diff options
| -rw-r--r-- | usr.sbin/bgpctl/Makefile | 6 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/bgpctl.8 | 31 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/bgpctl.c | 10 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/irr_asset.c | 291 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/irr_output.c | 246 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/irr_parser.c | 423 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/irr_prefix.c | 289 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/irrfilter.c | 55 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/irrfilter.h | 111 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/parser.c | 73 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/parser.h | 4 | ||||
| -rw-r--r-- | usr.sbin/bgpctl/whois.c | 149 |
12 files changed, 7 insertions, 1681 deletions
diff --git a/usr.sbin/bgpctl/Makefile b/usr.sbin/bgpctl/Makefile index e58551cf86f..272a56d8f82 100644 --- a/usr.sbin/bgpctl/Makefile +++ b/usr.sbin/bgpctl/Makefile @@ -1,11 +1,9 @@ -# $OpenBSD: Makefile,v 1.14 2018/07/13 15:02:40 jsg Exp $ +# $OpenBSD: Makefile,v 1.15 2019/06/25 07:44:20 claudio Exp $ .PATH: ${.CURDIR}/../bgpd PROG= bgpctl -SRCS= bgpctl.c parser.c util.c -SRCS+= irrfilter.c whois.c irr_asset.c irr_prefix.c irr_output.c -SRCS+= irr_parser.c mrtparser.c +SRCS= bgpctl.c parser.c mrtparser.c util.c CFLAGS+= -Wall CFLAGS+= -Wstrict-prototypes -Wmissing-prototypes CFLAGS+= -Wmissing-declarations diff --git a/usr.sbin/bgpctl/bgpctl.8 b/usr.sbin/bgpctl/bgpctl.8 index 2c0688610cc..254cb2fefe4 100644 --- a/usr.sbin/bgpctl/bgpctl.8 +++ b/usr.sbin/bgpctl/bgpctl.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: bgpctl.8,v 1.87 2019/05/31 10:48:40 sthen Exp $ +.\" $OpenBSD: bgpctl.8,v 1.88 2019/06/25 07:44:20 claudio Exp $ .\" .\" Copyright (c) 2003 Henning Brauer <henning@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: May 31 2019 $ +.Dd $Mdocdate: June 25 2019 $ .Dt BGPCTL 8 .Os .Sh NAME @@ -76,31 +76,6 @@ a.k.a. the kernel routing table. .Xc Remove the learned routes from the specified Forwarding Information Base a.k.a. the kernel routing table. -.It Xo -.Cm irrfilter -.Op Ar options -.Ar as -.Op Ar arguments -.Xc -Get the -.Em aut-num -object from the -.Em Internet Routing Registry -and generate bgpd filters from the policy specified therein. -The aut-num object as well as the associated as-set and route objects -have to be in RPSL format. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl o Ar directory -Use -.Ar directory -to write the filter files to. -.It Fl 4 -Fetch only IPv4 prefixes from the registry. -.It Fl 6 -Fetch only IPv6 prefixes from the registry. -.El .It Cm log brief Disable verbose debug logging. .It Cm log verbose @@ -489,5 +464,3 @@ The .Nm program first appeared in .Ox 3.5 . -irrfilter mode was added in -.Ox 4.1 . diff --git a/usr.sbin/bgpctl/bgpctl.c b/usr.sbin/bgpctl/bgpctl.c index 7f800c8a4de..f8837c7a188 100644 --- a/usr.sbin/bgpctl/bgpctl.c +++ b/usr.sbin/bgpctl/bgpctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpctl.c,v 1.240 2019/06/17 13:46:33 claudio Exp $ */ +/* $OpenBSD: bgpctl.c,v 1.241 2019/06/25 07:44:20 claudio Exp $ */ /* * Copyright (c) 2003 Henning Brauer <henning@openbsd.org> @@ -39,7 +39,6 @@ #include "session.h" #include "rde.h" #include "parser.h" -#include "irrfilter.h" #include "mrtparser.h" enum neighbor_views { @@ -161,11 +160,6 @@ main(int argc, char *argv[]) strlcpy(neighbor.shutcomm, res->shutcomm, sizeof(neighbor.shutcomm)); switch (res->action) { - case IRRFILTER: - if (!(res->flags & (F_IPV4|F_IPV6))) - res->flags |= (F_IPV4|F_IPV6); - irr_main(res->as.as_min, res->flags, res->irr_outdir); - break; case SHOW_MRT: if (pledge("stdio", NULL) == -1) err(1, "pledge"); @@ -217,7 +211,6 @@ main(int argc, char *argv[]) switch (res->action) { case NONE: - case IRRFILTER: case SHOW_MRT: usage(); /* NOTREACHED */ @@ -479,7 +472,6 @@ main(int argc, char *argv[]) case NETWORK_FLUSH: case NETWORK_BULK_ADD: case NETWORK_BULK_REMOVE: - case IRRFILTER: case LOG_VERBOSE: case LOG_BRIEF: case SHOW_MRT: diff --git a/usr.sbin/bgpctl/irr_asset.c b/usr.sbin/bgpctl/irr_asset.c deleted file mode 100644 index af8de33cade..00000000000 --- a/usr.sbin/bgpctl/irr_asset.c +++ /dev/null @@ -1,291 +0,0 @@ -/* $OpenBSD: irr_asset.c,v 1.12 2018/09/17 13:35:36 claudio Exp $ */ - -/* - * Copyright (c) 2007 Henning Brauer <henning@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include <sys/types.h> -#include <err.