diff options
| -rw-r--r-- | usr.sbin/bgpd/bgpd.c | 37 | ||||
| -rw-r--r-- | usr.sbin/bgpd/bgpd.h | 33 | ||||
| -rw-r--r-- | usr.sbin/bgpd/parse.y | 15 | ||||
| -rw-r--r-- | usr.sbin/bgpd/printconf.c | 27 | ||||
| -rw-r--r-- | usr.sbin/bgpd/rde.c | 9 | ||||
| -rw-r--r-- | usr.sbin/bgpd/rde.h | 4 | ||||
| -rw-r--r-- | usr.sbin/bgpd/rde_filter.c | 4 | ||||
| -rw-r--r-- | usr.sbin/bgpd/rde_sets.c | 184 | ||||
| -rw-r--r-- | usr.sbin/bgpd/rde_trie.c | 36 | ||||
| -rw-r--r-- | usr.sbin/bgpd/util.c | 4 |
10 files changed, 192 insertions, 161 deletions
diff --git a/usr.sbin/bgpd/bgpd.c b/usr.sbin/bgpd/bgpd.c index 239eccebdac..d422fe98467 100644 --- a/usr.sbin/bgpd/bgpd.c +++ b/usr.sbin/bgpd/bgpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpd.c,v 1.199 2018/09/20 07:46:39 claudio Exp $ */ +/* $OpenBSD: bgpd.c,v 1.200 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -436,6 +436,7 @@ reconfigure(char *conffile, struct bgpd_config *conf, struct peer **peer_l) struct listen_addr *la; struct rde_rib *rr; struct rdomain *rd; + struct as_set *aset; struct prefixset *ps; struct prefixset_item *psi, *npsi; @@ -521,10 +522,36 @@ reconfigure(char *conffile, struct bgpd_config *conf, struct peer **peer_l) } /* as-sets for filters in the RDE */ - if (as_sets_send(ibuf_rde, conf->as_sets) == -1) - return (-1); - as_sets_free(conf->as_sets); - conf->as_sets = NULL; + while ((aset = SIMPLEQ_FIRST(conf->as_sets)) != NULL) { + struct ibuf *wbuf; + u_int32_t *as; + size_t i, l, n; + + SIMPLEQ_REMOVE_HEAD(conf->as_sets, entry); + + as = set_get(aset->set, &n); + if ((wbuf = imsg_create(ibuf_rde, IMSG_RECONF_AS_SET, 0, 0, + sizeof(n) + sizeof(aset->name))) == NULL) + return -1; + if (imsg_add(wbuf, &n, sizeof(n)) == -1 || + imsg_add(wbuf, aset->name, sizeof(aset->name)) == -1) + return -1; + imsg_close(ibuf_rde, wbuf); + + for (i = 0; i < n; i += l) { + l = (n - i > 1024 ? 1024 : n - i); + if (imsg_compose(ibuf_rde, IMSG_RECONF_AS_SET_ITEMS, + 0, 0, -1, as + i, l) == -1) + return -1; + } + + if (imsg_compose(ibuf_rde, IMSG_RECONF_AS_SET_DONE, 0, 0, -1, + NULL, 0) == -1) + return -1; + + set_free(aset->set); + free(aset); + } /* filters for the RDE */ while ((r = TAILQ_FIRST(conf->filters)) != NULL) { diff --git a/usr.sbin/bgpd/bgpd.h b/usr.sbin/bgpd/bgpd.h index cad8b49714b..509589bb66b 100644 --- a/usr.sbin/bgpd/bgpd.h +++ b/usr.sbin/bgpd/bgpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpd.h,v 1.342 2018/09/20 07:46:39 claudio Exp $ */ +/* $OpenBSD: bgpd.h,v 1.343 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -215,6 +215,7 @@ SIMPLEQ_HEAD(prefixset_head, prefixset); struct rde_prefixset_head; struct rde_prefixset; +struct set_table; struct as_set; SIMPLEQ_HEAD(as_set_head, as_set); @@ -970,6 +971,13 @@ struct prefixset { SIMPLEQ_ENTRY(prefixset) entry; }; +struct as_set { + char name[SET_NAME_LEN]; + SIMPLEQ_ENTRY(as_set) entry; + struct set_table *set; + int dirty; +}; + struct rdomain { SIMPLEQ_ENTRY(rdomain) entry; char descr[PEER_DESCR_LEN]; @@ -1171,20 +1179,21 @@ void filterset_move(struct filter_set_head *, const char *filterset_name(enum action_types); /* rde_sets.c */ -void as_sets_insert(struct as_set_head *, struct as_set *); struct as_set *as_sets_lookup(struct as_set_head *, const char *); +struct as_set *as_sets_new(struct as_set_head *, const char *, size_t, + size_t); void as_sets_free(struct as_set_head *); -void as_sets_print(struct as_set_head *); -int as_sets_send(struct imsgbuf *, struct as_set_head *); void as_sets_mark_dirty(struct as_set_head *, struct as_set_head *); - -struct as_set *as_set_new(const char *, size_t, size_t); -void as_set_free(struct as_set *); -int as_set_add(struct as_set *, void *, size_t); -void as_set_prep(struct as_set *); -void *as_set_match(const struct as_set *, u_int32_t); -int as_set_equal(const struct as_set *, const struct as_set *); -int as_set_dirty(const struct as_set *); +int as_set_match(const struct as_set *, u_int32_t); + +struct set_table *set_new(size_t, size_t); +void set_free(struct set_table *); +int set_add(struct set_table *, void *, size_t); +void *set_get(struct set_table *, size_t *); +void set_prep(struct set_table *); +void *set_match(const struct set_table *, u_int32_t); +int set_equal(const struct set_table *, + const struct set_table *); /* util.c */ const char *log_addr(const struct bgpd_addr *); diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y index 31266d2dde0..91b1e4796c6 100644 --- a/usr.sbin/bgpd/parse.y +++ b/usr.sbin/bgpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.354 2018/09/20 07:46:39 claudio Exp $ */ +/* $OpenBSD: parse.y,v 1.355 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -4195,7 +4195,7 @@ get_rule(enum action_types type) return (r); } -struct as_set *curaset; +struct set_table *curset; static int new_as_set(char *name) { @@ -4206,29 +4206,28 @@ new_as_set(char *name) return -1; } - aset = as_set_new(name, 0, sizeof(u_int32_t)); + aset = as_sets_new(conf->as_sets, name, 0, sizeof(u_int32_t)); if (aset == NULL) fatal(NULL); - as_sets_insert(conf->as_sets, aset); - curaset = aset; + curset = aset->set; return 0; } static void add_as_set(u_int32_t as) { - if (curaset == NULL) + if (curset == NULL) fatalx("%s: bad mojo jojo", __func__); - if (as_set_add(curaset, &as, 1) != 0) + if (set_add(curset, &as, 1) != 0) fatal(NULL); } static void done_as_set(void) { - curaset = NULL; + curset = NULL; } static int diff --git a/usr.sbin/bgpd/printconf.c b/usr.sbin/bgpd/printconf.c index 43d4b31060e..d4648c1b4a7 100644 --- a/usr.sbin/bgpd/printconf.c +++ b/usr.sbin/bgpd/printconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: printconf.c,v 1.120 2018/09/20 07:46:39 claudio Exp $ */ +/* $OpenBSD: printconf.c,v 1.121 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -40,6 +40,7 @@ void print_rdomain_targets(struct filter_set_head *, const char *); void print_rdomain(struct rdomain *); const char *print_af(u_int8_t); void print_network(struct network_config *, const char *); +void print_as_sets(struct as_set_head *); void print_prefixsets(struct prefixset_head *); void print_peer(struct peer_config *, struct bgpd_config *, const char *); @@ -443,6 +444,28 @@ print_network(struct network_config *n, const char *c) } void +print_as_sets(struct as_set_head *as_sets) +{ + struct as_set *aset; + u_int32_t *as; + size_t i, n; + int len; + + SIMPLEQ_FOREACH(aset, as_sets, entry) { + printf("as-set \"%s\" {\n\t", aset->name); + as = set_get(aset->set, &n); + for (i = 0, len = 8; i < n; i++) { + if (len > 72) { + printf("\n\t"); + len = 8; + } + len += printf("%u ", as[i]); + } + printf("\n}\n\n"); + } +} + +void print_prefixsets(struct prefixset_head *psh) { struct prefixset *ps; @@ -867,7 +890,7 @@ print_config(struct bgpd_config *conf, struct rib_names *rib_l, print_mainconf(conf); print_prefixsets(conf->prefixsets); - as_sets_print(conf->as_sets); + print_as_sets(conf->as_sets); TAILQ_FOREACH(n, net_l, entry) print_network(&n->net, ""); if (!SIMPLEQ_EMPTY(rdom_l)) diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index 2f33bbbf7ad..39ccae7a0d2 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.424 2018/09/20 11:06:04 benno Exp $ */ +/* $OpenBSD: rde.c,v 1.425 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -908,18 +908,17 @@ rde_dispatch_imsg_parent(struct imsgbuf *ibuf) name = (char *)imsg.data + sizeof(nmemb); if (as_sets_lookup(as_sets_tmp, name) != NULL) fatalx("duplicate as-set %s", name); - last_as_set = as_set_new(name, nmemb, + last_as_set = as_sets_new(as_sets_tmp, name, nmemb, sizeof(u_int32_t)); break; case IMSG_RECONF_AS_SET_ITEMS: nmemb = imsg.hdr.len - IMSG_HEADER_SIZE; nmemb /= sizeof(u_int32_t); - if (as_set_add(last_as_set, imsg.data, nmemb) != 0) + if (set_add(last_as_set->set, imsg.data, nmemb) != 0) fatal(NULL); break; case IMSG_RECONF_AS_SET_DONE: - as_set_prep(last_as_set); - as_sets_insert(as_sets_tmp, last_as_set); + set_prep(last_as_set->set); last_as_set = NULL; break; case IMSG_RECONF_RDOMAIN: diff --git a/usr.sbin/bgpd/rde.h b/usr.sbin/bgpd/rde.h index 56425e0c9ca..74417487d6a 100644 --- a/usr.sbin/bgpd/rde.h +++ b/usr.sbin/bgpd/rde.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.h,v 1.192 2018/09/20 11:06:04 benno Exp $ */ +/* $OpenBSD: rde.h,v 1.193 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> and @@ -586,7 +586,7 @@ int up_dump_mp_reach(u_char *, u_int16_t *, struct rde_peer *, int trie_add(struct trie_head *, struct bgpd_addr *, u_int8_t, u_int8_t, u_int8_t); int trie_roa_add(struct trie_head *, struct bgpd_addr *, u_int8_t, - struct as_set *); + struct set_table *); void trie_free(struct trie_head *); int trie_match(struct trie_head *, struct bgpd_addr *, u_int8_t, int); int trie_roa_check(struct trie_head *, struct bgpd_addr *, u_int8_t, diff --git a/usr.sbin/bgpd/rde_filter.c b/usr.sbin/bgpd/rde_filter.c index f1c53b6a613..603762e152c 100644 --- a/usr.sbin/bgpd/rde_filter.c +++ b/usr.sbin/bgpd/rde_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_filter.c,v 1.107 2018/09/20 11:06:04 benno Exp $ */ +/* $OpenBSD: rde_filter.c,v 1.108 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org> @@ -630,7 +630,7 @@ rde_filter_equal(struct filter_head *a, struct filter_head *b, } if ((fa->match.as.flags & AS_FLAG_AS_SET) && - as_set_dirty(fa->match.as.aset)) { + fa->match.as.aset->dirty) { log_debug("%s: as-set %s has changed", __func__, fa->match.as.name); return (0); diff --git a/usr.sbin/bgpd/rde_sets.c b/usr.sbin/bgpd/rde_sets.c index ae62eabdc0c..6c72748d7e5 100644 --- a/usr.sbin/bgpd/rde_sets.c +++ b/usr.sbin/bgpd/rde_sets.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_sets.c,v 1.4 2018/09/14 10:22:11 claudio Exp $ */ +/* $OpenBSD: rde_sets.c,v 1.5 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2018 Claudio Jeker <claudio@openbsd.org> @@ -27,20 +27,35 @@ #include "rde.h" -struct as_set { - char name[SET_NAME_LEN]; +struct set_table { void *set; - SIMPLEQ_ENTRY(as_set) entry; size_t nmemb; size_t size; size_t max; - int dirty; }; -void -as_sets_insert(struct as_set_head *as_sets, struct as_set *aset) +struct as_set * +as_sets_new(struct as_set_head *as_sets, const