topotests/msdp_topo1/r4/pimd.conf +++ b/tests/topotests/msdp_topo1/r4/pimd.conf @@ -15,6 +15,7 @@ interface r4-eth2 ip pim ip igmp ! +ip msdp timers 10 20 3 ip msdp peer 192.168.2.1 source 192.168.2.2 ip msdp peer 192.168.3.1 source 192.168.3.2 ip pim rp 10.254.254.4 diff --git a/tests/topotests/multicast_pim_sm_topo1/test_multicast_pim_sm_topo1.py b/tests/topotests/multicast_pim_sm_topo1/test_multicast_pim_sm_topo1.py index e55e30270d..b880e0e462 100755 --- a/tests/topotests/multicast_pim_sm_topo1/test_multicast_pim_sm_topo1.py +++ b/tests/topotests/multicast_pim_sm_topo1/test_multicast_pim_sm_topo1.py @@ -526,9 +526,14 @@ def test_multicast_data_traffic_static_RP_send_traffic_then_join_p0(request): {"dut": "r2", "src_address": source, "iif": "r2-f1-eth0", "oil": "r2-l1-eth2"}, {"dut": "f1", "src_address": source, "iif": "f1-i2-eth1", "oil": "f1-r2-eth3"}, ] + # On timeout change from default of 80 to 120: failures logs indicate times 90+ + # seconds for success on the 2nd entry in the above table. Using 100s here restores + # previous 80 retries with 2s wait if we assume .5s per vtysh/show ip mroute runtime + # (41 * (2 + .5)) == 102. for data in input_dict: result = verify_ip_mroutes( - tgen, data["dut"], data["src_address"], IGMP_JOIN, data["iif"], data["oil"] + tgen, data["dut"], data["src_address"], IGMP_JOIN, data["iif"], data["oil"], + retry_timeout=102 ) assert result is True, "Testcase {} : Failed Error: {}".format(tc_name, result) diff --git a/tools/build-debian-package.sh b/tools/build-debian-package.sh index d21f468bf5..3c922c355c 100755 --- a/tools/build-debian-package.sh +++ b/tools/build-debian-package.sh @@ -1,27 +1,75 @@ #!/bin/sh # # Written by Daniil Baturin, 2018 +# Rewritten by Ondřej Surý, 2020 # This file is public domain set -e -cd "`dirname $0`" -cd .. +cd "$(dirname "$0")/.." -if [ "`id -u`" = 0 ]; then +# +# Checking requirements +# + +if [ "$(id -u)" = 0 ]; then echo "Running as root - installing dependencies" - apt-get install fakeroot debhelper devscripts + apt-get install fakeroot debhelper devscripts git-buildpackage lsb-release mk-build-deps --install debian/control exit 0 fi git diff-index --quiet HEAD || echo "Warning: git working directory is not clean!" -echo "Preparing the build" -tools/tarsource.sh -V +############################ +# Build the Debian package # +############################ -echo "Building the Debian package" -if test $# -eq 0; then - dpkg-buildpackage -b -uc -us -else - dpkg-buildpackage "$@" -fi +# +# Now we will construct an "upstream" version out of: +# 1. version in AC_INIT +# 2. the unix time from the last commit (HEAD) +# (alternatively %Y%m%d%H%M%S could be used here) +# 4. Debian version (always -1) +# + +UPSTREAM_VERSION=$(sed -ne 's/AC_INIT(\[frr\],\s\[\([^]]*\)\],.*/\1/p' configure.ac | sed -e 's/-\(\(dev\|alpha\|beta\)\d*\)/~\1/') +LAST_TIMESTAMP=$(git log --format=format:%ad --date=format:%s -1 "HEAD") +DEBIAN_VERSION="$UPSTREAM_VERSION-$LAST_TIMESTAMP-1" +DEBIAN_BRANCH=$(git rev-parse --abbrev-ref HEAD) + +# +# We add a Debian changelog entry, and use artifical "since commit" +# so there's not a whole git history in the debian/changelog. +# +# The --snapshot option appends ~1.