From 6861a5e4628bf8b480b15ec77cf6a43b5d3aae0d Mon Sep 17 00:00:00 2001 From: Renato Westphal Date: Thu, 2 Mar 2023 20:20:39 -0300 Subject: [PATCH] ospf6d: handle redistributed routes without nexthop addresses Do not assume that all redistributed routes have a nexthop address, otherwise blackhole nexthops can be misinterpreted as IPv6 addresses, leading to inconsistencies. Also, change the signature of a few functions to allow const nexthop addresses, such that in6addr_any can be used without type casts. Signed-off-by: Renato Westphal --- ospf6d/ospf6_asbr.c | 4 ++-- ospf6d/ospf6_asbr.h | 2 +- ospf6d/ospf6_route.c | 3 ++- ospf6d/ospf6_route.h | 2 +- ospf6d/ospf6_zebra.c | 6 ++++-- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/ospf6d/ospf6_asbr.c b/ospf6d/ospf6_asbr.c index 7ee22e05c7..b2cdbc9b57 100644 --- a/ospf6d/ospf6_asbr.c +++ b/ospf6d/ospf6_asbr.c @@ -1380,8 +1380,8 @@ ospf6_external_aggr_match(struct ospf6 *ospf6, struct prefix *p) void ospf6_asbr_redistribute_add(int type, ifindex_t ifindex, struct prefix *prefix, unsigned int nexthop_num, - struct in6_addr *nexthop, route_tag_t tag, - struct ospf6 *ospf6) + const struct in6_addr *nexthop, + route_tag_t tag, struct ospf6 *ospf6) { route_map_result_t ret; struct ospf6_route troute; diff --git a/ospf6d/ospf6_asbr.h b/ospf6d/ospf6_asbr.h index 15982ca64c..d63e467278 100644 --- a/ospf6d/ospf6_asbr.h +++ b/ospf6d/ospf6_asbr.h @@ -114,7 +114,7 @@ extern int ospf6_asbr_is_asbr(struct ospf6 *o); extern void ospf6_asbr_redistribute_add(int type, ifindex_t ifindex, struct prefix *prefix, unsigned int nexthop_num, - struct in6_addr *nexthop, + const struct in6_addr *nexthop, route_tag_t tag, struct ospf6 *ospf6); extern void ospf6_asbr_redistribute_remove(int type, ifindex_t ifindex, struct prefix *prefix, diff --git a/ospf6d/ospf6_route.c b/ospf6d/ospf6_route.c index 72dfa240af..443032933d 100644 --- a/ospf6d/ospf6_route.c +++ b/ospf6d/ospf6_route.c @@ -267,7 +267,8 @@ int ospf6_num_nexthops(struct list *nh_list) return (listcount(nh_list)); } -void ospf6_add_nexthop(struct list *nh_list, int ifindex, struct in6_addr *addr) +void ospf6_add_nexthop(struct list *nh_list, int ifindex, + const struct in6_addr *addr) { struct ospf6_nexthop *nh; struct ospf6_nexthop nh_match; diff --git a/ospf6d/ospf6_route.h b/ospf6d/ospf6_route.h index 2d4fcc930e..c2125951ec 100644 --- a/ospf6d/ospf6_route.h +++ b/ospf6d/ospf6_route.h @@ -312,7 +312,7 @@ extern int ospf6_num_nexthops(struct list *nh_list); extern void ospf6_copy_nexthops(struct list *dst, struct list *src); extern void ospf6_merge_nexthops(struct list *dst, struct list *src); extern void ospf6_add_nexthop(struct list *nh_list, int ifindex, - struct in6_addr *addr); + const struct in6_addr *addr); extern void ospf6_add_route_nexthop_blackhole(struct ospf6_route *route); extern int ospf6_num_nexthops(struct list *nh_list); extern bool ospf6_route_cmp_nexthops(struct ospf6_route *a, diff --git a/ospf6d/ospf6_zebra.c b/ospf6d/ospf6_zebra.c index 6fe0a24926..0ccbb4d65d 100644 --- a/ospf6d/ospf6_zebra.c +++ b/ospf6d/ospf6_zebra.c @@ -252,7 +252,7 @@ static int ospf6_zebra_read_route(ZAPI_CALLBACK_ARGS) { struct zapi_route api; unsigned long ifindex; - struct in6_addr *nexthop; + const struct in6_addr *nexthop = &in6addr_any; struct ospf6 *ospf6; struct prefix_ipv6 p; @@ -272,7 +272,9 @@ static int ospf6_zebra_read_route(ZAPI_CALLBACK_ARGS) return 0; ifindex = api.nexthops[0].ifindex; - nexthop = &api.nexthops[0].gate.ipv6; + if (api.nexthops[0].type == NEXTHOP_TYPE_IPV6 + || api.nexthops[0].type == NEXTHOP_TYPE_IPV6_IFINDEX) + nexthop = &api.nexthops[0].gate.ipv6; if (IS_OSPF6_DEBUG_ZEBRA(RECV)) zlog_debug(