char *name, size_t nmemb, + size_t size) { + struct as_set *aset; + size_t len; + + aset = calloc(1, sizeof(*aset)); + if (aset == NULL) + return NULL; + + len = strlcpy(aset->name, name, sizeof(aset->name)); + assert(len < sizeof(aset->name)); + + aset->set = set_new(nmemb, size); + if (aset->set == NULL) { + free(aset); + return NULL; + } + SIMPLEQ_INSERT_TAIL(as_sets, aset, entry); + return aset; } struct as_set * @@ -66,146 +81,99 @@ as_sets_free(struct as_set_head *as_sets) while (!SIMPLEQ_EMPTY(as_sets)) { aset = SIMPLEQ_FIRST(as_sets); SIMPLEQ_REMOVE_HEAD(as_sets, entry); - as_set_free(aset); + set_free(aset->set); + free(aset); } free(as_sets); } void -as_sets_print(struct as_set_head *as_sets) -{ - struct as_set *aset; - size_t i; - int len; - - if (as_sets == NULL) - return; - SIMPLEQ_FOREACH(aset, as_sets, entry) { - printf("as-set \"%s\" {\n\t", aset->name); - for (i = 0, len = 8; i < aset->nmemb; i++) { - if (len > 72) { - printf("\n\t"); - len = 8; - } - len += printf("%u ", *(u_int32_t *) - ((u_int8_t *)aset->set + i * aset->size)); - } - printf("\n}\n\n"); - } -} - -int -as_sets_send(struct imsgbuf *ibuf, struct as_set_head *as_sets) -{ - struct as_set *aset; - struct ibuf *wbuf; - size_t i, l; - - if (as_sets == NULL) - return 0; - SIMPLEQ_FOREACH(aset, as_sets, entry) { - if ((wbuf = imsg_create(ibuf, IMSG_RECONF_AS_SET, 0, 0, - sizeof(aset->nmemb) + sizeof(aset->name))) == NULL) - return -1; - if (imsg_add(wbuf, &aset->nmemb, sizeof(aset->nmemb)) == -1 || - imsg_add(wbuf, aset->name, sizeof(aset->name)) == -1) - return -1; - imsg_close(ibuf, wbuf); - - for (i = 0; i < aset->nmemb; i += l) { - l = (aset->nmemb - i > 1024 ? 1024 : aset->nmemb - i); - - if (imsg_compose(ibuf, IMSG_RECONF_AS_SET_ITEMS, 0, 0, - -1, (u_int8_t *)aset->set + i * aset->size, - l * aset->size) == -1) - return -1; - } - - if (imsg_compose(ibuf, IMSG_RECONF_AS_SET_DONE, 0, 0, -1, - NULL, 0) == -1) - return -1; - } - return 0; -} - -void as_sets_mark_dirty(struct as_set_head *old, struct as_set_head *new) { struct as_set *n, *o; SIMPLEQ_FOREACH(n, new, entry) { if (old == NULL || (o = as_sets_lookup(old, n->name)) == NULL || - !as_set_equal(n, o)) + !set_equal(n->set, o->set)) n->dirty = 1; } } -struct as_set * -as_set_new(const char *name, size_t nmemb, size_t size) +int +as_set_match(const struct as_set *aset, u_int32_t asnum) { - struct as_set *aset; - size_t len; + return set_match(aset->set, asnum) != NULL; +} - aset = calloc(1, sizeof(*aset)); - if (aset == NULL) - return NULL; +struct set_table * +set_new(size_t nmemb, size_t size) +{ + struct set_table *set; - len = strlcpy(aset->name, name, sizeof(aset->name)); - assert(len < sizeof(aset->name)); + set = calloc(1, sizeof(*set)); + if (set == NULL) + return NULL; if (nmemb == 0) nmemb = 4; - aset->size = size; - aset->max = nmemb; - aset->set = calloc(nmemb, aset->size); - if (aset->set == NULL) { - free(aset); + set->size = size; + set->max = nmemb; + set->set = calloc(nmemb, set->size); + if (set->set == NULL) { + free(set); return NULL; } - return aset; + return set; } void -as_set_free(struct as_set *aset) +set_free(struct set_table *set) { - if (aset == NULL) + if (set == NULL) return; - free(aset->set); - free(aset); + free(set->set); + free(set); } int -as_set_add(struct as_set *aset, void *elms, size_t nelms) +set_add(struct set_table *set, void *elms, size_t