Move away from things like "lock if not locked" type code, require the
user has locked prior to geting to that point.
For now we warn if we are taking a lock we already had; however, this
should really be a failure point.
New requirements:
SETCFG -
not implicit commit - requires user has locked candidate DS and they
must unlock after
implicit commit - requires user has locked candidate and running DS
both locks will be unlocked on reply to the SETCFG
COMMITCFG -
requires user has locked candidate and running DS and they must unlock
after
rollback - this code now get both locks and then does an unlock and
early return thing on the adapter side. It needs to be un-special
cased in follow up work that would also include tests for this
functionality.
Signed-off-by: Christian Hopps <chopps@labn.net>
`is_short_circuit` now is set to true when a message is being
short-circuit handled.
`short_circuit_depth` was being inc/dec inside conditional macro, move
that out of the macro.
Signed-off-by: Christian Hopps <chopps@labn.net>
- log names of datastores not numbers
- improve logging for mgmt_msg_read
- Rather than use a bool, instead store the pending const string name of
the command being run that has postponed the CLI. This adds some nice
information to the logging when enabled.
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit 96f9e7853b)
Testing early exits/ends from config files loaded with `vtysh -f cfgfile`
as well as `vtysh < cfgfile`, verify the same as non-mgmtd behavior.
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit dac48df52a)
For creation this is the first thing done so short-circuit just means inline
sync response. However, for destroy there could be commands in-flight, these
will be discarded when they match no session, and the state cleaned up
immediately when the message short-circuits.
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit 0fc08fa738)
Avoid recursion into vty_close() when being notified of a session closure that
happened inside vty_close().
If a vty is closed with outstanding config yet to be commited
issue a warning that it is being lost.
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit 4307fdd070)
This is required to make sure that we properly send the
XFRR_end_configuration tag to the daemons. Previously if the user had an
`exit` at the root level the parser would just drop out of the config
node and so XFRR_end_configuration, even if sent, would be ignored
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit 315e9032e4)
- docs on how to convert daemon to mgmtd and some diagrams
- and a fix for code-block in cspf.rst
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit a552543640)
Fixes a crash associated with attempting to read beyond the end of the
stream when parsing ASLA Sub-TLV.
```
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
subtlv_len=13 '\r') at isisd/isis_tlvs.c:1473
at isisd/isis_tlvs.c:3264
context=<optimized out>, mtid=<optimized out>) at isisd/isis_tlvs.c:6078
indent=4) at isisd/isis_tlvs.c:6142
avail_len=<optimized out>, context=<optimized out>) at isisd/isis_tlvs.c:7032
at isisd/isis_tlvs.c:7054
(gdb)
```
Caught by fuzzer.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
(cherry picked from commit 2a9e0824a7)
In pbrd, don't encode a rule without a table. There are cases
where the zapi encoding was incorrect because the 4-octet
table id was missing. In zebra, mask off the ECN bits in the
TOS byte when encoding an iprule to match netlink's
expectation.
Signed-off-by: Mark Stapp <mjs@labn.net>
(cherry picked from commit 4112baec9f)
interface link update event needs
to be handle properly in ospf interface
cache.
Example:
When vrf (interface) is created its default type
would be set to BROADCAST because ifp->status
is not set to VRF.
Subsequent link event sets ifp->status to vrf,
ospf interface update need to compare current type
to new default type which would be VRF (OSPF_IFTYPE_LOOPBACK).
Since ospf type param was created in first add event,
ifp vrf link event didn't update ospf type param which
leads to treat vrf as non loopback interface.
Ticket:#3459451
Testing Done:
Running config suppose to bypass rendering default
network broadcast for loopback/vrf types.
Before fix:
vrf vrf1
vni 4001
exit-vrf
!
interface vrf1
ip ospf network broadcast
exit
After fix: (interface vrf1 is not displayed).
vrf vrf1
vni 4001
exit-vrf
Signed-off-by: Chirag Shah <chirag@nvidia.com>
(cherry picked from commit 0d005b2d5c)
When shutting down the main pthread was first closing
the sockets associated with the dplane pthread and
then telling it to shutdown the pthread at a later point
in time. This caused the dplane to crash because the nl
data has been freed already. Change the shutdown order
to stop the dplane pthread *and* then close the sockets.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 977d7e24ff)
This is a good way to run a per-test background helper process. Here the
helper object is created before the test function requesting it (through param
name match), and then cleaned up after the test function exits (pass or failed).
