Attachment #191795 for bug #223835

View | Details | Raw Unified | Return to bug 223835 | Differences between
Collapse All | Expand All




/*	$OpenBSD: session.c,v 1.325 2012/09/18 09:45:50 claudio Exp $ */

/*
 * Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org>


#include <sys/mman.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <sys/un.h>
#include <sys/queue.h>
#include <net/if_types.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <netinet/tcp_var.h>
#include <arpa/inet.h>

#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <poll.h>
#include <pwd.h>
#include <signal.h>

#define PFD_PIPE_ROUTE_CTL	2
#define PFD_SOCK_CTL		3
#define PFD_SOCK_RCTL		4
#define PFD_SOCK_PFKEY		5
#define PFD_LISTENERS_START	6

#if defined(__FreeBSD__) /* FreeBSD has no LINK_STATE_IS_UP macro. */
#define LINK_STATE_IS_UP(_s)  ((_s) >= LINK_STATE_UP)
#endif /* defined(__FreeBSD__) */ 

void	session_sighdlr(int);
int	setup_listeners(u_int *);

int	session_connect(struct peer *);
void	session_tcp_established(struct peer *);
void	session_capa_ann_none(struct peer *);
int	session_capa_add(struct ibuf *, u_int8_t, u_int8_t);
int	session_capa_add_mp(struct ibuf *, u_int8_t);
int	session_capa_add_gr(struct peer *, struct ibuf *, u_int8_t);
struct bgp_msg	*session_newmsg(enum msg_type, u_int16_t);
int	session_sendmsg(struct bgp_msg *, struct peer *);
void	session_open(struct peer *);

void	session_update(u_int32_t, void *, size_t);
void	session_notification(struct peer *, u_int8_t, u_int8_t, void *,
	    ssize_t);
void	session_rrefresh(struct peer *, u_int8_t);
int	session_graceful_restart(struct peer *);
int	session_graceful_is_restarting(struct peer *);
int	session_graceful_stop(struct peer *);
int	session_dispatch_msg(struct pollfd *, struct peer *);
int	session_process_msg(struct peer *);
int	parse_header(struct peer *, u_char *, u_int16_t *, u_int8_t *);
int	parse_open(struct peer *);
int	parse_update(struct peer *);
int	parse_refresh(struct peer *);
int	parse_notification(struct peer *);
int	parse_capabilities(struct peer *, u_char *, u_int16_t, u_int32_t *);
int	capa_neg_calc(struct peer *);
void	session_dispatch_imsg(struct imsgbuf *, int, u_int *);
void	session_up(struct peer *);
void	session_down(struct peer *);
void	session_demote(struct peer *, int);

int		 la_cmp(struct listen_addr *, struct listen_addr *);
struct peer	*getpeerbyip(struct sockaddr *);
int		 session_match_mask(struct peer *, struct bgpd_addr *);
struct peer	*getpeerbyid(u_int32_t);
static struct sockaddr	*addr2sa(struct bgpd_addr *, u_int16_t);

struct bgpd_config	*conf, *nconf;
struct bgpd_sysdep	 sysdep;
struct peer		*peers, *npeers;
volatile sig_atomic_t	 session_quit;
int			 pending_reconf;
int			 csock = -1, rcsock = -1;
u_int			 peer_cnt;
struct imsgbuf		*ibuf_rde;

struct imsgbuf		*ibuf_main;

struct mrt_head		 mrthead;
time_t			 pauseaccept;

void
session_sighdlr(int sig)

}

pid_t
session_main(int pipe_m2s[2], int pipe_s2r[2], int pipe_m2r[2],
    int pipe_s2rctl[2])
    struct mrt_head *m_l, struct rib_names *rib_l, int pipe_m2s[2],
    int pipe_s2r[2], int pipe_m2r[2], int pipe_s2rctl[2])
{
	int			 nfds, timeout, pfkeysock;
	unsigned int		 i, j, idx_peers, idx_listeners, idx_mrts;
	pid_t			 pid;
	u_int			 pfd_elms = 0, peer_l_elms = 0, mrt_l_elms = 0;

	u_int32_t		 ctl_queued;
	struct passwd		*pw;
	struct peer		*p, **peer_l = NULL, *last, *next;
	struct mrt		*m, *xm, **mrt_l = NULL;
	struct mrt		*m, **mrt_l = NULL;
	struct filter_rule	*r;
	struct pollfd		*pfd = NULL;
	struct ctl_conn		*ctl_conn;
	struct listen_addr	*la;
	struct rde_rib		*rr;
	void			*newp;
	short			 events;

	conf = config;
	peers = cpeers;

	switch (pid = fork()) {
	case -1:
		fatal("cannot fork");

		return (pid);
	}

	/* control socket is outside chroot */
	if ((csock = control_init(0, conf->csock)) == -1)
		fatalx("control socket setup failed");
	if (conf->rcsock != NULL &&
	    (rcsock = control_init(1, conf->rcsock)) == -1)
		fatalx("control socket setup failed");

	if ((pw = getpwnam(BGPD_USER)) == NULL)
		fatal(NULL);



	setproctitle("session engine");
	bgpd_process = PROC_SE;
	pfkeysock = pfkey_init(&sysdep);
	if (pfkey_init(&sysdep) == -1)
		fatalx("pfkey setup failed");

	if (setgroups(1, &pw->pw_gid) ||
	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
		fatal("can't drop privileges");

	listener_cnt = 0;
	setup_listeners(&listener_cnt);

	signal(SIGTERM, session_sighdlr);
	signal(SIGINT, session_sighdlr);
	signal(SIGPIPE, SIG_IGN);
	signal(SIGHUP, SIG_IGN);
	signal(SIGALRM, SIG_IGN);
	signal(SIGUSR1, SIG_IGN);

	close(pipe_m2s[0]);
	close(pipe_s2r[1]);
	close(pipe_s2rctl[1]);
	close(pipe_m2r[0]);
	close(pipe_m2r[1]);
	init_conf(conf);
	if ((ibuf_rde = malloc(sizeof(struct imsgbuf))) == NULL ||
	    (ibuf_rde_ctl = malloc(sizeof(struct imsgbuf))) == NULL ||
	    (ibuf_main = malloc(sizeof(struct imsgbuf))) == NULL)

	imsg_init(ibuf_rde, pipe_s2r[0]);
	imsg_init(ibuf_rde_ctl, pipe_s2rctl[0]);
	imsg_init(ibuf_main, pipe_m2s[1]);

	TAILQ_INIT(&ctl_conns);
	control_listen(csock);
	control_listen(rcsock);
	LIST_INIT(&mrthead);
	listener_cnt = 0;
	peer_cnt = 0;
	ctl_cnt = 0;

	if ((conf = calloc(1, sizeof(struct bgpd_config))) == NULL)
		fatal(NULL);
	if ((conf->listen_addrs = calloc(1, sizeof(struct listen_addrs))) ==
	    NULL)
		fatal(NULL);
	TAILQ_INIT(conf->listen_addrs);

	/* network list is not used in the SE */
	while ((net = TAILQ_FIRST(net_l)) != NULL) {
		TAILQ_REMOVE(net_l, net, entry);
		filterset_free(&net->net.attrset);
		free(net);
	}

	log_info("session engine ready");
	while ((m = LIST_FIRST(m_l)) != NULL) {
		LIST_REMOVE(m, entry);
		free(m);
	}
	/* rib names not used in the SE */
	while ((rr = SIMPLEQ_FIRST(&ribnames))) {
		SIMPLEQ_REMOVE_HEAD(&ribnames, entry);
		free(rr);
	}

	while (session_quit == 0) {
		/* check for peers to be initialized or deleted */


				/* reinit due? */
				if (p->conf.reconf_action == RECONF_REINIT) {
					session_stop(p, ERR_CEASE_ADMIN_RESET);
					if (!p->conf.down)
						timer_set(p, Timer_IdleHold, 0);
				}

