Add Multiprotocol definitions and more param handling.
[l2tpns.git] / bgp.c
diff --git a/bgp.c b/bgp.c
index 6a868fa..9d237c9 100644 (file)
--- a/bgp.c
+++ b/bgp.c
@@ -45,6 +45,8 @@ static int bgp_send_keepalive(struct bgp_peer *peer);
 static int bgp_send_update(struct bgp_peer *peer);
 static int bgp_send_notification(struct bgp_peer *peer, uint8_t code,
     uint8_t subcode);
 static int bgp_send_update(struct bgp_peer *peer);
 static int bgp_send_notification(struct bgp_peer *peer, uint8_t code,
     uint8_t subcode);
+static int bgp_send_notification_full(struct bgp_peer *peer, uint8_t code,
+    uint8_t subcode, char *notification_data, uint16_t data_len);
 
 static uint16_t our_as;
 static struct bgp_route_list *bgp_routes = 0;
 
 static uint16_t our_as;
 static struct bgp_route_list *bgp_routes = 0;
@@ -902,6 +904,12 @@ static int bgp_handle_input(struct bgp_peer *peer)
            struct bgp_data_open data;
            int hold;
            int i;
            struct bgp_data_open data;
            int hold;
            int i;
+           off_t param_offset, capability_offset;
+           struct bgp_opt_param *param;
+           uint8_t capabilities_len;
+           char *capabilities = NULL;
+           struct bgp_capability *capability;
+           struct bgp_mp_cap_param *mp_cap;
 
            for (i = 0; i < sizeof(p->header.marker); i++)
            {
 
            for (i = 0; i < sizeof(p->header.marker); i++)
            {
@@ -964,10 +972,90 @@ static int bgp_handle_input(struct bgp_peer *peer)
            if (peer->keepalive * 3 > peer->hold)
                peer->keepalive = peer->hold / 3;
 
            if (peer->keepalive * 3 > peer->hold)
                peer->keepalive = peer->hold / 3;
 
+           /* check for optional parameters */
+           /* 2 is for the size of type + len (both uint8_t) */
+           for (param_offset = 0;
+                   param_offset < data.opt_len;
+                   param_offset += 2 + param->len)
+           {
+               param = (struct bgp_opt_param *)(&data.opt_params + param_offset);
+
+               /* sensible check */
+               if (data.opt_len - param_offset < 2
+                       || param->len > data.opt_len - param_offset - 2)
+               {
+                   LOG(1, 0, 0, "Malformed Optional Parameter list from BGP peer %s\n",
+                       peer->name);
+
+                   bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_UNSPEC);
+                   return 0;
+               }
+
+               /* we know only one parameter type */
+               if (param->type != BGP_CAPABILITY_PARAM_TYPE)
+               {
+                   LOG(1, 0, 0, "Unsupported Optional Parameter type %d from BGP peer %s\n",
+                       param->type, peer->name);
+
+                   bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_PARAM);
+                   return 0;
+               }
+
+               capabilities_len = param->len;
+               capabilities = (char *)&param->value;
+           }
+
+           /* look for BGP multiprotocol capability */
+           if (capabilities)
+           {
+               for (capability_offset = 0;
+                       capability_offset < capabilities_len;
+                       capability_offset += 2 + capability->len)
+               {
+                   capability = (struct bgp_capability *)(capabilities + capability_offset);
+
+                   /* sensible check */
+                   if (capabilities_len - capability_offset < 2
+                           || capability->len > capabilities_len - capability_offset - 2)
+                   {
+                       LOG(1, 0, 0, "Malformed Capabilities list from BGP peer %s\n",
+                           peer->name);
+
+                       bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_UNSPEC);
+                       return 0;
+                   }
+
+                   /* we only know one capability code */
+                   if (capability->code != BGP_CAP_CODE_MP
+                           && capability->len != sizeof(struct bgp_mp_cap_param))
+                   {
+                       LOG(4, 0, 0, "Unsupported Capability code %d from BGP peer %s\n",
+                           capability->code, peer->name);
+
+                       bgp_send_notification_full(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_CAP,
+                               capability, 2 + capability->len);
+                       /* we don't terminate, still; we just jump to the next one */
+                       continue;
+                   }
+
+                   mp_cap = (struct bgp_mp_cap_param *)&capability->value;
+                   /* the only <AFI, SAFI> tuple we support */
+                   if (mp_cap->afi != AF_INET6 && mp_cap->safi != BGP_MP_SAFI_UNICAST)
+                   {
+                       LOG(4, 0, 0, "Unsupported multiprotocol AFI %d and SAFI %d from BGP peer %s\n",
+                           mp_cap->afi, mp_cap->safi, peer->name);
+
+                       bgp_send_notification_full(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_CAP,
+                               capability, 2 + capability->len);
+                       /* we don't terminate, still; we just jump to the next one */
+                       continue;
+                   }
+
+               }
+           }
+
            /* next transition requires an exchange of keepalives */
            bgp_send_keepalive(peer);
            /* next transition requires an exchange of keepalives */
            bgp_send_keepalive(peer);
-
-           /* FIXME: may need to check for optional params */
        }
 
        break;
        }
 
        break;
@@ -1214,6 +1302,12 @@ static int bgp_send_update(struct bgp_peer *peer)
 /* send/buffer NOTIFICATION message */
 static int bgp_send_notification(struct bgp_peer *peer, uint8_t code,
     uint8_t subcode)
 /* send/buffer NOTIFICATION message */
 static int bgp_send_notification(struct bgp_peer *peer, uint8_t code,
     uint8_t subcode)
+{
+    return bgp_send_notification_full(peer, code, subcode, NULL, 0);
+}
+
+static int bgp_send_notification_full(struct bgp_peer *peer, uint8_t code,
+    uint8_t subcode, char *notification_data, uint16_t data_len)
 {
     struct bgp_data_notification data;
     uint16_t len = 0;
 {
     struct bgp_data_notification data;
     uint16_t len = 0;
@@ -1224,6 +1318,9 @@ static int bgp_send_notification(struct bgp_peer *peer, uint8_t code,
     data.error_subcode = subcode;
     len += sizeof(data.error_code);
 
     data.error_subcode = subcode;
     len += sizeof(data.error_code);
 
+    memcpy(data.data, notification_data, data_len);
+    len += data_len;
+
     memset(peer->outbuf->packet.header.marker, 0xff,
        sizeof(peer->outbuf->packet.header.marker));
 
     memset(peer->outbuf->packet.header.marker, 0xff,
        sizeof(peer->outbuf->packet.header.marker));