proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-14 12:41:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
27,223 Commits 4 Branches 191 Tags 125 MiB
4b7e23e9f2
Commit Graph

27223 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Donald Sharp
4b7e23e9f2 bgpd: Convert bgp error codes for cli input to an enum 
Conversion of bgp error codes returned for cli input into
an enum and then properly handling all the error cases
in bgp_vty_return.

Because not all error codes returned were properly handled
in this function there existed configuration examples that
were accepted on the cli without an error message but not
saved.

Fixes: #10589
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-15 16:38:32 -05:00
Donald Sharp
b5d6f2d068 bgpd: Remove unused BGP_ERR_MAX #define 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-15 16:38:32 -05:00
Donald Sharp
6dcea6fe05 bgpd: Move some error codes to bgp_vty_return handling 
BGP_ERR_PEER_GROUP_MEMBER and BGP_ERR_PEER_GROUP_PEER_TYPE_DIFFERENT
both are not handled by bgp_vty_return, but both can be handled by
this function as that there is nothing special going on here.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-15 16:38:32 -05:00
Donald Sharp
8b4a0b6631 bgpd: Remove impossible invalid state 
confederations are checking to see that the bgp pointer
is non-null.  But it's impossible to have a null pointer
in the cli and in all paths we have already deref'ed the bgp
pointer.  Let's remove that error code as that it is impossible
to happen.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-15 16:38:32 -05:00
Russ White
c07cfc5494
Merge pull request #10571 from rameshabhinay/ospf6_auth_trailer 
ospf6d: fix coverity issues.
 2022-02-15 13:19:48 -05:00
Russ White
8f689a6e8d
Merge pull request #10546 from ton31337/fix/check_for_null_inside_unintern 
bgpd: Check for NULL inside aspath_unintern()
 2022-02-15 12:59:45 -05:00
Russ White
17c93806a0
Merge pull request #10555 from anlancs/doc-comment 
doc: add "cost" to ospfd "range" command
 2022-02-15 12:58:28 -05:00
Russ White
02c29fab18
Merge pull request #10562 from donaldsharp/starv_warn 
lib: Save number of times a thread is starved
 2022-02-15 12:57:39 -05:00
Russ White
f8e665084d
Merge pull request #10573 from ton31337/fix/doc_rc_tag 
doc: An example how we do RC tagging for stabilization branch
 2022-02-15 11:33:02 -05:00
Donatas Abraitis
1e5c949d36
Merge pull request #10577 from donaldsharp/speeling 
Speeling
 2022-02-14 22:17:54 +02:00
Donald Sharp
b9d95135a8 zebra: Fix spelling mistake 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:56:44 -05:00
Donald Sharp
dfd4f44ffc yang: Fix spelling mistake 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:56:21 -05:00
Donald Sharp
11743d1041 vtysh: Fix spelling mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:56:04 -05:00
Donald Sharp
e1f79be5ed tests: Fix spelling and grammar mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:55:20 -05:00
Donald Sharp
3d05c4bdcb pceplib: Fix spelling mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:54:05 -05:00
Donald Sharp
1373ad765a pathd: Fix spelling mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:53:48 -05:00
Donald Sharp
1461559c24 ospfd: Fix spelling mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:53:16 -05:00
Donald Sharp
bbf5104c5b ospf6d: Fix spelling mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:52:05 -05:00
Donald Sharp
e6f83fc56a doc: Fix spelling mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:51:22 -05:00
Donald Sharp
1da3a6c69a bgpd: Fix spelling mistakes 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-14 12:50:58 -05:00
Abhinay Ramesh
42bfee18c2 ospf6d: fix coverity issues. 
Fixed below coverity issues
________________________________________________________________________________________________________
*** CID 1511366:    (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625                          + OSPF6_HEADER_SIZE)
2626                         > ospf6_packet_max(on->ospf6_if)) {
2627                             ospf6_fill_header(on->ospf6_if, (*op)->s,
2628                                               length + OSPF6_HEADER_SIZE);
2629                             (*op)->length = length + OSPF6_HEADER_SIZE;
2630                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>>     CID 1511366:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2631                             ospf6_send_lsupdate(on, NULL, *op);
2632
2633                             /* refresh packet */
2634                             *op = ospf6_packet_new(on->ospf6_if->ifmtu);
2635                             length = OSPF6_LS_UPD_MIN_SIZE;
2636                             *lsa_cnt = 0;
/ospf6d/ospf6_message.c: 2631 in ospf6_make_lsupdate_list()
2625                          + OSPF6_HEADER_SIZE)
2626                         > ospf6_packet_max(on->ospf6_if)) {
2627                             ospf6_fill_header(on->ospf6_if, (*op)->s,
2628                                               length + OSPF6_HEADER_SIZE);
2629                             (*op)->length = length + OSPF6_HEADER_SIZE;
2630                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
>>>     CID 1511366:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2631                             ospf6_send_lsupdate(on, NULL, *op);