				/* deletion due? */

					if (p->demoted)
						session_demote(p, -1);
					p->conf.demote_group[0] = 0;
					session_stop(p, ERR_CEASE_PEER_UNCONF);
					log_peer_warnx(&p->conf, "removed");
					if (last != NULL)
						last->next = next;

		}

		mrt_cnt = 0;
		for (m = LIST_FIRST(&mrthead); m != NULL; m = xm) {
			xm = LIST_NEXT(m, entry);
			if (m->state == MRT_STATE_REMOVE) {
				mrt_clean(m);
				LIST_REMOVE(m, entry);
				free(m);
				continue;
			}
			if (m->wbuf.queued)
				mrt_cnt++;
		}

		if (mrt_cnt > mrt_l_elms) {
			if ((newp = realloc(mrt_l, sizeof(struct mrt *) *

		if (ctl_queued < SESSION_CTL_QUEUE_MAX)
			/*
			 * Do not act as unlimited buffer. Don't read in more
			 * messages if the ctl sockets are getting full.
			 */
			pfd[PFD_PIPE_ROUTE_CTL].events = POLLIN;
		if (pauseaccept == 0) {
			pfd[PFD_SOCK_CTL].fd = csock;
			pfd[PFD_SOCK_CTL].events = POLLIN;
			pfd[PFD_SOCK_RCTL].fd = rcsock;
			pfd[PFD_SOCK_RCTL].events = POLLIN;
		} else {
			pfd[PFD_SOCK_CTL].fd = -1;
			pfd[PFD_SOCK_RCTL].fd = -1;
		}
		pfd[PFD_SOCK_PFKEY].fd = pfkeysock;
#if !defined(__FreeBSD__)
		pfd[PFD_SOCK_PFKEY].events = POLLIN;
#else
		pfd[PFD_SOCK_PFKEY].events = 0;
#endif
		i = PFD_LISTENERS_START;
		TAILQ_FOREACH(la, conf->listen_addrs, entry) {
			if (pauseaccept == 0) {
				pfd[i].fd = la->fd;
				pfd[i].events = POLLIN;
			} else
				pfd[i].fd = -1;
			i++;
		}
		idx_listeners = i;

					    p->state == STATE_ESTABLISHED)
						session_demote(p, -1);
					break;
				case Timer_RestartTimeout:
					timer_stop(p, Timer_RestartTimeout);
					session_graceful_stop(p);
					break;
				default:
					fatalx("King Bula lost in time");
				}

			events = POLLIN;
			if (p->wbuf.queued > 0 || p->state == STATE_CONNECT)
				events |= POLLOUT;
			/* is there still work to do? */
			if (p->rbuf && p->rbuf->wpos)
				timeout = 0;

			/* poll events */
			if (p->fd != -1 && events != 0) {

			i++;
		}

		if (pauseaccept && timeout > 1)
			timeout = 1;
		if (timeout < 0)
			timeout = 0;
		if ((nfds = poll(pfd, i, timeout * 1000)) == -1)
			if (errno != EINTR)
				fatal("poll error");

		/*
		 * If we previously saw fd exhaustion, we stop accept()
		 * for 1 second to throttle the accept() loop.
		 */
		if (pauseaccept && getmonotime() > pauseaccept + 1)
			pauseaccept = 0;

		if (nfds > 0 && pfd[PFD_PIPE_MAIN].revents & POLLOUT)
			if (msgbuf_write(&ibuf_main->w) < 0)
				fatal("pipe write error");

			ctl_cnt += control_accept(rcsock, 1);
		}

		if (nfds > 0 && pfd[PFD_SOCK_PFKEY].revents & POLLIN) {
			nfds--;
			if (pfkey_read(pfkeysock, NULL) == -1) {
				log_warnx("pfkey_read failed, exiting...");
				session_quit = 1;
			}
		}

		for (j = PFD_LISTENERS_START; nfds > 0 && j < idx_listeners;
		    j++)
			if (pfd[j].revents & POLLIN) {

			nfds -= session_dispatch_msg(&pfd[j],
			    peer_l[j - idx_listeners]);

		for (p = peers; p != NULL; p = p->next)
			if (p->rbuf && p->rbuf->wpos)
				session_process_msg(p);

		for (; nfds > 0 && j < idx_mrts; j++)
			if (pfd[j].revents & POLLOUT) {
				nfds--;


	while ((p = peers) != NULL) {
		peers = p->next;
		session_stop(p, ERR_CEASE_ADMIN_DOWN);
		pfkey_remove(p);
		free(p);
	}

			timer_stop(peer, Timer_IdleHold);

			/* allocate read buffer */
			peer->rbuf = calloc(1, sizeof(struct ibuf_read));
			if (peer->rbuf == NULL)
				fatal(NULL);
			peer->rbuf->wpos = 0;

			/* init write buffer */
			msgbuf_init(&peer->wbuf);

			/* ignore */
			break;
		case EVNT_STOP:
			session_notification(peer, ERR_CEASE, 0, NULL, 0);
			change_state(peer, STATE_IDLE, event);
			break;
		case EVNT_CON_CLOSED:

				change_state(peer, STATE_IDLE, event);
			break;
		default:
			session_notification(peer,
			    ERR_FSM, ERR_FSM_UNEX_OPENSENT, NULL, 0);
			change_state(peer, STATE_IDLE, event);
			break;
		}

			/* ignore */
			break;
		case EVNT_STOP:
			session_notification(peer, ERR_CEASE, 0, NULL, 0);
			change_state(peer, STATE_IDLE, event);
			break;
		case EVNT_CON_CLOSED:

			change_state(peer, STATE_IDLE, event);
			break;
		default:
			session_notification(peer,
			    ERR_FSM, ERR_FSM_UNEX_OPENCONFIRM, NULL, 0);
			change_state(peer, STATE_IDLE, event);
			break;
		}

			/* ignore */
			break;
		case EVNT_STOP:
			session_notification(peer, ERR_CEASE, 0, NULL, 0);
			change_state(peer, STATE_IDLE, event);
			break;
		case EVNT_CON_CLOSED:

			change_state(peer, STATE_IDLE, event);
			break;
		default:
			session_notification(peer,
			    ERR_FSM, ERR_FSM_UNEX_ESTABLISHED, NULL, 0);
			change_state(peer, STATE_IDLE, event);
			break;
		}

void
session_close_connection(struct peer *peer)
{
	if (peer->fd != -1) {
		close(peer->fd);
		pauseaccept = 0;
	}
	peer->fd = peer->wbuf.fd = -1;
}


		timer_stop(peer, Timer_ConnectRetry);
		timer_stop(peer, Timer_Keepalive);
		timer_stop(peer, Timer_Hold);
		timer_stop(peer, Timer_IdleHold);
		timer_stop(peer, Timer_IdleHoldReset);
		session_close_connection(peer);
		msgbuf_clear(&peer->wbuf);
		free(peer->rbuf);
		peer->rbuf = NULL;
		bzero(&peer->capa.peer, sizeof(peer->capa.peer));

			session_down(peer);
		if (event != EVNT_STOP) {
			timer_set(peer, Timer_IdleHold, peer->IdleHoldTime);
			if (event != EVNT_NONE &&
			    peer->IdleHoldTime < MAX_IDLE_HOLD/2)
				peer->IdleHoldTime *= 2;
		}
		if (peer->state == STATE_ESTABLISHED) {
			if (peer->capa.neg.grestart.restart == 2 &&
			    (event == EVNT_CON_CLOSED ||
			    event == EVNT_CON_FATAL)) {
				/* don't punish graceful restart */
				timer_set(peer, Timer_IdleHold, 0);
				peer->IdleHoldTime /= 2;
				session_graceful_restart(peer);
			} else
				session_down(peer);
		}
		if (peer->state == STATE_NONE ||
		    peer->state == STATE_ESTABLISHED) {
			/* initialize capability negotiation structures */

