Add config option fib-priority to set a custom prio for routes ripd

insers into the kernel routing table.

OK deraadt@

6 files changed, 40 insertions, 19 deletions

diff --git a/usr.sbin/ripd/kroute.c b/usr.sbin/ripd/kroute.c
index 424bcfb8aba..6e7449e0909 100644
--- a/usr.sbin/ripd/kroute.c
+++ b/usr.sbin/ripd/kroute.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kroute.c,v 1.32 2017/07/24 11:00:01 friehm Exp $ */
+/*	$OpenBSD: kroute.c,v 1.33 2018/12/31 20:34:16 remi Exp $ */
 
 /*
  * Copyright (c) 2004 Esben Norby <norby@openbsd.org>
@@ -44,6 +44,7 @@ struct {
 	u_int32_t		rtseq;
 	pid_t			pid;
 	int			fib_sync;
+	u_int8_t		fib_prio;
 	int			fd;
 	struct event		ev;
 	u_int			rdomain;
@@ -108,7 +109,7 @@ kif_init(void)
 }
 
 int
-kr_init(int fs, u_int rdomain)
+kr_init(int fs, u_int rdomain, u_int8_t fib_prio)
 {
 	int		opt = 0, rcvbuf, default_rcvbuf;
 	socklen_t	optlen;
@@ -139,6 +140,7 @@ kr_init(int fs, u_int rdomain)
 
 	kr_state.pid = getpid();
 	kr_state.rtseq = 1;
+	kr_state.fib_prio = fib_prio;
 
 	RB_INIT(&krt);
 
@@ -177,7 +179,7 @@ kr_change_fib(struct kroute_node *kr, struct kroute *kroute, int action)
 		kr->r.netmask.s_addr = kroute->netmask.s_addr;
 		kr->r.nexthop.s_addr = kroute->nexthop.s_addr;
 		kr->r.flags = kroute->flags |= F_RIPD_INSERTED;
-		kr->r.priority = RTP_RIP;
+		kr->r.priority = kr_state.fib_prio;
 
 		if (kroute_insert(kr) == -1) {
 			log_debug("kr_update_fib: cannot insert %s",
@@ -197,7 +199,7 @@ kr_change(struct kroute *kroute)
 	int			 action = RTM_ADD;
 
 	kr = kroute_find(kroute->prefix.s_addr, kroute->netmask.s_addr,
-	    RTP_RIP);
+	    kr_state.fib_prio);
 	if (kr != NULL)
 		action = RTM_CHANGE;
 
@@ -210,11 +212,11 @@ kr_delete(struct kroute *kroute)
 	struct kroute_node	*kr;
 
 	kr = kroute_find(kroute->prefix.s_addr, kroute->netmask.s_addr,
-	    RTP_RIP);
+	    kr_state.fib_prio);
 	if (kr == NULL)
 		return (0);
 
-	if (kr->r.priority != RTP_RIP)
+	if (kr->r.priority != kr_state.fib_prio)
 		log_warn("kr_delete_fib: %s/%d has wrong priority %d",
 		    inet_ntoa(kr->r.prefix), mask2prefixlen(kr->r.netmask.s_addr),
 		    kr->r.priority);
@@ -248,7 +250,7 @@ kr_fib_couple(void)
 	kr_state.fib_sync = 1;
 
 	RB_FOREACH(kr, kroute_tree, &krt)
-		if (kr->r.priority == RTP_RIP)
+		if (kr->r.priority == kr_state.fib_prio)
 			send_rtmsg(kr_state.fd, RTM_ADD, &kr->r);
 
 	log_info("kernel routing table coupled");
@@ -263,7 +265,7 @@ kr_fib_decouple(void)
 		return;
 
 	RB_FOREACH(kr, kroute_tree, &krt)
-		if (kr->r.priority == RTP_RIP)
+		if (kr->r.priority == kr_state.fib_prio)
 			send_rtmsg(kr_state.fd, RTM_DELETE, &kr->r);
 
 	kr_state.fib_sync = 0;
@@ -734,7 +736,7 @@ send_rtmsg(int fd, int action, struct kroute *kroute)
 	bzero(&hdr, sizeof(hdr));
 	hdr.rtm_version = RTM_VERSION;
 	hdr.rtm_type = action;
-	hdr.rtm_priority = RTP_RIP;
+	hdr.rtm_priority = kr_state.fib_prio;
 	hdr.rtm_tableid = kr_state.rdomain;
 	if (action == RTM_CHANGE)
 		hdr.rtm_fmask = RTF_REJECT|RTF_BLACKHOLE;
@@ -925,7 +927,7 @@ fetchtable(void)
 				break;
 			}
 
-		if (rtm->rtm_priority == RTP_RIP) {
+		if (rtm->rtm_priority == kr_state.fib_prio) {
 			send_rtmsg(kr_state.fd, RTM_DELETE, &kr->r);
 			free(kr);
 		} else {
diff --git a/usr.sbin/ripd/parse.y b/usr.sbin/ripd/parse.y
index f77493a88f6..4f8283f58ae 100644
--- a/usr.sbin/ripd/parse.y
+++ b/usr.sbin/ripd/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.44 2018/11/11 13:55:07 remi Exp $ */
+/*	$OpenBSD: parse.y,v 1.45 2018/12/31 20:34:16 remi Exp $ */
 
 /*
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -26,6 +26,7 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
+#include <net/route.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <ctype.h>
@@ -104,7 +105,8 @@ typedef struct {
 