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> -#include <ctype.h> - -#include "irrfilter.h" - -int as_set_compare(struct irr_as_set *, struct irr_as_set *); -struct irr_as_set *as_set_find(char *); - -RB_HEAD(as_set_h, irr_as_set) as_set_h; -RB_PROTOTYPE(as_set_h, irr_as_set, entry, as_set_compare) -RB_GENERATE(as_set_h, irr_as_set, entry, as_set_compare) - -enum obj_type { - T_UNKNOWN, - T_ASSET, - T_AUTNUM -}; - -struct irr_as_set *curass; - -struct irr_as_set *asset_get(char *); -enum obj_type asset_membertype(char *); -void asset_resolve(struct irr_as_set *); -int asset_merge(struct irr_as_set *, struct irr_as_set *); -int asset_add_as(struct irr_as_set *, char *); -int asset_add_asset(struct irr_as_set *, char *); - -struct irr_as_set * -asset_expand(char *s) -{ - struct irr_as_set *ass; - char *name; - size_t i; - - if ((name = calloc(1, strlen(s) + 1)) == NULL) - err(1, "asset_expand calloc"); - for (i = 0; i < strlen(s); i++) - name[i] = toupper((unsigned char)s[i]); - - ass = asset_get(name); - asset_resolve(ass); - - free(name); - return (ass); -} - -struct irr_as_set * -asset_get(char *name) -{ - struct irr_as_set *ass, *mas; - u_int i; - - /* - * the caching prevents the endless recursion. - * MUST have the RB_INSERT before calling self again. - */ - - /* cached? then things are easy */ - if ((ass = as_set_find(name)) != NULL) - return ass; - - if ((ass = calloc(1, sizeof(*ass))) == NULL) - err(1, "expand_as_set calloc"); - if ((ass->name = strdup(name)) == NULL) - err(1, "expand_as_set strdup"); - RB_INSERT(as_set_h, &as_set_h, ass); - - switch (asset_membertype(name)) { - case T_ASSET: - /* as-set */ - if (irrverbose >= 3) { - fprintf(stdout, "query AS-SET %s... ", name); - fflush(stdout); - } - curass = ass; - if (whois(name, QTYPE_ASSET) == -1) - errx(1, "whois error, asset_get %s", name); - curass = NULL; - if (irrverbose >= 3) - fprintf(stdout, "done\n"); - break; - case T_AUTNUM: - /* - * make a dummy as-set with the AS both as name - * and its only member - */ - asset_add_as(ass, name); - return (ass); - default: - fprintf(stderr, "asset_get: %s: unknown object type\n", name); - break; - } - - - for (i = 0; i < ass->n_members; i++) { - mas = asset_get(ass->members[i]); - if (mas->n_members == 0 && mas->n_as == 0) - fprintf(stderr, "%s: can't resolve member %s\n", - name, ass->members[i]); - else - asset_add_asset(ass, ass->members[i]); - } - - return (ass); -} - -enum obj_type -asset_membertype(char *name) -{ - char *s; - - if (!strncmp(name, "AS-", 3)) - return (T_ASSET); - - if ((s = strchr(name, ':')) != NULL) { - /* this must be an as-set. one component has to start w/ AS- */ - for (s = name; s != NULL; s = strchr(s, ':')) - if (!strncmp(++s, "AS-", 3)) - return (T_ASSET); - return (T_UNKNOWN); - } - - /* neither plain nor hierachical set definition, might be aut-num */ - if (!strncmp(name, "AS", 2) && strlen(name) > 2 && - isdigit((unsigned char)name[2])) - return (T_AUTNUM); - - return (T_UNKNOWN); -} - -void -asset_resolve(struct irr_as_set *ass) -{ - struct irr_as_set *mas; - u_int i; - - /* - * traverse all as_set members and fold their - * members as into this as_set. - * ass->n_as_set is a moving target, it grows - * as member as-sets' member as-sets are beeing - * added. - * remove processed member as-sets (all!) only - * after we are done, they're needed for dupe - * detection - */ - - for (i = 0; i < ass->n_as_set; i++) { - if ((mas = as_set_find(ass->as_set[i])) == NULL) - errx(1, "asset_get %s: %s unresolved?!?", - ass->name, ass->as_set[i]); - if (asset_merge(ass, mas) == -1) - errx(1, "asset_merge failed"); - } - - for (i = 0; i < ass->n_as_set; i++) { - free(ass->as_set[i]); - ass->as_set[i] = NULL; - } - free(ass->as_set); - ass->as_set = NULL; - ass->n_as_set = 0; -} - -int -asset_merge(struct irr_as_set *ass, struct irr_as_set *mas) -{ - u_int i, j; - - /* merge ASes from the member into the parent */ - for (i = 0; i < mas->n_as; i++) { - for (j = 0; j < ass->n_as && strcmp(ass->as[j], - mas->as[i]); j++) - ; /* nothing */ - if (j == ass->n_as) - if (asset_add_as(ass, mas->as[i]) == -1) - return (-1); - } - - /* merge as-set members from the member into the parent */ - for (i = 0; i < mas->n_as_set; i++) { - if (!strcmp(ass->name, mas->as_set[i])) /* skip self! */ - continue; - for (j = 0; j < ass->n_as_set && strcmp(ass->as_set[j], - mas->as_set[i]); j++) - ; /* nothing */ - if (j == ass->n_as_set) - if (asset_add_asset(ass, mas->as_set[i]) == -1) - return (-1); - } - - return (0); -} - -int -asset_addmember(char *s) -{ - void *p; - char *as; - size_t i; - - /* convert to uppercase on the fly */ - if ((as = calloc(1, strlen(s) + 1)) == NULL) - err(1, "asset_addmember strdup"); - for (i = 0; i < strlen(s); i++) - as[i] = toupper((unsigned char)s[i]); - - if ((p = reallocarray(curass->members, - curass->n_members + 1, sizeof(char *))) == NULL) - err(1, "asset_addmember strdup"); - curass->members = p; - curass->n_members++; - curass->members[curass->n_members - 1] = as; - - return (0); -} - -int -asset_add_as(struct irr_as_set *ass, char *s) -{ - void *p; - - if ((p = reallocarray(ass->as, - ass->n_as + 1, sizeof(char *))) == NULL) - err(1, "asset_add_as strdup"); - ass->as = p; - ass->n_as++; - - if ((ass->as[ass->n_as - 1] = - strdup(s)) == NULL) - err(1, "asset_add_as strdup"); - - return (0); -} - -int -asset_add_asset(struct irr_as_set *ass, char *s) -{ - void *p; - - if ((p = reallocarray(ass->as_set, - ass->n_as_set + 1, sizeof(char *))) == NULL) - err(1, "asset_add_asset strdup"); - ass->as_set = p; - ass->n_as_set++; - - if ((ass->as_set[ass->n_as_set - 1] = - strdup(s)) == NULL) - err(1, "asset_add_asset strdup"); - - return (0); -} - -/* RB helpers */ -int -as_set_compare(struct irr_as_set *a, struct irr_as_set *b) -{ - return (strcmp(a->name, b->name)); -} - -struct irr_as_set * -as_set_find(char *name) -{ - struct irr_as_set s; - - s.name = name; - return (RB_FIND(as_set_h, &as_set_h, &s)); -} diff --git a/usr.sbin/bgpctl/irr_output.c b/usr.sbin/bgpctl/irr_output.c deleted file mode 100644 index a588670082e..00000000000 --- a/usr.sbin/bgpctl/irr_output.c +++ /dev/null @@ -1,246 +0,0 @@ -/* $OpenBSD: irr_output.c,v 1.21 2018/09/17 13:35:36 claudio Exp $ */ - -/* - * Copyright (c) 2007 Henning Brauer <henning@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include <sys/types.h> -#include <sys/stat.h> -#include <err.