X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/f2a3180cc0123acabfed9e48200be0a063f695c0..d7e506baf457af512f47bbe7a4d50dfd9bab087c:/bgp.c?ds=sidebyside diff --git a/bgp.c b/bgp.c index 6a868fa..9d237c9 100644 --- a/bgp.c +++ b/bgp.c @@ -45,6 +45,8 @@ static int bgp_send_keepalive(struct bgp_peer *peer); static int bgp_send_update(struct bgp_peer *peer); static int bgp_send_notification(struct bgp_peer *peer, uint8_t code, uint8_t subcode); +static int bgp_send_notification_full(struct bgp_peer *peer, uint8_t code, + uint8_t subcode, char *notification_data, uint16_t data_len); static uint16_t our_as; static struct bgp_route_list *bgp_routes = 0; @@ -902,6 +904,12 @@ static int bgp_handle_input(struct bgp_peer *peer) struct bgp_data_open data; int hold; int i; + off_t param_offset, capability_offset; + struct bgp_opt_param *param; + uint8_t capabilities_len; + char *capabilities = NULL; + struct bgp_capability *capability; + struct bgp_mp_cap_param *mp_cap; for (i = 0; i < sizeof(p->header.marker); i++) { @@ -964,10 +972,90 @@ static int bgp_handle_input(struct bgp_peer *peer) if (peer->keepalive * 3 > peer->hold) peer->keepalive = peer->hold / 3; + /* check for optional parameters */ + /* 2 is for the size of type + len (both uint8_t) */ + for (param_offset = 0; + param_offset < data.opt_len; + param_offset += 2 + param->len) + { + param = (struct bgp_opt_param *)(&data.opt_params + param_offset); + + /* sensible check */ + if (data.opt_len - param_offset < 2 + || param->len > data.opt_len - param_offset - 2) + { + LOG(1, 0, 0, "Malformed Optional Parameter list from BGP peer %s\n", + peer->name); + + bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_UNSPEC); + return 0; + } + + /* we know only one parameter type */ + if (param->type != BGP_CAPABILITY_PARAM_TYPE) + { + LOG(1, 0, 0, "Unsupported Optional Parameter type %d from BGP peer %s\n", + param->type, peer->name); + + bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_PARAM); + return 0; + } + + capabilities_len = param->len; + capabilities = (char *)¶m->value; + } + + /* look for BGP multiprotocol capability */ + if (capabilities) + { + for (capability_offset = 0; + capability_offset < capabilities_len; + capability_offset += 2 + capability->len) + { + capability = (struct bgp_capability *)(capabilities + capability_offset); + + /* sensible check */ + if (capabilities_len - capability_offset < 2 + || capability->len > capabilities_len - capability_offset - 2) + { + LOG(1, 0, 0, "Malformed Capabilities list from BGP peer %s\n", + peer->name); + + bgp_send_notification(peer, BGP_ERR_OPEN, BGP_ERR_UNSPEC); + return 0; + } + + /* we only know one capability code */ + if (capability->code != BGP_CAP_CODE_MP + && capability->len != sizeof(struct bgp_mp_cap_param)) + { + LOG(4, 0, 0, "Unsupported Capability code %d from BGP peer %s\n", + capability->code, peer->name); + + bgp_send_notification_full(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_CAP, + capability, 2 + capability->len); + /* we don't terminate, still; we just jump to the next one */ + continue; + } + + mp_cap = (struct bgp_mp_cap_param *)&capability->value; + /* the only tuple we support */ + if (mp_cap->afi != AF_INET6 && mp_cap->safi != BGP_MP_SAFI_UNICAST) + { + LOG(4, 0, 0, "Unsupported multiprotocol AFI %d and SAFI %d from BGP peer %s\n", + mp_cap->afi, mp_cap->safi, peer->name); + + bgp_send_notification_full(peer, BGP_ERR_OPEN, BGP_ERR_OPN_UNSUP_CAP, + capability, 2 + capability->len); + /* we don't terminate, still; we just jump to the next one */ + continue; + } + + } + } + /* next transition requires an exchange of keepalives */ bgp_send_keepalive(peer); - - /* FIXME: may need to check for optional params */ } break; @@ -1214,6 +1302,12 @@ static int bgp_send_update(struct bgp_peer *peer) /* send/buffer NOTIFICATION message */ static int bgp_send_notification(struct bgp_peer *peer, uint8_t code, uint8_t subcode) +{ + return bgp_send_notification_full(peer, code, subcode, NULL, 0); +} + +static int bgp_send_notification_full(struct bgp_peer *peer, uint8_t code, + uint8_t subcode, char *notification_data, uint16_t data_len) { struct bgp_data_notification data; uint16_t len = 0; @@ -1224,6 +1318,9 @@ static int bgp_send_notification(struct bgp_peer *peer, uint8_t code, data.error_subcode = subcode; len += sizeof(data.error_code); + memcpy(data.data, notification_data, data_len); + len += data_len; + memset(peer->outbuf->packet.header.marker, 0xff, sizeof(peer->outbuf->packet.header.marker));