<shorthash> to the debian version, so for the +# release build, this needs to be replaces with --release +# + +echo "Adding new snapshot debian/changelog entry for $DEBIAN_VERSION..." + +gbp dch \ + --debian-branch="$DEBIAN_BRANCH" \ + --new-version="$DEBIAN_VERSION" \ + --dch-opt="--force-bad-version" \ + --since="HEAD~" \ + --snapshot \ + --commit \ + --git-author + +echo "Building package..." + +# +# git-buildpackage will use $BUILDER command to just build new binary package +# + +BUILDER="dpkg-buildpackage -uc -us --build=binary --no-check-builddeps --no-pre-clean -sa" +UPSTREAM_COMPRESSION=xz + +gbp buildpackage \ + --git-export-dir="$WORKDIR" \ + --git-builder="$BUILDER" \ + --git-debian-branch="$DEBIAN_BRANCH" \ + --git-force-create \ + --git-compression=$UPSTREAM_COMPRESSION \ + --git-no-pristine-tar \ + --git-ignore-new diff --git a/tools/coccinelle/xcalloc-xmalloc.cocci b/tools/coccinelle/xcalloc-xmalloc.cocci new file mode 100644 index 0000000000..2a091d4cd9 --- /dev/null +++ b/tools/coccinelle/xcalloc-xmalloc.cocci @@ -0,0 +1,17 @@ +// No need checking against NULL for XMALLOC/XCALLOC. +// If that happens, we have more problems with memory. + +@@ +type T; +T *ptr; +@@ + +ptr = +( +XCALLOC(...) +| +XMALLOC(...) +) +... +- if (ptr == NULL) +- return ...; diff --git a/tools/generate_support_bundle.py b/tools/generate_support_bundle.py index 38fdbd46df..56b2872d1e 100755 --- a/tools/generate_support_bundle.py +++ b/tools/generate_support_bundle.py @@ -1,117 +1,89 @@ #!/usr/bin/env python3 +# +# Copyright (c) 2021, LabN Consulting, L.L.C. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; see the file COPYING; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# ######################################################## ### Python Script to generate the FRR support bundle ### ######################################################## +import argparse +import logging import os import subprocess -import datetime - -ETC_DIR = "/etc/frr/" -LOG_DIR = "/var/log/frr/" -SUCCESS = 1 -FAIL = 0 - -inputFile = ETC_DIR + "support_bundle_commands.conf" - -# Create the output file name -def createOutputFile(procName): - fileName = procName + "_support_bundle.log" - oldFile = LOG_DIR + fileName - cpFileCmd = "cp " + oldFile + " " + oldFile + ".prev" - rmFileCmd = "rm -rf " + oldFile - print("Making backup of " + oldFile) - os.system(cpFileCmd) - print("Removing " + oldFile) - os.system(rmFileCmd) - return fileName - - -# Open the output file for this process -def openOutputFile(fileName): - crt_file_cmd = LOG_DIR + fileName - print(crt_file_cmd) - try: - outputFile = open(crt_file_cmd, "w") - return outputFile - except IOError: - return () - - -# Close the output file for this process -def closeOutputFile(f): - try: - f.close() - return SUCCESS - except IOError: - return FAIL - - -# Execute the command over vtysh and store in the -# output file -def executeCommand(cmd, outputFile): - cmd_exec_str = 'vtysh -c "' + cmd + '" ' +import tempfile + +def open_with_backup(path): + if os.path.exists(path): + print("Making backup of " + path) + subprocess.check_call("mv {0} {0}.prev".format(path)) + return