mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2025-01-05 00:21:54 +00:00
Merge commit 'e29f134a' into thread-merge-2.16
This commit is contained in:
commit
ce2ecbdcb6
106
CONTRIBUTING.md
Normal file
106
CONTRIBUTING.md
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
# Contributing to BIRD
|
||||||
|
|
||||||
|
We welcome a broad range of contributions to BIRD with some limitations and
|
||||||
|
caveats.
|
||||||
|
|
||||||
|
BIRD is highly optimized for performance in both memory and computation time.
|
||||||
|
We generally don't accept obviously inefficient code and even though the
|
||||||
|
quality of the existing codebase quite varies, there should be good reasons
|
||||||
|
why to commit something slow or greedy.
|
||||||
|
|
||||||
|
There are several basic rules for contributing:
|
||||||
|
|
||||||
|
- your branch must have understandable commit messages
|
||||||
|
- your branch must be either:
|
||||||
|
- rooted in the current thread-next, aiming for inclusion in BIRD 3
|
||||||
|
- or rooted in the master branch; in this case, we may refuse your patch
|
||||||
|
if it's completely unmergeable with thread-next
|
||||||
|
- when incorporating proposed fixes, you may have to rebase your branch
|
||||||
|
- please add automatic tests (see below)
|
||||||
|
- upfront and continuous consultation with the development team gives you a
|
||||||
|
fast track for merging
|
||||||
|
- don't forget to update documentation
|
||||||
|
|
||||||
|
## Security issues
|
||||||
|
|
||||||
|
Please contact us on bird-support@network.cz for private disclosure of any
|
||||||
|
security issues. This includes any crash in or related to filters, induced by
|
||||||
|
CLI or by receiving a malformed message by a protocol.
|
||||||
|
|
||||||
|
## How to contribute
|
||||||
|
|
||||||
|
You can either send a patch (prepared by git format-patch) to our mailing-list
|
||||||
|
bird-users@network.cz, or you can send just a link to your repository and the
|
||||||
|
commit hash you're contributing.
|
||||||
|
|
||||||
|
## What if your contribution isn't mergable
|
||||||
|
|
||||||
|
If your code needs minor updates to align with our standards / taste, we'll
|
||||||
|
just do these modifications ourselves and either add these as a separate commit
|
||||||
|
or just update your commit noting this fact in the commit message.
|
||||||
|
|
||||||
|
If your code has some major flaws, misses the point or introduces another
|
||||||
|
problem (e.g. performance issues), we'll refuse your patch. Then we'll either
|
||||||
|
try to tell you how we prefer to reach the goal, or we may reimplement your
|
||||||
|
ideas ourselves. We'll mention your original contribution in the commit message.
|
||||||
|
|
||||||
|
## Specific kinds of contributions
|
||||||
|
|
||||||
|
### Substantial updates
|
||||||
|
|
||||||
|
If you feel like the BIRD internals need some major changes and you wish to
|
||||||
|
implement it, please contact the development team first. We're (as of May 2024)
|
||||||
|
developing two versions at once and we have some raw thoughts about BIRD's future
|
||||||
|
which we haven't published yet.
|
||||||
|
|
||||||
|
Beware that BIRD is more convoluted inside than it looks like on the surface,
|
||||||
|
and in many places the learning curve is _very_ steep.
|
||||||
|
|
||||||
|
### New protocol implementations
|
||||||
|
|
||||||
|
We generally welcome broadening of BIRD capabilities. Upfront consultation is
|
||||||
|
very much appreciated to align all parties on the development principles,
|
||||||
|
internal APIs, coding style and more.
|
||||||
|
|
||||||
|
### Refactoring and reformatting
|
||||||
|
|
||||||
|
Please don't send us _any_ refactoring proposals without previous explicit approval.
|
||||||
|
|
||||||
|
### Programmer's documentation, user documentation or tutorials
|
||||||
|
|
||||||
|
We welcome updates to enhance the documentation, including the algorithmic
|
||||||
|
principles, internal libraries and API. We keep our right to reject low quality
|
||||||
|
contributions altogether.
|
||||||
|
|
||||||
|
### Minor changes
|
||||||
|
|
||||||
|
Feel free to propose minor fixes in any part of BIRD.
|
||||||
|
|
||||||
|
## Testing
|
||||||
|
|
||||||
|
There is another repository, https://gitlab.nic.cz/labs/bird-tools.git, where
|
||||||
|
we store our automatic tests in the netlab/ directory. This repository is quite
|
||||||
|
messy and you may need some help with it. We're planning to move the Netlab
|
||||||
|
suite into the main git repository; after we do that, we'll require every
|
||||||
|
contribution to add tests (if applicable, of course).
