0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-22 09:41:54 +00:00
Commit Graph

2954 Commits

Author SHA1 Message Date
Jan Moskyto Matejka
b94e5e58db RPKI: fixed some of the extended warnings 2016-12-07 15:35:35 +01:00
Jan Moskyto Matejka
ad88b94bca Merge branch 'int-new-rpki-squashed' (early part) into int-new 2016-12-07 15:30:46 +01:00
Ondrej Zajicek (work)
d15b0b0a1b BGP redesign
Integrated and extensible BGP with generalized AFI handling,
support for IPv4+IPv6 AFI and unicast+multicast SAFI.
2016-12-07 14:20:52 +01:00
Jan Moskyto Matejka
af62c0f9f1 LibSSH may be switched off together with RPKI 2016-12-07 14:15:35 +01:00
Jan Moskyto Matejka
cdbe1defa4 SSH: Commented quirk based on undocumented behavior of LibSSH 2016-12-07 09:35:24 +01:00
Jan Moskyto Matejka
f7f70bed8f Make: upgrade Babel makefiles 2016-12-07 09:35:24 +01:00
Pavel Tvrdik
cd6ca9b1f6 filter/test.conf: add ROA check and operator tests 2016-12-07 09:35:24 +01:00
Pavel Tvrdik
e58f8c28d2 Add `.maxlen' operator to all ROA prefixes in filters
Example:
  bird> eval (1.2.0.0/16 max 20 as 1234).maxlen
  20

Todo: Should be described in user docs
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
69ae578450 Add `.asn' operator to all ROA prefixes in filters
Example:
  bird> eval (1.2.0.0/16 max 20 as 1234).asn
  1234

Todo: Should be described in user docs
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
f6e8e141df Check table type at `show route for ...' 2016-12-07 09:35:24 +01:00
Pavel Tvrdík
65d2a88dd2 RPKI protocol with one cache server per protocol
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

Example configuration of bird.conf:
  ...
  roa4 table r4;
  roa6 table r6;

  protocol rpki {
    debug all;

    # Import both IPv4 and IPv6 ROAs
    roa4 { table r4; };
    roa6 { table r6; };

    # Set cache server (validator) address,
    # overwrite default port 323
    remote "rpki-validator.realmv6.org" port 8282;

    # Overwrite default time intervals
    retry   10;         # Default 600 seconds
    refresh 60;         # Default 3600 seconds
    expire 600;         # Default 7200 seconds
  }

  protocol rpki {
    debug all;

    # Import only IPv4 routes
    roa4 { table r4; };

    # Set cache server address to localhost,
    # use default ports tcp => 323 or ssh => 22
    remote 127.0.0.1;

    # Use SSH transport instead of unprotected transport over TCP
    ssh encryption {
      bird private key "/home/birdgeek/.ssh/id_rsa";
      remote public key "/home/birdgeek/.ssh/known_hosts";
      user "birdgeek";
    };
  }
  ...
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
2706747f66 Client: Includes stdlib.h for malloc() 2016-12-07 09:23:45 +01:00
Pavel Tvrdik
5df4073c81 filter/test.conf: Minor changes in order of calls 2016-11-30 11:57:35 +01:00
Pavel Tvrdik
0eb7f17d9a nest/a-path.c: Fix description of BS constant (block size) 2016-11-30 11:57:35 +01:00
Pavel Tvrdik
bd7958776b conf/conf.h: Fix a description of a variable in a structure 2016-11-30 11:57:35 +01:00
Pavel Tvrdik
1b7ddb0ea0 conf/conf.c: Revert some includes removing 2016-11-30 11:57:35 +01:00
Pavel Tvrdik
4abe781c27 Remove filter/test_bgp_filtering.conf file
It was an example filtering configuration from BIRD's wiki.
2016-11-30 11:57:35 +01:00
Pavel Tvrdik
012a0d6bf8 Merge test6.conf IPv6 tests into test.conf 2016-11-30 11:57:35 +01:00
Ondrej Zajicek (work)
ed1a908e53 BGP: Fix memory leak in graceful restart code
Prefix and bucket tables are initialized when entering established state
but not explicitly freed when leaving it (that is handled by protocol
restart). With graceful restart, BGP may enter and leave established
state multiple times without hard protocol restart causing memory leak.
2016-11-25 11:51:38 +01:00
Pavel Tvrdik
c39a1cb17e filter/test.conf: Extend tests 2016-11-16 17:01:09 +01:00
Pavel Tvrdik
0ed1e85091 filter/test.conf: Reorder tests
Tests are sorted from trivial tests to more complex tests
2016-11-16 13:46:43 +01:00
Pavel Tvrdik
7dea7ccb10 filter/test.conf: Replace print func with assert and format 2016-11-16 12:22:01 +01:00
Pavel Tvrdik
4b135d0958 Birdtest: Add function format in grammar for stringify expression 2016-11-16 12:22:01 +01:00
Pavel Tvrdik
bb721f0d6d Add lp_strdup function for string duplication on linpool 2016-11-16 12:22:01 +01:00
Pavel Tvrdik
3ec0bedc60 Birdtest: Remove bt_assert command from term
The bt_assert function does not return any value, so it was useless to
have a option in term definition.
2016-11-16 12:22:01 +01:00
Pavel Tvrdik
45ec4ce82a Lexer: Add a quotation mark back while parsing quotes
Thanks to Ondrej Zajicek for code.
2016-11-16 12:21:19 +01:00
Ondrej Zajicek (work)
261816b0d4 BGP: Cluster list item should be prepended
Commit 3c09af41... changed behavior of int_set_add() from prepend to
append, which makes more sense for community list, but prepend must be
used for cluster list. Add int_set_prepend() and use it in cluster list
handling code.
2016-11-15 16:24:39 +01:00
Pavel Tvrdik
5e3cd0e5b5 Birdtest: Replace BT_SUCCESS and BT_FAILURE with 1 and 0 2016-11-11 17:43:09 +01:00
Pavel Tvrdik
fa71b268a8 Birdtest: Put hard new lines for strict line width
This patch ensures width of output lines from testing framework (not
debug output). So output piped lined into file that has default width 80
cols is now correctly wrapped.
2016-11-11 17:03:43 +01:00
Pavel Tvrdik
fd328869cc birdtest: Fix no-forked mode in trie_test 2016-11-11 17:02:16 +01:00
Ondrej Zajicek (work)
101c5a50aa Filter: Add long community tests
Based on Pavel Tvrdik's int-test-lc branch.
2016-11-09 19:09:24 +01:00
Ondrej Zajicek (work)
9b0a0ba9e6 Unit Testing for BIRD
- Unit Testing Framework (BirdTest)
 - Integration of BirdTest into the BIRD build system
 - Tests for several BIRD modules