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> -#include <fcntl.h> -#include <ctype.h> -#include <netdb.h> -#include <netinet/in.h> -#include <arpa/inet.h> - -#include "bgpd.h" -#include "irrfilter.h" - -int process_policies(FILE *, struct policy_head *); -void policy_prettyprint(FILE *, struct policy_item *); -void policy_torule(FILE *, struct policy_item *); -char *action_torule(char *); -void print_rule(FILE *, struct policy_item *, char *, struct irr_prefix *); - -#define allowed_in_address(x) \ - (isalnum((unsigned char)x) || x == '.' || x == ':' || x == '-') - -int -write_filters(char *outpath) -{ - struct router *r; - char *fn; - int fd, ret = 0; - u_int i; - FILE *fh; - - while ((r = TAILQ_FIRST(&router_head)) != NULL) { - TAILQ_REMOVE(&router_head, r, entry); - - if (r->address != NULL && r->address[0] != '\0') { - for (i = 0; i < strlen(r->address); i++) - if (!allowed_in_address(r->address[i])) - errx(1, "router address \"%s\" contains" - " illegal character \"%c\"", - r->address, r->address[i]); - if (asprintf(&fn, "%s/bgpd-%s.filter", - outpath, r->address) == -1) - err(1, "write_filters asprintf"); - } else - if (asprintf(&fn, "%s/bgpd.filter", - outpath) == -1) - err(1, "write_filters asprintf"); - - fd = open(fn, O_RDWR|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR); - if (fd == -1) - err(1, "error opening %s", fn); - if ((fh = fdopen(fd, "w")) == NULL) - err(1, "fdopen %s", fn); - - if (process_policies(fh, &r->policy_h) == -1) - ret = -1; - - fclose(fh); - close(fd); - free(fn); - free(r->address); - free(r); - } - - return (ret); -} - -int -process_policies(FILE *fh, struct policy_head *head) -{ - struct policy_item *pi; - - while ((pi = TAILQ_FIRST(head)) != NULL) { - TAILQ_REMOVE(head, pi, entry); - - policy_prettyprint(fh, pi); - policy_torule(fh, pi); - fflush(fh); - - free(pi->peer_addr); - free(pi->action); - free(pi->filter); - free(pi); - } - - return (0); -} - -void -policy_prettyprint(FILE *fh, struct policy_item *pi) -{ - if (pi->dir == IMPORT) - fprintf(fh, "# import: from "); - else - fprintf(fh, "# export: to "); - fprintf(fh, "AS%u ", pi->peer_as); - if (pi->peer_addr) - fprintf(fh, "%s ", pi->peer_addr); - if (pi->action) - fprintf(fh, "action %s ", pi->action); - fprintf(fh, "%s %s\n", pi->dir == IMPORT ? "accept" : "announce", - pi->filter); -} - -void -policy_torule(FILE *fh, struct policy_item *pi) -{ - struct irr_as_set *ass; - struct prefix_set *pfxs; - char *srcas; - u_int i, j; - - if (pi->filter == NULL || !strcasecmp(pi->filter, "any")) - print_rule(fh, pi, NULL, NULL); - else { - ass = asset_expand(pi->filter); - - for (i = 0; i < ass->n_as; i++) { - pfxs = prefixset_get(ass->as[i]); - - /* ass->as[i] format and len have been checked before */ - if (strlen(ass->as[i]) < 3) - errx(1, "%s not AS...", ass->as[i]); - srcas = ass->as[i] + 2; - for (j = 0; j < pfxs->prefixcnt; j++) - print_rule(fh, pi, srcas, pfxs->prefix[j]); - } - } -} - -/* XXX should really be parsed earlier! */ -char * -action_torule(char *s) -{ - int cnt = 0; - char *key, *val, *pre, *tmp; - static char abuf[8192]; - char ebuf[2048]; - - if ((tmp = strdup(s)) == NULL) - err(1, NULL); - abuf[0] = '\0'; - while ((val = strsep(&tmp, ";")) != NULL && *val) { - key = strsep(&val, "="); - if (key == NULL || val == NULL) - err(1, "format error in action spec\n"); - - EATWS(key); - EATWS(val); - - if (cnt++ == 0) - pre = " set {"; - else - pre = ","; - - if (!strcmp(key, "pref")) - snprintf(ebuf, sizeof(ebuf), - "%s localpref %s", pre, val); - else if (!strcmp(key, "med")) - snprintf(ebuf, sizeof(ebuf), - "%s med %s", pre, val); - else - warnx("unknown action key \"%s\"", key); - - strlcat(abuf, ebuf, sizeof(abuf)); - } - if (cnt > 0) - strlcat(abuf, " }", sizeof(abuf)); - - free(tmp); - return (abuf); -} - -void -print_rule(FILE *fh, struct policy_item *pi, char *sourceas, - struct irr_prefix *prefix) -{ - char peer[PEER_DESCR_LEN]; - char *action = ""; - char *dir; - char *srcas[2] = { "", "" }; - char pbuf[8 + NI_MAXHOST + 4 + 14 + 3]; - size_t offset; - - if (pi->dir == IMPORT) - dir = "from"; - else - dir = "to"; - - if (pi->peer_addr) - snprintf(peer, PEER_DESCR_LEN, "%s", pi->peer_addr); - else - snprintf(peer, PEER_DESCR_LEN, "AS %s", log_as(pi->peer_as)); - - if (pi->action) - action = action_torule(pi->action); - - pbuf[0] = '\0'; - if (prefix != NULL) { - strlcpy(pbuf, " prefix ", sizeof(pbuf)); - offset = strlen(pbuf); - if (inet_ntop(prefix->af, &prefix->addr, pbuf + offset, - sizeof(pbuf) - offset) == NULL) - err(1, "print_rule inet_ntop"); - offset = strlen(pbuf); - if (snprintf(pbuf + offset, sizeof(pbuf) - offset, - "/%u", prefix->len) == -1) - err(1, "print_rule snprintf"); - - if (prefix->maxlen > prefix->len) { - offset = strlen(pbuf); - if (snprintf(pbuf + offset, sizeof(pbuf) - offset, - " prefixlen <= %u", prefix->maxlen) == -1) - err(1, "print_rule snprintf"); - } - - if (pi->dir == IMPORT) { - srcas[0] = " source-as "; - srcas[1] = sourceas; - } - } - - fprintf(fh, "allow quick %s %s%s%s%s%s\n", dir, peer, - srcas[0], srcas[1], pbuf, action); -} diff --git a/usr.sbin/bgpctl/irr_parser.c b/usr.sbin/bgpctl/irr_parser.c deleted file mode 100644 index bd415a79dfe..00000000000 --- a/usr.sbin/bgpctl/irr_parser.c +++ /dev/null @@ -1,423 +0,0 @@ -/* $OpenBSD: irr_parser.c,v 1.15 2019/04/10 15:23:27 claudio Exp $ */ - -/* - * Copyright (c) 2007 Henning Brauer <henning@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include <sys/types.h> -#include <ctype.h> -#include <err.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> -#include <limits.h> - -#include "irrfilter.h" - -#define PARSEBUF_INCREMENT 4096 - -int lineno; -char *parsebuf = NULL; -size_t parsebuflen = 0; - -void grow_parsebuf(void); -char *irr_getln(FILE *f); -int parse_policy(char *, char *); -int policy_additem(char *, struct policy_item *); -int parse_asset(char *, char *); -int parse_route(char *, char *); - -/* - * parse_response() return values: - * -1 error - * 0 object not found - * >0 number of lines matched plus 1 - */ -int -parse_response(FILE *f, enum qtype qtype) -{ - char *key, *val; - int cnt, n; - - lineno = 1; - cnt = 1; - while ((val = irr_getln(f)) != NULL) { - if (!strncmp(val, "%ERROR:101:", 11)) /* no entries found */ - return (0); - - if (val[0] == '%') { - warnx("message from whois server: %s", val); - return (-1); - } - - key = strsep(&val, ":"); - if (val == NULL) { - warnx("%u: %s", lineno, key); - warnx("no \":\" found!"); - return (-1); - } - EATWS(val); - - switch (qtype) { - case QTYPE_OWNAS: - if ((n = parse_policy(key, val)) == -1) - return (-1); - break; - case QTYPE_ASSET: - if ((n = parse_asset(key, val)) == -1) - return (-1); - break; - case QTYPE_ROUTE: - case QTYPE_ROUTE6: - if ((n = parse_route(key, val)) == -1) - return (-1); - break; - default: - err(1, "king bula suffers from dementia"); - } - cnt += n; - } - - return (cnt); -} - -void -grow_parsebuf(void) -{ - char *p; - size_t newlen; - - newlen = parsebuflen + PARSEBUF_INCREMENT; - if ((p = realloc(parsebuf, newlen)) == NULL) - err(1, "grow_parsebuf realloc"); - parsebuf = p; - parsebuflen = newlen; - - if (0) - fprintf(stderr, "parsebuf now %zu bytes\n", parsebuflen); -} - -char * -irr_getln(FILE *f) -{ - int c, next, last; - char *p; - - if (parsebuf == NULL) - grow_parsebuf(); - p = parsebuf; - last = -1; - - do { - c = getc(f); - - if (p == parsebuf) { /* beginning of new line */ - if (c == '%') { - next = getc(f); - switch (next) { - case ' ': /* comment. skip over */ - while ((c = getc(f)) != '\n' && - c != EOF) - ; /* nothing */ - break; - case '\n': - case EOF: - c = next; - break; - default: - ungetc(next, f); - break; - } - } - } - - if (c == '#') /* skip until \n */ - while ((c = getc(f)) != '\n' && c != EOF) - ; /* nothing */ - - if (c == '\n') { - lineno++; - next = getc(f); - if (next == '+') /* continuation, skip the + */ - c = getc(f); - else if (ISWS(next)) /* continuation */ - c = next; - else - ungetc(next, f); - } - - - if (c == '\n' || c == EOF) { - if (c == EOF) - if (ferror(f)) - err(1, "ferror"); - if (p > parsebuf) { - *p = '\0'; - return (parsebuf); - } - } else { - if (!(ISWS(c) && ISWS(last))) { - if (p + 1 >= parsebuf + parsebuflen - 1) { - size_t offset; - - offset = p - parsebuf; - grow_parsebuf(); - p = parsebuf + offset; - } - if (ISWS(c)) /* equal opportunity whitespace */ - *p++ = ' '; - else - *p++ = (char)c; - } - last = c; - } - } while (c != EOF); - - return (NULL); -} - -/* - * parse the policy from an aut-num object - */ - -enum policy_parser_st { - PO_NONE, - PO_PEER_KEY, - PO_PEER_AS, - PO_PEER_ADDR, - PO_RTR_KEY, - PO_RTR_ADDR, - PO_ACTION_KEY, - PO_ACTION_SPEC, - PO_FILTER_KEY, - PO_FILTER_SPEC -}; - -int -parse_policy(char *key, char *val) -{ - struct policy_item *pi; - enum pdir dir; - enum policy_parser_st st = PO_NONE, nextst; - char *tok, *router = "", *p; - - if (!strcmp(key, "import")) - dir = IMPORT; - else if (!strcmp(key, "export")) - dir = EXPORT; - else /* ignore! */ - return (0); - - if (dir == EXPORT && (irrflags & F_IMPORTONLY)) - return (0); - - if ((pi = calloc(1, sizeof(*pi))) == NULL) - err(1, "parse_policy calloc"); - pi->dir = dir; - - while ((tok = strsep(&val, " ")) != NULL) { - nextst = PO_NONE; - if (dir == IMPORT) { - if (!strcasecmp(tok, "from")) - nextst = PO_PEER_KEY; - else if (!strcasecmp(tok, "at")) - nextst = PO_RTR_KEY; - else if (!strcasecmp(tok, "action")) - nextst = PO_ACTION_KEY; - else if (!strcasecmp(tok, "accept")) - nextst = PO_FILTER_KEY; - } else if (dir == EXPORT) { - if (!strcasecmp(tok, "to")) - nextst = PO_PEER_KEY; - else if (!strcasecmp(tok, "at")) - nextst = PO_RTR_KEY; - else if (!strcasecmp(tok, "action")) - nextst = PO_ACTION_KEY; - else if (!strcasecmp(tok, "announce")) - nextst = PO_FILTER_KEY; - } - - if (nextst == PO_FILTER_KEY) /* rest is filter spec */ - if ((pi->filter = strdup(val)) == NULL) - err(1, NULL); - - if (nextst == PO_ACTION_KEY) { - /* action list. ends after last ; */ - p = strrchr(val, ';'); - if (p == NULL || !ISWS(*++p)) - errx(1, "syntax error in action spec"); - *p = '\0'; - if ((pi->action = strdup(val)) == NULL) - err(1, NULL); - val = ++p; - while (ISWS(*p)) - p++; - } - - switch (st) { - case PO_NONE: - if (nextst != PO_PEER_KEY) - goto ppoerr; - st = nextst; - break; - case PO_PEER_KEY: - if (pi->peer_as == 0) { - const char *errstr; - - if (nextst != PO_NONE) - goto ppoerr; - if (strlen(tok) < 3 || - strncasecmp(tok, "AS", 2) || - !isdigit((unsigned char)tok[2])) - errx(1, "peering spec \"%s\": format " - "error, AS expected", tok); - pi->peer_as = strtonum(tok + 2, 1, UINT_MAX, - &errstr); - if (errstr) - errx(1, "peering spec \"%s\": format " - "error: %s", tok, errstr); - } else { - switch (nextst) { - case PO_NONE: - if (!strcasecmp(tok, "and") || - !strcasecmp(tok, "or") || - !strcasecmp(tok, "not")) - fprintf(stderr, "compound " - "peering statements are " - "not supported"); - else /* peer address */ - if ((pi->peer_addr = - strdup(tok)) == NULL) - err(1, NULL); - break; - case PO_RTR_KEY: - case PO_ACTION_KEY: - case PO_FILTER_KEY: - st = nextst; - break; - default: - goto ppoerr; - } - } - break; - case PO_PEER_AS: - case PO_PEER_ADDR: - err(1, "state error"); - break; - case PO_RTR_KEY: - if (nextst != PO_NONE) - goto ppoerr; - /* rtr address */ - if ((router = strdup(tok)) == NULL) - err(1, NULL); - st = PO_RTR_ADDR; - break; - case PO_RTR_ADDR: - if (nextst != PO_ACTION_KEY && - nextst != PO_FILTER_KEY) - goto ppoerr; - st = nextst; - break; - case PO_ACTION_KEY: - /* already handled, next must be FILTER_KEY */ - if (nextst != PO_FILTER_KEY) - goto ppoerr; - st = nextst; - break; - case PO_FILTER_KEY: - /* already handled */ - break; - case PO_ACTION_SPEC: - case PO_FILTER_SPEC: - err(1, "state error"); - break; - } - } - - if (st != PO_FILTER_KEY) - err(1, "state error"); - - if (policy_additem(router, pi) == -1) - return (-1); - - return (1); - -ppoerr: - free(pi); - fprintf(stderr, "%u: parse error\n", lineno); - return (-1); -} - -int -policy_additem(char *router, struct policy_item *pi) -{ - struct router *r; - - for (r = TAILQ_FIRST(&router_head); r != NULL && - strcmp(r->address, router); r = TAILQ_NEXT(r, entry)) - ; /* nothing */ - - if (r == NULL) { - if ((r = calloc(1, sizeof(*r))) == NULL || - (r->address = strdup(router)) == NULL) - err(1, NULL); - TAILQ_INIT(&r->policy_h); - TAILQ_INSERT_TAIL(&router_head, r, entry); - } - - TAILQ_INSERT_TAIL(&r->policy_h, pi, entry); - - return (0); -} - -/* - * parse as-set: get members - */ - -int -parse_asset(char *key, char *val) -{ - char *tok; - - if (strcmp(key, "members")) /* ignore everything else */ - return (0); - - while ((tok = strsep(&val, ",")) != NULL) { - EATWS(tok); - if (tok[0] != '\0') - asset_addmember(tok); - } - - return (1); -} - -/* - * parse route obj: just get the prefix - */ -int -parse_route(char *key, char *val) -{ - if (strcmp(key, "route") && strcmp(key, "route6")) - /* ignore everything else */ - return (0); - - /* route is single-value, but seen trailing , and \r in the wild */ - if (strlen(val) > 0 && (val[strlen(val) - 1] == ',' || - val[strlen(val) - 1] == '\r')) - val[strlen(val) - 1] = '\0'; - - return (prefixset_addmember(val)); -} diff --git a/usr.sbin/bgpctl/irr_prefix.c b/usr.sbin/bgpctl/irr_prefix.c deleted file mode 100644 index 34e973bc5bf..00000000000 --- a/usr.sbin/bgpctl/irr_prefix.c +++ /dev/null @@ -1,289 +0,0 @@ -/* $OpenBSD: irr_prefix.c,v 1.21 2015/10/05 14:18:33 deraadt Exp $ */ - -/* - * Copyright (c) 2007 Henning Brauer <henning@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include <sys/types.h> -#include <err.h> -#include <errno.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> -#include <netinet/in.h> -#include <arpa/inet.h> - -#include "irrfilter.h" -#include "bgpd.h" - -void prefixset_aggregate(struct prefix_set *); -int prefix_aggregate(struct irr_prefix *, const struct irr_prefix *); -int irr_prefix_cmp(const void *, const void *); -int prefix_set_compare(struct prefix_set *, struct prefix_set *); -struct prefix_set - *prefix_set_find(char *); - -RB_HEAD(prefix_set_h, prefix_set) prefix_set_h; -RB_PROTOTYPE(prefix_set_h, prefix_set, entry, prefix_set_compare) -RB_GENERATE(prefix_set_h, prefix_set, entry, prefix_set_compare) - -struct prefix_set *curpfxs = NULL; - -struct prefix_set * -prefixset_get(char *as) -{ - struct prefix_set *pfxs; - - if ((pfxs = prefix_set_find(as)) != NULL) - return (pfxs); - - /* nothing found, resolve and store */ - if ((pfxs = calloc(1, sizeof(*pfxs))) == NULL) - err(1, "get_prefixset calloc"); - if ((pfxs->as = strdup(as)) == NULL) - err(1, "get_prefixset strdup"); - RB_INSERT(prefix_set_h, &prefix_set_h, pfxs); - - if (irrverbose >= 3) { - fprintf(stdout, "query routes for %s... ", as); - fflush(stdout); - } - curpfxs = pfxs; - if ((irrflags & F_IPV4) && whois(as, QTYPE_ROUTE) == -1) - errx(1, "whois error, prefixset_get %s", as); - if ((irrflags & F_IPV6) && whois(as, QTYPE_ROUTE6) == -1) - errx(1, "whois error, prefixset_get %s", as); - if (whois(as, QTYPE_ROUTE6) == -1) - errx(1, "whois error, prefixset_get %s", as); - curpfxs = NULL; - if (irrverbose >= 3) - fprintf(stdout, "done\n"); - - prefixset_aggregate(pfxs); - - return (pfxs); -} - -int -prefixset_addmember(char *s) -{ - void *p; - u_int i; - struct irr_prefix *pfx; - int len, ret; - char *slash; - const char *errstr; - - if ((slash = strchr(s, '/')) == NULL) { - fprintf(stderr, "%s: prefix %s does not have the len " - "specified, ignoring\n", curpfxs->as, s); - return (0); - } - - if ((pfx = calloc(1, sizeof(*pfx))) == NULL) - err(1, "prefixset_addmember calloc"); - - if ((len = inet_net_pton(AF_INET, s, &pfx->addr.in, - sizeof(pfx->addr.in))) != -1) { - pfx->af = AF_INET; - } else { - len = strtonum(slash + 1, 0, 128, &errstr); - if (errstr) - errx(1, "prefixset_addmember %s prefix %s: prefixlen " - "is %s", curpfxs->as, s, errstr); - *slash = '\0'; - - if ((ret = inet_pton(AF_INET6, s, &pfx->addr.in6)) == -1) - err(1, "prefixset_addmember %s prefix \"%s\"", - curpfxs->as, s); - else if (ret == 0) { - fprintf(stderr, "prefixset_addmember %s prefix \"%s\": " - "No matching address family found", curpfxs->as, s); - free(pfx); - return (0); - } - pfx->af = AF_INET6; - } - pfx->len = pfx->maxlen = len; - - /* yes, there are dupes... e. g. from multiple sources */ - for (i = 0; i < curpfxs->prefixcnt; i++) - if (irr_prefix_cmp(&curpfxs->prefix[i], &pfx) == 0) { - free(pfx); - return (0); - } - - if ((p = reallocarray(curpfxs->prefix, - curpfxs->prefixcnt + 1, sizeof(void *))) == NULL) - err(1, "prefixset_addmember realloc"); - curpfxs->prefix = p; - curpfxs->prefixcnt++; - curpfxs->prefix[curpfxs->prefixcnt - 1] = pfx; - - return (1); -} - -void -prefixset_aggregate(struct prefix_set *pfxs) -{ - u_int i, cnt, newcnt; - int res; - struct irr_prefix *cur, *last; - void *p; - - qsort(pfxs->prefix, pfxs->prefixcnt, sizeof(void *), irr_prefix_cmp); - - cnt = pfxs->prefixcnt; - do { - last = cur = NULL; - for (i = 0, newcnt = 0; i < cnt; i++) { - cur = pfxs->prefix[i]; - if (last != NULL && last->af == cur->af) { - if (cur->af == AF_INET) - res = prefix_aggregate(last, cur); - else - res = 0; - - if (res == 1) { /* cur is covered by last */ - if (cur->len > last->maxlen) - last->maxlen = cur->len; - free(pfxs->prefix[i]); - pfxs->prefix[i] = cur = NULL; - } - } - - if (cur != NULL) { - pfxs->prefix[newcnt++] = cur; - last = cur; - } - } - cnt = newcnt; - } while (newcnt < i); - - if (newcnt == pfxs->prefixcnt) - return; - - if (irrverbose >= 2) - printf("%s: prefix aggregation: %u -> %u\n", - pfxs->as, pfxs->prefixcnt, newcnt); - - if ((p = reallocarray(pfxs->prefix, newcnt, sizeof(void *))) == NULL) - err(1, "prefixset_aggregate realloc"); - pfxs->prefix = p; - pfxs->prefixcnt = newcnt; -} - -int -prefix_aggregate(struct irr_prefix *a, const struct irr_prefix *b) -{ - in_addr_t mask; - struct in6_addr ma; - struct in6_addr mb; - - if (a->len == 0) - return (1); - - if (a->af != b->af) - /* We cannot aggregate addresses of different families. */ - return (0); - - if (a->af == AF_INET) { - mask = htonl(prefixlen2mask(a->len)); - if ((a->addr.in.s_addr & mask) == (b->addr.in.s_addr & mask)) - return (1); - } else if (a->af == AF_INET6) { - inet6applymask(&ma, &a->addr.in6, a->len); - inet6applymask(&mb, &b->addr.in6, a->len); - if (IN6_ARE_ADDR_EQUAL(&ma, &mb)) - return (1); - } - - /* see whether we can fold them in one */ - if (a->len == b->len && a->len > 1) { - if (a->af == AF_INET) { - mask = htonl(prefixlen2mask(a->len - 1)); - if ((a->addr.in.s_addr & mask) == - (b->addr.in.s_addr & mask)) { - a->len--; - a->addr.in.s_addr &= mask; - return (1); - } - } else if (a->af == AF_INET6) { - inet6applymask(&ma, &a->addr.in6, a->len - 1); - inet6applymask(&mb, &b->addr.in6, a->len - 1); - - if (IN6_ARE_ADDR_EQUAL(&ma, &mb)) { - a->len--; - memcpy(&a->addr.in6, &ma, sizeof(ma)); - return (1); - } - } - } - - return (0); -} - -int -irr_prefix_cmp(const void *a, const void *b) -{ - const struct irr_prefix *pa; - const struct irr_prefix *pb; - int r; - - pa = *((const struct irr_prefix * const *)a); - pb = *((const struct irr_prefix * const *)b); - - if ((r = pa->af - pb->af) != 0) - return (r); - - if (pa->af == AF_INET) { - if (ntohl(pa->addr.in.s_addr) < - ntohl(pb->addr.in.s_addr)) - return (-1); - if (ntohl(pa->addr.in.s_addr) > - ntohl(pb->addr.in.s_addr)) - return (1); - } else if (pa->af == AF_INET6) { - for (r = 0; r < 16; r++) { - if (pa->addr.in6.s6_addr[r] < pb->addr.in6.s6_addr[r]) - return (-1); - if (pa->addr.in6.s6_addr[r] > pb->addr.in6.s6_addr[r]) - return (1); - } - } else - errx(1, "irr_prefix_cmp unknown af %u", pa->af); - - if ((r = pa->len - pb->len) != 0) - return (r); - - return (0); -} - -/* RB helpers */ -int -prefix_set_compare(struct prefix_set *a, struct prefix_set *b) -{ - return (strcmp(a->as, b->as)); -} - -struct prefix_set * -prefix_set_find(char *as) -{ - struct prefix_set s; - - s.as = as; - return (RB_FIND(prefix_set_h, &prefix_set_h, &s)); -} diff --git a/usr.sbin/bgpctl/irrfilter.c b/usr.sbin/bgpctl/irrfilter.c deleted file mode 100644 index 550d692eed2..00000000000 --- a/usr.sbin/bgpctl/irrfilter.c +++ /dev/null @@ -1,55 +0,0 @@ -/* $OpenBSD: irrfilter.c,v 1.6 2015/11/01 21:20:46 benno Exp $ */ - -/* - * Copyright (c) 2007 Henning Brauer <henning@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include <sys/types.h> -#include <err.