Pavel Tvrdik
ebb9ae8c6b
BGPsec: small refactoring of code
...
1) Move configuration global 'rpki dir' command to proto/rpki/config.Y
2) rpki_state_dir -> rpki_dir
2016-06-02 09:32:42 +02:00
Pavel Tvrdik
e0dc3daad4
Merge branch 'rpki-mbaer' into int-new-rpki-one
2016-05-26 15:09:08 +02:00
Michael Baer
e728484249
The Michael Baer's patch for BGPsec Support
...
Imported from:
https://securerouting.net/download/bird-1.5.0-bgpsec-0.7.tar.bz2
2016-05-26 14:09:08 +02:00
Pavel Tvrdik
cb064f84c4
RPKI: Accept and save BGPsec Router Keys from RPKI
...
Adds support for receiving Router Key PDUs, saving it to disk. The path
save repository is configurable by ./configure or BIRD's configuration file.
2016-05-26 13:57:31 +02:00
Pavel Tvrdík
4661035431
RPKI protocol with one cache server per protocol
...
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/ ) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
Example configuration of bird.conf:
...
roa4 table r4;
roa6 table r6;
protocol rpki {
debug all;
# Import both IPv4 and IPv6 ROAs
roa4 { table r4; };
roa6 { table r6; };
# Set cache server (validator) address,
# overwrite default port 323
remote "rpki-validator.realmv6.org" port 8282;
# Overwrite default time intervals
retry 10; # Default 600 seconds
refresh 60; # Default 3600 seconds
expire 600; # Default 7200 seconds
}
protocol rpki {
debug all;
# Import only IPv4 routes
roa4 { table r4; };
# Set cache server address to localhost,
# use default ports tcp => 323 or ssh => 22
remote 127.0.0.1;
# Use SSH transport instead of unprotected transport over TCP
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
remote public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
}
...
2016-05-26 13:57:19 +02:00
Pavel Tvrdik
dc9f0826d6
Fix declaration of shared global variables async_*
...
In a header file write it with extern keyword. And in one of the *.c
file declare it without extern keyword.
2016-05-12 10:11:49 +02:00
Jan Moskyto Matejka
0c6dfe5236
Merge branch 'int-new' into int-new-merged
2016-05-10 14:30:49 +02:00
Jan Moskyto Matejka
92912f063a
Merge remote-tracking branch 'origin/rte-update' into int-new
2016-05-10 14:21:15 +02:00
Jan Moskyto Matejka
a8caff322f
Portability: Fixed C extension error generated by CLang.
...
sysdep/linux/netlink.c:921:10: error: fields must have a constant size:
'variable length array in structure' extension will never be supported
char buf[128 + KRT_METRICS_MAX*8 + nh_bufsize(a->nexthops)];
^
1 error generated.
2016-05-10 14:08:49 +02:00
Jan Moskyto Matejka
7152e5efbb
Build system reworked to one global Makefile with includes and no nesting
...
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.
Fixed make doc on recent Debian together with moving generated doc into
objdir.
Moved Makefile.in into root dir
Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
2016-05-10 14:07:34 +02:00
Jan Moskyto Matejka
2003a18407
Route update: move table lookup from protocols into rte_update2().
...
Many protocols do almost the same when creating a rte_update request
before calling rte_update2(). This commit should simplify the protocol
side of the route-creation routine.
2016-04-08 13:09:06 +02:00
Jan Moskyto Matejka
7a7ac65682
Merge branch 'master' into int-new-channels
2016-04-08 12:28:33 +02:00
Jan Moskyto Matejka
4bdf1881dc
Channelize: rt_notify arg conversion table -> channel
2016-04-07 10:08:23 +02:00
Jan Moskyto Matejka
0c8c8151fc
Merge branch 'int-new-channels' of gitlab.labs.nic.cz:labs/bird into int-new-channels
2016-04-07 09:58:31 +02:00
Ondrej Zajicek (work)
06edbb67ed
Nest: Reset export route counter during graceful restart
...
Counter exp_routes is increased during initial route feed after GR
recovery, so it has to start with zero, otherwise BIRD will end with
double value in exp_routes.
2016-04-07 01:10:24 +02:00
Ondrej Zajicek (work)
bd22d7f41d
IO: Avoid multiple event cycles in one loop cycle.
...
Event cycle may took too much time and trigger next timer events, so
avoid cycling between timer and event cycles inside the loop cycle.
2016-04-06 11:57:28 +02:00
Ondrej Zajicek (work)
9e7b3ebdf9
IO: Replace RX priority heuristic with explicit mark
...
In BIRD, RX has lower priority than TX with the exception of RX from
control socket. The patch replaces heuristic based on socket type with
explicit mark and uses it for both control socket and BGP session waiting
to be established.
This should avoid an issue when during heavy load, outgoing connection
could connect (TX event), send open, but then failed to receive OPEN /
establish in time, not sending notifications between and therefore
got hold timer expired error from the neighbor immediately after it
finally established the connection.
