mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2025-01-02 15:11:53 +00:00
Merge commit 'e29f134a' into thread-merge-2.16
This commit is contained in:
commit
ce2ecbdcb6
106
CONTRIBUTING.md
Normal file
106
CONTRIBUTING.md
Normal file
@ -0,0 +1,106 @@
|
||||
# Contributing to BIRD
|
||||
|
||||
We welcome a broad range of contributions to BIRD with some limitations and
|
||||
caveats.
|
||||
|
||||
BIRD is highly optimized for performance in both memory and computation time.
|
||||
We generally don't accept obviously inefficient code and even though the
|
||||
quality of the existing codebase quite varies, there should be good reasons
|
||||
why to commit something slow or greedy.
|
||||
|
||||
There are several basic rules for contributing:
|
||||
|
||||
- your branch must have understandable commit messages
|
||||
- your branch must be either:
|
||||
- rooted in the current thread-next, aiming for inclusion in BIRD 3
|
||||
- or rooted in the master branch; in this case, we may refuse your patch
|
||||
if it's completely unmergeable with thread-next
|
||||
- when incorporating proposed fixes, you may have to rebase your branch
|
||||
- please add automatic tests (see below)
|
||||
- upfront and continuous consultation with the development team gives you a
|
||||
fast track for merging
|
||||
- don't forget to update documentation
|
||||
|
||||
## Security issues
|
||||
|
||||
Please contact us on bird-support@network.cz for private disclosure of any
|
||||
security issues. This includes any crash in or related to filters, induced by
|
||||
CLI or by receiving a malformed message by a protocol.
|
||||
|
||||
## How to contribute
|
||||
|
||||
You can either send a patch (prepared by git format-patch) to our mailing-list
|
||||
bird-users@network.cz, or you can send just a link to your repository and the
|
||||
commit hash you're contributing.
|
||||
|
||||
## What if your contribution isn't mergable
|
||||
|
||||
If your code needs minor updates to align with our standards / taste, we'll
|
||||
just do these modifications ourselves and either add these as a separate commit
|
||||
or just update your commit noting this fact in the commit message.
|
||||
|
||||
If your code has some major flaws, misses the point or introduces another
|
||||
problem (e.g. performance issues), we'll refuse your patch. Then we'll either
|
||||
try to tell you how we prefer to reach the goal, or we may reimplement your
|
||||
ideas ourselves. We'll mention your original contribution in the commit message.
|
||||
|
||||
## Specific kinds of contributions
|
||||
|
||||
### Substantial updates
|
||||
|
||||
If you feel like the BIRD internals need some major changes and you wish to
|
||||
implement it, please contact the development team first. We're (as of May 2024)
|
||||
developing two versions at once and we have some raw thoughts about BIRD's future
|
||||
which we haven't published yet.
|
||||
|
||||
Beware that BIRD is more convoluted inside than it looks like on the surface,
|
||||
and in many places the learning curve is _very_ steep.
|
||||
|
||||
### New protocol implementations
|
||||
|
||||
We generally welcome broadening of BIRD capabilities. Upfront consultation is
|
||||
very much appreciated to align all parties on the development principles,
|
||||
internal APIs, coding style and more.
|
||||
|
||||
### Refactoring and reformatting
|
||||
|
||||
Please don't send us _any_ refactoring proposals without previous explicit approval.
|
||||
|
||||
### Programmer's documentation, user documentation or tutorials
|
||||
|
||||
We welcome updates to enhance the documentation, including the algorithmic
|
||||
principles, internal libraries and API. We keep our right to reject low quality
|
||||
contributions altogether.
|
||||
|
||||
### Minor changes
|
||||
|
||||
Feel free to propose minor fixes in any part of BIRD.
|
||||
|
||||
## Testing
|
||||
|
||||
There is another repository, https://gitlab.nic.cz/labs/bird-tools.git, where
|
||||
we store our automatic tests in the netlab/ directory. This repository is quite
|
||||
messy and you may need some help with it. We're planning to move the Netlab
|
||||
suite into the main git repository; after we do that, we'll require every
|
||||
contribution to add tests (if applicable, of course).
|
||||
|
||||
## Crediting policy
|
||||
|
||||
The credits are scattered over all the source code files; in the commentary
|
||||
section, you may find typically the original authors of these files or some
|
||||
major contributors who felt like adding their names there. Overall, if you feel
|
||||
like your name should be there, include this change in your commits please.
|
||||
If your name should be changed, please do that change there.
|
||||
|
||||
We are planning to centralize the credits one day; we'll then update this file
|
||||
accordingly.
|
||||
|
||||
## Meta
|
||||
|
||||
If some of these rules are breached, you may complain either at the mailing
|
||||
list, or directly to CZ.NIC who is currently BIRD's maintainer.
|
||||
|
||||
If we don't reply within 3 weeks, please ping us. We don't intend to ghost you,
|
||||
we are just overloaded.
|
||||
|
||||
This contributing policy also applies to itself.
|
15
README
15
README
@ -68,12 +68,23 @@ User support
|
||||
If you want to help us debugging, enhancing and porting BIRD or just lurk
|
||||
around to see what's going to develop, feel free to subscribe to the BIRD
|
||||
users mailing list bird-users@network.cz, just send `subscribe' to
|
||||
bird-request@network.cz. Bug reports, suggestions, feature requests and
|
||||
code are welcome! We don't use gitlab issues for reporting, sorry.
|
||||
bird-request@network.cz.
|
||||
|
||||
Subscribe: http://bird.network.cz/mailman/listinfo/bird-users/
|
||||
Archive: http://bird.network.cz/pipermail/bird-users/
|
||||
|
||||
Please don't send security issues to the mailing-list, contact us instead at
|
||||
bird-support@network.cz which is a private e-mail address where you also can
|
||||
get commercial support for your BIRD deployment.
|
||||
|
||||
We don't use our gitlab issues for reporting but we're partially tracking
|
||||
the core developent team's work there publicly.
|
||||
|
||||
Contributing
|
||||
============
|
||||
|
||||
Please see the CONTRIBUTING.md file to find how to contribute to BIRD.
|
||||
|
||||
Licence
|
||||
=======
|
||||
|
||||
|
@ -992,7 +992,7 @@ agreement").
|
||||
|
||||
<tag><label id="proto-pass-gen-from">generate from "<m/time/"</tag>
|
||||
The start time of the usage of the password for packet signing.
|
||||
The format of <cf><m/time/</cf> is <tt>dd-mm-yyyy HH:MM:SS</tt>.
|
||||
The format of <cf><m/time/</cf> is <tt>YYYY-MM-DD [hh:mm:ss[.sss]]</tt>.
|
||||
|
||||
<tag><label id="proto-pass-gen-to">generate to "<m/time/"</tag>
|
||||
The last time of the usage of the password for packet signing.
|
||||
@ -2915,10 +2915,9 @@ using the following configuration parameters:
|
||||
restarted. Optionally, it can be configured (by <cf/graceful/ argument)
|
||||
to trigger graceful restart instead of regular restart. It is also
|
||||
possible to specify section with per-peer BFD session options instead of
|
||||
just switch argument. Most BFD session specific options are allowed here
|
||||
with the exception of authentication options. here Note that BFD
|
||||
protocol also has to be configured, see <ref id="bfd" name="BFD">
|
||||
section for details. Default: disabled.
|
||||
just the switch argument. All BFD session-specific options are allowed
|
||||
here. Note that BFD protocol also has to be configured, see
|
||||
<ref id="bfd" name="BFD"> section for details. Default: disabled.
