static int bgp_send_update(struct bgp_peer *peer);
static int bgp_send_notification(struct bgp_peer *peer, uint8_t code,
uint8_t subcode);
+static int bgp_send_notification_full(struct bgp_peer *peer, uint8_t code,
+ uint8_t subcode, char *notification_data, uint16_t data_len);
static uint16_t our_as;
static struct bgp_route_list *bgp_routes = 0;
struct bgp_data_open data;
int hold;
int i;
+ off_t param_offset, capability_offset;
+ struct bgp_opt_param *param;
+ uint8_t capabilities_len;
+ char *capabilities = NULL;
+ struct bgp_capability *capability;
+ struct bgp_mp_cap_param *mp_cap;
for (i = 0; i < sizeof(p->header.marker); i++)
{
if (peer->keepalive * 3 > peer->hold)
peer->keepalive = peer->hold / 3;
+ /* check for optional parameters */
+ /* 2 is for the size of type + len (both uint8_t) */
+ for (param_offset = 0;
+ param_offset < data.opt_len;
+ param_offset += 2 + param->len)
+ {
+ param = (struct bgp_opt_param *)(&data.opt_params + param_offset);
+
+ /* sensible check */
+ if (data.opt_len - param_offset < 2
+ || param->len > data.opt_len - param_offset - 2)
+ {
+ LOG(1, 0, 0, "Malformed Optional Parameter list from BGP peer %s\n",
+ peer->name);
+
+ bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_UNSPEC);
+ return 0;
+ }
+
+ /* we know only one parameter type */
+ if (param->type != BGP_CAPABILITY_PARAM_TYPE)
+ {
+ LOG(1, 0, 0, "Unsupported Optional Parameter type %d from BGP peer %s\n",
+ param->type, peer->name);
+
+ bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_PARAM);
+ return 0;
+ }
+
+ capabilities_len = param->len;
+ capabilities = (char *)¶m->value;
+ }
+
+ /* look for BGP multiprotocol capability */
+ if (capabilities)
+ {
+ for (capability_offset = 0;
+ capability_offset < capabilities_len;
+ capability_offset += 2 + capability->len)
+ {
+ capability = (struct bgp_capability *)(capabilities + capability_offset);
+
+ /* sensible check */
+ if (capabilities_len - capability_offset < 2
+ || capability->len > capabilities_len - capability_offset - 2)
+ {
+ LOG(1, 0, 0, "Malformed Capabilities list from BGP peer %s\n",
+ peer->name);
+
+ bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_UNSPEC);
+ return 0;
+ }
+
+ /* we only know one capability code */
+ if (capability->code != BGP_CAP_CODE_MP
+ && capability->len != sizeof(struct bgp_mp_cap_param))
+ {
+ LOG(4, 0, 0, "Unsupported Capability code %d from BGP peer %s\n",
+ capability->code, peer->name);
+
+ bgp_send_notification_full(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_CAP,
+ capability, 2 + capability->len);
+ /* we don't terminate, still; we just jump to the next one */
+ continue;
+ }
+
+ mp_cap = (struct bgp_mp_cap_param *)&capability->value;
+ /* the only <AFI, SAFI> tuple we support */
+ if (mp_cap->afi != AF_INET6 && mp_cap->safi != BGP_MP_SAFI_UNICAST)
+ {
+ LOG(4, 0, 0, "Unsupported multiprotocol AFI %d and SAFI %d from BGP peer %s\n",
+ mp_cap->afi, mp_cap->safi, peer->name);
+
+ bgp_send_notification_full(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_CAP,
+ capability, 2 + capability->len);
+ /* we don't terminate, still; we just jump to the next one */
+ continue;
+ }
+
+ }
+ }
+
/* next transition requires an exchange of keepalives */
bgp_send_keepalive(peer);
-
- /* FIXME: may need to check for optional params */
}
break;
/* send/buffer NOTIFICATION message */
static int bgp_send_notification(struct bgp_peer *peer, uint8_t code,
uint8_t subcode)
+{
+ return bgp_send_notification_full(peer, code, subcode, NULL, 0);
+}
+
+static int bgp_send_notification_full(struct bgp_peer *peer, uint8_t code,
+ uint8_t subcode, char *notification_data, uint16_t data_len)
{
struct bgp_data_notification data;
uint16_t len = 0;
data.error_subcode = subcode;
len += sizeof(data.error_code);
+ memcpy(data.data, notification_data, data_len);
+ len += data_len;
+
memset(peer->outbuf->packet.header.marker, 0xff,
sizeof(peer->outbuf->packet.header.marker));