| Age | Commit message (Collapse) | Author |
|---|
|
If we set router-id, e.g. `router-id x.x.x.x`, then we have:
```
pc.donatas.net# show ip ospf | include Router ID
OSPF Routing Process, Router ID: x.x.x.x
```
But once we remove it (`no router-id x.x.x.x`), the old router-id remains.
This is kinda OK, but to be consistent with OSPFv3 we should use what Zebra
already has, instead of retaining the old one.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
(cherry picked from commit 1073e0f9b39b2810a114dea03f2d1e0b14e414d4)
|
|
A new command is `ospf router-id ...`, but the old one is also valid. Just a no
form was missed.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
(cherry picked from commit 80bfe6784fa945640251ae5c907899eb9d77cc0a)
|
|
When parsing the SR-Algorithm TLV in the OSPF Router Information Opaque
LSA, assure that not more than the maximum number of supported
algorithms are copied from the TLV.
Signed-off-by: Acee Lindem <acee@lindem.com>
(cherry picked from commit 0dc969185fdd75fd007c9b29e11be57a078236df)
|
|
Signed-off-by: Dmitrii Turlupov <turlupov@bk.ru>
(cherry picked from commit 69e31a547f8520fd967cc34dc0cd3a8f915d07f8)
|
|
When enabling "mpls ldp-sync" under "router ospf" ospfd configures
SET_FLAG(ldp_sync_info->flags, LDP_SYNC_FLAG_IF_CONFIG) so internally knowing
that the ldp-sync feature is enabled. However the flag is not cleared when
turning of the feature using "nompls ldp-sync"!
https://github.com/FRRouting/frr/issues/16375
Signed-off-by: Christian Breunig <christian@breunig.cc>
(cherry picked from commit 5a70378a47f541b0354fbb96770dd0a65ec552b8)
|
|
During fuzzing, Iggy Frankovic discovered that get_edge() function in ospf_te.c
could return null pointer, in particular when the link_id or advertised router
IP addresses are fuzzed. As the null pointer returned by get_edge() function is
not handlei by calling functions, this could cause ospfd crash.
This patch introduces new verification of returned pointer by get_edge()
function and stop the processing in case of null pointer. In addition, link ID
and advertiser router ID are validated before calling ls_find_edge_by_key() to
avoid the creation of a new edge with an invalid key.
CVE-2024-34088
Co-authored-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
(cherry picked from commit 8c177d69e32b91b45bda5fc5da6511fa03dc11ca)
|
|
Iggy Frankovic discovered another ospfd crash when performing fuzzing of OSPF
LSA packets. The crash occurs in ospf_te_parse_ext_link() function when
attemping to read Segment Routing Adjacency SID subTLVs. The original code
doesn't check if the size of the Extended Link TLVs and subTLVs have the correct
length. In presence of erronous LSA, this will cause a buffer overflow and ospfd
crashes.
This patch introduces new verification of the subTLVs size for Extended Link
TLVs and subTLVs. Similar check has been also introduced for the Extended
Prefix TLV.
Co-authored-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
(cherry picked from commit 5557a289acdaeec8cc63ffc97b5c2abf6dee7b3a)
|
|
Iggy Frankovic discovered another ospfd crash when performing fuzzing of OSPF
LSA packets. The crash occurs in ospf_te_parse_ri() function when attemping to
read Segment Routing subTLVs. The original code doesn't check if the size of
the SR subTLVs have the correct length. In presence of erronous LSA, this will
cause a buffer overflow and ospfd crash.
This patch introduces new verification of the subTLVs size for Router
Information TLV.
Co-authored-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
(cherry picked from commit f69d1313b19047d3d83fc2b36a518355b861dfc4)
|
|
ospfd: fix the bug where ip_ospf_dead-interval_minimal_hello-multiplier did not reset hello timer (backport #15846)
|
|
not reset hello timer
Signed-off-by: Bing Shui <652023330037@smail.nju.edu.cn>
(cherry picked from commit d733fe2c048cd75948d9f30ced77ed828e92ee18)
|
|
type
ospfv3 shows this unconditionally, and ospfv2 does not show `ip ospf network ...` if the type of the interface matches the specified network.