A context manager is used to further guarantee the cleanup is done.
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit b28bc2561e)
- Remove use of bespoke socat
- Use ipv6 support in mcast-tester.py
- do not run processes in the background behind munet/micronet's
back with `&` (ever) -- use popen or the helper class
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit efedb18976)
According RFC 5880, add a simpilfed version handling authentication
Signed-off-by: zmw12306 <zmw12306@gmail.com>
(cherry picked from commit 98707b04d4)
This commit addresses a memory leak issue in the BGP Flowspec NLRI parsing function.
Previously when processing NLRI, dynamically allocated memory to `temp` was not being freed, leading to a memory leak.
The commit introduces the necessary code (XFREE) to properly free the temp memory after processing Flowspec NLRI.
The ASan leak log for reference:
```
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689:Direct leak of 56 byte(s) in 2 object(s) allocated from:
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #0 0x7fc9872b5037 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #1 0x7fc986e5b1ee in qcalloc lib/memory.c:105
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #2 0x560421351bfe in bgp_nlri_parse_flowspec bgpd/bgp_flowspec.c:155
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #3 0x56042107d01c in bgp_nlri_parse bgpd/bgp_packet.c:350
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #4 0x560421086cf3 in bgp_update_receive bgpd/bgp_packet.c:2023
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #5 0x56042108deed in bgp_process_packet bgpd/bgp_packet.c:2933
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #6 0x7fc986f35bf7 in event_call lib/event.c:1995
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #7 0x7fc986e1e99d in frr_run lib/libfrr.c:1185
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #8 0x560420f3f59d in main bgpd/bgp_main.c:505
./bgp_flowspec.test_bgp_flowspec_topo/r1.bgpd.asan.687689- #9 0x7fc986805d09 in __libc_start_main ../csu/libc-start.c:308
```
Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
(cherry picked from commit 269a2d3dae)
There might be a time element(s) from
temporary list are removed more than once
which leads to valueError in certain python3
version.
commit-id 1543f58b5 did not handle valueError
properly. This caused regression where
prefix-list config leads to delete followed
by add.
The new fix should just pass the exception as
value removal from list_to_add or list_to_del
is best effort.
This allows prefix-list config has no change
then removes the lines from lines_to_del and
lines_to_add properly.
Ticket:#3490252
Testing:
Configure prefix-list in frr.conf and perform
multiple frr-reload. After first reload operatoin
subsequent ones should not result in delete followed
by add of the prefix-list but rather no-op operation.
(Pdb) lines_to_add
[(('ip prefix-list FOO permit 10.2.1.0/24',), None)]
(Pdb) lines_to_del
[(('ip prefix-list FOO seq 5 permit 10.2.1.0/24',), None),
(('ip prefix-list FOO seq 10 permit 10.2.1.0/24',), None)]
(Pdb) lines_to_del_to_del
[(('ip prefix-list FOO seq 5 permit 10.2.1.0/24',), None),
(('ip prefix-list FOO seq 10 permit 10.2.1.0/24',), None)]
(Pdb) lines_to_add_to_del
[(('ip prefix-list FOO permit 10.2.1.0/24',), None),
(('ip prefix-list FOO permit 10.2.1.0/24',), None)]
(Pdb) c
> /usr/lib/frr/frr-reload.py(1562)ignore_delete_re_add_lines()
-> return (lines_to_add, lines_to_del)
(Pdb) lines_to_add
[]
(Pdb) lines_to_del
[]
Signed-off-by: Chirag Shah <chirag@nvidia.com>
(cherry picked from commit 9845c09d61)
I believe coverity can't tell the length of the return value from strftime based
on the format string (like we can), so it allows `n` to be larger than it could
be which then allows `sz - n` to be negative which is size_t positive and very
large so it thinks an overrun is possible.
CID#1563211
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit 565139a6d5)