|
||||||
|
|
||||||
|
## Crediting policy
|
||||||
|
|
||||||
|
The credits are scattered over all the source code files; in the commentary
|
||||||
|
section, you may find typically the original authors of these files or some
|
||||||
|
major contributors who felt like adding their names there. Overall, if you feel
|
||||||
|
like your name should be there, include this change in your commits please.
|
||||||
|
If your name should be changed, please do that change there.
|
||||||
|
|
||||||
|
We are planning to centralize the credits one day; we'll then update this file
|
||||||
|
accordingly.
|
||||||
|
|
||||||
|
## Meta
|
||||||
|
|
||||||
|
If some of these rules are breached, you may complain either at the mailing
|
||||||
|
list, or directly to CZ.NIC who is currently BIRD's maintainer.
|
||||||
|
|
||||||
|
If we don't reply within 3 weeks, please ping us. We don't intend to ghost you,
|
||||||
|
we are just overloaded.
|
||||||
|
|
||||||
|
This contributing policy also applies to itself.
|
15
README
15
README
@ -68,12 +68,23 @@ User support
|
|||||||
If you want to help us debugging, enhancing and porting BIRD or just lurk
|
If you want to help us debugging, enhancing and porting BIRD or just lurk
|
||||||
around to see what's going to develop, feel free to subscribe to the BIRD
|
around to see what's going to develop, feel free to subscribe to the BIRD
|
||||||
users mailing list bird-users@network.cz, just send `subscribe' to
|
users mailing list bird-users@network.cz, just send `subscribe' to
|
||||||
bird-request@network.cz. Bug reports, suggestions, feature requests and
|
bird-request@network.cz.
|
||||||
code are welcome! We don't use gitlab issues for reporting, sorry.
|
|
||||||
|
|
||||||
Subscribe: http://bird.network.cz/mailman/listinfo/bird-users/
|
Subscribe: http://bird.network.cz/mailman/listinfo/bird-users/
|
||||||
Archive: http://bird.network.cz/pipermail/bird-users/
|
Archive: http://bird.network.cz/pipermail/bird-users/
|
||||||
|
|
||||||
|
Please don't send security issues to the mailing-list, contact us instead at
|
||||||
|
bird-support@network.cz which is a private e-mail address where you also can
|
||||||
|
get commercial support for your BIRD deployment.
|
||||||
|
|
||||||
|
We don't use our gitlab issues for reporting but we're partially tracking
|
||||||
|
the core developent team's work there publicly.
|
||||||
|
|
||||||
|
Contributing
|
||||||
|
============
|
||||||
|
|
||||||
|
Please see the CONTRIBUTING.md file to find how to contribute to BIRD.
|
||||||
|
|
||||||
Licence
|
Licence
|
||||||
=======
|
=======
|
||||||
|
|
||||||
|
@ -992,7 +992,7 @@ agreement").
|
|||||||
|
|
||||||
<tag><label id="proto-pass-gen-from">generate from "<m/time/"</tag>
|
<tag><label id="proto-pass-gen-from">generate from "<m/time/"</tag>
|
||||||
The start time of the usage of the password for packet signing.
|
The start time of the usage of the password for packet signing.
|
||||||
The format of <cf><m/time/</cf> is <tt>dd-mm-yyyy HH:MM:SS</tt>.
|
The format of <cf><m/time/</cf> is <tt>YYYY-MM-DD [hh:mm:ss[.sss]]</tt>.
|
||||||
|
|
||||||
<tag><label id="proto-pass-gen-to">generate to "<m/time/"</tag>
|
<tag><label id="proto-pass-gen-to">generate to "<m/time/"</tag>
|
||||||
The last time of the usage of the password for packet signing.
|
The last time of the usage of the password for packet signing.
|
||||||
@ -2915,10 +2915,9 @@ using the following configuration parameters:
|
|||||||
restarted. Optionally, it can be configured (by <cf/graceful/ argument)
|
restarted. Optionally, it can be configured (by <cf/graceful/ argument)
|
||||||
to trigger graceful restart instead of regular restart. It is also
|
to trigger graceful restart instead of regular restart. It is also
|
||||||
possible to specify section with per-peer BFD session options instead of
|
possible to specify section with per-peer BFD session options instead of
|
||||||
just switch argument. Most BFD session specific options are allowed here
|
just the switch argument. All BFD session-specific options are allowed
|
||||||
with the exception of authentication options. here Note that BFD
|
here. Note that BFD protocol also has to be configured, see
|
||||||
protocol also has to be configured, see <ref id="bfd" name="BFD">
|
<ref id="bfd" name="BFD"> section for details. Default: disabled.