		}
		break;
	case STATE_CONNECT:
		if (peer->state == STATE_ESTABLISHED &&
		    peer->capa.neg.grestart.restart == 2) {
			/* do the graceful restart dance */
			session_graceful_restart(peer);
			peer->holdtime = INTERVAL_HOLD_INITIAL;
			timer_stop(peer, Timer_ConnectRetry);
			timer_stop(peer, Timer_Keepalive);
			timer_stop(peer, Timer_Hold);
			timer_stop(peer, Timer_IdleHold);
			timer_stop(peer, Timer_IdleHoldReset);
			session_close_connection(peer);
			msgbuf_clear(&peer->wbuf);
			bzero(&peer->capa.peer, sizeof(peer->capa.peer));
		}
		break;
	case STATE_ACTIVE:
		break;

	len = sizeof(cliaddr);
	if ((connfd = accept(listenfd,
	    (struct sockaddr *)&cliaddr, &len)) == -1) {
		if (errno == ENFILE || errno == EMFILE) {
			pauseaccept = getmonotime();
			return;
		} else if (errno == EWOULDBLOCK || errno == EINTR)
			return;
		else
			log_warn("accept");

			}
		}

open:
		if (p->conf.auth.method != AUTH_NONE && sysdep.no_pfkey) {
			log_peer_warnx(&p->conf,
			    "ipsec or md5sig configured but not available");

		}
		session_socket_blockmode(connfd, BM_NONBLOCK);
		bgp_fsm(p, EVNT_CON_OPEN);
		return;
	} else if (p != NULL && p->state == STATE_ESTABLISHED &&
	    p->capa.neg.grestart.restart == 2) {
		/* first do the graceful restart dance */
		change_state(p, STATE_CONNECT, EVNT_CON_CLOSED);
		/* then do part of the open dance */
		goto open;
	} else {
		log_conn_attempt(p, (struct sockaddr *)&cliaddr);
		close(connfd);

	if (peer->fd != -1)
		return (-1);

	if ((peer->fd = socket(aid2af(peer->conf.remote_addr.aid), SOCK_STREAM,
	    IPPROTO_TCP)) == -1) {
		log_peer_warn(&peer->conf, "session_connect socket");
		bgp_fsm(peer, EVNT_CON_OPENFAIL);

	peer->wbuf.fd = peer->fd;

	/* if update source is set we need to bind() */
	if ((sa = addr2sa(&peer->conf.local_addr, 0)) != NULL) {
		sa = addr2sa(&peer->conf.local_addr, 0);
		if (bind(peer->fd, sa, sa->sa_len) == -1) {
			log_peer_warn(&peer->conf, "session_connect bind");
			bgp_fsm(peer, EVNT_CON_OPENFAIL);

	int	nodelay = 1;
	int	bsize;

	switch (p->conf.remote_addr.aid) {
	case AID_INET:
		/* set precedence, see RFC 1771 appendix 5 */
		if (setsockopt(p->fd, IPPROTO_IP, IP_TOS, &pre, sizeof(pre)) ==
		    -1) {
			log_peer_warn(&p->conf,
			    "session_setup_socket setsockopt TOS");
			return (-1);
		}

		if (p->conf.ebgp) {
			/* set TTL to foreign router's distance
			   1=direct n=multihop with ttlsec, we always use 255 */
			if (p->conf.ttlsec) {
				ttl = 256 - p->conf.distance;
				if (setsockopt(p->fd, IPPROTO_IP, IP_MINTTL,
				    &ttl, sizeof(ttl)) == -1) {
					log_peer_warn(&p->conf,
					    "session_setup_socket: "
					    "setsockopt MINTTL");
					return (-1);
				}
				ttl = 255;
			}

			if (setsockopt(p->fd, IPPROTO_IP, IP_TTL, &ttl,
			    sizeof(ttl)) == -1) {
				log_peer_warn(&p->conf,
				    "session_setup_socket setsockopt TTL");
				return (-1);
			}
			ttl = 255;
		}

		if (setsockopt(p->fd, IPPROTO_IP, IP_TTL, &ttl,
		    sizeof(ttl)) == -1) {
			log_peer_warn(&p->conf,
			    "session_setup_socket setsockopt TTL");
			return (-1);
		}
		break;
	case AID_INET6:
		if (p->conf.ebgp) {
			/* set hoplimit to foreign router's distance */
			if (setsockopt(p->fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS,
			    &ttl, sizeof(ttl)) == -1) {
				log_peer_warn(&p->conf,
				    "session_setup_socket setsockopt hoplimit");
				return (-1);
			}
		}
		break;
	/* if ttlsec is in use, set minttl */
	if (p->conf.ttlsec) {
		ttl = 256 - p->conf.distance;
		setsockopt(p->fd, IPPROTO_IP, IP_MINTTL, &ttl, sizeof(ttl));

	}

	/* set TCP_NODELAY */

		return (-1);
	}

	/* set precedence, see RFC 1771 appendix 5 */
	if (p->conf.remote_addr.af == AF_INET &&
	    setsockopt(p->fd, IPPROTO_IP, IP_TOS, &pre, sizeof(pre)) == -1) {
		log_peer_warn(&p->conf,
		    "session_setup_socket setsockopt TOS");
		return (-1);
	}

	/* only increase bufsize (and thus window) if md5 or ipsec is in use */
	if (p->conf.auth.method != AUTH_NONE) {
		/* try to increase bufsize. no biggie if it fails */
		bsize = 65535;
		while (bsize > 8192 &&
		    setsockopt(p->fd, SOL_SOCKET, SO_RCVBUF, &bsize,
		    sizeof(bsize)) == -1 && errno != EINVAL)
			bsize /= 2;
		bsize = 65535;
		while (bsize > 8192 &&
		    setsockopt(p->fd, SOL_SOCKET, SO_SNDBUF, &bsize,
		    sizeof(bsize)) == -1 && errno != EINVAL)
			bsize /= 2;
	}


void
session_capa_ann_none(struct peer *peer)
{
	bzero(&peer->capa.ann, sizeof(peer->capa.ann));
	peer->capa.ann.mp_v4 = SAFI_NONE;
	peer->capa.ann.refresh = 0;
	peer->capa.ann.restart = 0;
	peer->capa.ann.as4byte = 0;
}

int
session_capa_add(struct ibuf *opb, u_int8_t capa_code, u_int8_t capa_len)
{
	int errs = 0;

	errs += ibuf_add(opb, &capa_code, sizeof(capa_code));
	errs += ibuf_add(opb, &capa_len, sizeof(capa_len));
	op_len = sizeof(capa_code) + sizeof(capa_len) + capa_len;
	tot_len = sizeof(op_type) + sizeof(op_len) + op_len;
	errs += buf_add(opb, &op_type, sizeof(op_type));
	errs += buf_add(opb, &op_len, sizeof(op_len));
	errs += buf_add(opb, &capa_code, sizeof(capa_code));
	errs += buf_add(opb, &capa_len, sizeof(capa_len));
	*optparamlen += tot_len;
	return (errs);
}

int
session_capa_add_mp(struct ibuf *buf, u_int8_t aid)
{
	u_int8_t		 safi, pad = 0;
	u_int16_t		 afi;
	int			 errs = 0;

	if (aid2afi(aid, &afi, &safi) == -1)
		fatalx("session_capa_add_mp: bad afi/safi pair");
	afi = htons(afi);
	errs += ibuf_add(buf, &afi, sizeof(afi));
	errs += ibuf_add(buf, &pad, sizeof(pad));
	errs += ibuf_add(buf, &safi, sizeof(safi));

