| Age | Commit message (Collapse) | Author |
|---|
|
to add some pading on 64bit archs. Use a helper struct plus some ROUNDUP()
magic to get the size correct.
Tested on i386 and amd64 by Graeme Lee "graeme (at) omni (dot) net (dot) au"
Some sort of OK by henning@ (he ignores the non-v4 code)
|
|
misc@
|
|
Same bug as in ospfd and ospf6d. *gulp*
|
|
found out the hard way by Marc Runkel <MRunkel@untangle.com>
|
|
ok claudio
|
|
AS4_PATH/AS4_AGGREGATOR. No binary change.
ok claudio
|
|
|
|
over mulitple hops and causes bgpd to close the connection. This is what
the RFC requires us to do but the result is a DoS against all OpenBGPD
routers when somebody injects such a bad optional transitive attribute
because the intermediate routers don't give a damn about it.
As a result we now ignore such bad prefixes and don't allow them in the
decision process. The handling of optional transitive attributes needs to
be rethinked because all of them can be abused in such a way.
Idea OK by a few + henning@, tested myself against my crappy regress test
suite that needs way more work.
|
|
Mick Hohmann <mick at IM dot net>
|
|
track multipath routes. Code is mostly stolen from similar fixes to ospfd but
a bit different as this kroute.c implementation is more complex because of
additional task (nexthop verification for example).
This change and the similar ospfd change were desperatly needed on larger
complex network setups which tended to end up in situation where the kernel
had a different oppinion about routing than the daemon. Now the situation
should be a lot better.
Tested and OK sthen@ gollo@
|
|
Per RFC4271 the partial bit must be set if the attribute was not generated
on the originating router. This is mostly cosmetics.
OK sthen@
|
|
attributes and use the correct lenght in some other error cases.
OK sthen@
|
|
were only resolved when they were added. This calls for troubles if something
like ospfd starts to change the underlying routes.
Tested by gollo@, OK henning@
|
|
|
|
|
|
|
|
Use unsigned int for msg_iovlen.
ok henning@ claudio@
|
|
|
|
prefixes where matched on a simple deny from any prefix 0.0.0.0/0 rule.
OK henning@
|
|
a while, we can now just use a timer (since i rewrote the timer code)
|
|
ok henning@
|
|
some kind of VPN stuff
|
|
as string. Fixes crash seen by Peter Bristow. "obviously ok" henning@
|
|
|
|
tested by Raphael Ho long time ago.
|
|
Another easy M hiding in my bgp source forest.
|
|
makes us independent from system time changes.
diff from japan,was hiding... ok claudio some time ago
|
|
option parsing. Found out the hard way by jdixon on ifstated.
ok sobrado@, jdixon@, millert@
|
|
|
|
this is mostly cosmetical for the moment, there are bigger changes required
to make full use of the route priorities, but this is the first step to do.
discussed with claudio
|
|
|
|
|
|
|
|
at the first one
|
|
matters for stuff like the HoldTimer that gets reset often
|
|
timer, just get the first off the queue and check wether it is due
|
|
wemust stop walking the list once werun into a stopped timer, or
eventually all stopped timers will queue up at the very front (instead of
at the tail)
|
|
so that the timer that will expire first is always the first element,
and so on). will make the checking a bit faster and moreelegant and more
conveniant. ok claudio
|
|
namely, the "no such neighbor" case was missing.
problem spotted by martin,ok claudio
|
|
happen. The decision process failed to correctly mask looping pathes and
in some szenarios even elected them as best route. *gulp*
Found the hard way and fix tested by Christian, bsd (at) cleondra (dot) ch
|
|
is localy originated and so is eligible by definition.
Noticed and fix tested by Christian, bsd (at) cleondra (dot) ch
|
|
each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This
works now that kernel fd passing has been fixed to accept a bit of
sloppiness because of this ABI repair.
lots of discussion with kettenis
|
|
|
|
log_as < vs <= confusion, AS 65535 printed like 4 byte AS 0.65535
aspath_strlen: omitted stripping high 16 bits of 32bit AS after dealing
with the upper half
From: Matthew Dempsky <matthew@dempsky.org>
|
|
descriptors; ok hshoexer, also looked at by kettenis and henning
|
|
CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
of alignment; ok kettenis hshoexer
|
|
an extensive discussion with otto, kettenis, millert, and hshoexer
|
|
error back. This increases robustness without causing any issues. The RFC
does not forbid the use of 0 in the type code but it is not explicitly
allowed and the type code list at IANA does not mention 0 at all.
OK henning@
|
|
but only do the final popfile call after yyparse() is done.
This also fixes config reload on SIGHUP for some daemons.
Spotted by otto@. OK deraadt@
|
|
found by Igor Zinovik <zinovik@cs.karelia.ru>
|
