Gitiles
Code Review Sign In
gerrit.opencord.org / quagga / 68ec424eb8557f86d08fcb7ab3c5366cbf3eca0e^! / . / bgpd / bgp_open.c
commit68ec424eb8557f86d08fcb7ab3c5366cbf3eca0e[log] [tgz]
authorPaul Jakma <paul.jakma@hpe.com>Wed Nov 25 17:14:34 2015 +0000
committerPaul Jakma <paul.jakma@hpe.com>Wed Feb 10 15:06:17 2016 +0000
tree63d4630ccfb5e0f366881fa98d42e62842d67239
parentcc216b7978b038667626afd3f70dda8f70c46e4e [diff] [blame]
bgpd: OPEN parse errors should send OPEN_ERR and UNSPECIFIC subcode.

CEASE NOTIFICATION for OPEN parsing errors seems, to my reading of RFC4271
ยง6.2 to be incorrect.

* bgp_packet.c: (bgp_open_receive) OPEN/UNACEP_HOLDTIME is not an
  appropriate error subcode if bgp_open_option_parse returns an error.  Set
  it to "Unspecific". Where a more specific subcode is appropriate, then lower
  level should send that.
* bgp_open.c: (bgp_open_option_parse) Malformed OPENs should result in
  NOTIFICATION with OPEN error, and OPEN/UNSPECIFIC sub-code - not CEASE.
  (bgp_capability_{parse,orf_entry}) ditto.
* bgpd.h: Add BGP_NOTIFY_OPEN_UNSPECIFIC for 0.  Note that IANA lists 0 as
  reserved in the OPEN error sub-code registry, but RFC4271 page 32 says 0
  is the "Unspecific" OPEN error subcode.

  Have emailed IANA, they says it's a known errate to 4271 under review.

  Some inspiration from Cumulus' bgpd-capability-cleanup.patch, though
  v different result.

diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
index b9d6e93..7273882 100644
--- a/bgpd/bgp_open.c
+++ b/bgpd/bgp_open.c

@@ -235,7 +235,7 @@
       zlog_info ("%s ORF Capability entry length error,"
                  " Cap length %u, num %u",
                  peer->host, hdr->length, entry.num);
-      bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
+      bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_UNSPECIFIC);
       return -1;
     }
 
@@ -469,7 +469,7 @@
       if (stream_get_getp(s) + 2 > end)
 	{
 	  zlog_info ("%s Capability length error (< header)", peer->host);
-	  bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
+	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_UNSPECIFIC);
 	  return -1;
 	}
       
@@ -481,7 +481,7 @@
       if (start + caphdr.length > end)
 	{
 	  zlog_info ("%s Capability length error (< length)", peer->host);
-	  bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
+	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_UNSPECIFIC);
 	  return -1;
 	}
       
@@ -511,7 +511,8 @@
                              LOOKUP (capcode_str, caphdr.code),
                              caphdr.length, 
 			     (unsigned) cap_minsizes[caphdr.code]);
-                  bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
+                  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
+                                  BGP_NOTIFY_OPEN_UNSPECIFIC);
                   return -1;
                 }
           /* we deliberately ignore unknown codes, see below */
@@ -727,7 +728,8 @@
       if (STREAM_READABLE(s) < 2)
 	{
 	  zlog_info ("%s Option length error", peer->host);
-	  bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
+	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
+	                         BGP_NOTIFY_OPEN_UNSPECIFIC);
 	  return -1;
 	}
 
@@ -739,7 +741,8 @@
       if (STREAM_READABLE (s) < opt_length)
 	{
 	  zlog_info ("%s Option length error", peer->host);
-	  bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
+	  bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
+	                         BGP_NOTIFY_OPEN_UNSPECIFIC);
 	  return -1;
 	}