FRR Mirror
  1. FRR Mirror

FRR

Public
AuthorCommitMessageCommit dateIssues
Donald SharpGitHubDonald Sharp
0013cc3ce14MMerge pull request #21603 from opensourcerouting/fix/bgp_bgp_capability_msg_parsebgpd: Dynamic capability parsing fixes
Carmine ScarpittaGitHubCarmine Scarpitta
e9de591b861MMerge pull request #21386 from pguibert6WIND/bgp_srvl3vpn_sid_testAdd new BGP SRv6L3VPN sid configuration test / Add associate test
Jafar Al-GharaibehGitHubJafar Al-Gharaibeh
13b80b7acb9MMerge pull request #21585 from mjstapp/fix_isis_tlvs_3isisd: continue hardening SRV6 tlv parsing
Russ WhiteGitHubRuss White
01e6083fb81MMerge pull request #21511 from soumyar-roy/soumya/memleakbgpd: fix valgrind memory leaks on daemon shutdown
Mark StappGitHubMark Stapp
e723a393bf8MMerge pull request #21602 from opensourcerouting/fix/bgp_bgp_dynamic_capability_software_versionbgpd: Prevent out-of-bound reading handling soft version dynamic capability
Philippe GuibertPhilippe Guibert
8e2685550bbbgpd: fix release intermediate SIDs upon changing locatorOn a BGP SRv6 setup with loc1 locator on default instance, and the user wants to change locator from from loc2 to loc3 in vrf Vrf20. Sometimes, the resulting SIDs are the SIDS assigned for Vrf20 are the ones from loc1 assigned at command 'no locator loc2', whereas the expectation should be the SIDS from loc3. The below show command shows that 2001:db8:1:1:3:: from loc1 is not released. > r1# ...
Philippe GuibertPhilippe Guibert
42d6a88a55ftopotests: add test to control sid assignment when changing locatorThe move of vrf20 from loc2 to loc3 should result in appropriate assignment of the SID 2003:db8:1:1:1::. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Donatas AbraitisDonatas Abraitis
02d9fa979eabgpd: Return immediately when dynamic capability action is not validWithout returning immediately, we continue the loop that advances pnt pointer, which is not good. We should send the notification (which is already done), and return. Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Donatas AbraitisDonatas Abraitis
8cc240eb80cbgpd: Validate BGP role capability when handling it dynamicallySigned-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Donatas AbraitisDonatas Abraitis
b5280177cbfbgpd: Prevent out-of-bound reading handling soft version dynamic capabilityFixes: 784cf95c4377ec84b25fb5801fdfaa20450325de ("bgpd: Try to handle software version capability with the new encoding format") Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Donald SharpGitHubDonald Sharp
779aaf12e10MMerge pull request #21501 from opensourcerouting/fix/zebra_mtu6lib: Report IPv6 MTU and not IPv4 for if_update_state_mtu6
Donald SharpGitHubDonald Sharp
9ef27ade63fMMerge pull request #21545 from TristanInSec/fix/eigrp-hello-auth-byteordereigrpd: fix byte order in Hello authentication decode
Donald SharpGitHubDonald Sharp
f9fb46ee471MMerge pull request #21584 from cscarpitta/srv6_isis_fix_copy_subtlvisisd: Preserve flags when copying SRv6 End SID sub-TLV
Donald SharpGitHubDonald Sharp
73c93ce17bcMMerge pull request #21588 from mjstapp/fix_ospf6_auth_seqnumospf6d: update auth sequence number after validating digest
Mark StappMark Stapp
c2f8e9660e3ospf6d: update auth sequence number after validating digestTest for valid sequence number before validating auth digest, but don't update the neighbor's sequence number value until after validating. Reported-by: Bronson Yen <bronson@calif.io> Signed-off-by: Mark Stapp <mjs@cisco.com>
Donald SharpGitHubDonald Sharp
1c98ab5b509MMerge pull request #21486 from opensourcerouting/fix/bgp_print_link_type_correctly_according_to_remote_as_autobgpd: Print neighbor link type correctly according to local-as
Donald SharpGitHubDonald Sharp
1bb48e004eaMMerge pull request #21510 from opensourcerouting/ospf-overlap-connectedospfd,tests: fix OSPF connected overlapping prefix bug
Donald SharpGitHubDonald Sharp
69cd4249a16MMerge pull request #21518 from pguibert6WIND/bfdproflist_shadowbfdd: Move bfdproflist declaration to header
Donald SharpGitHubDonald Sharp
ab98dc07cc2MMerge pull request #21534 from reinaldosaraiva/upstream-submit/ub-4-xpath-schema-vs-keylib: northbound: distinguish unknown schema node from key mismatch
Donald SharpGitHubDonald Sharp
d7f334e98d0MMerge pull request #21551 from opensourcerouting/fix/bgp_inter_confederation_ebgpbgpd: Replace the actual local-as when using replace-as with the confederation
Carmine ScarpittaCarmine Scarpitta
d6fdc04c50fisisd: Preserve flags when copying SRv6 End SID sub-TLVPreserve the flags field when duplicating an SRv6 End SID sub-TLV by copying it into the cloned entry. Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Mark StappMark Stapp
2978a02efd2isisd: continue hardening SRV6 tlv parsingAdd more validation for SRV6 END.X and LAN_END.X subsubtlvs. Ensure allocated subsubtlv pointer is freed in error cleanup paths. Signed-off-by: Mark Stapp <mjs@cisco.com> Reported-by: Bronson Yen <bronson@calif.io>
Mark StappGitHubMark Stapp
a7e5d6cbda0MMerge pull request #21559 from hnattamaisub/bgp_best_pathbgpd: fix neighbor IP comparison for IPv6 memcmp return values
Donald SharpGitHubDonald Sharp
55e1e2121beMMerge pull request #21566 from lsang6WIND/fix-membgp_evpn: fix memleak when configuring rd
Donald SharpGitHubDonald Sharp
1c8b89e2f6fMMerge pull request #21540 from mjstapp/fix_isis_endx_lensisisd: use correct min size values for srv6 subtlvs
TristanInSecTristanInSec
b8e637934aceigrpd: fix byte order in Hello TLV decode functionsThe auth_type and length fields in EIGRP Hello TLV structures are network byte order, but several decode functions compare them against host-order constants without ntohs(). Add ntohs() to all affected comparisons: - eigrp_hello_authentication_decode: auth_type and length checks - eigrp_hello_parameter_decode: length check - eigrp_sw_version_decode: length check - eigrp_peer_termination_decode...
Reinaldo SaraivaReinaldo Saraiva
7c4498d4ddalib: northbound: distinguish unknown schema node from key mismatchWhen an mgmt edit-config arrives with an xpath that cannot be resolved against the data tree, lyd_find_path returns an error and mgmtd emits "List keys in xpath and data tree are different" for two distinct failure modes: - the xpath names a schema node that does not exist (typo, e.g. "prefix-lst" instead of "prefix-list"); and - the xpath resolves to a valid schema node, but the key p...
Loïc SangLoïc Sang
fcd704f601abgp_evpn: fix memleak when configuring rdDirect leak of 14 byte(s) in 1 object(s) allocated from: #0 0x7bea082f74e8 in strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:578 #1 0x7bea07e3ca5a in qstrdup lib/memory.c:123 #2 0x63e8ac7e7349 in evpn_configure_rd bgpd/bgp_evpn_vty.c:2401 #3 0x63e8ac7e7349 in bgp_evpn_vni_rd bgpd/bgp_evpn_vty.c:6439 #4 0x7bea07db2926 in cmd_execute_command_real lib/command.c:...
Mark StappGitHubMark Stapp
3b419ef76b8MMerge pull request #21543 from TristanInSec/fix/eigrp-hello-tlv-minleneigrpd: enforce minimum TLV length in Hello handler
hariniharini
5a22236ee28bgpd: fix neighbor IP comparison for IPv6 memcmp return valuesRootcause and fix: In bgp bestpath selection,IPv6 peer addresses are ordered with memcmp in sockunion_cmp(), so the return value can be any negative or positive integer (e.g. 2), not only -1, 0, or 1. The BGP neighbor-IP step compared ret to exactly ±1, so other positive/negative values fell through to the default branch and leading to select the wrong path. Using ret > 0 and ret < 0 instead. ...
Donald SharpGitHubDonald Sharp
03024cb96dbMMerge pull request #21539 from mjstapp/fix_eigrp_pfx_leneigrpd: reject invalid prefix mask len
Donatas AbraitisDonatas Abraitis
1f9e68622f0bgpd: Replace the actual local-as when using replace-as with the confederationIf we have something like: router bgp 12345 no bgp ebgp-requires-policy bgp confederation identifier 64512 neighbor 192.168.1.1 remote-as 65004 neighbor 192.168.3.3 remote-as 64515 neighbor 192.168.3.3 remove-private-AS all replace-AS Then 192.168.3.3 receives a route with AS PATH: 64512 12345, but 12345 should be replaced to 64512 because the peering is done using 64512 <-> 64515. Sign...