|
||||||
section for details. Default: disabled.
|
|
||||||
|
|
||||||
<tag><label id="bgp-ttl-security">ttl security <m/switch/</tag>
|
<tag><label id="bgp-ttl-security">ttl security <m/switch/</tag>
|
||||||
Use GTSM (<rfc id="5082"> - the generalized TTL security mechanism). GTSM
|
Use GTSM (<rfc id="5082"> - the generalized TTL security mechanism). GTSM
|
||||||
@ -4846,14 +4845,14 @@ protocol ospf MyOSPF {
|
|||||||
authentication cryptographic;
|
authentication cryptographic;
|
||||||
password "abc" {
|
password "abc" {
|
||||||
id 1;
|
id 1;
|
||||||
generate to "22-04-2003 11:00:06";
|
generate to "2023-04-22 11:00:06";
|
||||||
accept from "17-01-2001 12:01:05";
|
accept from "2021-01-17 12:01:05";
|
||||||
algorithm hmac sha384;
|
algorithm hmac sha384;
|
||||||
};
|
};
|
||||||
password "def" {
|
password "def" {
|
||||||
id 2;
|
id 2;
|
||||||
generate to "22-07-2005 17:03:21";
|
generate to "2025-07-22";
|
||||||
accept from "22-02-2001 11:34:06";
|
accept from "2021-02-22";
|
||||||
algorithm hmac sha512;
|
algorithm hmac sha512;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -21,6 +21,8 @@ struct bfd_options {
|
|||||||
u8 passive;
|
u8 passive;
|
||||||
u8 passive_set;
|
u8 passive_set;
|
||||||
u8 mode;
|
u8 mode;
|
||||||
|
u8 auth_type; /* Authentication type (BFD_AUTH_*) */
|
||||||
|
list *passwords; /* Passwords for authentication */
|
||||||
};
|
};
|
||||||
|
|
||||||
struct bfd_request {
|
struct bfd_request {
|
||||||
|
@ -162,7 +162,6 @@ CF_KEYWORDS(BGP, PASSWORDS, DESCRIPTION)
|
|||||||
CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, CLASS, DSCP, PARTIAL)
|
CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, CLASS, DSCP, PARTIAL)
|
||||||
CF_KEYWORDS(TIMEFORMAT, ISO, SHORT, LONG, ROUTE, PROTOCOL, BASE, LOG, S, MS, US)
|
CF_KEYWORDS(TIMEFORMAT, ISO, SHORT, LONG, ROUTE, PROTOCOL, BASE, LOG, S, MS, US)
|
||||||
CF_KEYWORDS(GRACEFUL, RESTART, WAIT, MAX, AS)
|
CF_KEYWORDS(GRACEFUL, RESTART, WAIT, MAX, AS)
|
||||||
CF_KEYWORDS(MIN, IDLE, RX, TX, INTERVAL, MULTIPLIER, PASSIVE)
|
|
||||||
CF_KEYWORDS(CHECK, LINK)
|
CF_KEYWORDS(CHECK, LINK)
|
||||||
CF_KEYWORDS(CORK, SORTED, TRIE, MIN, MAX, ROA, DIGEST, ROUTE, REFRESH, SETTLE, TIME, GC, THRESHOLD, PERIOD)
|
CF_KEYWORDS(CORK, SORTED, TRIE, MIN, MAX, ROA, DIGEST, ROUTE, REFRESH, SETTLE, TIME, GC, THRESHOLD, PERIOD)
|
||||||
CF_KEYWORDS(MPLS_LABEL, MPLS_POLICY, MPLS_CLASS)
|
CF_KEYWORDS(MPLS_LABEL, MPLS_POLICY, MPLS_CLASS)
|
||||||
@ -665,26 +664,9 @@ password_item_end:
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
/* BFD options */
|
/* BFD options - just dummy rule, rest in proto/bfd/config.Y */
|
||||||
|
bfd_opts: '{' INVALID_TOKEN '}';
|
||||||
|
|
||||||
bfd_item:
|
|
||||||
INTERVAL expr_us { this_bfd_opts->min_rx_int = this_bfd_opts->min_tx_int = $2; }
|
|
||||||
| MIN RX INTERVAL expr_us { this_bfd_opts->min_rx_int = $4; }
|
|
||||||
| MIN TX INTERVAL expr_us { this_bfd_opts->min_tx_int = $4; }
|
|
||||||
| IDLE TX INTERVAL expr_us { this_bfd_opts->idle_tx_int = $4; }
|
|
||||||
| MULTIPLIER expr { this_bfd_opts->multiplier = $2; }
|
|
||||||