open(path, "w") + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("-c", "--config", default="/etc/frr/support_bundle_commands.conf", help="input config") + parser.add_argument("-l", "--log-dir", default="/var/log/frr", help="directory for logfiles") + args = parser.parse_args() + + collecting = False # file format has sentinels (seem superfluous) + proc_cmds = {} + proc = None + temp = None + + # Collect all the commands for each daemon try: - cmd_output = subprocess.check_output(cmd_exec_str, shell=True) - try: - dateTime = datetime.datetime.now() - outputFile.write(">>[" + str(dateTime) + "]" + cmd + "\n") - outputFile.write(str(cmd_output)) - outputFile.write( - "########################################################\n" - ) - outputFile.write("\n") - except Exception as e: - print("Writing to output file Failed: ", e) - except subprocess.CalledProcessError as e: - dateTime = datetime.datetime.now() - outputFile.write(">>[" + str(dateTime) + "]" + cmd + "\n") - outputFile.write(e.output) - outputFile.write("########################################################\n") - outputFile.write("\n") - print("Error:" + e.output) - - -# Process the support bundle configuration file -# and call appropriate functions -def processConfFile(): - - lines = list() - outputFile = None - - try: - with open(inputFile, "r") as supportBundleConfFile: - for l in supportBundleConfFile: - lines.append(l.rstrip()) - except IOError: - print("conf file {} not present".format(inputFile)) - return - - for line in lines: - if len(line) == 0 or line[0] == "#": - continue - - cmd_line = line.split(":") - if cmd_line[0] == "PROC_NAME": - outputFileName = createOutputFile(cmd_line[1]) - if outputFileName: - print(outputFileName, "created for", cmd_line[1]) - elif cmd_line[0] == "CMD_LIST_START": - outputFile = openOutputFile(outputFileName) - if outputFile: - print(outputFileName, "opened") - else: - print(outputFileName, "open failed") - return FAIL - elif cmd_line[0] == "CMD_LIST_END": - if closeOutputFile(outputFile): - print(outputFileName, "closed") + for line in open(args.config): + line = line.rstrip() + if len(line) == 0 or line[0] == "#": + continue + + cmd_line = line.split(":") + if cmd_line[0] == "PROC_NAME": + proc = cmd_line[1] + temp = tempfile.NamedTemporaryFile("w+") + collecting = False + elif cmd_line[0] == "CMD_LIST_START": + collecting = True + elif cmd_line[0] == "CMD_LIST_END": + collecting = False + temp.flush() + proc_cmds[proc] = open(temp.name) + temp.close() + elif collecting: + temp.write(line + "\n") else: - print(outputFileName, "close failed") - else: - print("Execute:", cmd_line[0]) - executeCommand(cmd_line[0], outputFile) - + print("Ignoring unexpected input " + line.rstrip()) + except IOError as error: + logging.fatal("Cannot read config file: %s: %s", args.config, str(error)) + return -# Main Function -processConfFile() + # Spawn a vtysh to fetch each set of commands + procs = [] + for proc in proc_cmds: + ofn = os.path.join(args.log_dir, proc + "_support_bundle.log") + p = subprocess.Popen( + ["/usr/bin/env", "vtysh", "-t"], + stdin=proc_cmds[proc], + stdout=open_with_backup(ofn), + stderr=subprocess.STDOUT, + ) + procs.append(p) + + for p in procs: + p.wait() + +if __name__ == "__main__": + main() diff --git a/tools/tarsource.sh b/tools/tarsource.sh deleted file mode 100755 index 4843fe88b0..0000000000 --- a/tools/tarsource.sh +++ /dev/null @@ -1,336 +0,0 @@ -#!