________________________________________________________________________________________________________
*** CID 1511365:    (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);
/ospf6d/ospf6_message.c: 2674 in ospf6_make_ls_retrans_list()
2668                             ospf6_fill_lsupdate_header((*op)->s, *lsa_cnt);
2669                             if (on->ospf6_if->state == OSPF6_INTERFACE_POINTTOPOINT)
2670                                     (*op)->dst = allspfrouters6;
2671                             else
2672                                     (*op)->dst = on->linklocal_addr;
2673
>>>     CID 1511365:    (TAINTED_SCALAR)
>>>     Passing tainted variable "(*op)->length" to a tainted sink.
2674                             ospf6_fill_hdr_checksum(on->ospf6_if, *op);
2675                             ospf6_packet_add(on->ospf6_if, *op);
2676                             OSPF6_MESSAGE_WRITE_ON(on->ospf6_if);

________________________________________________________________________________________________________
*** CID 1511364:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2125 in ospf6_write()
2120                     if (oi->at_data.flags != 0) {
2121                             at_len = ospf6_auth_len_get(oi);
2122                             if (at_len) {
2123                                     iovector[0].iov_len =
2124                                             ntohs(oh->length) + at_len;
>>>     CID 1511364:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "iovector[0].iov_len" to a tainted sink.
2125                                     ospf6_auth_digest_send(oi->linklocal_addr, oi,
2126                                                            oh, at_len,
2127                                                            iovector[0].iov_len);
2128                             } else {
2129                                     iovector[0].iov_len = ntohs(oh->length);
2130                             }

________________________________________________________________________________________________________
*** CID 1511363:    (DEADCODE)
/ospf6d/ospf6_auth_trailer.c: 275 in ospf6_hash_hmac_sha_digest()
269      case KEYCHAIN_ALGO_HMAC_SHA512:
270     #ifdef CRYPTO_OPENSSL
271              sha512_digest(mes, len, digest);
272     #endif
273              break;
274      case KEYCHAIN_ALGO_NULL:
>>>     CID 1511363:    (DEADCODE)
>>>     Execution cannot reach this statement: "case KEYCHAIN_ALGO_MAX:".
275      case KEYCHAIN_ALGO_MAX:
276      default:

/ospf6d/ospf6_auth_trailer.c: 274 in ospf6_hash_hmac_sha_digest()
269      case KEYCHAIN_ALGO_HMAC_SHA512:
270     #ifdef CRYPTO_OPENSSL
271              sha512_digest(mes, len, digest);
272     #endif
273              break;
>>>     CID 1511363:    (DEADCODE)
>>>     Execution cannot reach this statement: "case KEYCHAIN_ALGO_NULL:".
274      case KEYCHAIN_ALGO_NULL:
275      case KEYCHAIN_ALGO_MAX:
276      default:

________________________________________________________________________________________________________
*** CID 1511362:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 541 in ospf6_auth_check_digest()
535
536      auth_len = ntohs(ospf6_auth->length);
537
538      memcpy(temp_hash, ospf6_auth->data, hash_len);
539      memcpy(ospf6_auth->data, apad, hash_len);
540
>>>     CID 1511362:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "oh_len + auth_len + lls_block_len" to a tainted sink.
541      ospf6_auth_update_digest(oi, oh, ospf6_auth, auth_str,
542                               (oh_len + auth_len + lls_block_len),
543                               hash_algo);