	return (errs);
}

int
session_capa_add_gr(struct peer *p, struct ibuf *b, u_int8_t aid)
{
	u_int		errs = 0;
	u_int16_t	afi;
	u_int8_t	flags, safi;

	if (aid2afi(aid, &afi, &safi)) {
		log_warn("session_capa_add_gr: bad AID");
		return (1);
	}
	if (p->capa.neg.grestart.flags[aid] & CAPA_GR_RESTARTING)
		flags = CAPA_GR_F_FLAG;
	else
		flags = 0;

	afi = htons(afi);
	errs += ibuf_add(b, &afi, sizeof(afi));
	errs += ibuf_add(b, &safi, sizeof(safi));
	errs += ibuf_add(b, &flags, sizeof(flags));

	return (errs);
}

{
	struct bgp_msg		*msg;
	struct msg_header	 hdr;
	struct ibuf		*buf;
	int			 errs = 0;

	memset(&hdr.marker, 0xff, sizeof(hdr.marker));
	hdr.len = htons(len);
	hdr.type = msgtype;

	if ((buf = ibuf_open(len)) == NULL)
		return (NULL);

	errs += ibuf_add(buf, &hdr.marker, sizeof(hdr.marker));
	errs += ibuf_add(buf, &hdr.len, sizeof(hdr.len));
	errs += ibuf_add(buf, &hdr.type, sizeof(hdr.type));

	if (errs || (msg = calloc(1, sizeof(*msg))) == NULL) {
		ibuf_free(buf);
		buf_free(buf);
		return (NULL);
	}


			mrt_dump_bgp_msg(mrt, msg->buf->buf, msg->len, p);
	}

	ibuf_close(&p->wbuf, msg->buf);
	free(msg);
	return (0);
}

session_open(struct peer *p)
{
	struct bgp_msg		*buf;
	struct ibuf		*opb;
	struct msg_open		 msg;
	u_int16_t		 len;
	u_int8_t		 i, op_type, optparamlen = 0;
	int			 errs = 0;
	int			 mpcapa = 0;


	if ((opb = ibuf_dynamic(0, UCHAR_MAX - sizeof(op_type) -
	    sizeof(optparamlen))) == NULL) {
		bgp_fsm(p, EVNT_CON_FATAL);
		return;
	}

	/* multiprotocol extensions, RFC 4760 */
	for (i = 0; i < AID_MAX; i++)
		if (p->capa.ann.mp[i]) {	/* 4 bytes data */
			errs += session_capa_add(opb, CAPA_MP, 4);
			errs += session_capa_add_mp(opb, i);
			mpcapa++;
		}
		errs += session_capa_add_mp(opb, AFI_IPv6, p->capa.ann.mp_v6);
	}

	/* route refresh, RFC 2918 */
	if (p->capa.ann.refresh)	/* no data */
		errs += session_capa_add(opb, CAPA_REFRESH, 0);

	/* graceful restart and End-of-RIB marker, RFC 4724 */
	if (p->capa.ann.grestart.restart) {
		int		rst = 0;
		u_int16_t	hdr;
		u_int8_t	grlen;

		if (mpcapa) {
			grlen = 2 + 4 * mpcapa;
			for (i = 0; i < AID_MAX; i++) {
				if (p->capa.neg.grestart.flags[i] &
				    CAPA_GR_RESTARTING)
					rst++;
			}
		} else {	/* AID_INET */
			grlen = 2 + 4;
			if (p->capa.neg.grestart.flags[AID_INET] &
			    CAPA_GR_RESTARTING)
				rst++;
		}

		hdr = conf->holdtime;		/* default timeout */
		/* if client does graceful restart don't set R flag */
		if (!rst)
			hdr |= CAPA_GR_R_FLAG;
		hdr = htons(hdr);

		errs += session_capa_add(opb, CAPA_RESTART, grlen);
		errs += ibuf_add(opb, &hdr, sizeof(hdr));

		if (mpcapa) {
			for (i = 0; i < AID_MAX; i++) {
				if (p->capa.ann.mp[i]) {
					errs += session_capa_add_gr(p, opb, i);
				}
			}
		} else {	/* AID_INET */
			errs += session_capa_add_gr(p, opb, AID_INET);
		}
	}

	/* 4-bytes AS numbers, draft-ietf-idr-as4bytes-13 */

		u_int32_t	nas;

		nas = htonl(conf->as);
		errs += session_capa_add(opb, CAPA_AS4BYTE, sizeof(nas));
		errs += ibuf_add(opb, &nas, sizeof(nas));
	}

	if (ibuf_size(opb))
		optparamlen = ibuf_size(opb) + sizeof(op_type) +
		    sizeof(optparamlen);

	len = MSGSIZE_OPEN_MIN + optparamlen;
	if (errs || (buf = session_newmsg(OPEN, len)) == NULL) {
		ibuf_free(opb);
		bgp_fsm(p, EVNT_CON_FATAL);
		return;
	}

	msg.bgpid = conf->bgpid;	/* is already in network byte order */
	msg.optparamlen = optparamlen;

	errs += ibuf_add(buf->buf, &msg.version, sizeof(msg.version));
	errs += ibuf_add(buf->buf, &msg.myas, sizeof(msg.myas));
	errs += ibuf_add(buf->buf, &msg.holdtime, sizeof(msg.holdtime));
	errs += ibuf_add(buf->buf, &msg.bgpid, sizeof(msg.bgpid));
	errs += ibuf_add(buf->buf, &msg.optparamlen, sizeof(msg.optparamlen));

	if (optparamlen) {
		op_type = OPT_PARAM_CAPABILITIES;
		optparamlen = ibuf_size(opb);
		errs += ibuf_add(buf->buf, &op_type, sizeof(op_type));
		errs += ibuf_add(buf->buf, &optparamlen, sizeof(optparamlen));
		errs += ibuf_add(buf->buf, opb->buf, ibuf_size(opb));
	}

	ibuf_free(opb);

	if (errs) {
		ibuf_free(buf->buf);
		free(buf);
		bgp_fsm(p, EVNT_CON_FATAL);
		return;

		return;
	}

	if (ibuf_add(buf->buf, data, datalen)) {
		ibuf_free(buf->buf);
		free(buf);
		bgp_fsm(p, EVNT_CON_FATAL);
		return;

    void *data, ssize_t datalen)
{
	struct bgp_msg		*buf;
	int			 errs = 0;
	u_int8_t		 null8 = 0;

	if (p->stats.last_sent_errcode)	/* some notification already sent */
		return;

	log_notification(p, errcode, subcode, data, datalen, "sending");

	if ((buf = session_newmsg(NOTIFICATION,
	    MSGSIZE_NOTIFICATION_MIN + datalen)) == NULL) {
		bgp_fsm(p, EVNT_CON_FATAL);
		return;
	}

	errs += ibuf_add(buf->buf, &errcode, sizeof(errcode));
	errs += ibuf_add(buf->buf, &subcode, sizeof(subcode));
		errs += buf_add(buf->buf, &null8, sizeof(null8));
	else
		errs += buf_add(buf->buf, &subcode, sizeof(subcode));

	if (datalen > 0)
		errs += ibuf_add(buf->buf, data, datalen);

	if (errs) {
		ibuf_free(buf->buf);
		free(buf);
		bgp_fsm(p, EVNT_CON_FATAL);
		return;

int
session_neighbor_rrefresh(struct peer *p)
{
	u_int8_t	i;

	if (!p->capa.peer.refresh)
		return (-1);

	for (i = 0; i < AID_MAX; i++) {
		if (p->capa.peer.mp[i] != 0)
			session_rrefresh(p, i);
	}

	return (0);
}

void
session_rrefresh(struct peer *p, u_int8_t aid)
{
	struct bgp_msg		*buf;
	int			 errs = 0;
	u_int16_t		 afi;
	u_int8_t		 safi, null8 = 0;

	if (aid2afi(aid, &afi, &safi) == -1)
		fatalx("session_rrefresh: bad afi/safi pair");

	if ((buf = session_newmsg(RREFRESH, MSGSIZE_RREFRESH)) == NULL) {
		bgp_fsm(p, EVNT_CON_FATAL);

