| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2004-06-20 | implement file descriptor passing in the imsg/msgbuf framework, and use | Henning Brauer | |
| it to let the main process to prepare new listening sockets (socket() and bind()) on behalf of the session engine, which of course cannot bind() to ports < 1024 any more once it dropped privileges. with some help from theo, claudio ok | |||
| 2004-06-09 | move to a dynamically allocated struct pollfd array. | Henning Brauer | |
| we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio | |||
| 2004-06-06 | rework bgpd's handling of listening sockets. instead of one for each | Henning Brauer | |
| supported address familiy, keep a tailq of an arbitary number of them. the new struct listen_addr contains the sockaddr and the fd. this fixes quite some nasty behaviour which was a consequence of the previous model. looks right deraadt@, and discussed with claudio | |||
| 2004-05-28 | detect absence of PF_KEY interface and/or the TCP_MD5SIG setsockopts | Henning Brauer | |
| at runtime and disable said subsystems if so. helps the guys porting bgpd to $otherBSD, and is actually the right thing to do. claudio ok | |||
| 2004-05-28 | don't want SO_REUSEPORT... | Henning Brauer | |
| 2004-05-21 | Add support for dynamic announcements. Usefule to annouce temporary | Claudio Jeker | |
| blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@ | |||
| 2004-05-08 | remove unused argument to control_dispatch_msg(), lint | Henning Brauer | |
| 2004-05-06 | oups, spaces | Henning Brauer | |
| 2004-05-06 | the Address Family Identifier field in the capability announcement is | Henning Brauer | |
| 2 octets, thus we need to transform it from/to network byte order... fixes capability announcement and -parsing | |||
| 2004-05-06 | do not punish the peer (by holding him in IDLE for IdleHoldTime seconds) when | Henning Brauer | |
| receiving a "unsupported capabilities" notification. Speeds capability negotiation up quite a bit with peers that like to whine about caoabilities they don't understand | |||
| 2004-05-06 | improve logging in teh capabilities parser | Henning Brauer | |
| 2004-05-06 | scale socket buffer sizes (and thus window size) up to up to 64k, | Henning Brauer | |
| but only of tcp md5sig or ipsec is in use. excellent idea by ryan some time ago, claudio and theo agree | |||
| 2004-05-06 | there's a little race condition: a session is taken down and its associated | Henning Brauer | |
| write buffers are cleared, but there could be imsgs from the RDE for that peer (e. g. UPDATEs) in the read buffers for the pipe to the RDE or buffered in the RDE or somesuch. Thus, in session_update(), explicitely check for the session state and just drop the message if the session is not in state ESTABLISHED. claudio ok | |||
| 2004-04-29 | sock -> fd; ok henning | Theo de Raadt | |
| 2004-04-28 | rename sock to fd | Theo de Raadt | |
| 2004-04-28 | if a peer follows the extremely misgiuded path that the RFCs just barely allow | Henning Brauer | |
| to send a NOTIFICATION and thus ternminating the session when it sees a capability it doesn't support (who would guess: zebra does so), parse the data section of the notifcication to find out what what capabilties it didn't like and do not advertise them the next time the session gets up. In case we get a notification about unsupported capabilities with an empty data part (don't ask for RFCs... and guess who does that), disable capabilty announcement alltogether. claudio ok | |||
| 2004-04-28 | prefix the auth related defines by AUTH_, we had a name clash, markus ok | Henning Brauer | |
| 2004-04-27 | rename the ipsec struct to auth, move all tcpmd5 related fields in there, and | Henning Brauer | |
| add a generic "method" field that expresses what method (none/md5sig/ipsec manual/ipsec ike) is in use markus ok | |||
| 2004-04-27 | unbreak^2 | Henning Brauer | |
| 2004-04-27 | repair | Henning Brauer | |
| 2004-04-27 | crud stripping; henning ok | Theo de Raadt | |
| 2004-04-27 | announce route refresh capability, and parse announced route refresh capa | Henning Brauer | |
| 2004-04-27 | initial route refresh support per RFC2918 | Henning Brauer | |
| process incoming route refresh request and notify the RDE not advertised via capabilities yet, claudio ok | |||