________________________________________________________________________________________________________
*** CID 1511361:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_auth_trailer.c: 124 in ospf6_auth_hdr_dump_recv()
118      at_len = length - (oh_len + lls_len);
119      if (at_len > 0) {
120              ospf6_at_hdr =
121                      (struct ospf6_auth_hdr *)((uint8_t *)ospfh + oh_len);
122              at_hdr_len = ntohs(ospf6_at_hdr->length);
123              hash_len = at_hdr_len - OSPF6_AUTH_HDR_MIN_SIZE;
>>>     CID 1511361:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "hash_len" to a tainted sink.
124              memcpy(temp, ospf6_at_hdr->data, hash_len);
125              temp[hash_len] = '\0';

________________________________________________________________________________________________________
*** CID 1482146:  Insecure data handling  (TAINTED_SCALAR)
/ospf6d/ospf6_message.c: 2787 in ospf6_lsupdate_send_neighbor_now()
2781
2782             if (IS_OSPF6_DEBUG_FLOODING
2783                 || IS_OSPF6_DEBUG_MESSAGE(OSPF6_MESSAGE_TYPE_LSUPDATE, SEND_HDR))
2784                     zlog_debug("%s: Send lsupdate with lsa %s (age %u)", __func__,
2785                                lsa->name, ntohs(lsa->header->age));
2786
>>>     CID 1482146:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "op->length" to a tainted sink.
2787             ospf6_send_lsupdate(on, NULL, op);

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>
 2022-02-14 06:36:02 +00:00
Donatas Abraitis
0a3fa828f8 doc: An example how we do RC tagging for stabilization branch 
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
 2022-02-13 21:23:53 +02:00
Jafar Al-Gharaibeh
d10b16499c
Merge pull request #10533 from taspelund/ip_rule_nl_debugs 
zebra: add netlink debugs for ip rules
 2022-02-11 11:37:40 -06:00
Donatas Abraitis
f7d8698313
Merge pull request #9697 from SaiGomathiN/igmp-sources 
pimd: json support added
 2022-02-11 07:53:02 +02:00
Trey Aspelund
e54cd97838 zebra: cleanup multiline strings in debug_nl.c 
NetDEF CI has been whining about multiline string style.
Make the strings single-line and call it a day.

Signed-off-by: Trey Aspelund <taspelund@nvidia.com>
 2022-02-10 21:37:45 +00:00
Trey Aspelund
95fe32880f zebra: add netlink debugs for ip rules 
Adds functions to parse + decode netlink rules.
Adds RTM_NEWRULE + RTM_DELRULE to "debug zebra kernel".

Signed-off-by: Trey Aspelund <taspelund@nvidia.com>
 2022-02-10 21:36:34 +00:00
Russ White
6142a17949
Merge pull request #8890 from rameshabhinay/ospf6_auth_trailer 
OSPF6: Support OSPF6 authentication trailer RFC 7166
 2022-02-10 14:17:13 -05:00
Donald Sharp
1dd08c2243 lib: Save number of times a thread is starved 
Add a counter to the number of times a thread is starved from
a timer event and add the output to `show thread cpu`