 Based on squashed Pavel Tvrdik's int-test branch, updated for
 current int-new branch.
2016-11-09 16:36:34 +01:00
Ondrej Zajicek (work)
8860e991f6 Merge branch 'master' into int-new 2016-11-08 19:27:58 +01:00
Ondrej Zajicek (work)
c8cafc8ebb Minor code cleanups 2016-11-08 17:46:29 +01:00
Ondrej Zajicek (work)
cc5b93f72d Merge tag 'v1.6.2' into int-new 2016-11-08 17:04:29 +01:00
Ondrej Zajicek (work)
920a86e849 Add missing extern 2016-11-03 09:53:53 +01:00
Ondrej Zajicek (work)
e03dc6a984 BFD: Authentication
Implement BFD authentication (part of RFC 5880). Supports plaintext
passwords and cryptographic MD5 / SHA-1 authentication.

Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Ondrej Zajicek (work)
29239ba2bb OSPF: Use message authentication interface
Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Ondrej Zajicek (work)
390601f038 RIP: Use message authentication interface
Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Pavel Tvrdík
64385aee0c DOC: Password algorithm option 2016-11-02 16:23:53 +01:00
Pavel Tvrdík
56cb3bedc2 Nest: Add support for MAC algorithms in grammar 2016-11-02 16:23:53 +01:00
Ondrej Zajicek (work)
de2a27e255 Add generic message authentication interface
Add generic interface for generating and verifying MACs (message
authentication codes). Replace multiple HMAC implementation with
a generic one.
2016-11-02 16:23:53 +01:00
Ondrej Zajicek (work)
7eec398875 BSD: Fix build on OpenBSD broken by previous commit 2016-11-01 16:20:04 +01:00
Jan Moskyto Matejka
3e236955c9 Build: switch on -Wextra, get rid of most of the warnings
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
2016-11-01 14:52:54 +01:00
Ondrej Zajicek (work)
17fe57d8dc Log: Fix broken syslog name
BIRD passed string from configuration to openlog(), which kept it
internally. After reconfiguration the old string was freed, therefore
openlog had invalid copy.

Thanks to Chris Caputo for the original patch.
2016-11-01 11:37:49 +01:00
Ondrej Filip
3213273d82 IANA assigned a different number to large BGP communities - changed. 2016-10-27 11:08:28 +02:00
Ondrej Zajicek (work)
c68e8cd374 Filter: Minor formatting changes in test.conf 2016-10-18 13:06:51 +02:00
Pavel Tvrdik
3c09af4169 Clist: The add() function will append a new value
The add() function used to prepend a new community to clist, but after
this fix the add() function appends new community.
2016-10-13 16:59:15 +02:00
Pavel Tvrdik
5fd7dacadc Filter: Expand testing of large community sets 2016-10-13 15:17:41 +02:00
Jan Moskyto Matejka
2e7fb11a6e Fixed memory bloating on kernel merge paths together with export filter.
Some memory was being allocated from bad linpool, not from the given one
as they should.

Thanks to Madhu and Justin Cattle for reporting this.
2016-10-12 14:22:01 +02:00