nelms) { - if (aset->max < nelms || aset->max - nelms < aset->nmemb) { + if (set->max < nelms || set->max - nelms < set->nmemb) { u_int32_t *s; size_t new_size; - if (aset->nmemb >= SIZE_T_MAX - 4096 - nelms) { + if (set->nmemb >= SIZE_T_MAX - 4096 - nelms) { errno = ENOMEM; return -1; } - for (new_size = aset->max; new_size < aset->nmemb + nelms; ) + for (new_size = set->max; new_size < set->nmemb + nelms; ) new_size += (new_size < 4096 ? new_size : 4096); - s = reallocarray(aset->set, new_size, aset->size); + s = reallocarray(set->set, new_size, set->size); if (s == NULL) return -1; - aset->set = s; - aset->max = new_size; + set->set = s; + set->max = new_size; } - memcpy((u_int8_t *)aset->set + aset->nmemb * aset->size, elms, - nelms * aset->size); - aset->nmemb += nelms; + memcpy((u_int8_t *)set->set + set->nmemb * set->size, elms, + nelms * set->size); + set->nmemb += nelms; return 0; } +void * +set_get(struct set_table *set, size_t *nelms) +{ + *nelms = set->nmemb; + return set->set; +} + static int -as_set_cmp(const void *ap, const void *bp) +set_cmp(const void *ap, const void *bp) { const u_int32_t *a = ap; const u_int32_t *b = bp; @@ -218,33 +186,33 @@ as_set_cmp(const void *ap, const void *bp) } void -as_set_prep(struct as_set *aset) +set_prep(struct set_table *set) { - if (aset == NULL) + if (set == NULL) return; - qsort(aset->set, aset->nmemb, aset->size, as_set_cmp); + qsort(set->set, set->nmemb, set->size, set_cmp); } void * -as_set_match(const struct as_set *a, u_int32_t asnum) +set_match(const struct set_table *a, u_int32_t asnum) { if (a == NULL) return NULL; - return bsearch(&asnum, a->set, a->nmemb, a->size, as_set_cmp); + return bsearch(&asnum, a->set, a->nmemb, a->size, set_cmp); } int -as_set_equal(const struct as_set *a, const struct as_set *b) +set_equal(const struct set_table *a, const struct set_table *b) { + /* allow NULL pointers to be passed */ + if (a == NULL && b == NULL) + return 1; + if (a == NULL || b == NULL) + return 0; + if (a->nmemb != b->nmemb) return 0; if (memcmp(a->set, b->set, a->nmemb * a->size) != 0) return 0; return 1; } - -int -as_set_dirty(const struct as_set *a) -{ - return (a->dirty); -} diff --git a/usr.sbin/bgpd/rde_trie.c b/usr.sbin/bgpd/rde_trie.c index 9c600d0ef28..da6a296ef62 100644 --- a/usr.sbin/bgpd/rde_trie.c +++ b/usr.sbin/bgpd/rde_trie.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_trie.c,v 1.6 2018/09/18 15:14:07 claudio Exp $ */ +/* $OpenBSD: rde_trie.c,v 1.7 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2018 Claudio Jeker <claudio@openbsd.org> @@ -57,7 +57,7 @@ */ struct tentry_v4 { struct tentry_v4 *trie[2]; - struct as_set *aset; /* for roa source-as set */ + struct set_table *set; /* for roa source-as set */ struct in_addr addr; struct in_addr plenmask; u_int8_t plen; @@ -66,7 +66,7 @@ struct tentry_v4 { struct tentry_v6 { struct tentry_v6 *trie[2]; - struct as_set *aset; /* for roa source-as set */ + struct set_table *set; /* for roa source-as set */ struct in6_addr addr; struct in6_addr plenmask; u_int8_t plen; @@ -362,7 +362,7 @@ trie_add(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen, } /* - * Insert a ROA entry for prefix/plen. The prefix will insert an as_set with + * Insert a ROA entry for prefix/plen. The prefix will insert a set with * source_as and the maxlen as data. This makes it possible to validate if a * prefix