/bin/bash -# 2018 by David Lamparter, placed in the Public Domain - -help() { - cat <<EOF -FRR tarball/dsc helper, intended to run from a git checkout - -Usage: - ./tarsource.sh [-dDn] [-i GITPATH] [-o OUTDIR] [-S KEYID] - [-C COMMIT] [-e EXTRAVERSION] [-z gz|xz] - -options: - -i GITPATH path to git working tree or bare repository. - - default: parent directory containing this script - -o OUTDIR path to place the generated output files in. - - default: current directory - -C COMMIT build tarball for specified git commit - - default: current HEAD - -e EXTRAVERSION override automatic package extraversion - - default "-YYYYMMDD-NN-gGGGGGGGGGGGG", but the script - autodetects if a release tag is checked out - -z gz|xz compression format to use - - default: xz - -S KEYID sign the output with gpg key - -d use dirty git tree with local changes - -D generate Debian .dsc and .debian.tar.xz too - (note: output files are moved to parent directory) - -l remove Debian auto-build changelog entry - (always done for releases) - -V write version information to config.version and exit - -n allow executing from non-git source (NOT RECOMMENDED) - -h show this help text - -Note(1) that this script tries very hard to generate a deterministic, -reproducible tarball by eliminating timestamps and similar things. However, -since the tarball includes autoconf/automake files, the versions of these -tools need to be _exactly_ identical to get the same tarball. - -Note(2) the debian ".orig" tarball is always identical to the "plain" tarball -generated without the -D option. - -Note(3) if you want the tool to identify github PRs, you need to edit your -.git/config to fetch PRs from github like this: - - [remote "origin"] - url = git@github.com:frrouting/frr.git - fetch = +refs/heads/*:refs/remotes/origin/* -ADD: fetch = +refs/pull/*/head:refs/remotes/origin/pull/* -EOF -} - -set -e - -options=`getopt -o 'hi:o:C:S:e:z:DdnlV' -l help -- "$@"` -debian=false -dirty=false -nongit=false -zip=xz -adjchangelog=false -writeversion=false -extraset=false -set - $options -while test $# -gt 0; do - arg="$1"; shift; optarg=$1 - case "$arg" in - -h|--help) help; exit 0;; - -d) dirty=true;; - -D) debian=true;; - -n) nongit=true;; - -i) eval src=$optarg; shift;; - -C) eval commit=$optarg; shift;; - -o) eval outdir=$optarg; shift;; - -e) eval extraver=$optarg; extraset=true; shift;; - -z) eval zip=$optarg; shift;; - -S) eval keyid=$optarg; shift;; - -l) adjchangelog=true;; - -V) writeversion=true;; - --) break;; - *) echo something went wrong with getopt >&2 - exit 1 - ;; - esac -done - -cwd="`pwd`" -outdir="${outdir:-$cwd}" - -if test -e "$outdir" -a \! -d "$outdir"; then - echo "output $outdir must be a directory" >&2 - exit 1 -elif test \! -d "$outdir"; then - mkdir -p "$outdir" -fi - -cd "$outdir" -outdir="`pwd`" -cd "$cwd" -cd "`dirname $0`/.." -selfdir="`pwd`" -src="${src:-$selfdir}" - -if $writeversion; then - if $nongit; then - echo "The -V option cannot be used without a git tree" >&2 - exit 1 - fi - dirty=true -fi - -case "$zip" in -gz) ziptarget=dist-gzip; ziptool="gzip -n -9"; unzip="gzip -k -c";; -xz) ziptarget=dist-xz; ziptool="xz -z -e"; unzip="xz -d -k -c";; -*) echo "unknown compression format $zip" >&2 - exit 1 -esac - -# always overwrite file ownership in tars -taropt="--owner=root --group=root" - -onexit() { - rv="$?" - set +e - test -n "$tmpdir" -a -d "$tmpdir" && rm -rf "$tmpdir" - - if test "$rv" -ne 0; then - echo -e "\n\033[31;1mfailed\n" >&2 - if test "$dirty" = true; then - echo please try running the script without the -d option.>&2 - fi - fi - exit $rv -} -trap onexit EXIT -tmpdir="`mktemp -d -t frrtar.XXXXXX`" - -if test -e "$src/.git"; then - commit="`git -C \"$src\" rev-parse \"${commit:-HEAD}\"`" - - if $dirty; then - cd "$src" - echo -e "\033[31;1mgit: using dirty worktree in $src\033[m" >&2 - else - echo -e "\033[33;1mgit: preparing a clean clone of $src\033[m" - branch="${tmpdir##*/}" - cd "$tmpdir" - - git -C "$src" branch "$branch" "$commit" - git clone --single-branch -s -b "$branch" "$src" source - git -C "$src" branch -D "$branch" - cd source - fi - - # if we're creating a tarball from git, force the timestamps inside - # the tar to match the commit date - this makes the tarball itself - # reproducible - gitts="`TZ=UTC git show -s --format=%cd --date=local $commit`" - gitts="`TZ=UTC date -d "$gitts" '+%Y-%m-%dT%H:%M:%SZ'`" - taropt="--mtime=$gitts $taropt" - - # check if we're on a release tag - gittag="`git -C \"$src\" describe --tags --match 'frr-*' --first-parent --long $commit`" - gittag="${gittag%-g*}" - gittag="${gittag%-*}" - - # if there have been changes to packaging or tests, it's still the - # same release - changes="`git diff --name-only "$gittag" $commit | \ - egrep -v '\.git|^m4/|^config|^README|^alpine/|^debian/|^pkgsrc/|^ports/|^redhat/|^snapcraft/|^solaris/|^tests/|^tools/|^gdb/|^docker/|^\.' | \ - wc -l`" - if test "$changes" -eq 0; then - adjchangelog=true - echo "detected release build for tag $gittag" >&2 - $extraset || extraver="" - elif ! $adjchangelog; then - gitdate="`TZ=UTC date -d "$gitts" '+%Y%m%d'`" - gitrev="`git rev-parse --short $commit`" - dayseq="`git rev-list --since \"${gitts%T*} 00:00:00 +0000\" $commit | wc -l`" - dayseq="`printf '%02d' $(( $dayseq - 1 ))`" - - $extraset || extraver="-$gitdate-$dayseq-g$gitrev" - - git -C "$src" remote -v | grep fetch | sed -e 's% (fetch)$%%' \ - | egrep -i '\b(git@github\.com:frrouting/frr\.git|https://github\.com/FRRouting/frr\.git)$' \ - | while read remote; do - remote="${remote%% *}" - - git -C "$src" var -l | egrep "^remote.$remote.fetch=" \ - | while read fetch; do - fetch="${fetch#*=}" - from="${fetch%:*}" - to="${fetch#*:}" - if test "$from" = "+refs/pull/*/head"; then - name="`git -C \"$src\" name-rev --name-only --refs \"$to\" $commit`" - test "$name" = "undefined" && continue - realname="${name%~*}" - realname="${realname%%^*}" - realname="${realname%%@*}" - if test "$realname" = "$name"; then - echo "${name##*/}" > "$tmpdir/.gitpr" - break - fi - fi - done || true - test -n "$gitpr" && break - done || true - test $extraset = false -a -f "$tmpdir/.gitpr" && extraver="-PR`cat \"$tmpdir/.gitpr\"`$extraver" - fi - - debsrc="git ls-files debian/" -else - if $nongit; then - echo -e "\033[31;1mWARNING: this script should be executed from a git tree\033[m" >&2 - else - echo -e "\033[31;1mERROR: this script should be executed from a git tree\033[m" >&2 - exit 1 - fi - debsrc="echo debian" -fi - -if $writeversion; then - pkgver="`egrep ^AC_INIT configure.ac`" - pkgver="${pkgver#*,}" - pkgver="${pkgver%,*}" - pkgver="`echo $pkgver`" # strip whitespace - pkgver="${pkgver#[}" - pkgver="${pkgver%]}" - - echo -e "\033[32;1mwriting version ID \033[36;1mfrr-$pkgver$extraver\033[m" - - cat > config.version <<EOF -# config.version override by tarsource.sh -EXTRAVERSION="$extraver" -DIST_PACKAGE_VERSION="$pkgver$extraver" -gitts="$gitts" -taropt="$taropt" -EOF - sed -e "s%@VERSION@%$pkgver$extraver%" \ - < changelog-auto.in \ - > changelog-auto - exit 0 -fi - -echo -e "\033[33;1mpreparing source tree\033[m" - -# config.version will also overwrite gitts and taropt when tarsource.sh -# was used to write the config.version file before - but configure will -# overwrite config.version down below! -if test -f config.version; then - # never executed for clean git build - . ./config.version - if $nongit; then - $extraset || extraver="$EXTRAVERSION" - fi -fi -if test \! -f configure; then - # always executed for clean git build - ./bootstrap.sh -fi -if test "$EXTRAVERSION" != "$extraver" -o \! -f config.status; then - # always executed for clean git build - # options don't matter really - we just want to make a dist tarball - ./configure --with-pkg-extra-version=$extraver -fi - -. ./config.version -PACKAGE_VERSION="$DIST_PACKAGE_VERSION" - -echo -e "\033[33;1mpacking up \033[36;1mfrr-$PACKAGE_VERSION\033[m" - -make GZIP_ENV="-n9" am__tar="tar -chof - $taropt \"\$\$tardir\"" $ziptarget -mv frr-${PACKAGE_VERSION}.tar.$zip "$outdir" || true -lsfiles="frr-${PACKAGE_VERSION}.tar.$zip" - -if $debian; then - mkdir -p "$tmpdir/debian/source" - cat debian/changelog > "$tmpdir/debian/changelog" - if $adjchangelog; then - if grep -q 'autoconf changelog entry' debian/changelog; then - tail -n +9 debian/changelog > "$tmpdir/debian/changelog" - fi - fi - echo '3.0 (quilt)' > "$tmpdir/debian/source/format" - DEBVER="`dpkg-parsechangelog -l\"$tmpdir/debian/changelog\" -SVersion`" - - eval $debsrc | tar -cho $taropt \ - --exclude-vcs --exclude debian/source/format \ - --exclude debian/changelog \ - --exclude debian/changelog-auto \ - --exclude debian/changelog-auto.in \ - --exclude debian/subdir.am \ - -T - -f ../frr_${DEBVER}.debian.tar - # add specially prepared files from above - tar -uf ../frr_${DEBVER}.debian.tar $taropt -C "$tmpdir" debian/source/format debian/changelog - - test -f ../frr_${DEBVER}.debian.tar.$zip && rm -f ../frr_${DEBVER}.debian.tar.$zip - $ziptool ../frr_${DEBVER}.debian.tar - - # pack up debian files proper - ln -s "$outdir/frr-${PACKAGE_VERSION}.tar.$zip" ../frr_${PACKAGE_VERSION}.orig.tar.$zip - dpkg-source -l"$tmpdir/debian/changelog" \ - --format='3.0 (custom)' --target-format='3.0 (quilt)' \ - -b . frr_${PACKAGE_VERSION}.orig.tar.$zip frr_${DEBVER}.debian.tar.