| PASSIVE bool { this_bfd_opts->passive = $2; this_bfd_opts->passive_set = 1; }
|
|
||||||
| GRACEFUL { this_bfd_opts->mode = BGP_BFD_GRACEFUL; }
|
|
||||||
;
|
|
||||||
|
|
||||||
bfd_items:
|
|
||||||
/* empty */
|
|
||||||
| bfd_items bfd_item ';'
|
|
||||||
;
|
|
||||||
|
|
||||||
bfd_opts:
|
|
||||||
'{' bfd_items '}'
|
|
||||||
;
|
|
||||||
|
|
||||||
/* Core commands */
|
/* Core commands */
|
||||||
CF_CLI_HELP(SHOW, ..., [[Show status information]])
|
CF_CLI_HELP(SHOW, ..., [[Show status information]])
|
||||||
|
@ -181,6 +181,8 @@ bfd_merge_options(const struct bfd_iface_config *cf, const struct bfd_options *o
|
|||||||
.idle_tx_int = opts->idle_tx_int ?: cf->idle_tx_int,
|
.idle_tx_int = opts->idle_tx_int ?: cf->idle_tx_int,
|
||||||
.multiplier = opts->multiplier ?: cf->multiplier,
|
.multiplier = opts->multiplier ?: cf->multiplier,
|
||||||
.passive = opts->passive_set ? opts->passive : cf->passive,
|
.passive = opts->passive_set ? opts->passive : cf->passive,
|
||||||
|
.auth_type = opts->auth_type ?: cf->auth_type,
|
||||||
|
.passwords = opts->passwords ?: cf->passwords,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1235,7 +1237,7 @@ bfd_show_session(struct bfd_session *s, int details)
|
|||||||
const char *ifname = (s->ifa && s->ifa->iface) ? s->ifa->iface->name : "---";
|
const char *ifname = (s->ifa && s->ifa->iface) ? s->ifa->iface->name : "---";
|
||||||
btime tx_int = s->last_tx ? MAX(s->des_min_tx_int, s->rem_min_rx_int) : 0;
|
btime tx_int = s->last_tx ? MAX(s->des_min_tx_int, s->rem_min_rx_int) : 0;
|
||||||
btime timeout = (btime) MAX(s->req_min_rx_int, s->rem_min_tx_int) * s->rem_detect_mult;
|
btime timeout = (btime) MAX(s->req_min_rx_int, s->rem_min_tx_int) * s->rem_detect_mult;
|
||||||
u8 auth_type = s->ifa->cf->auth_type;
|
u8 auth_type = s->cf.auth_type;
|
||||||
|
|
||||||
loc_state = (loc_state < 4) ? loc_state : 0;
|
loc_state = (loc_state < 4) ? loc_state : 0;
|
||||||
rem_state = (rem_state < 4) ? rem_state : 0;
|
rem_state = (rem_state < 4) ? rem_state : 0;
|
||||||
|
@ -69,6 +69,8 @@ struct bfd_session_config
|
|||||||
u32 idle_tx_int;
|
u32 idle_tx_int;
|
||||||
u8 multiplier;
|
u8 multiplier;
|
||||||
u8 passive;
|
u8 passive;
|
||||||
|
u8 auth_type; /* Authentication type (BFD_AUTH_*) */
|
||||||
|
list *passwords; /* Passwords for authentication */
|
||||||
};
|
};
|
||||||
|
|
||||||
struct bfd_neighbor
|
struct bfd_neighbor
|
||||||
|
@ -185,6 +185,52 @@ bfd_neighbor: ipa bfd_neigh_iface bfd_neigh_local bfd_neigh_multihop
|
|||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
/* BFD options */
|
||||||
|
|
||||||
|
bfd_item:
|
||||||
|
INTERVAL expr_us { this_bfd_opts->min_rx_int = this_bfd_opts->min_tx_int = $2; }
|
||||||
|
| MIN RX INTERVAL expr_us { this_bfd_opts->min_rx_int = $4; }
|
||||||
|
| MIN TX INTERVAL expr_us { this_bfd_opts->min_tx_int = $4; }
|
||||||
|
| IDLE TX INTERVAL expr_us { this_bfd_opts->idle_tx_int = $4; }
|
||||||
|
| MULTIPLIER expr { this_bfd_opts->multiplier = $2; }
|
||||||
|
| PASSIVE bool { this_bfd_opts->passive = $2; this_bfd_opts->passive_set = 1; }
|
||||||
|