Fixes: https://github.com/FRRouting/frr/issues/15817
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
This reverts commit 438ef98701e9922e81a451f87ad053268a1a557e.
The previous code was correct even if the coverity scanner was
complaining.
Fixes: https://github.com/FRRouting/frr/issues/15680
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
(cherry picked from commit c7895ba3202db2d99a3d9b688dc15424b8df35bd)
|
|
Iggy Frankovic discovered an ospfd crash when perfomring fuzzing of OSPF LSA
packets. The crash occurs in ospf_te_parse_te() function when attemping to
create corresponding egde from TE Link parameters. If there is no local
address, an edge is created but without any attributes. During parsing, the
function try to access to this attribute fields which has not been created
causing an ospfd crash.
The patch simply check if the te parser has found a valid local address. If not
found, we stop the parser which avoid the crash.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
(cherry picked from commit a73e66d07329d721f26f3f336f7735de420b0183)
|
|
When dumping ospf database with json output, decode Extended Link and Extended
Prefix TLVs and sub-TLVs.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
|
|
When dumping ospf database with json output, decode Router Information TLVs
and sub-TLVs.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
|
|
When dumping ospf database with json output, decode Traffic Engineering TLVs
and sub-TLVs.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
|
|
Instead of output bulk of data with json output, prepare json context to decode
opaque TLVs and sub-TLVs.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
|
|
ospfd: can not delete "segment-routing node-msd" when SR if off
|
|
frr-reload.py will walk through all config contexts and prepend no to the CLI
command. This requires that the vtysh shell code accepts a full command.
To Reproduce
vtysh -c "conf t" -c "router ospf" -c "router-info area"
vtysh -c "conf t" -c "router ospf" -c "no router-info area"
% Unknown command: no router-info area
vtysh -c "conf t" -c "router ospf" -c "no router-info"
Signed-off-by: Christian Breunig <christian@breunig.cc>
|
|
This fixes the initial implementation of commit 7743f2f8c00 ("OSPFd: Update
Segment Routing PR following review") where it wsa not possible to remove
the "segment-routing node-msd" CLI nodes via vtysh once segment-routing got
disabled.
Closes #14910
Signed-off-by: Christian Breunig <christian@breunig.cc>
|
|
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
|
Create a single registry of default port values that daemons
are using. Most of these are vty ports, but there are some
others for features like ospfapi and zebra FPM.
Signed-off-by: Mark Stapp <mjs@labn.net>
|
|
This belongs in `/var/lib`, not `/var/run`.
Use library facility to load/save, support previous path as fallback,
and do proper fsync().
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
|
clang-format doesn't understand FRR_DAEMON_INFO is a long macro where
laying out items semantically makes sense.
(Also use only one `FRR_DAEMON_INFO(` in isisd so editors don't get
confused with the mismatching `( ( )`.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Only a couple of places use this. Move these to a better
spot.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
1. Fix ospf opaque LSA function table memory leak.
2. Remove incorrect one-to-one association of OSPF info-per-type
to function table (since there many be many).
3. Fix a problem with opaque AS external cleanup that was exposed
by #2.
4. Fix LSA memory leak in ospf_opaque_type9_lsa_if_cleanup().
Signed-off-by: Acee <aceelindem@gmail.com>
|
|
Traffic Engineering Database (TED) is fulfill from the various LSA advertised
and received by the router. To remove information on the TED, 2 mechanisms are
used: i) parse TE Opaque LSA when there are flushed and ii) compare the list of
prefixes advertised in the Router LSA with the list of corresponding edges and
subnets contained in the TED. However, this second mechanism assumes that the
Router LSA is unique and contains all prefixes of the advertised router.
But, this is wrong. Prefixes could be advertised with several Router LSA.
This conduct to remove edge and subnet in the TED while it should be maintained.
The result is a faulty test with ospf_sr_te_topo1 topotest when server is heavy
loaded.