is matching this ROA record. It is possible to insert prefixes with * source_as = 0. These entries will never return ROA_VALID on check and can @@ -371,11 +371,11 @@ trie_add(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen, */ int trie_roa_add(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen, - struct as_set *aset) + struct set_table *set) { struct tentry_v4 *n4; struct tentry_v6 *n6; - struct as_set **ap; + struct set_table **stp; /* ignore possible default route since it does not make sense */ @@ -387,7 +387,7 @@ trie_roa_add(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen, n4 = trie_add_v4(th, &prefix->v4, plen); if (n4 == NULL) return -1; - ap = &n4->aset; + stp = &n4->set; break; case AID_INET6: if (plen > 128) @@ -396,17 +396,17 @@ trie_roa_add(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen, n6 = trie_add_v6(th, &prefix->v6, plen); if (n6 == NULL) return -1; - ap = &n6->aset; + stp = &n6->set; break; default: /* anything else fails */ return -1; } - /* aset already set, error out */ - if (*ap != NULL) + /* set_table already set, error out */ + if (*stp != NULL) return -1; - *ap = aset; + *stp = set; return 0; } @@ -418,7 +418,7 @@ trie_free_v4(struct tentry_v4 *n) return; trie_free_v4(n->trie[0]); trie_free_v4(n->trie[1]); - as_set_free(n->aset); + set_free(n->set); free(n); } @@ -429,7 +429,7 @@ trie_free_v6(struct tentry_v6 *n) return; trie_free_v6(n->trie[0]); trie_free_v6(n->trie[1]); - as_set_free(n->aset); + set_free(n->set); free(n); } @@ -567,7 +567,7 @@ trie_roa_check_v4(struct trie_head *th, struct in_addr *prefix, u_int8_t plen, /* Treat AS 0 as NONE which can never be matched */ if (as != 0) { - rs = as_set_match(n->aset, as); + rs = set_match(n->set, as); if (rs && plen <= rs->maxlen) return ROA_VALID; } @@ -614,7 +614,7 @@ trie_roa_check_v6(struct trie_head *th, struct in6_addr *prefix, u_int8_t plen, /* Treat AS 0 as NONE which can never be matched */ if (as != 0) { - if ((rs = as_set_match(n->aset, as)) != NULL) + if ((rs = set_match(n->set, as)) != NULL) if (plen == n->plen || plen <= rs->maxlen) return ROA_VALID; } @@ -668,6 +668,9 @@ trie_equal_v4(struct tentry_v4 *a, struct tentry_v4 *b) a->plenmask.s_addr != b->plenmask.s_addr) return 0; + if (set_equal(a->set, b->set) == 0) + return 0; + if (trie_equal_v4(a->trie[0], b->trie[0]) == 0 || trie_equal_v4(a->trie[1], b->trie[1]) == 0) return 0; @@ -689,6 +692,9 @@ trie_equal_v6(struct tentry_v6 *a, struct tentry_v6 *b) memcmp(&a->plenmask, &b->plenmask, sizeof(a->plenmask)) != 0) return 0; + if (set_equal(a->set, b->set) == 0) + return 0; + if (trie_equal_v6(a->trie[0], b->trie[0]) == 0 || trie_equal_v6(a->trie[1], b->trie[1]) == 0) return 0; diff --git a/usr.sbin/bgpd/util.c b/usr.sbin/bgpd/util.c index bc2b9b840ff..c1436cfc184 100644 --- a/usr.sbin/bgpd/util.c +++ b/usr.sbin/bgpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.38 2018/09/20 11:06:04 benno Exp $ */ +/* $OpenBSD: util.c,v 1.39 2018/09/20 11:45:59 claudio Exp $ */ /* * Copyright (c) 2006 Claudio Jeker <claudio@openbsd.org> @@ -320,7 +320,7 @@ as_compare(struct filter_as *f, u_int32_t as, u_int32_t neighas) if (f->flags & AS_FLAG_AS_SET_NAME) /* should not happen */ return (0); if (f->flags & AS_FLAG_AS_SET) - return (as_set_match(f->aset, as) != NULL); + return (as_set_match(f->aset, as)); if (f->flags & AS_FLAG_NEIGHBORAS) match = neighas; |