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-10 14:10:26 -05:00
Rafael Zalamena
70d79c359b
Merge pull request #10537 from mjstapp/fix_dplane_strdup 
zebra: use frr mem apis in dplane
 2022-02-10 10:24:22 -03:00
Donald Sharp
7fe008261e
Merge pull request #10552 from idryzhov/frr-reload-nodes 
tools: fix frr-reload context keywords
 2022-02-10 08:12:07 -05:00
Donatas Abraitis
cd03cf1644
Merge pull request #10540 from idryzhov/attr-extra-revert 
revert recent bgp attr->extra changes
 2022-02-10 14:46:49 +02:00
Igor Ryzhov
e49889387e
Merge pull request #10545 from ton31337/feature/get_set_for_lcommunity 
bgpd: Use get/set helpers for attr->lcommunity
 2022-02-10 15:35:21 +03:00
Donatas Abraitis
1bcf3a96de bgpd: Use get/set helpers for attr->lcommunity 
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
 2022-02-10 11:04:03 +02:00
Igor Ryzhov
a2d3103a01 Revert "bgpd: Move out ipv6_ecommunity struct from attr to attr_extra" 
This reverts commit 2703b7db19.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 12:00:30 +03:00
Igor Ryzhov
adde1db9f4 Revert "bgpd: Move attr->pmsi_tnl_type to attr->extra->pmsi_tnl_type" 
This reverts commit fc6ba64f04.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 12:00:30 +03:00
Igor Ryzhov
f363420261 Revert "bgpd: Free only subattributes, not the whole attr_extra pointer" 
This reverts commit 0911206097.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 12:00:30 +03:00
Donatas Abraitis
eae63cb501
Merge pull request #10549 from idryzhov/bgp-coverity 
bgpd: fix null pointer dereferences
 2022-02-10 10:36:06 +02:00
Donatas Abraitis
584fbadf83
Merge pull request #10550 from idryzhov/bgp-attr-undup 
bgpd: remove bgp_attr_undup
 2022-02-10 09:02:02 +02:00
Donatas Abraitis
ea56115a16
Merge pull request #10551 from idryzhov/bgpd-memleaks 
bgpd: fix a couple of memleaks
 2022-02-10 08:53:26 +02:00
Igor Ryzhov
57692f125e tools: fix frr-reload context keywords 
There are singline-line commands inside `router bgp` that start with
`vnc ` or `bmp `. Those commands are currently treated as node-entering
commands. We need to specify such commands more precisely.

Fixes #10548.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 02:51:49 +03:00
Igor Ryzhov
d498917efd bgpd: remove bgp_attr_undup 
bgp_attr_undup does the same thing as bgp_attr_flush – frees the
temporary data that might be allocated when applying a route-map. There
is no need to have two separate functions for that.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 01:43:37 +03:00
Igor Ryzhov
606c3f9fb2 bgpd: fix aspath memleak on error in vnc_direct_bgp_add_nve 
bgp_attr_default_set creates a new empty aspath. If family error happens,
this aspath is not freed. Move attr initialization after we checked the
family.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 01:23:41 +03:00
Igor Ryzhov
afb254d792 bgpd: fix aspath memory leak in aggr_suppress_map_test 
aspth_empty a couple of lines earlier creates an aspath and it must be
freed.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 01:20:03 +03:00
Igor Ryzhov
4dbf2038ea bgpd: fix missing bgp_attr_flush on errors in bgp_update 
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 01:15:57 +03:00
Igor Ryzhov
cfe4dce98b bgpd: fix null pointer dereferences 
They were introduced during recent ecommunity rework in b53e67a3.

CID 1511347 and 1511348.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
 2022-02-10 00:14:39 +03:00
Russ White
8aa03a655e
Merge pull request #10482 from donaldsharp/zebra_buffering 
Zebra buffering
 2022-02-09 12:56:37 -05:00
Jafar Al-Gharaibeh
7df46ddfac
Merge pull request #9631 from donaldsharp/more_workflow 
doc: Update workflow.rst for release management
 2022-02-09 09:03:41 -06:00
Donatas Abraitis
b7b3e63cc0 bgpd: Check for NULL inside aspath_unintern() 
It's not always guarded, just check inside.

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
 2022-02-09 16:41:14 +02:00
Donald Sharp
add70bc315 doc: Update workflow.rst for release management 
Some release management updates

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2022-02-09 07:56:00 -05:00
Abhinay Ramesh
0afa645317 tests: Added ospf6 authentication trailer topotest 
Have added topotest to verify below combination.
Auth support for md5
Auth support for hmac-sha-256
Auth support with keychain for md5
Auth support with keychain for hmac-sha-256

Have sussessfully run all 4 test cases in my local setup.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>
 2022-02-09 01:57:08 +00:00