This simple patch removed deletion of edges and subnets when parsing the Router
LSA and only removed them when the corresponding TE Opaque LSA is flushed. In
addition, TE Opaque LSA are not flushed when OSPF ajacency goes down. This
patch also correct this second problem.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
|
|
Signed-off-by: Bing Shui <652023330037@smail.nju.edu.cn>
|
|
Segment Router Identifier (SID) could be an index (4 bytes) within a range
(SRGB or SRLB) or an MPLS label (3 bytes). Thus, before calling check_size
macro to verify SID TLVs size, it is mandatory to determine the SID type to
avoid wrong assert.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
|
|
The ospfd cleanup code is relatively complicated given the need to
appropriately handle the "max-metric router-lsa on-shutdown (5-100)"
command. When that command is configured and an OSPF instance is
unconfigured, the removal of the instance should be deferred to allow
other routers sufficient time to find alternate paths before the
local Router-LSAs are flushed. When ospfd is killed, however, deferred
shutdown shouldn't take place and all instances should be cleared
immediately.
This commit fixes a problem where ospf_deferred_shutdown_finish()
was prematurely exiting the daemon when no instances were left,
inadvertently preventing ospf_terminate() from clearing the ospfd
global variables. Additionally, the commit includes code refactoring
to enhance readability and maintainability.
Fixes #14855.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
* On ospf_terminate(), proceed to clear the ospfd global variables even
when no OSPF instance is configured
* Remove double call to route_map_finish()
* Call ospf_opaque_term() to clear the opaque LSA infrastructure
* Clear the `OspfRI.area_info` and `om->ospf` global lists.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
ospfd: Fix OSPF link-local opaque LSA crash and opaque memory corruption
|
|
1. When an OSPF interface is deleted, remove the references in link-local
LSA. Delete the LSA from the LSDB so that the callback has accessibily
to the interface prior to deletion.
2. Fix a double free for the opaque function table data structure.
3. Assure that the opaque per-type information and opaque function table
structures are removed at the same time since they have back pointers
to one another.
4. Add a topotest variation for the link-local opaque LSA crash.
Signed-off-by: Acee <aceelindem@gmail.com>
|
|
Zebra final shutdown finally
|
|
*: clean up `zclient` options
|
|
... and use it instead of fiddling with the `.synchronous` field.
(Make it const while at it.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
|
Replace `struct list *` with `DLIST(if_connected, ...)`.
NB: while converting this, I found multiple places using connected
prefixes assuming they were IPv4 without checking:
- vrrpd/vrrp.c: vrrp_socket()
- zebra/irdp_interface.c: irdp_get_prefix(), irdp_if_start(),
irdp_advert_off()
(these fixes are really hard to split off into separate commits as that
would require going back and reapplying the change but with the old list
handling)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
|
*: Let's use the native IFNAMSIZ instead of INTERFACE_NAMSIZ
|
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
*: move common NHT update decoding bits into lib/
|
|
INTERFACE_NAMSIZ is just a redefine of IFNAMSIZ and IFNAMSIZ
is the standard for interface name length on all platforms
that FRR currently compiles on.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
ospfd:fix show_ip_ospf_gr_helper
|
|
Same as before.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
|
Fix for the command "show ip ospf vrf NAME graceful-restart helper".
FRR did not show information by vrf's name.
If i have router ospf vrf red, vtysh's command
'show ip ospf vrf red graceful-restart helper' will not show anything.
But command 'show ip ospf vrf all graceful-restart helper' will work
normally. This fix fixes the display of information by vrf's name.
Example:
frr1# show ip ospf vrf vrf-1 graceful-restart helper
VRF Name: vrf-1
OSPF Router with ID (192.168.255.81)
Graceful restart helper support enabled.
Strict LSA check is enabled.
Helper supported for Planned and Unplanned Restarts.
Supported Graceful restart interval: 1800(in seconds).
Signed-off-by: teletajp <teletajp@yandex.ru>
|
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
...so that multiple functions can be subscribed.
The create/destroy hooks are renamed to real/unreal because that's what
they *actually* signal.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
|
ospfd, ospf6d: Fix spacing nit for `show ... summary-address` command
|
|
zebra:returns empty dict when evpn is disabled II
|