	}

	afi = htons(afi);
	errs += ibuf_add(buf->buf, &afi, sizeof(afi));
	errs += ibuf_add(buf->buf, &null8, sizeof(null8));
	errs += ibuf_add(buf->buf, &safi, sizeof(safi));

	if (errs) {
		ibuf_free(buf->buf);
		free(buf);
		bgp_fsm(p, EVNT_CON_FATAL);
		return;

}

int
session_graceful_restart(struct peer *p)
{
	u_int8_t	i;

	timer_set(p, Timer_RestartTimeout, p->capa.neg.grestart.timeout);

	for (i = 0; i < AID_MAX; i++) {
		if (p->capa.neg.grestart.flags[i] & CAPA_GR_PRESENT) {
			if (imsg_compose(ibuf_rde, IMSG_SESSION_STALE,
			    p->conf.id, 0, -1, &i, sizeof(i)) == -1)
				return (-1);
			log_peer_warnx(&p->conf,
			    "graceful restart of %s, keeping routes",
			    aid2str(i));
			p->capa.neg.grestart.flags[i] |= CAPA_GR_RESTARTING;
		} else if (p->capa.neg.mp[i]) {
			if (imsg_compose(ibuf_rde, IMSG_SESSION_FLUSH,
			    p->conf.id, 0, -1, &i, sizeof(i)) == -1)
				return (-1);
			log_peer_warnx(&p->conf,
			    "graceful restart of %s, flushing routes",
			    aid2str(i));
		}
	}
	return (0);
}

int
session_graceful_is_restarting(struct peer *p)
{
	u_int8_t	i;

	for (i = 0; i < AID_MAX; i++)
		if (p->capa.neg.grestart.flags[i] & CAPA_GR_RESTARTING)
			return (1);
	return (0);
}

int
session_graceful_stop(struct peer *p)
{
	u_int8_t	i;

	for (i = 0; i < AID_MAX; i++) {
		/*
		 * Only flush if the peer is restarting and the peer indicated
		 * it hold the forwarding state. In all other cases the
		 * session was already flushed when the session came up.
		 */
		if (p->capa.neg.grestart.flags[i] & CAPA_GR_RESTARTING &&
		    p->capa.neg.grestart.flags[i] & CAPA_GR_FORWARD) {
			log_peer_warnx(&p->conf, "graceful restart of %s, "
			    "time-out, flushing", aid2str(i));
			if (imsg_compose(ibuf_rde, IMSG_SESSION_FLUSH,
			    p->conf.id, 0, -1, &i, sizeof(i)) == -1)
				return (-1);
		}
		p->capa.neg.grestart.flags[i] &= ~CAPA_GR_RESTARTING;
	}
	return (0);
}

int
session_dispatch_msg(struct pollfd *pfd, struct peer *p)
{
	ssize_t		n;
	socklen_t	len;
	int		error;
	u_int16_t	msglen;
	u_int8_t	msgtype;

	if (p->state == STATE_CONNECT) {
		if (pfd->revents & POLLOUT) {

			return (1);
		}

		p->rbuf->wpos += n;
		av = p->rbuf->wpos + n;
		p->stats.last_read = time(NULL);
		return (1);
	}
	return (0);
}

int
session_process_msg(struct peer *p)
{
	ssize_t		rpos, av, left;
	int		processed = 0;
	u_int16_t	msglen;
	u_int8_t	msgtype;
			if (p->rbuf == NULL)
				break;
			if (parse_header(p, p->rbuf->buf + rpos, &msglen,
			    &msgtype) == -1)
				return (0);
			if (rpos + msglen > av)
				break;
			p->rbuf->rptr = p->rbuf->buf + rpos;

			switch (msgtype) {
			case OPEN:
				bgp_fsm(p, EVNT_RCVD_OPEN);
				p->stats.msg_rcvd_open++;
				break;
			case UPDATE:
				bgp_fsm(p, EVNT_RCVD_UPDATE);
				p->stats.msg_rcvd_update++;
				break;
			case NOTIFICATION:
				bgp_fsm(p, EVNT_RCVD_NOTIFICATION);
				p->stats.msg_rcvd_notification++;
				break;
			case KEEPALIVE:
				bgp_fsm(p, EVNT_RCVD_KEEPALIVE);
				p->stats.msg_rcvd_keepalive++;
				break;
			case RREFRESH:
				parse_refresh(p);
				p->stats.msg_rcvd_rrefresh++;
				break;
			default:	/* cannot happen */
				session_notification(p, ERR_HEADER,
				    ERR_HDR_TYPE, &msgtype, 1);
				log_warnx("received message with "
				    "unknown type %u", msgtype);
				bgp_fsm(p, EVNT_CON_FATAL);
			}
			rpos += msglen;
			if (++processed > MSG_PROCESS_LIMIT)
				break;
		}
		if (p->rbuf == NULL)
			return (1);

	rpos = 0;
	av = p->rbuf->wpos;
			memcpy(&p->rbuf->buf, p->rbuf->buf + rpos, left);
			p->rbuf->wpos = left;
		} else
			p->rbuf->wpos = 0;

	/*
	 * session might drop to IDLE -> buffers deallocated
	 * we MUST check rbuf != NULL before use
	 */
	for (;;) {
		if (rpos + MSGSIZE_HEADER > av)
			break;
		if (p->rbuf == NULL)
			break;
		if (parse_header(p, p->rbuf->buf + rpos, &msglen,
		    &msgtype) == -1)
			return (0);
		if (rpos + msglen > av)
			break;
		p->rbuf->rptr = p->rbuf->buf + rpos;

		switch (msgtype) {
		case OPEN:
			bgp_fsm(p, EVNT_RCVD_OPEN);
			p->stats.msg_rcvd_open++;
			break;
		case UPDATE:
			bgp_fsm(p, EVNT_RCVD_UPDATE);
			p->stats.msg_rcvd_update++;
			break;
		case NOTIFICATION:
			bgp_fsm(p, EVNT_RCVD_NOTIFICATION);
			p->stats.msg_rcvd_notification++;
			break;
		case KEEPALIVE:
			bgp_fsm(p, EVNT_RCVD_KEEPALIVE);
			p->stats.msg_rcvd_keepalive++;
			break;
		case RREFRESH:
			parse_refresh(p);
			p->stats.msg_rcvd_rrefresh++;
			break;
		default:	/* cannot happen */
			session_notification(p, ERR_HEADER, ERR_HDR_TYPE,
			    &msgtype, 1);
			log_warnx("received message with unknown type %u",
			    msgtype);
			bgp_fsm(p, EVNT_CON_FATAL);
		}
		rpos += msglen;
		if (++processed > MSG_PROCESS_LIMIT)
			break;
	}
	if (p->rbuf == NULL)
		return (1);

	if (rpos < av) {
		left = av - rpos;
		memcpy(&p->rbuf->buf, p->rbuf->buf + rpos, left);
		p->rbuf->wpos = left;
	} else
		p->rbuf->wpos = 0;

	return (1);
}

int

	p += sizeof(short_as);
	as = peer->short_as = ntohs(short_as);

	/* if remote-as is zero and it's a cloned neighbor, accept any */
	if (peer->conf.cloned && !peer->conf.remote_as && as != AS_TRANS) {
		peer->conf.remote_as = as;
		peer->conf.ebgp = (peer->conf.remote_as != conf->as);
	}

	memcpy(&oholdtime, p, sizeof(oholdtime));
	p += sizeof(oholdtime);