$zip - - dpkg-genchanges -sa -S > ../frr_${DEBVER}_source.changes - - test -n "$keyid" && debsign ../frr_${DEBVER}_source.changes -k"$keyid" - - mv ../frr_${DEBVER}_source.changes "$outdir" || true - mv ../frr_${DEBVER}.dsc "$outdir" || true - mv ../frr_${DEBVER}.debian.tar.$zip "$outdir" || true - if test -h ../frr_${PACKAGE_VERSION}.orig.tar.$zip; then - rm ../frr_${PACKAGE_VERSION}.orig.tar.$zip || true - fi - ln -s frr-${PACKAGE_VERSION}.tar.$zip "$outdir/frr_${PACKAGE_VERSION}.orig.tar.$zip" || true - - cd "$outdir" - - lsfiles="$lsfiles \ - frr_${DEBVER}.dsc \ - frr_${DEBVER}.debian.tar.$zip \ - frr_${PACKAGE_VERSION}.orig.tar.$zip \ - frr_${DEBVER}_source.changes" -fi - -cd "$outdir" -if test -n "$keyid"; then - $unzip frr-${PACKAGE_VERSION}.tar.$zip > frr-${PACKAGE_VERSION}.tar - test -f frr-${PACKAGE_VERSION}.tar.asc && rm frr-${PACKAGE_VERSION}.tar.asc - if gpg -a --detach-sign -u "$keyid" frr-${PACKAGE_VERSION}.tar; then - lsfiles="$lsfiles frr-${PACKAGE_VERSION}.tar.asc" - fi - rm frr-${PACKAGE_VERSION}.tar -fi - -echo -e "\n\033[32;1mdone: \033[36;1mfrr-$PACKAGE_VERSION\033[m\n" -ls -l $lsfiles diff --git a/vtysh/vtysh.c b/vtysh/vtysh.c index 507c6ce882..dd3f448674 100644 --- a/vtysh/vtysh.c +++ b/vtysh/vtysh.c @@ -56,6 +56,9 @@ struct vty *vty; /* VTY shell pager name. */ char *vtysh_pager_name = NULL; +/* VTY should add timestamp */ +bool vtysh_add_timestamp; + /* VTY shell client structure */ struct vtysh_client { int fd; @@ -483,6 +486,13 @@ static int vtysh_execute_func(const char *line, int pager) } } + if (vtysh_add_timestamp && strncmp(line, "exit", 4)) { + char ts[48]; + + (void)quagga_timestamp(3, ts, sizeof(ts)); + vty_out(vty, "%% %s\n\n", ts); + } + saved_ret = ret = cmd_execute(vty, line, &cmd, 1); saved_node = vty->node; diff --git a/vtysh/vtysh.h b/vtysh/vtysh.h index 71f672554b..e56d482da2 100644 --- a/vtysh/vtysh.h +++ b/vtysh/vtysh.h @@ -113,4 +113,6 @@ extern struct vty *vty; extern int user_mode; +extern bool vtysh_add_timestamp; + #endif /* VTYSH_H */ diff --git a/vtysh/vtysh_config.c b/vtysh/vtysh_config.c index 6d80cf9d96..d22ec3113f 100644 --- a/vtysh/vtysh_config.c +++ b/vtysh/vtysh_config.c @@ -560,6 +560,7 @@ static int vtysh_read_file(FILE *confp, bool dry_run) int vtysh_read_config(const char *config_default_dir, bool dry_run) { FILE *confp = NULL; + bool save; int ret; confp = fopen(config_default_dir, "r"); @@ -570,9 +571,14 @@ int vtysh_read_config(const char *config_default_dir, bool dry_run) return CMD_ERR_NO_FILE; } + save = vtysh_add_timestamp; + vtysh_add_timestamp = false; + ret = vtysh_read_file(confp, dry_run); fclose(confp); + vtysh_add_timestamp = save; + return (ret); } diff --git a/vtysh/vtysh_main.c b/vtysh/vtysh_main.c index fe33bed7f6..20be81b901 100644 --- a/vtysh/vtysh_main.c +++ b/vtysh/vtysh_main.c @@ -201,6 +201,7 @@ struct option longopts[] = { {"writeconfig", no_argument, NULL, 'w'}, {"pathspace", required_argument, NULL, 'N'}, {"user", no_argument, NULL, 'u'}, + {"timestamp", no_argument, NULL, 't'}, {0}}; /* Read a string, and return a pointer to it. Returns NULL on EOF. */ @@ -308,6 +309,7 @@ int main(int argc, char **argv, char **env) int opt; int dryrun = 0; int boot_flag = 