| 2004-04-26 | load ipsec SAs into the kernel and enable them. | Markus Friedl | |
| 2004-04-26 | announce multiprotocol capabilities - IPv4 multicast for now | Henning Brauer | |
| this implies ourgoing capabilities annoucnement is there and just needs the values to be filled in for other shitz we'll support soonish | |||
| 2004-04-25 | better error logging in parse_capabilities() | Henning Brauer | |
| 2004-04-25 | sizeof(op_len) when dealing with op_len, not sizeof(op_type) - same size | Henning Brauer | |
| so noop | |||
| 2004-04-25 | if remote-as was not configured, inherit the AS from the neighbors open | Henning Brauer | |
| message for cloned neighbors, claudio ok | |||
| 2004-04-25 | reserve upper half of the (internal) ID space for cloned neighbors, claudio ok | Henning Brauer | |
| 2004-04-25 | do not kill cloned neighbors on reload, claudio ok | Henning Brauer | |
| 2004-04-25 | add "neighbor cloning", allowing you to specify a prefix and prefixlength | Henning Brauer | |
| instead of the neighbor's IP address. WHen a connection comes in matching that mask we clone the neighbor spec. IPv6 match code by itojun, rde feeding by claudio, ok claudio | |||
| 2004-04-24 | make failure in setting up the listeners non-fatal. should make bgpd work | Henning Brauer | |
| on inet only kernels again, claudio ok | |||
| 2004-04-24 | some rather boring windows talk at cansecwest made me hack initial support | Henning Brauer | |
| for IPv6 transport parts based on a diff from Brent Graveland ok itojun@ claudio@ | |||
| 2004-04-16 | let getpeerbyip work for both v4 and v6 | Henning Brauer | |
| 2004-04-16 | make log_conn_attempt work in an address family independent matter | Henning Brauer | |
| 2004-04-13 | parse the BGP Multiprotocol Extensions (RFC 2858) capabilities and store in | Henning Brauer | |
| the peer struct, claudio ok | |||
| 2004-03-20 | comment spelling fixes; ok henning@ | David Krause | |
| 2004-03-18 | when we are in state CONNECT, i. e. we have a half-open tcp connection | Henning Brauer | |
| to the peer, and we get a connection from exactly that peer, we used to refuse it (because we already had a - tho only half-open - connection). this diff changes that so that the connection request from the neighbor is preferred in only that specific case, and the existing half-open connection is teared down. this can speed up session re-establishment quite a bit, especially with multihop. claudio ok | |||
| 2004-03-16 | delay creating the control socket until after forking, but before chroot | Henning Brauer | |
| (lives in /var/run, i. e. outside chroot) and privdrop. claudio ok | |||
| 2004-03-15 | properly check chdir success after chroot() and tweak err msgs a little, | Henning Brauer | |
| claudio ok | |||
| 2004-03-12 | not debugging any more | Henning Brauer | |
| 2004-03-11 | Free unneeded mrt lists in SE and on exit. OK henning@ | Claudio Jeker | |
| 2004-03-10 | pass a pointer to the network list as well to session_main so we can free() | Henning Brauer | |
| the members after fork | |||
| 2004-03-10 | while walking the peer list on shutdown free the peer structs | Henning Brauer | |
| 2004-03-10 | pass a pointer to the filter rule list to session_main() so we can free() | Henning Brauer | |
| the list entries and the head there after forking | |||
| 2004-03-10 | when we exit try to write out what is left in the msg buffers for the imsg | Henning Brauer | |
| pipes and clear buffers afterwards | |||
| 2004-03-10 | remove unused function | Henning Brauer | |
| 2004-03-10 | implement framework to announce capabilities in the open messages we send. | Henning Brauer | |
| this includes handling "unsupported optional parameter" notifications from the peer and retrying without capability announcement. claudio ok | |||
| 2004-03-05 | huch, remove a debug message | Henning Brauer | |
| 2004-03-05 | add a parser for the capability announcements using the OPEN message as per | Henning Brauer | |
| RFC 3392. we don't support any capability yet but this at least avoids one session teardown and reestablishment when talking to peers which do support capability announcement (as in: basically any) and we'll start supporting some soon. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |