NetBSD/usr.sbin/ldpd/ldp_peer.c
kefren e64aab24d3 * add config file so one can control id, timers and label assignment and
use neighbour specific options - XXX: needs documentation
* add peer authentication using TCP_MD5SIG. Interoperability tested with
  Cisco IOS
* use SLIST_FOREACH_SAFE when deleting labels instead of re-looping.
2010-12-30 11:29:21 +00:00

512 lines
12 KiB
C

/* $NetBSD: ldp_peer.c,v 1.3 2010/12/30 11:29:21 kefren Exp $ */
/*-
* Copyright (c) 2010 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Mihai Chelaru <kefren@NetBSD.org>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <netmpls/mpls.h>
#include <arpa/inet.h>
#include <stdlib.h>
#include <strings.h>
#include <stdio.h>
#include <unistd.h>
#include <errno.h>
#include "conffile.h"
#include "socketops.h"
#include "ldp_errors.h"
#include "ldp.h"
#include "tlv_stack.h"
#include "mpls_interface.h"
#include "notifications.h"
#include "ldp_peer.h"
extern int ldp_holddown_time;
struct in_addr *myaddresses;
void
ldp_peer_init(void)
{
SLIST_INIT(&ldp_peer_head);
myaddresses = NULL;
}
/*
* soc should be > 1 if there is already a TCP socket for this else we'll
* initiate a new one
*/
struct ldp_peer *
ldp_peer_new(struct in_addr * ldp_id, struct in_addr * a,
struct in_addr * tradd, uint16_t holdtime, int soc)
{
struct ldp_peer *p;
int s = soc;
struct sockaddr_in sa;
struct conf_neighbour *cn;
if (s < 1) {
s = socket(PF_INET, SOCK_STREAM, 0);
memset(&sa, 0, sizeof(sa));
sa.sin_len = sizeof(sa);
sa.sin_family = AF_INET;
if (tradd)
memcpy(&sa.sin_addr, tradd,
sizeof(struct in_addr));
else
memcpy(&sa.sin_addr, a,
sizeof(struct in_addr));
sa.sin_port = htons(LDP_PORT);
set_ttl(s);
}
/* MD5 authentication needed ? */
SLIST_FOREACH(cn, &conei_head, neilist)
if (cn->authenticate != 0 && (a->s_addr == cn->address.s_addr ||
(tradd && tradd->s_addr == cn->address.s_addr))) {
if (setsockopt(s, IPPROTO_TCP, TCP_MD5SIG, &(int){1},
sizeof(int)) != 0)
fatalp("setsockopt TCP_MD5SIG: %s\n",
strerror(errno));
break;
}
/* Set the peer in CONNECTING/CONNECTED state */
p = calloc(1, sizeof(*p));
if (!p) {
fatalp("ldp_peer_new: calloc problem\n");
return NULL;
}
SLIST_INSERT_HEAD(&ldp_peer_head, p, peers);
memcpy(&p->address, a, sizeof(struct in_addr));
memcpy(&p->ldp_id, ldp_id, sizeof(struct in_addr));
if (tradd)
memcpy(&p->transport_address, tradd,
sizeof(struct in_addr));
else
memcpy(&p->transport_address, a,
sizeof(struct in_addr));
p->holdtime = holdtime > ldp_holddown_time ? holdtime : ldp_holddown_time;
p->socket = s;
if (soc < 1) {
p->state = LDP_PEER_CONNECTING;
p->master = 1;
} else {
p->state = LDP_PEER_CONNECTED;
p->master = 0;
set_ttl(p->socket);
}
SLIST_INIT(&p->ldp_peer_address_head);
SLIST_INIT(&p->label_mapping_head);
p->timeout = p->holdtime;
/* And connect to peer */
if (soc < 1)
if (connect(s, (struct sockaddr *) & sa, sizeof(sa)) == -1) {
if (errno == EINTR) {
return p; /* We take care of this in
* big_loop */
}
warnp("connect to %s failed: %s\n",
inet_ntoa(sa.sin_addr), strerror(errno));
ldp_peer_holddown(p);
return NULL;
}
p->state = LDP_PEER_CONNECTED;
return p;
}
void
ldp_peer_holddown(struct ldp_peer * p)
{
if (!p)
return;
if (p->state == LDP_PEER_ESTABLISHED)
mpls_delete_ldp_peer(p);
p->state = LDP_PEER_HOLDDOWN;
p->timeout = ldp_holddown_time;
shutdown(p->socket, SHUT_RDWR);
ldp_peer_delete_all_mappings(p);
del_all_ifaddr(p);
fatalp("LDP Neighbour %s is DOWN\n", inet_ntoa(p->ldp_id));
}
void
ldp_peer_holddown_all()
{
struct ldp_peer *p;
SLIST_FOREACH(p, &ldp_peer_head, peers) {
if ((p->state == LDP_PEER_ESTABLISHED) ||
(p->state == LDP_PEER_CONNECTED))
send_notification(p, get_message_id(), NOTIF_SHUTDOWN);
ldp_peer_holddown(p);
}
}
void
ldp_peer_delete(struct ldp_peer * p)
{
if (!p)
return;
SLIST_REMOVE(&ldp_peer_head, p, ldp_peer, peers);
close(p->socket);
warnp("LDP Neighbor %s holddown timer expired\n", inet_ntoa(p->ldp_id));
free(p);
}
struct ldp_peer *
get_ldp_peer(struct in_addr * a)
{
struct ldp_peer *p;
SLIST_FOREACH(p, &ldp_peer_head, peers) {
if (!memcmp((void *) a, (void *) &p->ldp_id,
sizeof(struct in_addr)))
return p;
if (!memcmp((void *) a, (void *) &p->address,
sizeof(struct in_addr)))
return p;
if (check_ifaddr(p, a))
return p;
}
return NULL;
}
struct ldp_peer *
get_ldp_peer_by_socket(int s)
{
struct ldp_peer *p;
SLIST_FOREACH(p, &ldp_peer_head, peers)
if (p->socket == s)
return p;
return NULL;
}
/*
* Adds address list bounded to a specific peer
* Returns the number of addresses inserted successfuly
*/
int
add_ifaddresses(struct ldp_peer * p, struct al_tlv * a)
{
int i, c, n;
struct in_addr *ia;
/*
* Check if tlv is Address type, if it's correct size (at least one
* address) and if it's IPv4
*/
if ((ntohs(a->type) != TLV_ADDRESS_LIST) ||
(ntohs(a->length) < sizeof(a->af) + sizeof(struct in_addr)) ||
(ntohs(a->af) != LDP_AF_INET))
return 0;
/* Number of addresses to insert */
n = (ntohs(a->length) - sizeof(a->af)) / sizeof(struct in_addr);
debugp("Trying to add %d addresses to peer %s ... \n", n,
inet_ntoa(p->ldp_id));
for (ia = (struct in_addr *) & a->address, c = 0, i = 0; i < n; i++) {
if (add_ifaddr(p, &ia[i]) == LDP_E_OK)
c++;
}
debugp("Added %d addresses\n", c);
return c;
}
int
del_ifaddresses(struct ldp_peer * p, struct al_tlv * a)
{
int i, c, n;
struct in_addr *ia;
/*
* Check if tlv is Address type, if it's correct size (at least one
* address) and if it's IPv4
*/
if (ntohs(a->type) != TLV_ADDRESS_LIST ||
ntohs(a->length) > sizeof(a->af) + sizeof(struct in_addr) ||
ntohs(a->af) != LDP_AF_INET)
return -1;
n = (ntohs(a->length) - sizeof(a->af)) / sizeof(struct in_addr);
debugp("Trying to delete %d addresses from peer %s ... \n", n,
inet_ntoa(p->ldp_id));
for (ia = (struct in_addr *) & a[1], c = 0, i = 0; i < n; i++) {
if (del_ifaddr(p, &ia[i]) == LDP_E_OK)
c++;
}
debugp("Deleted %d addresses\n", c);
return c;
}
/* Adds a _SINGLE_ address to a specific peer */
int
add_ifaddr(struct ldp_peer * p, struct in_addr * a)
{
struct ldp_peer_address *lpa;
/* Is it already there ? */
if (check_ifaddr(p, a))
return LDP_E_ALREADY_DONE;
lpa = calloc(1, sizeof(*lpa));
if (!lpa) {
fatalp("add_ifaddr: malloc problem\n");
return LDP_E_MEMORY;
}
memcpy(&lpa->address, a, sizeof(struct in_addr));
SLIST_INSERT_HEAD(&p->ldp_peer_address_head, lpa, addresses);
return LDP_E_OK;
}
/* Deletes an address bounded to a specific peer */
int
del_ifaddr(struct ldp_peer * p, struct in_addr * a)
{
struct ldp_peer_address *wp;
wp = check_ifaddr(p, a);
if (!wp)
return LDP_E_NOENT;
SLIST_REMOVE(&p->ldp_peer_address_head, wp, ldp_peer_address,
addresses);
free(wp);
return LDP_E_OK;
}
/* Checks if an address is already bounded */
struct ldp_peer_address *
check_ifaddr(struct ldp_peer * p, struct in_addr * a)
{
struct ldp_peer_address *wp;
SLIST_FOREACH(wp, &p->ldp_peer_address_head, addresses)