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> - -#include "irrfilter.h" - -__dead void -irr_main(u_int32_t AS, int flags, char *outdir) -{ - char *query; - int r; - - if (pledge("stdio rpath wpath cpath inet dns", NULL) == -1) - err(1, "pledge"); - - fprintf(stderr, "irrfilter for: %u, writing to %s\n", AS, outdir); - - irrflags = flags; - irrverbose = 0; - TAILQ_INIT(&router_head); - - /* send query for own AS, parse policy */ - if (asprintf(&query, "AS%u", AS) == -1) - err(1, "parse_policy asprintf"); - if ((r = whois(query, QTYPE_OWNAS)) == -1) - exit(1); - if (r == 0) - errx(1, "aut-num object %s not found", query); - free(query); - - write_filters(outdir); - - exit(0); -} diff --git a/usr.sbin/bgpctl/irrfilter.h b/usr.sbin/bgpctl/irrfilter.h deleted file mode 100644 index ccd6f7a3560..00000000000 --- a/usr.sbin/bgpctl/irrfilter.h +++ /dev/null @@ -1,111 +0,0 @@ -/* $OpenBSD: irrfilter.h,v 1.10 2018/09/17 13:35:36 claudio Exp $ */ - -/* - * Copyright (c) 2007 Henning Brauer <henning@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include <sys/queue.h> -#include <sys/tree.h> -#include <netinet/in.h> - -#define F_IMPORTONLY 0x01 /* skip export: items */ -#define F_IPV4 0x02 /* use IPv4 items */ -#define F_IPV6 0x04 /* use IPv6 items */ - -int irrflags; -int irrverbose; - -enum pdir { - PDIR_NONE, - IMPORT, - EXPORT -}; - -struct policy_item { - TAILQ_ENTRY(policy_item) entry; - char *peer_addr; - char *action; - char *filter; - enum pdir dir; - u_int32_t peer_as; -}; - -TAILQ_HEAD(policy_head, policy_item); - -struct router { - TAILQ_ENTRY(router) entry; - char *address; - struct policy_head policy_h; -}; - -TAILQ_HEAD(router_head, router) router_head; - -/* keep qtype and qtype_objs in whois.c in sync! */ -enum qtype { - QTYPE_NONE, - QTYPE_OWNAS, - QTYPE_ASSET, - QTYPE_ROUTE, - QTYPE_ROUTE6 -}; - -struct irr_as_set { - RB_ENTRY(irr_as_set) entry; - char *name; - char **members; /* direct members */ - char **as_set; /* members as-set */ - char **as; /* members aut-num */ - u_int n_members; - u_int n_as_set; - u_int n_as; -}; - -struct irr_prefix { - union { - struct in_addr in; - struct in6_addr in6; - } addr; - sa_family_t af; - u_int8_t len; - u_int8_t maxlen; -}; - -struct prefix_set { - RB_ENTRY(prefix_set) entry; - char *as; - struct irr_prefix **prefix; - u_int prefixcnt; -}; - -/* eat trailing and leading whitespace */ -#define ISWS(x) (x == ' ' || x == '\t') -#define EATWS(s) \ - do { \ - char *ps; \ - while (ISWS(*s)) \ - s++; \ - ps = s + strlen(s) - 1; \ - while (ps && ps >= s && ISWS(*ps)) \ - *ps-- = '\0'; \ - } while (0); - -__dead void irr_main(u_int32_t, int, char *); -int whois(const char *, enum qtype); -int parse_response(FILE *, enum qtype); -int write_filters(char *); -struct irr_as_set *asset_expand(char *); -int asset_addmember(char *); -struct prefix_set *prefixset_get(char *); -int prefixset_addmember(char *); diff --git a/usr.sbin/bgpctl/parser.c b/usr.sbin/bgpctl/parser.c index e081bb19089..5e56ed2722d 100644 --- a/usr.sbin/bgpctl/parser.c +++ b/usr.sbin/bgpctl/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.96 2019/06/17 13:46:33 claudio Exp $ */ +/* $OpenBSD: parser.c,v 1.97 2019/06/25 07:44:20 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -32,7 +32,6 @@ #include <unistd.h> #include "parser.h" -#include "irrfilter.h" enum token_type { NOTOKEN, @@ -61,17 +60,11 @@ enum token_type { WEIGHT, RD, FAMILY, - GETOPT, RTABLE, FILENAME, BULK }; -enum getopts { - GETOPT_NONE, - GETOPT_IRRFILTER -}; - struct token { enum token_type type; const char *keyword; @@ -118,8 +111,6 @@ static const struct token t_pftable[]; static const struct token t_prepnbr[]; static const struct token t_prepself[]; static const struct token t_weight[]; -static const struct token t_irrfilter[]; -static const struct token t_irrfilter_opts[]; static const struct token t_log[]; static const struct token t_fib_table[]; static const struct token t_show_fib_table[]; @@ -130,7 +121,6 @@ static const struct token t_main[] = { { KEYWORD, "fib", FIB, t_fib}, { KEYWORD, "neighbor", NEIGHBOR, t_neighbor}, { KEYWORD, "network", NONE, t_network}, - { KEYWORD, "irrfilter", IRRFILTER, t_irrfilter}, { KEYWORD, "log", NONE, t_log}, { ENDTOKEN, "", NONE, NULL} }; @@ -469,18 +459,6 @@ static const struct token t_weight[] = { { ENDTOKEN, "", NONE, NULL} }; -static const struct token t_irrfilter[] = { - { GETOPT, "", GETOPT_IRRFILTER, t_irrfilter}, - { ASNUM, "", NONE, t_irrfilter_opts}, - { ENDTOKEN, "", NONE, NULL} -}; - -static const struct token t_irrfilter_opts[] = { - { NOTOKEN, "", NONE, NULL}, - { FLAG, "importonly", F_IMPORTONLY, t_irrfilter_opts}, - { ENDTOKEN, "", NONE, NULL} -}; - static const struct token t_log[] = { { KEYWORD, "verbose", LOG_VERBOSE, NULL}, { KEYWORD, "brief", LOG_BRIEF, NULL}, @@ -509,7 +487,6 @@ int parse_number(const char *, struct parse_result *, enum token_type); void parsecommunity(struct community *c, int type, char *s); void parseextcommunity(struct community *c, const char *t, char *s); int parse_nexthop(const char *, struct parse_result *); -int bgpctl_getopt(int *, char **[], int); struct parse_result * parse(int argc, char *argv[]) @@ -520,10 +497,6 @@ parse(int argc, char *argv[]) bzero(&res, sizeof(res)); res.rtableid = getrtable(); TAILQ_INIT(&res.set); - if ((res.irr_outdir = getcwd(NULL, 0)) == NULL) { - fprintf(stderr, "getcwd failed: %s\n", strerror(errno)); - return (NULL); - } while (argc >= 0) { if ((match = match_token(&argc, &argv, table)) == NULL) { @@ -799,12 +772,6 @@ match_token(int *argc, char **argv[], const struct token table[]) t = &table[i]; } break; - case GETOPT: - if (bgpctl_getopt(argc, argv, table[i].value)) { - match++; - t = &table[i]; - } - break; case FILENAME: if (word != NULL && wordlen > 0) { if ((res.mrtfd = open(word, O_RDONLY)) == -1) { @@ -911,9 +878,6 @@ show_valid_args(const struct token table[]) case FAMILY: fprintf(stderr, " [ inet | inet6 | IPv4 | IPv6 | VPNv4 ]\n"); break; - case GETOPT: - fprintf(stderr, " <options>\n"); - break; case FILENAME: fprintf(stderr, " <filename>\n"); break; @@ -1421,38 +1385,3 @@ parse_nexthop(const char *word, struct parse_result *r) TAILQ_INSERT_TAIL(&r->set, fs, entry); return (1); } - -int -bgpctl_getopt(int *argc, char **argv[], int type) -{ - int ch; - - optind = optreset = 1; - while ((ch = getopt((*argc) + 1, (*argv) - 1, "46o:")) != -1) { - switch (ch) { - case '4': - res.flags = (res.flags | F_IPV4) & ~F_IPV6; - break; - case '6': - res.flags = (res.flags | F_IPV6) & ~F_IPV4; - break; - case 'o': - res.irr_outdir = optarg; - break; - default: - usage(); - /* NOTREACHED */ - } - } - - if (optind > 1) { - (*argc) -= (optind - 1); - (*argv) += (optind - 1); - - /* need to move one backwards as calling code moves forward */ - (*argc)++; - (*argv)--; - return (1); - } else - return (0); -} diff --git a/usr.sbin/bgpctl/parser.h b/usr.sbin/bgpctl/parser.h index bfafb336405..47e0eeba0d2 100644 --- a/usr.sbin/bgpctl/parser.h +++ b/usr.sbin/bgpctl/parser.h @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.h,v 1.36 2019/06/17 11:03:07 claudio Exp $ */ +/* $OpenBSD: parser.h,v 1.37 2019/06/25 07:44:20 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -52,7 +52,6 @@ enum actions { NETWORK_FLUSH, NETWORK_SHOW, NETWORK_MRT, - IRRFILTER, NETWORK_BULK_ADD, NETWORK_BULK_REMOVE }; @@ -66,7 +65,6 @@ struct parse_result { char peerdesc[PEER_DESCR_LEN]; char rib[PEER_DESCR_LEN]; char shutcomm[SHUT_COMM_LEN]; - char *irr_outdir; const char *ext_comm_subtype; u_int64_t rd; int flags; diff --git a/usr.sbin/bgpctl/whois.c b/usr.sbin/bgpctl/whois.c deleted file mode 100644 index 1128768f327..00000000000 --- a/usr.sbin/bgpctl/whois.c +++ /dev/null @@ -1,149 +0,0 @@ -/* $OpenBSD: whois.c,v 1.5 2013/10/27 18:49:25 guenther Exp $ */ - -/* - * Copyright (c) 2007 Henning Brauer <henning@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER IN - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Copyright (c) 1980, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include <sys/types.h> -#include <sys/socket.h> - -#include <netinet/in.h> -#include <arpa/inet.h> -#include <netdb.h> - -#include <ctype.h> -#include <err.h> -#include <errno.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <unistd.h> - -#include "irrfilter.h" - -#define WHOIS_STDOPTS "-r -a" - -char *qtype_opts[] = { - "", - "-T aut-num", - "-K -T as-set", - "-K -T route -i origin", - "-K -T route6 -i origin" -}; - -char *server = "whois.radb.net"; -char *port = "whois"; - -int -whois(const char *query, enum qtype qtype) -{ - FILE *sfw, *sfr; - int s, r = -1, error = 0, attempt, ret; - struct addrinfo hints, *res, *ai; - const char *reason = NULL; - - memset(&hints, 0, sizeof(hints)); - hints.ai_flags = 0; - hints.ai_family = AF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(server, port, &hints, &res); - if (error) { - if (error == EAI_SERVICE) - warnx("%s: bad port", port); - else - warnx("%s: %s", server, gai_strerror(error)); - return (1); - } - - for (s = -1, ai = res; ai != NULL; ai = ai->ai_next) { - attempt = 0; - do { - attempt++; - if (s != -1) - close(s); - s = socket(ai->ai_family, ai->ai_socktype, - ai->ai_protocol); - if (s == -1) { - error = errno; - reason = "socket"; - } else - r = connect(s, ai->ai_addr, ai->ai_addrlen); - } while (r == -1 && errno == ETIMEDOUT && attempt <= 3); - - if (r == -1) { - error = errno; - reason = "connect"; - close(s); - s = -1; - continue; - } - if (s != -1) - break; /*okay*/ - } - freeaddrinfo(res); - - if (s == -1) { - if (reason) { - errno = error; - warn("%s: %s", server, reason); - } else - warn("unknown error in connection attempt"); - return (1); - } - - sfr = fdopen(s, "r"); - sfw = fdopen(s, "w"); - if (sfr == NULL || sfw == NULL) - err(1, "fdopen"); - fprintf(sfw, "%s %s %s\r\n", WHOIS_STDOPTS, qtype_opts[qtype], query); - fflush(sfw); - - if ((ret = parse_response(sfr, qtype)) == -1) - warnx("parse error, query=\"%s %s\"", qtype_opts[qtype], query); - - fclose(sfw); - fclose(sfr); - close(s); - return (ret); -} |