| GRACEFUL { this_bfd_opts->mode = BGP_BFD_GRACEFUL; }
|
||||||
|
| AUTHENTICATION bfd_auth_type { this_bfd_opts->auth_type = $2; }
|
||||||
|
| password_list {}
|
||||||
|
;
|
||||||
|
|
||||||
|
bfd_items:
|
||||||
|
/* empty */
|
||||||
|
| bfd_items bfd_item ';'
|
||||||
|
;
|
||||||
|
|
||||||
|
bfd_opts_start:
|
||||||
|
{ reset_passwords(); } ;
|
||||||
|
|
||||||
|
bfd_opts_end:
|
||||||
|
{
|
||||||
|
this_bfd_opts->passwords = get_passwords();
|
||||||
|
|
||||||
|
if (!this_bfd_opts->auth_type != !this_bfd_opts->passwords)
|
||||||
|
cf_warn("Authentication and password options should be used together");
|
||||||
|
|
||||||
|
if (this_bfd_opts->passwords)
|
||||||
|
{
|
||||||
|
struct password_item *pass;
|
||||||
|
WALK_LIST(pass, *this_bfd_opts->passwords)
|
||||||
|
{
|
||||||
|
if (pass->alg)
|
||||||
|
cf_error("Password algorithm option not available in BFD protocol");
|
||||||
|
|
||||||
|
pass->alg = bfd_auth_type_to_hash_alg[this_bfd_opts->auth_type];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
bfd_opts:
|
||||||
|
'{' bfd_opts_start bfd_items '}' bfd_opts_end;
|
||||||
|
|
||||||
|
|
||||||
CF_CLI_HELP(SHOW BFD, ..., [[Show information about BFD protocol]]);
|
CF_CLI_HELP(SHOW BFD, ..., [[Show information about BFD protocol]]);
|
||||||
|
|
||||||
CF_CLI_HELP(SHOW BFD SESSIONS, ..., [[Show information about BFD sessions]]);
|
CF_CLI_HELP(SHOW BFD SESSIONS, ..., [[Show information about BFD sessions]]);
|
||||||
|
@ -109,7 +109,7 @@ const u8 bfd_auth_type_to_hash_alg[] = {
|
|||||||
static void
|
static void
|
||||||
bfd_fill_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_ctl_packet *pkt)
|
bfd_fill_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_ctl_packet *pkt)
|
||||||
{
|
{
|
||||||
struct bfd_iface_config *cf = s->ifa->cf;
|
struct bfd_session_config *cf = &s->cf;
|
||||||
struct password_item *pass = password_find(cf->passwords, 0);
|
struct password_item *pass = password_find(cf->passwords, 0);
|
||||||
uint meticulous = 0;
|
uint meticulous = 0;
|
||||||
|
|
||||||
@ -179,7 +179,7 @@ bfd_fill_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_c
|
|||||||
static int
|
static int
|
||||||
bfd_check_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_ctl_packet *pkt)
|
bfd_check_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_ctl_packet *pkt)
|
||||||
{
|
{
|
||||||
struct bfd_iface_config *cf = s->ifa->cf;
|
struct bfd_session_config *cf = &s->cf;
|
||||||
const char *err_dsc = NULL;
|
const char *err_dsc = NULL;
|
||||||
uint err_val = 0;
|
uint err_val = 0;
|
||||||
uint auth_type = 0;
|
uint auth_type = 0;
|
||||||
@ -306,7 +306,7 @@ bfd_send_ctl(struct bfd_proto *p, struct bfd_session *s, int final)
|
|||||||
else if (s->poll_active)
|
else if (s->poll_active)
|
||||||
pkt->flags |= BFD_FLAG_POLL;
|
pkt->flags |= BFD_FLAG_POLL;
|
||||||
|
|
||||||
if (s->ifa->cf->auth_type)
|
if (s->cf.auth_type)
|
||||||
bfd_fill_authentication(p, s, pkt);
|
bfd_fill_authentication(p, s, pkt);
|
||||||
|
|
||||||
if (sk->tbuf != sk->tpos)
|
if (sk->tbuf != sk->tpos)
|
||||||
|
Loading…
Reference in New Issue
Block a user