Donatas AbraitisDonatas Abraitis
f0b6a719933tests: Check if confederation AS is stripped for external neighborsSigned-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Jafar Al-GharaibehGitHubJafar Al-Gharaibeh
f744dd7fefbMMerge pull request #21536 from mjstapp/fix_ospf_apisrv_opaqueospfd: add LSA validation in the apiserver path
TristanInSecTristanInSec
349f17ef300eigrpd: enforce minimum TLV length in Hello handlerThe Hello TLV parser accepts TLVs with length 1, 2, or 3 because the condition only checks length > 0. Since the TLV header itself is 4 bytes (type + length), a declared length smaller than EIGRP_TLV_HDR_LENGTH causes the pointer to advance by less than one header width, misaligning all subsequent TLV reads. Tighten the check to require length >= EIGRP_TLV_HDR_LENGTH. Signed-off-by: Tristan M...
Mark StappMark Stapp
256f5899dc9isisd: use correct min size values for srv6 subtlvsUse the correct min sizes for the SRV6_ENDX and LAN_ENDX SID subtlvs. Reported-by: Tristan Madani <TristanInSec@gmail.com> Signed-off-by: Mark Stapp <mjs@cisco.com>
Mark StappMark Stapp
c99ce592ebbeigrpd: reject invalid prefix mask lenReject invalid prefix mask lengths for ipv4 tlvs. Reported-by: Bronson Yen <bronson@calif.io> Signed-off-by: Mark Stapp <mjs@cisco.com>
Mark StappMark Stapp
b9b67751355ospfd: add LSA validation in the apiserver pathAdd some length validation for LSAs offered through the apiserver code path. Signed-off-by: Mark Stapp <mjs@cisco.com>
Jafar Al-GharaibehGitHubJafar Al-Gharaibeh
e66d35b2ed7MMerge pull request #21507 from mjstapp/bgp_pmsi_tun_v6bgpd: PMSI tunnel attribute compatibility
souroysouroy
f24948a8c3ebgpd: fix valgrind memory leaks on daemon shutdownDuring daemon termination, the default BGP instance leaks due to two issues: First, bgp_cleanup_routes() skips EVPN and ENCAP two-level table cleanup for hidden instances, leaving route entries. Add a terminating check so these tables are always cleaned during shutdown. Second, a circular dependency exists between bgp_free() and VNI lock release: each L2VNI holds a bgp_lock on the default ins...
Russ WhiteGitHubRuss White
ec3e59c5365MMerge pull request #21500 from opensourcerouting/fix/zebra_mtu_ipv6_changetests: Check if IPv6 MTU change is triggering BGP updates correctly
Rafael ZalamenaRafael Zalamena
57b10053364ospfd: fix redistribution for overlapping prefixesOSPF should not originate AS-external LSAs for networks that are already advertised internally (i.e. via OSPF-enabled interfaces). The redistribution check for connected routes used `prefix_match()`, which incorrectly suppressed routes whose prefixes only overlap with an OSPF-enabled interface. Use `prefix_same()` instead, so only identical prefixes are skipped and distinct connected networks...
Rafael ZalamenaRafael Zalamena
76b1ac210edtests: topology to test OSPF overlapping prefixAdd test for the OSPF connected overlapping prefix bug where an external route is ommited because a connected route overlaps the prefix. Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Donald SharpGitHubDonald Sharp
93ad76e71c1MMerge pull request #21530 from mjstapp/fix_tests_gitignore_isistests: update .gitignore for isis test
Donatas AbraitisDonatas Abraitis
4561cb245d0bgpd: Respect local-as if configured when using internal/external/autoLet's say we have something like: router bgp 65001 neighbor 192.168.1.5 remote-as internal neighbor 192.168.1.5 local-as 65005 no-prepend replace-as This way when the BGP OPEN is received it's treating 192.168.1.5 as external, because local-as is not evaluated, and 65001 is taken instead. Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Donatas AbraitisDonatas Abraitis
ed66b58f710tests: Check if the correct link type is printed for neighborsSigned-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Donald SharpMark StappDonald Sharp
f864838f4cetests: Add a v6 pmsi tunnel only test.Add a v6 only test that shows that v6 encoding actually works. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Donatas AbraitisDonatas Abraitis
a213b395069bgpd: Compare local-as when showing if the link is external or internalBefore this patch we compared remote-as vs. local-as (which is taken from BGP instance). But if we use `local-as X`, we should compare it too. Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Donatas AbraitisDonatas Abraitis
60138ca699ebgpd: Show "external" only if it's really external if using remote-as autoFixes: 0dfe25697f5299326046fcfb66f2c6beca7c423c ("bgpd: Implement `neighbor X remote-as auto`") Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Dmytro ShytyiPhilippe GuibertDmytro Shytyi
9949d699ae7bfdd: Move bfdproflist declaration to headerRefactor extern variable to be declared outside of C functions. Fixes: ccc9ada86814 ("bfdd: implement BFD session configuration profiles") Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com> Signed-off-by: Dmytro Shytyi <dmytro.shytyi@6wind.com>