		}
	}

	/* if remote-as is zero and it's a cloned neighbor, accept any */
	if (peer->conf.cloned && !peer->conf.remote_as && as != AS_TRANS) {
		peer->conf.remote_as = as;
		peer->conf.ebgp = (peer->conf.remote_as != conf->as);
		if (!peer->conf.ebgp)
			/* force enforce_as off for iBGP sessions */
			peer->conf.enforce_as = ENFORCE_AS_OFF;
	}

	if (peer->conf.remote_as != as) {
		log_peer_warnx(&peer->conf, "peer sent wrong AS %s",
		    log_as(as));

		return (-1);
	}

	if (capa_neg_calc(peer) == -1) {
		log_peer_warnx(&peer->conf,
		    "capability negotiation calculation failed");
		session_notification(peer, ERR_OPEN, 0, NULL, 0);
		change_state(peer, STATE_IDLE, EVNT_RCVD_OPEN);
		return (-1);
	}

	return (0);
}


parse_refresh(struct peer *peer)
{
	u_char		*p;
	u_int16_t	 afi;
	u_int8_t	 aid, safi;

	p = peer->rbuf->rptr;
	p += MSGSIZE_HEADER;	/* header is already checked */

	/*
	 * We could check if we actually announced the capability but
	 * as long as the message is correctly encoded we don't care.
	 */

	/* afi, 2 byte */
	memcpy(&afi, p, sizeof(afi));
	afi = ntohs(afi);
	p += 2;
	/* reserved, 1 byte */
	p += 1;
	/* safi, 1 byte */
	memcpy(&safi, p, sizeof(safi));

	/* afi/safi unchecked -	unrecognized values will be ignored anyway */
	if (afi2aid(afi, safi, &aid) == -1) {
		log_peer_warnx(&peer->conf, "peer sent bad refresh, "
		    "invalid afi/safi pair");
		return (0);
	}

	if (imsg_compose(ibuf_rde, IMSG_REFRESH, peer->conf.id, 0, -1, &aid,
	    sizeof(aid)) == -1)
		return (-1);

	return (0);

parse_notification(struct peer *peer)
{
	u_char		*p;
	u_int16_t	 datalen;
	u_int8_t	 errcode;
	u_int8_t	 subcode;
	u_int16_t	 datalen;
	u_int8_t	 capa_code;
	u_int8_t	 capa_len;
	u_int8_t	 i;

	/* just log */
	p = peer->rbuf->rptr;

	p += sizeof(subcode);
	datalen -= sizeof(subcode);

	log_notification(peer, errcode, subcode, p, datalen, "received");
	peer->errcnt++;

	if (errcode == ERR_OPEN && subcode == ERR_OPEN_CAPA) {

			datalen -= capa_len;
			switch (capa_code) {
			case CAPA_MP:
				for (i = 0; i < AID_MAX; i++)
					peer->capa.ann.mp[i] = 0;
				log_peer_warnx(&peer->conf,
				    "disabling multiprotocol capability");
				break;

				    "disabling route refresh capability");
				break;
			case CAPA_RESTART:
				peer->capa.ann.grestart.restart = 0;
				log_peer_warnx(&peer->conf,
				    "disabling restart capability");
				break;

int
parse_capabilities(struct peer *peer, u_char *d, u_int16_t dlen, u_int32_t *as)
{
	u_char		*capa_val;
	u_int32_t	 remote_as;
	u_int16_t	 len;
	u_int16_t	 afi;
	u_int16_t	 gr_header;
	u_int8_t	 safi;
	u_int8_t	 aid;
	u_int8_t	 gr_flags;
	u_int8_t	 capa_code;
	u_int8_t	 capa_len;
	u_int8_t	 i;
	u_int16_t	 mp_afi;
	u_int8_t	 mp_safi;
	u_int32_t	 remote_as;

	len = dlen;
	while (len > 0) {
		if (len < 2) {
			log_peer_warnx(&peer->conf, "Bad capabilities attr "
			    "length: %u, too short", len);
			return (-1);
		}
		memcpy(&capa_code, d, sizeof(capa_code));

		if (capa_len > 0) {
			if (len < capa_len) {
				log_peer_warnx(&peer->conf,
				    "Bad capabilities attr length: "
				    "len %u smaller than capa_len %u",
				    len, capa_len);
				return (-1);

		case CAPA_MP:			/* RFC 4760 */
			if (capa_len != 4) {
				log_peer_warnx(&peer->conf,
				    "Bad multi protocol capability length: "
				    "%u", capa_len);
				return (-1);
			}
			memcpy(&mp_afi, capa_val, sizeof(mp_afi));
			mp_afi = ntohs(mp_afi);
			memcpy(&mp_safi, capa_val + 3, sizeof(mp_safi));
			switch (mp_afi) {
			case AFI_IPv4:
				if (mp_safi < 1 || mp_safi > 3)
					log_peer_warnx(&peer->conf,
					    "parse_capabilities: AFI IPv4, "
					    "mp_safi %u unknown", mp_safi);
				else
					peer->capa.peer.mp_v4 = mp_safi;
				break;
			}
			memcpy(&afi, capa_val, sizeof(afi));
			afi = ntohs(afi);
			memcpy(&safi, capa_val + 3, sizeof(safi));
			if (afi2aid(afi, safi, &aid) == -1) {
				log_peer_warnx(&peer->conf,
				    "Received multi protocol capability: "
				    " unknown AFI %u, safi %u pair",
				    afi, safi);
				break;
			}
			peer->capa.peer.mp[aid] = 1;
			break;
		case CAPA_REFRESH:
			peer->capa.peer.refresh = 1;
			break;
		case CAPA_RESTART:
			if (capa_len == 2) {
				/* peer only supports EoR marker */
				peer->capa.peer.grestart.restart = 1;
				peer->capa.peer.grestart.timeout = 0;
				break;
			} else if (capa_len % 4 != 2) {
				log_peer_warnx(&peer->conf,
				    "Bad graceful restart capability length: "
				    "%u", capa_len);
				peer->capa.peer.grestart.restart = 0;
				peer->capa.peer.grestart.timeout = 0;
				break;
			}

			memcpy(&gr_header, capa_val, sizeof(gr_header));
			gr_header = ntohs(gr_header);
			peer->capa.peer.grestart.timeout =
			    gr_header & CAPA_GR_TIMEMASK;
			if (peer->capa.peer.grestart.timeout == 0) {
				log_peer_warnx(&peer->conf, "Received "
				    "graceful restart timeout is zero");
				peer->capa.peer.grestart.restart = 0;
				break;
			}

			for (i = 2; i <= capa_len - 4; i += 4) {
				memcpy(&afi, capa_val + i, sizeof(afi));
				afi = ntohs(afi);
				memcpy(&safi, capa_val + i + 2, sizeof(safi));
				if (afi2aid(afi, safi, &aid) == -1) {
					log_peer_warnx(&peer->conf,
					    "Received graceful restart capa: "
					    " unknown AFI %u, safi %u pair",
					    afi, safi);
					continue;
				}
				memcpy(&gr_flags, capa_val + i + 3,
				    sizeof(gr_flags));
				peer->capa.peer.grestart.flags[aid] |=
				    CAPA_GR_PRESENT;
				if (gr_flags & CAPA_GR_F_FLAG)
					peer->capa.peer.grestart.flags[aid] |=
					    CAPA_GR_FORWARD;
				if (gr_header & CAPA_GR_R_FLAG)
					peer->capa.peer.grestart.flags[aid] |=
					    CAPA_GR_RESTART;
				peer->capa.peer.grestart.restart = 2;
			}
			break;
		case CAPA_AS4BYTE:
			if (capa_len != 4) {
				log_peer_warnx(&peer->conf,
				    "Bad AS4BYTE capability length: "
				    "%u", capa_len);
				peer->capa.peer.as4byte = 0;
				break;
			}
			memcpy(&remote_as, capa_val, sizeof(remote_as));
			*as = ntohl(remote_as);

	return (0);
}

int
capa_neg_calc(struct peer *p)
{
	u_int8_t	i, hasmp = 0;