if (memcmp(a, &wp->address, sizeof(struct in_addr)) == 0)
return wp;
return NULL;
}
void
del_all_ifaddr(struct ldp_peer * p)
{
struct ldp_peer_address *wp;
while (!SLIST_EMPTY(&p->ldp_peer_address_head)) {
wp = SLIST_FIRST(&p->ldp_peer_address_head);
SLIST_REMOVE_HEAD(&p->ldp_peer_address_head, addresses);
free(wp);
}
}
void
print_bounded_addresses(struct ldp_peer * p)
{
struct ldp_peer_address *wp;
char abuf[512];
snprintf(abuf, sizeof(abuf), "Addresses bounded to peer %s: ",
inet_ntoa(p->address));
SLIST_FOREACH(wp, &p->ldp_peer_address_head, addresses) {
strncat(abuf, inet_ntoa(wp->address), sizeof(abuf) -1);
strncat(abuf, " ", sizeof(abuf) -1);
}
warnp("%s\n", abuf);
}
void
add_my_if_addrs(struct in_addr * a, int count)
{
myaddresses = calloc((count + 1), sizeof(*myaddresses));
if (!myaddresses) {
fatalp("add_my_if_addrs: malloc problem\n");
return;
}
memcpy(myaddresses, a, count * sizeof(struct in_addr));
myaddresses[count].s_addr = 0;
}
/* Adds a label and a prefix to a specific peer */
int
ldp_peer_add_mapping(struct ldp_peer * p, struct in_addr * a, int prefix,
int label)
{
struct label_mapping *lma;
if (!p)
return -1;
if (ldp_peer_get_lm(p, a, prefix))
return LDP_E_ALREADY_DONE;
lma = malloc(sizeof(*lma));
if (!lma) {
fatalp("ldp_peer_add_mapping: malloc problem\n");
return LDP_E_MEMORY;
}
memcpy(&lma->address, a, sizeof(struct in_addr));
lma->prefix = prefix;
lma->label = label;
SLIST_INSERT_HEAD(&p->label_mapping_head, lma, mappings);
return LDP_E_OK;
}
int
ldp_peer_delete_mapping(struct ldp_peer * p, struct in_addr * a, int prefix)
{
struct label_mapping *lma;
if (!a)
return ldp_peer_delete_all_mappings(p);
lma = ldp_peer_get_lm(p, a, prefix);
if (!lma)
return LDP_E_NOENT;
SLIST_REMOVE(&p->label_mapping_head, lma, label_mapping, mappings);
free(lma);
return LDP_E_OK;
}
struct label_mapping *
ldp_peer_get_lm(struct ldp_peer * p, struct in_addr * a, int prefix)
{
struct label_mapping *rv;
if (!p)
return NULL;
SLIST_FOREACH(rv, &p->label_mapping_head, mappings)
if ((rv->prefix == prefix) && (!memcmp(a, &rv->address,
sizeof(struct in_addr))))
break;
return rv;
}
int
ldp_peer_delete_all_mappings(struct ldp_peer * p)
{
struct label_mapping *lma;
while(!SLIST_EMPTY(&p->label_mapping_head)) {
lma = SLIST_FIRST(&p->label_mapping_head);
SLIST_REMOVE_HEAD(&p->label_mapping_head, mappings);
free(lma);
}
return LDP_E_OK;
}
/* returns a mapping and its peer */
struct peer_map *
ldp_test_mapping(struct in_addr * a, int prefix, struct in_addr * gate)
{
struct ldp_peer *lpeer;
struct peer_map *rv = NULL;
struct label_mapping *lm = NULL;
/* Checks if it's LPDID, else checks if it's an interface */
lpeer = get_ldp_peer(gate);
if (!lpeer) {
debugp("Gateway %s is not an LDP peer\n", inet_ntoa(*gate));
return NULL;
}
if (lpeer->state != LDP_PEER_ESTABLISHED) {
warnp("ldp_test_mapping: peer is down ?!\n");
return NULL;
}
lm = ldp_peer_get_lm(lpeer, a, prefix);
if (!lm) {
debugp("Cannot match that prefix to the specified peer\n");
return NULL;
}
rv = malloc(sizeof(*rv));
if (!rv) {
fatalp("ldp_test_mapping: malloc problem\n");
return NULL;
}
rv->lm = lm;
rv->peer = lpeer;
return rv;
}
/* Name from state */
const char * ldp_state_to_name(int state)
{
switch(state) {
case LDP_PEER_CONNECTING:
return "CONNECTING";
case LDP_PEER_CONNECTED:
return "CONNECTED";
case LDP_PEER_ESTABLISHED:
return "ESTABLISHED";
case LDP_PEER_HOLDDOWN:
return "HOLDDOWN";
}
return "UNKNOWN";
}