0; + bool ts_flag = false; const char *daemon_name = NULL; const char *inputfile = NULL; struct cmd_rec { @@ -346,7 +348,7 @@ int main(int argc, char **argv, char **env) /* Option handling. */ while (1) { - opt = getopt_long(argc, argv, "be:c:d:nf:H:mEhCwN:u", longopts, + opt = getopt_long(argc, argv, "be:c:d:nf:H:mEhCwN:ut", longopts, 0); if (opt == EOF) @@ -408,6 +410,9 @@ int main(int argc, char **argv, char **env) case 'u': user_mode = 1; break; + case 't': + ts_flag = true; + break; case 'w': writeconfig = 1; break; @@ -624,6 +629,8 @@ int main(int argc, char **argv, char **env) if (!user_mode) vtysh_execute("enable"); + vtysh_add_timestamp = ts_flag; + while (cmd != NULL) { char *eol; @@ -712,6 +719,8 @@ int main(int argc, char **argv, char **env) if (!user_mode) vtysh_execute("enable"); + vtysh_add_timestamp = ts_flag; + /* Preparation for longjmp() in sigtstp(). */ sigsetjmp(jmpbuf, 1); jmpflag = 1; diff --git a/watchfrr/watchfrr.c b/watchfrr/watchfrr.c index faf1777d7f..d0b4be81d4 100644 --- a/watchfrr/watchfrr.c +++ b/watchfrr/watchfrr.c @@ -469,12 +469,10 @@ static int run_job(struct restart_info *restart, const char *cmdtype, return -1; } -#if defined HAVE_SYSTEMD char buffer[512]; snprintf(buffer, sizeof(buffer), "restarting %s", restart->name); systemd_send_status(buffer); -#endif /* Note: time_elapsed test must come before the force test, since we need @@ -506,9 +504,8 @@ static int run_job(struct restart_info *restart, const char *cmdtype, restart->pid = 0; } -#if defined HAVE_SYSTEMD systemd_send_status("FRR Operational"); -#endif + /* Calculate the new restart interval. */ if (update_interval) { if (delay.tv_sec > 2 * gs.max_restart_interval) @@ -718,10 +715,9 @@ static void daemon_send_ready(int exitcode) fp = fopen(started, "w"); if (fp) fclose(fp); -#if defined HAVE_SYSTEMD - systemd_send_started(master, 0); + + systemd_send_started(master); systemd_send_status("FRR Operational"); -#endif sent = 1; } diff --git a/zebra/zebra_vty.c b/zebra/zebra_vty.c index 51f19a3c03..b204b30ca7 100644 --- a/zebra/zebra_vty.c +++ b/zebra/zebra_vty.c @@ -915,6 +915,7 @@ static void vty_show_ip_route(struct vty *vty, struct route_node *rn, json_object_string_add(json_route, "prefix", srcdest_rnode2str(rn, buf, sizeof(buf))); + json_object_int_add(json_route, "prefixLen", rn->p.prefixlen); json_object_string_add(json_route, "protocol", zebra_route_string(re->type)); @@ -1121,8 +1122,10 @@ static void vty_show_ip_route_detail_json(struct vty *vty, prefix2str(&rn->p, buf, sizeof(buf)); json_object_object_add(json, buf, json_prefix); - vty_out(vty, "%s\n", json_object_to_json_string_ext( - json, JSON_C_TO_STRING_PRETTY)); + vty_out(vty, "%s\n", + json_object_to_json_string_ext( + json, JSON_C_TO_STRING_PRETTY + | JSON_C_TO_STRING_NOSLASHESCAPE)); json_object_free(json); } @@ -1234,8 +1237,11 @@ static void do_show_route_helper(struct vty *vty, struct zebra_vrf *zvrf, } if (use_json) { - vty_out(vty, "%s\n", json_object_to_json_string_ext(json, - JSON_C_TO_STRING_PRETTY)); + vty_out(vty, "%s\n", + json_object_to_json_string_ext( + json, + JSON_C_TO_STRING_PRETTY + | JSON_C_TO_STRING_NOSLASHESCAPE)); json_object_free(json); } } |