To show the TCP MSS value per neighbor you have to configure it, otherwise you
don't see the actual value.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
GCC 13.2.0 complains:
```
ospf6d/ospf6_intra.c:139:25: error: ‘json_arr’ may be used uninitialized [-Werror=maybe-uninitialized]
ospf6d/ospf6_intra.c:485:20: error: ‘json_arr’ may be used uninitialized [-Werror=maybe-uninitialized]
```
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This patch includes:
* Implementation of RFC 5709 support in OSPF. Using
openssl library and FRR key-chain,
one can use SHA1, SHA256, SHA384, SHA512 and
keyed-MD5( backward compatibility with RFC 2328) HMAC algs.
* Updating documentation of OSPF
* add topotests for new HMAC algorithms
Signed-off-by: Mahdi Varasteh <varasteh@amnesh.ir>
Null checking the `sra` pointer after dereferencing it causes a
coverity issue. Let's perform the null check before dereferencing the
pointer.
Fixes this coverity issue:
*** CID 1568133: Null pointer dereferences (REVERSE_INULL)
/isisd/isis_zebra.c: 1077 in isis_zebra_srv6_adj_sid_uninstall()
1071 enum seg6local_action_t action = ZEBRA_SEG6_LOCAL_ACTION_UNSPEC;
1072 struct interface *ifp;
1073 uint16_t prefixlen = IPV6_MAX_BITLEN;
1074 struct isis_circuit *circuit = sra->adj->circuit;
1075 struct isis_area *area = circuit->area;
1076
>>> CID 1568133: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "sra" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1077 if (!sra)
1078 return;
1079
1080 switch (sra->behavior) {
1081 case SRV6_ENDPOINT_BEHAVIOR_END_X:
1082 prefixlen = IPV6_MAX_BITLEN;
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Null checking the `sra` pointer after dereferencing it causes a
coverity issue. Let's perform the null check before dereferencing the
pointer.
Fixes this coverity issue:
*** CID 1568132: Null pointer dereferences (REVERSE_INULL)
/isisd/isis_zebra.c: 1023 in isis_zebra_srv6_adj_sid_install()
1017 struct seg6local_context ctx = {};
1018 uint16_t prefixlen = IPV6_MAX_BITLEN;
1019 struct interface *ifp;
1020 struct isis_circuit *circuit = sra->adj->circuit;
1021 struct isis_area *area = circuit->area;
1022
>>> CID 1568132: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "sra" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1023 if (!sra)
1024 return;
1025
1026 sr_debug("ISIS-SRv6 (%s): setting adjacency SID %pI6", area->area_tag,
1027 &sra->sid);
1028
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Fix this coverity issue:
*** CID 1568129: Null pointer dereferences (REVERSE_INULL)
/isisd/isis_tlvs.c: 2813 in unpack_item_srv6_end_sid()
2807 sid->subsubtlvs = NULL;
2808 }
2809
2810 append_item(&subtlvs->srv6_end_sids, (struct isis_item *)sid);
2811 return 0;
2812 out:
>>> CID 1568129: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "sid" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
2813 if (sid)
2814 free_item_srv6_end_sid((struct isis_item *)sid);
2815 return 1;
2816 }
2817
2818 /* Functions related to TLVs 1 Area Addresses */
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
If we modify as-path with route-map and prepend with private ASNs, then we
advertise a new as-path without stripping private ASNs. Let's fix this, and
remove private ASNs despite if they were sent by the origin or prepended locally.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
When debugging and outputting the oil_parent() let's just
convert it to a string that is useful for people trying
to debug pim
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When calling daemon_stop() with --quiet and e.g. the pidfile is empty,
it won't return early since while "$fail" is set, "$2" is "--quiet", so
the if condition isn't met and it will continue executing, resulting
in error messages in the log:
> Sep 14 14:48:33 localhost watchfrr[2085]: [YFT0P-5Q5YX] Forked background command [pid 2086]: /usr/lib/frr/watchfrr.sh restart all
> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec
> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec
> Sep 14 14:48:33 localhost frrinit.sh[2075]: /usr/lib/frr/frrcommon.sh: line 216: kill: `': not a pid or valid job spec
Fix this by moving the --quiet check into the block to log_failure_msg(),
and also add the check to all other invocations of log_*_msg() to make
--quiet properly suppress output.
Fixes: 19a99d89f0 ("tools: suppress unuseful warnings during restarting frr")
Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
Add "no" command for pcep pce/pce-config sub-commands, this will mainly
restart configured options to default values.
Signed-off-by: Farid Mihoub <farid.mihoub@6wind.com>
Not sure why this is needed, because it's reset on bgp_connect_success(),
when the session is UP.
When the session is reset, it clears those variables, and we are not able to
see what remote address was before, etc.
hostLocal, hostRemote reports Unknown for `show bgp neighbor json`.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
The 'redistribute table' command can be used by configuration on a
non default BGP instance, but this command does not work for multiple
reasons:
- The route entries configured on a given table are always configured
from the default vrf. This constraint prevents from redistributing a
prefix from the default vrf to an other non default bgp instance.
- The importation of route entries requires 'ip import-table' on vrfs
and this command is not available
Fix this by preventing from configuring this kind of redistribution
on non default bgp instances.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
LLGR stale time is exchanged using OPEN messages. In order to
reduce stal time before doing an actual graceful restart + LLGR, it might be useful
to increase the time, but this is not possible without resetting the session.
With this change, it's possible to send dynamic capability with a new value, and
GR will respect a new reset time value when LLGR kicks in.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
the snmp tests are using zebra.conf to setup the
address that they are binding to and immediately
after that they are starting snmpd. If snmpd
starts up *before* zebra has installed the address
the bind on the address will fail. Causing the entire
test to fail. Modify the snmpd.conf for all our
snmp tests to bind to all addresses. Things still
work and we no longer have an issue.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Fix bgp_vpnv4_noretain test descriptions
Fixes: 22dfa04b78 ("topotests: more tests in bgp_vpnv4_noretain")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
The BGP "no retain" VPN option avoids storing VPN prefixes that are not
imported in the incoming BGP table (aka. Adj RIB in). When a VPN import
policy is changed, BGP does a soft clear so that a prefix refresh is
requested from the peers. However, the import from local VPN prefixes
is never requested.
Fix this issue by requesting a local import refresh.
Fixes: a486300b26 ("bgpd: implement retain route-target all behaviour")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