|
||||
|
||||
<tag><label id="bgp-ttl-security">ttl security <m/switch/</tag>
|
||||
Use GTSM (<rfc id="5082"> - the generalized TTL security mechanism). GTSM
|
||||
@ -4846,14 +4845,14 @@ protocol ospf MyOSPF {
|
||||
authentication cryptographic;
|
||||
password "abc" {
|
||||
id 1;
|
||||
generate to "22-04-2003 11:00:06";
|
||||
accept from "17-01-2001 12:01:05";
|
||||
generate to "2023-04-22 11:00:06";
|
||||
accept from "2021-01-17 12:01:05";
|
||||
algorithm hmac sha384;
|
||||
};
|
||||
password "def" {
|
||||
id 2;
|
||||
generate to "22-07-2005 17:03:21";
|
||||
accept from "22-02-2001 11:34:06";
|
||||
generate to "2025-07-22";
|
||||
accept from "2021-02-22";
|
||||
algorithm hmac sha512;
|
||||
};
|
||||
};
|
||||
|
@ -21,6 +21,8 @@ struct bfd_options {
|
||||
u8 passive;
|
||||
u8 passive_set;
|
||||
u8 mode;
|
||||
u8 auth_type; /* Authentication type (BFD_AUTH_*) */
|
||||
list *passwords; /* Passwords for authentication */
|
||||
};
|
||||
|
||||
struct bfd_request {
|
||||
|
@ -162,7 +162,6 @@ CF_KEYWORDS(BGP, PASSWORDS, DESCRIPTION)
|
||||
CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, CLASS, DSCP, PARTIAL)
|
||||
CF_KEYWORDS(TIMEFORMAT, ISO, SHORT, LONG, ROUTE, PROTOCOL, BASE, LOG, S, MS, US)
|
||||
CF_KEYWORDS(GRACEFUL, RESTART, WAIT, MAX, AS)
|
||||
CF_KEYWORDS(MIN, IDLE, RX, TX, INTERVAL, MULTIPLIER, PASSIVE)
|
||||
CF_KEYWORDS(CHECK, LINK)
|
||||
CF_KEYWORDS(CORK, SORTED, TRIE, MIN, MAX, ROA, DIGEST, ROUTE, REFRESH, SETTLE, TIME, GC, THRESHOLD, PERIOD)
|
||||
CF_KEYWORDS(MPLS_LABEL, MPLS_POLICY, MPLS_CLASS)
|
||||
@ -665,26 +664,9 @@ password_item_end:
|
||||
};
|
||||
|
||||
|
||||
/* BFD options */
|
||||
/* BFD options - just dummy rule, rest in proto/bfd/config.Y */
|
||||
bfd_opts: '{' INVALID_TOKEN '}';
|
||||
|
||||
bfd_item:
|
||||
INTERVAL expr_us { this_bfd_opts->min_rx_int = this_bfd_opts->min_tx_int = $2; }
|
||||
| MIN RX INTERVAL expr_us { this_bfd_opts->min_rx_int = $4; }
|
||||
| MIN TX INTERVAL expr_us { this_bfd_opts->min_tx_int = $4; }
|
||||
| IDLE TX INTERVAL expr_us { this_bfd_opts->idle_tx_int = $4; }
|
||||
| MULTIPLIER expr { this_bfd_opts->multiplier = $2; }
|
||||
| PASSIVE bool { this_bfd_opts->passive = $2; this_bfd_opts->passive_set = 1; }
|
||||
| GRACEFUL { this_bfd_opts->mode = BGP_BFD_GRACEFUL; }
|
||||
;
|
||||
|
||||
bfd_items:
|
||||
/* empty */
|
||||
| bfd_items bfd_item ';'
|
||||
;
|
||||
|
||||
bfd_opts:
|
||||
'{' bfd_items '}'
|
||||
;
|
||||
|
||||
/* Core commands */
|
||||
CF_CLI_HELP(SHOW, ..., [[Show status information]])
|
||||
|
@ -181,6 +181,8 @@ bfd_merge_options(const struct bfd_iface_config *cf, const struct bfd_options *o
|
||||
.idle_tx_int = opts->idle_tx_int ?: cf->idle_tx_int,
|
||||
.multiplier = opts->multiplier ?: cf->multiplier,
|
||||
.passive = opts->passive_set ? opts->passive : cf->passive,
|
||||
.auth_type = opts->auth_type ?: cf->auth_type,
|
||||
.passwords = opts->passwords ?: cf->passwords,
|
||||
};
|
||||
}
|
||||
|
||||
@ -1235,7 +1237,7 @@ bfd_show_session(struct bfd_session *s, int details)
|
||||
const char *ifname = (s->ifa && s->ifa->iface) ? s->ifa->iface->name : "---";
|
||||
btime tx_int = s->last_tx ? MAX(s->des_min_tx_int, s->rem_min_rx_int) : 0;
|
||||
btime timeout = (btime) MAX(s->req_min_rx_int, s->rem_min_tx_int) * s->rem_detect_mult;
|
||||
u8 auth_type = s->ifa->cf->auth_type;
|
||||
u8 auth_type = s->cf.auth_type;
|
||||
|
||||
loc_state = (loc_state < 4) ? loc_state : 0;
|
||||
rem_state = (rem_state < 4) ? rem_state : 0;
|
||||
|
@ -69,6 +69,8 @@ struct bfd_session_config
|
||||
u32 idle_tx_int;
|
||||
u8 multiplier;
|
||||
u8 passive;
|
||||
u8 auth_type; /* Authentication type (BFD_AUTH_*) */
|
||||
list *passwords; /* Passwords for authentication */
|
||||
};
|
||||
|
||||
struct bfd_neighbor
|
||||
|
@ -185,6 +185,52 @@ bfd_neighbor: ipa bfd_neigh_iface bfd_neigh_local bfd_neigh_multihop
|
||||
};
|
||||
|
||||
|
||||
/* BFD options */
|
||||
|
||||
bfd_item:
|
||||
INTERVAL expr_us { this_bfd_opts->min_rx_int = this_bfd_opts->min_tx_int = $2; }
|
||||
| MIN RX INTERVAL expr_us { this_bfd_opts->min_rx_int = $4; }
|
||||
| MIN TX INTERVAL expr_us { this_bfd_opts->min_tx_int = $4; }
|
||||
| IDLE TX INTERVAL expr_us { this_bfd_opts->idle_tx_int = $4; }
|
||||
| MULTIPLIER expr { this_bfd_opts->multiplier = $2; }
|
||||
| PASSIVE bool { this_bfd_opts->passive = $2; this_bfd_opts->passive_set = 1; }
|
||||
| GRACEFUL { this_bfd_opts->mode = BGP_BFD_GRACEFUL; }
|
||||
| AUTHENTICATION bfd_auth_type { this_bfd_opts->auth_type = $2; }
|
||||
| password_list {}
|
||||
;
|
||||
|
||||
bfd_items:
|
||||
/* empty */
|
||||
| bfd_items bfd_item ';'
|
||||
;
|
||||
|
||||
bfd_opts_start:
|
||||
{ reset_passwords(); } ;
|
||||
|
||||
bfd_opts_end:
|
||||
{
|
||||
this_bfd_opts->passwords = get_passwords();
|
||||
|
||||
if (!this_bfd_opts->auth_type != !this_bfd_opts->passwords)
|
||||
cf_warn("Authentication and password options should be used together");
|
||||
|
||||
if (this_bfd_opts->passwords)
|
||||
{
|
||||
struct password_item *pass;
|
||||
WALK_LIST(pass, *this_bfd_opts->passwords)
|
||||
{
|
||||
if (pass->alg)
|
||||
cf_error("Password algorithm option not available in BFD protocol");
|
||||
|
||||
pass->alg = bfd_auth_type_to_hash_alg[this_bfd_opts->auth_type];
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
bfd_opts:
|
||||
'{' bfd_opts_start bfd_items '}' bfd_opts_end;
|
||||
|
||||
|
||||
CF_CLI_HELP(SHOW BFD, ..., [[Show information about BFD protocol]]);
|
||||
|
||||
CF_CLI_HELP(SHOW BFD SESSIONS, ..., [[Show information about BFD sessions]]);
|
||||
|
@ -109,7 +109,7 @@ const u8 bfd_auth_type_to_hash_alg[] = {
|
||||
static void
|
||||
bfd_fill_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_ctl_packet *pkt)
|
||||
{
|
||||
struct bfd_iface_config *cf = s->ifa->cf;
|
||||
struct bfd_session_config *cf = &s->cf;
|
||||
struct password_item *pass = password_find(cf->passwords, 0);
|
||||
uint meticulous = 0;
|
||||
|
||||
@ -179,7 +179,7 @@ bfd_fill_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_c
|
||||
static int
|
||||
bfd_check_authentication(struct bfd_proto *p, struct bfd_session *s, struct bfd_ctl_packet *pkt)
|
||||
{
|
||||
struct bfd_iface_config *cf = s->ifa->cf;
|
||||
struct bfd_session_config *cf = &s->cf;
|
||||
const char *err_dsc = NULL;
|
||||
uint err_val = 0;
|
||||
uint auth_type = 0;
|
||||
@ -306,7 +306,7 @@ bfd_send_ctl(struct bfd_proto *p, struct bfd_session *s, int final)
|
||||
else if (s->poll_active)
|
||||
pkt->flags |= BFD_FLAG_POLL;
|
||||
|
||||
if (s->ifa->cf->auth_type)
|
||||
if (s->cf.auth_type)
|
||||
bfd_fill_authentication(p, s, pkt);
|
||||
|
||||
if (sk->tbuf != sk->tpos)
|
||||
|
Loading…
Reference in New Issue
Block a user