2016-04-06 11:49:34 +02:00
Ondrej Zajicek (work)
e86cfd41d9
KRT: Fix route learn scan when route changed
...
When a kernel route changed, function krt_learn_scan() noticed that and
replaced the route in internal kernel FIB, but after that, function
krt_learn_prune() failed to propagate the new route to the nest, because
it confused the new route with the (removed) old best route and decided
that the best route did not changed.
Wow, the original code (and the bug) is almost 17 years old.
2016-04-06 11:46:25 +02:00
Jan Moskyto Matejka
ea0a8be2ff
IO/Poll: fix mistaken variable merge
...
The events variable is used in the short loop decision. The reasons are
not much clear, keeping this to keep the former behaviour.
2016-03-30 16:21:32 +02:00
Jan Moskyto Matejka
54bb032d21
Birdlib: Modify lists to avoid problems with pointer aliasing rules
...
The old linked list implementation used some wild typecasts and required
GCC option -fno-strict-aliasing to work properly. This patch fixes that.
However, we still keep the option due to other potential problems.
(Commited by Ondrej Santiago Zajicek)
2016-03-23 02:21:42 +01:00
Ondrej Zajicek (work)
665b8e5283
Birdlib: Do cleanups after remove/free
...
To avoid byzantine behavior in case of some errors, linked lists are
cleared after rem_node() and resource headers are cleared after rfree().
2016-03-23 02:21:42 +01:00
Ondrej Zajicek (work)
39a6b19d6d
OSPF: Fix bogus LSA ID collisions between received and originated LSAs
...
After restart, LSAs locally originated by the previous instance are
received from neighbors. They are installed to LSA db and flushed. If
export of a route triggers origination of a new external LSA before flush
of the received one is complete, the check in ospf_originate_lsa() causes
origination to fail (because en->nf is NULL for the old LSA and non-NULL
for the new LSA). The patch fixes this by updating the en->nf for LSAs
being flushed (as is already done for empty ones). Generally, en->nf
field deserves some better description in the code.
Thanks to Jigar Mehta for analyzing the problem.
2016-03-23 02:21:42 +01:00
Ondrej Zajicek (work)
0a505706bc
Minor changes in documentation
2016-03-23 02:21:42 +01:00
Ondrej Zajicek (work)
a459f4df16
OSPF: Fix reading from freed memory
...
Thanks to Pavel Tvrdik for noticing it.
2016-03-23 02:21:42 +01:00
Jan Moskyto Matejka
62a4ad3657
Merge remote-tracking branch 'origin/poll'
2016-03-22 13:23:55 +01:00
Jan Moskyto Matejka
9c92f69272
Unix: Substituted select -> poll also in congestion checker
...
It does strange things when even one fd larger than FD_SETSIZE is
passed to select().
2016-03-18 11:47:13 +01:00
Pavel Tvrdík
9036bbf2b7
RIP: fix typo in configuration at rx length opt
2016-03-17 18:40:54 +01:00
Pavel Tvrdík
79a4f74a65
BGP: Add documentaion for extended messages
2016-03-17 18:40:54 +01:00
Jan Moskyto Matejka
fd926ed4ee
Poll: Prevent the improbable case of EAGAIN after POLLIN
2016-03-15 14:57:49 +01:00
Jan Moskyto Matejka
e1c13a5a7b
Unix: Rework of select-loop to poll-loop
...
This should lift the limit of FD_SETSIZE and allow more than 1024 fd's.
FD_SETSIZE limit doesn't matter now when creating new sockets.
2016-03-11 12:45:10 +01:00
Pavel Tvrdík
1a7daab126
cf_error(char *msg, ...) -> cf_error(const char *msg, ...)
2016-03-10 16:07:44 +01:00
Pavel Tvrdík
43fd8fae52
nest/proto fix local_debug mode
2016-03-10 16:07:44 +01:00
Pavel Tvrdík
062d18fdb1
Fix typo
2016-03-10 16:07:44 +01:00
Jan Moskyto Matejka
ce95af7a5f
Merge branch 'master' of gitlab.labs.nic.cz:labs/bird
2016-02-25 18:25:53 +01:00
Ondrej Zajicek (work)
e3f506f9b5
OSPF: Multicast ability is irrelevant for stub interfaces
2016-02-25 18:23:39 +01:00
Jan Moskyto Matejka
b25509e512
All the current pthread implementations are OK and working with us.
...
No more need to disable pthread for specific BSD's.
2016-02-25 18:22:27 +01:00
Jan Moskyto Matejka
a815d62d59
Hash: typecast error fix
2016-02-19 16:33:07 +01:00
Ondrej Zajicek (work)
9c9cc35c02
Filter: Implement last_nonaggregated operator on bgp_path
2016-02-16 17:33:58 +01:00
Ondrej Zajicek (work)
c2106b674c
Unix: Fix bug in syslog name handling
...
Pointer to current_log_name has to be changed even if the name is the
same, because the old one will be invalid/freed after reconfiguration.