	/* refresh: does not realy matter here, use peer setting */
	p->capa.neg.refresh = p->capa.peer.refresh;

	/* as4byte: both side must announce capability */
	if (p->capa.ann.as4byte && p->capa.peer.as4byte)
		p->capa.neg.as4byte = 1;
	else
		p->capa.neg.as4byte = 0;

	/* MP: both side must announce capability */
	for (i = 0; i < AID_MAX; i++) {
		if (p->capa.ann.mp[i] && p->capa.peer.mp[i]) {
			p->capa.neg.mp[i] = 1;
			hasmp = 1;
		} else
			p->capa.neg.mp[i] = 0;
	}
	/* if no MP capability present default to IPv4 unicast mode */
	if (!hasmp)
		p->capa.neg.mp[AID_INET] = 1;

	/*
	 * graceful restart: only the peer capabilities are of interest here.
	 * It is necessary to compare the new values with the previous ones
	 * and act acordingly. AFI/SAFI that are not part in the MP capability
	 * are treated as not being present.
	 */

	for (i = 0; i < AID_MAX; i++) {
		/* disable GR if the AFI/SAFI is not present */
		if (p->capa.peer.grestart.flags[i] & CAPA_GR_PRESENT &&
		    p->capa.neg.mp[i] == 0)
			p->capa.peer.grestart.flags[i] = 0;	/* disable */
		/* look at current GR state and decide what to do */
		if (p->capa.neg.grestart.flags[i] & CAPA_GR_RESTARTING) {
			if (!(p->capa.peer.grestart.flags[i] &
			    CAPA_GR_FORWARD)) {
				if (imsg_compose(ibuf_rde, IMSG_SESSION_FLUSH,
				    p->conf.id, 0, -1, &i, sizeof(i)) == -1)
					return (-1);
				log_peer_warnx(&p->conf, "graceful restart of "
				    "%s, not restarted, flushing", aid2str(i));
			}
			p->capa.neg.grestart.flags[i] =
			    p->capa.peer.grestart.flags[i] | CAPA_GR_RESTARTING;
		} else
			p->capa.neg.grestart.flags[i] =
			    p->capa.peer.grestart.flags[i];
	}
	p->capa.neg.grestart.timeout = p->capa.peer.grestart.timeout;
	p->capa.neg.grestart.restart = p->capa.peer.grestart.restart;

	return (0);
}

void
session_dispatch_imsg(struct imsgbuf *ibuf, int idx, u_int *listener_cnt)
{

	struct kif		*kif;
	u_char			*data;
	enum reconf_action	 reconf;
	int			 n, depend_ok, restricted;
	u_int8_t		 aid, errcode, subcode;

	if ((n = imsg_read(ibuf)) == -1)
		fatal("session_dispatch_imsg: imsg_read error");

			}

			break;
		case IMSG_RECONF_CTRL:
			if (idx != PFD_PIPE_MAIN)
				fatalx("reconf request not from parent");
			if (imsg.hdr.len != IMSG_HEADER_SIZE +
			    sizeof(restricted))
				fatalx("IFINFO imsg with wrong len");
			memcpy(&restricted, imsg.data, sizeof(restricted));
			if (imsg.fd == -1) {
				log_warnx("expected to receive fd for control "
				    "socket but didn't receive any");
				break;
			}
			if (restricted) {
				control_shutdown(rcsock);
				rcsock = imsg.fd;
				control_listen(rcsock);
			} else {
				control_shutdown(csock);
				csock = imsg.fd;
				control_listen(csock);
			}
			break;
		case IMSG_RECONF_DONE:
			if (idx != PFD_PIPE_MAIN)
				fatalx("reconf request not from parent");
			if (nconf == NULL)
				fatalx("got IMSG_RECONF_DONE but no config");
			conf->flags = nconf->flags;
			conf->log = nconf->log;
			conf->bgpid = nconf->bgpid;
			conf->clusterid = nconf->clusterid;
			conf->as = nconf->as;
			conf->short_as = nconf->short_as;
			conf->holdtime = nconf->holdtime;
			conf->bgpid = nconf->bgpid;
			conf->min_holdtime = nconf->min_holdtime;
			conf->connectretry = nconf->connectretry;

			/* add new peers */
			for (p = npeers; p != NULL; p = next) {

			nconf = NULL;
			pending_reconf = 0;
			log_info("SE reconfigured");
			imsg_compose(ibuf_main, IMSG_RECONF_DONE, 0, 0,
			    -1, NULL, 0);
			break;
		case IMSG_IFINFO:
			if (idx != PFD_PIPE_MAIN)

				fatalx("IFINFO imsg with wrong len");
			kif = imsg.data;
			depend_ok = (kif->flags & IFF_UP) &&
			    LINK_STATE_IS_UP(kif->link_state);
			    (kif->link_state == LINK_STATE_UNKNOWN &&
			    kif->media_type != IFT_CARP));

			for (p = peers; p != NULL; p = p->next)
				if (!strcmp(p->conf.if_depend, kif->ifname)) {

						bgp_fsm(p, EVNT_START);
					} else if (!depend_ok && p->depend_ok) {
						p->depend_ok = depend_ok;
						session_stop(p,
						    ERR_CEASE_OTHER_CHANGE);
					}
				}
			break;

			}
			break;
		case IMSG_CTL_KROUTE:
		case IMSG_CTL_KROUTE6:
		case IMSG_CTL_KROUTE_ADDR:
		case IMSG_CTL_SHOW_NEXTHOP:
		case IMSG_CTL_SHOW_INTERFACE:
		case IMSG_CTL_SHOW_FIB_TABLES:
			if (idx != PFD_PIPE_MAIN)
				fatalx("ctl kroute request not from parent");
			control_imsg_relay(&imsg);

		case IMSG_CTL_SHOW_RIB_ATTR:
		case IMSG_CTL_SHOW_RIB_MEM:
		case IMSG_CTL_SHOW_NETWORK:
		case IMSG_CTL_SHOW_NETWORK6:
		case IMSG_CTL_SHOW_NEIGHBOR:
			if (idx != PFD_PIPE_ROUTE_CTL)
				fatalx("ctl rib request not from RDE");

				break;
			}
			break;
		case IMSG_SESSION_RESTARTED:
			if (idx != PFD_PIPE_ROUTE)
				fatalx("update request not from RDE");
			if (imsg.hdr.len < IMSG_HEADER_SIZE + sizeof(aid)) {
				log_warnx("RDE sent invalid restart msg");
				break;
			}
			if ((p = getpeerbyid(imsg.hdr.peerid)) == NULL) {
				log_warnx("no such peer: id=%u",
				    imsg.hdr.peerid);
				break;
			}
			memcpy(&aid, imsg.data, sizeof(aid));
			if (aid >= AID_MAX)
				fatalx("IMSG_SESSION_RESTARTED: bad AID");
			if (p->capa.neg.grestart.flags[aid] &
			    CAPA_GR_RESTARTING &&
			    p->capa.neg.grestart.flags[aid] &
			    CAPA_GR_FORWARD) {
				log_peer_warnx(&p->conf,
				    "graceful restart of %s finished",
				    aid2str(aid));
				p->capa.neg.grestart.flags[aid] &=
				    ~CAPA_GR_RESTARTING;
				timer_stop(p, Timer_RestartTimeout);