 %}
 
-%token	SPLIT_HORIZON TRIGGERED_UPDATES FIBUPDATE REDISTRIBUTE RDOMAIN
+%token	SPLIT_HORIZON TRIGGERED_UPDATES FIBPRIORITY FIBUPDATE
+%token	REDISTRIBUTE RDOMAIN
 %token	AUTHKEY AUTHTYPE AUTHMD AUTHMDKEYID
 %token	INTERFACE RTLABEL
 %token	COST PASSIVE
@@ -196,6 +198,13 @@ conf_main	: SPLIT_HORIZON STRING {
 			}
 			conf->rdomain = $2;
 		}
+		| FIBPRIORITY NUMBER {
+			if ($2 <= RTP_NONE || $2 > RTP_MAX) {
+				yyerror("invalid fib-priority");
+				YYERROR;
+			}
+			conf->fib_priority = $2;
+		}
 		| FIBUPDATE yesno {
 			if ($2 == 0)
 				conf->flags |= RIPD_FLAG_NO_FIB_UPDATE;
@@ -423,6 +432,7 @@ lookup(char *s)
 	    {"auth-type",		AUTHTYPE},
 	    {"cost",			COST},
 	    {"demote",			DEMOTE},
+	    {"fib-priority",		FIBPRIORITY},
 	    {"fib-update",		FIBUPDATE},
 	    {"interface",		INTERFACE},
 	    {"no",			NO},
@@ -771,6 +781,7 @@ parse_config(char *filename, int opts)
 	defs->auth_type = AUTH_NONE;
 	conf->opts = opts;
 	conf->options = OPT_SPLIT_POISONED;
+	conf->fib_priority = RTP_RIP;
 	SIMPLEQ_INIT(&conf->redist_list);
 
 	if ((file = pushfile(filename, !(conf->opts & RIPD_OPT_NOACTION))) == NULL) {
diff --git a/usr.sbin/ripd/printconf.c b/usr.sbin/ripd/printconf.c
index aeabef54fa0..ace33f78400 100644
--- a/usr.sbin/ripd/printconf.c
+++ b/usr.sbin/ripd/printconf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: printconf.c,v 1.6 2009/07/31 16:04:34 michele Exp $ */
+/*	$OpenBSD: printconf.c,v 1.7 2018/12/31 20:34:16 remi Exp $ */
 
 /*
  * Copyright (c) 2004, 2005, 2006 Esben Norby <norby@openbsd.org>
@@ -41,6 +41,8 @@ print_mainconf(struct ripd_conf *conf)
 	else
 		printf("fib-update yes\n");
 
+	printf("fib-priority %hhu\n", conf->fib_priority);
+
 	print_redistribute(conf);
 
 	if (conf->options & OPT_SPLIT_HORIZON)
diff --git a/usr.sbin/ripd/ripd.c b/usr.sbin/ripd/ripd.c
index 4287fcf4f8c..dd5a11cc802 100644
--- a/usr.sbin/ripd/ripd.c
+++ b/usr.sbin/ripd/ripd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ripd.c,v 1.31 2018/11/04 07:52:55 remi Exp $ */
+/*	$OpenBSD: ripd.c,v 1.32 2018/12/31 20:34:16 remi Exp $ */
 
 /*
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -253,7 +253,7 @@ main(int argc, char *argv[])
 	event_add(&iev_rde->ev, NULL);
 
 	if (kr_init(!(conf->flags & RIPD_FLAG_NO_FIB_UPDATE),
-	    conf->rdomain) == -1)
+	    conf->rdomain, conf->fib_priority) == -1)
 		fatalx("kr_init failed");
 
 	event_dispatch();
diff --git a/usr.sbin/ripd/ripd.conf.5 b/usr.sbin/ripd/ripd.conf.5
index d353c270d21..3379662bd59 100644
--- a/usr.sbin/ripd/ripd.conf.5
+++ b/usr.sbin/ripd/ripd.conf.5
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ripd.conf.5,v 1.17 2018/11/11 13:55:07 remi Exp $
+.\"	$OpenBSD: ripd.conf.5,v 1.18 2018/12/31 20:34:16 remi Exp $
 .\"
 .\" Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
 .\" Copyright (c) 2005, 2006 Esben Norby <norby@openbsd.org>
@@ -18,7 +18,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: November 11 2018 $
+.Dd $Mdocdate: December 31 2018 $
 .Dt RIPD.CONF 5
 .Os
 .Sh NAME
@@ -66,6 +66,11 @@ interface em0 {
 Global settings concerns the main behaviour of the daemon.
 .Pp
 .Bl -tag -width Ds -compact
+.It Ic fib-priority Ar prio
+Set the routing priority to
+.Ar prio .
+The default is 40.
+.Pp
 .It Xo
 .Ic fib-update
 .Pq Ic yes Ns | Ns Ic no
diff --git a/usr.sbin/ripd/ripd.h b/usr.sbin/ripd/ripd.h
index 36c743cb2ca..5534238dec0 100644
--- a/usr.sbin/ripd/ripd.h
+++ b/usr.sbin/ripd/ripd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ripd.h,v 1.25 2018/02/08 00:19:54 claudio Exp $ */
+/*	$OpenBSD: ripd.h,v 1.26 2018/12/31 20:34:16 remi Exp $ */
 
 /*
  * Copyright (c) 2004 Esben Norby <norby@openbsd.org>
@@ -244,6 +244,7 @@ struct ripd_conf {
 	int			 options;
 	int			 rip_socket;
 	int			 redistribute;
+	u_int8_t		 fib_priority;
 	u_int			 rdomain;
 	char			*csock;
 };
@@ -319,7 +320,7 @@ struct demote_msg {
 };
 
 int		 kif_init(void);
-int		 kr_init(int, u_int);
+int		 kr_init(int, u_int, u_int8_t);
 int		 kr_change(struct kroute *);
 int		 kr_delete(struct kroute *);
 void		 kr_shutdown(void);