2016-02-11 21:53:55 +01:00
Ondrej Zajicek (work)
487c6961cb
BGP: Fix bug in incoming connection handling
...
When a BGP session was established by an outgoing connection with
Graceful Restart behavior negotiated, a pending incoming connection in
OpenSent state, and another incoming connection was received, then the
outgoing connection (and whole BGP session) was closed, but the old
incoming connection was just overwritten by the new one. That later
caused a crash when the hold timer from the old connection fired.
2016-02-11 16:38:28 +01:00
Jan Moskyto Matejka
9a74622ca1
Updated RTA hashes to 32-bit values.
...
... and reworked the hashes a bit. Also added mem_hash function
which just computes a hash of given memory block.
2016-02-10 13:26:07 +01:00
Pavel Tvrdík
1bb3ecb2a5
Fix closing flushed channel
...
Fix reading from freed memory.
Free at: channel_set_state(c, CS_DOWN)
Read at: WALK_LIST2_DELSAFE(c, n, x, tab->channels, table_node)
==00:00:00:00.261 24718==
==00:00:09:31.755 24718== Invalid read of size 8
==00:00:09:31.755 24718== at 0x4061BA: rt_prune_table (rt-table.c:1688)
==00:00:09:31.755 24718== by 0x405D5E: rt_event (rt-table.c:1559)
==00:00:09:31.755 24718== by 0x45D089: ev_run (event.c:85)
==00:00:09:31.755 24718== by 0x45D158: ev_run_list (event.c:142)
==00:00:09:31.755 24718== by 0x462814: io_loop (io.c:2412)
==00:00:09:31.755 24718== by 0x468712: main (main.c:833)
==00:00:09:31.755 24718== Address 0x5601538 is 136 bytes inside a block of size 304 free'd
==00:00:09:31.755 24718== at 0x4C29D2A: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==00:00:09:31.755 24718== by 0x46FF3E: rfree (resource.c:166)
==00:00:09:31.755 24718== by 0x470309: mb_free (resource.c:415)
==00:00:09:31.755 24718== by 0x406A6B: rt_unlock_table (rt-table.c:1921)
==00:00:09:31.755 24718== by 0x40DAE3: channel_do_down (proto.c:297)
==00:00:09:31.755 24718== by 0x40DD46: channel_set_state (proto.c:359)
==00:00:09:31.755 24718== by 0x4061AD: rt_prune_table (rt-table.c:1692)
==00:00:09:31.755 24718== by 0x405D5E: rt_event (rt-table.c:1559)
==00:00:09:31.755 24718== by 0x45D089: ev_run (event.c:85)
==00:00:09:31.755 24718== by 0x45D158: ev_run_list (event.c:142)
==00:00:09:31.755 24718== by 0x462814: io_loop (io.c:2412)
==00:00:09:31.755 24718== by 0x468712: main (main.c:833)
==00:00:09:31.755 24718== Block was alloc'd at
==00:00:09:31.755 24718== at 0x4C28C10: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==00:00:09:31.755 24718== by 0x470FBC: bird_xmalloc (xmalloc.c:29)
==00:00:09:31.755 24718== by 0x4701E6: mb_alloc (resource.c:339)
==00:00:09:31.755 24718== by 0x406C29: rt_commit (rt-table.c:1977)
==00:00:09:31.755 24718== by 0x45C36D: config_do_commit (conf.c:269)
==00:00:09:31.755 24718== by 0x45C545: config_commit (conf.c:361)
==00:00:09:31.755 24718== by 0x4686F9: main (main.c:822)
==00:00:09:31.755 24718==
2016-02-08 16:08:50 +01:00
Jan Moskyto Matejka
2a013bb3a0
Fixed sigsegv for missing proto->rt_notify hook
...
If rt_notify is NULL, the export must always stay DOWN.
2016-02-01 16:01:18 +01:00
Jan Moskyto Matejka
ade389b326
BSD: compilation error fix
2016-02-01 10:28:50 +01:00
Ondrej Zajicek (work)
f4a60a9bc4
Channels - explicit links between protocols and tables
...
The patch adds support for channels, structures connecting protocols and
tables and handling most interactions between them. The documentation is
missing yet.
2016-02-01 10:28:50 +01:00
Pavel Tvrdík
9f5782d969
Add 'GENERATE/ACCEPT FROM datetime TO datetime' to password options
2016-01-28 17:16:53 +01:00
Pavel Tvrdík
966ca6143b
io.c: fix reads from uninitialized memory
2016-01-27 12:41:59 +01:00
Pavel Tvrdík
d82987d12e
RIP: Fix DBG output
2016-01-27 12:41:32 +01:00
Jan Moskyto Matejka
74d9416763
RIPng: fixed misrejection of host routes
2016-01-25 10:29:06 +01:00
Jan Moskyto Matejka
2fad92144e
BSD: fix no-return warning
2016-01-21 15:47:04 +01:00