				/* signal back to RDE to cleanup stale routes */
				if (imsg_compose(ibuf_rde,
				    IMSG_SESSION_RESTARTED, imsg.hdr.peerid, 0,
				    -1, &aid, sizeof(aid)) == -1)
					fatal("imsg_compose: "
					    "IMSG_SESSION_RESTARTED");
			}
			break;
		default:
			break;
		}

struct peer *
getpeerbyip(struct sockaddr *ip)
{
	struct bgpd_addr addr;
	struct peer	*p, *newpeer, *loose = NULL;
	u_int32_t	 id;

	sa2addr(ip, &addr);

	/* we might want a more effective way to find peers by IP */
	for (p = peers; p != NULL; p = p->next)
		if (!p->conf.template &&
		    !memcmp(&addr, &p->conf.remote_addr, sizeof(addr)))
			return (p);
			    p->conf.remote_addr.v4.s_addr ==
			    ((struct sockaddr_in *)ip)->sin_addr.s_addr)
				return (p);
			if (p->conf.remote_addr.af == AF_INET6 &&
			    !bcmp(&p->conf.remote_addr.v6,
			    &((struct sockaddr_in6 *)ip)->sin6_addr,
			    sizeof(p->conf.remote_addr.v6)))
				return (p);
		}

	/* try template matching */
	for (p = peers; p != NULL; p = p->next)
		if (p->conf.template &&
		    p->conf.remote_addr.aid == addr.aid &&
		    session_match_mask(p, &addr))
			if (loose == NULL || loose->conf.remote_masklen <
			    p->conf.remote_masklen)
				loose = p;

				break;
			}
		}
		sa2addr(ip, &newpeer->conf.remote_addr);
		switch (ip->sa_family) {
		case AF_INET:
			newpeer->conf.remote_masklen = 32;
			break;
		case AF_INET6:
			memcpy(&p->conf.remote_addr.v6,
			    &((struct sockaddr_in6 *)ip)->sin6_addr,
			    sizeof(newpeer->conf.remote_addr.v6));
			newpeer->conf.remote_masklen = 128;
			break;
		}
		newpeer->conf.template = 0;
		newpeer->conf.cloned = 1;
		newpeer->state = newpeer->prev_state = STATE_NONE;
		newpeer->conf.reconf_action = RECONF_KEEP;
		newpeer->rbuf = NULL;
		init_peer(newpeer);
		bgp_fsm(newpeer, EVNT_START);

}

int
session_match_mask(struct peer *p, struct bgpd_addr *a)
{
	int		 i;
	in_addr_t	 v4mask;
	struct in6_addr	 masked;
	struct in6_addr	 mask;

	switch (p->conf.remote_addr.aid) {
	case AID_INET:
		v4mask = htonl(prefixlen2mask(p->conf.remote_masklen));
		if (p->conf.remote_addr.v4.s_addr == (a->v4.s_addr & v4mask))
		    ((((struct sockaddr_in *)ip)->sin_addr.s_addr) & v4mask))
			return (1);
		return (0);
	case AID_INET6:
		inet6applymask(&masked, &a->v6, p->conf.remote_masklen);

	if (p->conf.remote_addr.af == AF_INET6) {
		bzero(&mask, sizeof(mask));
		for (i = 0; i < p->conf.remote_masklen / 8; i++)
			mask.s6_addr[i] = 0xff;
		i = p->conf.remote_masklen % 8;
		if (i)
			mask.s6_addr[p->conf.remote_masklen / 8] = 0xff00 >> i;

		in = &((struct sockaddr_in6 *)ip)->sin6_addr;

		for (i = 0; i < 16; i++)
			if ((in->s6_addr[i] & mask.s6_addr[i]) !=
			    p->conf.remote_addr.addr8[i])
				return (0);

		if (!memcmp(&masked, &p->conf.remote_addr.v6, sizeof(masked)))
			return (1);
		return (0);
	}

	return (0);
}


void
session_down(struct peer *peer)
{
	bzero(&peer->capa.neg, sizeof(peer->capa.neg));
	peer->stats.last_updown = time(NULL);
	if (imsg_compose(ibuf_rde, IMSG_SESSION_DOWN, peer->conf.id, 0, -1,
	    NULL, 0) == -1)

{
	struct session_up	 sup;

	if (!session_graceful_is_restarting(p))
		if (imsg_compose(ibuf_rde, IMSG_SESSION_ADD, p->conf.id, 0, -1,
		    &p->conf, sizeof(p->conf)) == -1)
			fatalx("imsg_compose error");

	sa2addr((struct sockaddr *)&p->sa_local, &sup.local_addr);
	sa2addr((struct sockaddr *)&p->sa_remote, &sup.remote_addr);
		sup.local_addr.af = AF_INET;
		memcpy(&sup.local_addr.v4,
		    &((struct sockaddr_in *)&p->sa_local)->sin_addr,
		    sizeof(sup.local_addr.v4));
		sup.remote_addr.af = AF_INET;
		memcpy(&sup.remote_addr.v4,
		    &((struct sockaddr_in *)&p->sa_remote)->sin_addr,
		    sizeof(sup.remote_addr.v4));
		break;
	case AF_INET6:
		sup.local_addr.af = AF_INET6;
		memcpy(&sup.local_addr.v6,
		    &((struct sockaddr_in6 *)&p->sa_local)->sin6_addr,
		    sizeof(sup.local_addr.v6));
		sup.remote_addr.af = AF_INET6;
		memcpy(&sup.remote_addr.v6,
		    &((struct sockaddr_in6 *)&p->sa_remote)->sin6_addr,
		    sizeof(sup.remote_addr.v6));
		break;
	default:
		fatalx("session_up: unsupported address family");
	}

	sup.remote_bgpid = p->remote_bgpid;
	sup.short_as = p->short_as;
	memcpy(&sup.capa, &p->capa.neg, sizeof(sup.capa));
	memcpy(&sup.capa_received, &p->capa.peer, sizeof(sup.capa_received));
	p->stats.last_updown = time(NULL);
	if (imsg_compose(ibuf_rde, IMSG_SESSION_UP, p->conf.id, 0, -1,
	    &sup, sizeof(sup)) == -1)

}

int
imsg_compose_parent(int type, u_int32_t peerid, pid_t pid, void *data,
    u_int16_t datalen)
{
	return (imsg_compose(ibuf_main, type, peerid, pid, -1, data, datalen));
}

int

	return (imsg_compose(ibuf_rde, type, 0, pid, -1, data, datalen));
}

static struct sockaddr *
addr2sa(struct bgpd_addr *addr, u_int16_t port)
{
	static struct sockaddr_storage	 ss;
	struct sockaddr_in		*sa_in = (struct sockaddr_in *)&ss;
	struct sockaddr_in6		*sa_in6 = (struct sockaddr_in6 *)&ss;

	bzero(&ss, sizeof(ss));
	switch (addr->af) {
	case AF_INET:
		sa_in->sin_family = AF_INET;
		sa_in->sin_len = sizeof(struct sockaddr_in);
		sa_in->sin_addr.s_addr = addr->v4.s_addr;
		sa_in->sin_port = htons(port);
		break;
	case AF_INET6:
		sa_in6->sin6_family = AF_INET6;
		sa_in6->sin6_len = sizeof(struct sockaddr_in6);
		memcpy(&sa_in6->sin6_addr, &addr->v6,
		    sizeof(sa_in6->sin6_addr));
		sa_in6->sin6_port = htons(port);
		sa_in6->sin6_scope_id = addr->scope_id;
		break;
	}

	return ((struct sockaddr *)&ss);
}

void
session_demote(struct peer *p, int level)
{


	p->demoted += level;
}

void
session_stop(struct peer *peer, u_int8_t subcode)
{
	switch (peer->state) {
	case STATE_OPENSENT:
	case STATE_OPENCONFIRM:
	case STATE_ESTABLISHED:
		session_notification(peer, ERR_CEASE, subcode, NULL, 0);
		break;
	default:
		/* session not open, no need to send notification */
		break;
	}
	bgp_fsm(peer, EVNT_STOP);
}

Return to bug 223835