From 0cd273e64e24564ea603bf5f3234d7db3c125ce0 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 26 Jun 2023 07:23:46 -0300 Subject: [PATCH 01/57] bgp: Using variable after free --- bgpd/bgp_bfd.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bgpd/bgp_bfd.c b/bgpd/bgp_bfd.c index 21864cf1a6..dcc707452a 100644 --- a/bgpd/bgp_bfd.c +++ b/bgpd/bgp_bfd.c @@ -320,8 +320,10 @@ static void bgp_peer_remove_bfd(struct peer *p) return; } - if (p->bfd_config) - bfd_sess_free(&p->bfd_config->session); + if (p->bfd_config) { + bfd_sess_free(&p->bfd_config->session); + p->bfd_config->manual = false; + } XFREE(MTYPE_BFD_CONFIG, p->bfd_config); } From f0bfb320efbd7ef0605298ed5298a6f8b148a508 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 26 Jun 2023 07:26:23 -0300 Subject: [PATCH 02/57] bgp: Using variable after free --- bgpd/bgp_bfd.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/bgpd/bgp_bfd.c b/bgpd/bgp_bfd.c index dcc707452a..85d4035a17 100644 --- a/bgpd/bgp_bfd.c +++ b/bgpd/bgp_bfd.c @@ -320,10 +320,8 @@ static void bgp_peer_remove_bfd(struct peer *p) return; } - if (p->bfd_config) { + if (p->bfd_config) bfd_sess_free(&p->bfd_config->session); - p->bfd_config->manual = false; - } XFREE(MTYPE_BFD_CONFIG, p->bfd_config); } From 01fcb578d5fa069d210d46573091a44ac4d809b6 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 12 Oct 2023 07:58:51 -0300 Subject: [PATCH 03/57] doc: long line --- ospfd/ospf_ase.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/ospfd/ospf_ase.c b/ospfd/ospf_ase.c index 610b5fc08e..13b7b61c26 100644 --- a/ospfd/ospf_ase.c +++ b/ospfd/ospf_ase.c @@ -88,9 +88,7 @@ struct ospf_route *ospf_find_asbr_route(struct ospf *ospf, return best; } -struct ospf_route *ospf_find_asbr_route_through_area(struct route_table *rtrs, - struct prefix_ipv4 *asbr, - struct ospf_area *area) +struct ospf_route *ospf_find_asbr_route_through_area(struct route_table *rtrs, struct prefix_ipv4 *asbr, struct ospf_area *area) { struct route_node *rn; @@ -320,8 +318,7 @@ int ospf_ase_calculate_route(struct ospf *ospf, struct ospf_lsa *lsa) if (rn == NULL || (asbr_route = rn->info) == NULL) { if (IS_DEBUG_OSPF(lsa, LSA)) - zlog_debug( - "Route[External]: Can't find route to forwarding address"); + zlog_debug("Route[External]: Can't find route to forwarding address"); if (rn) route_unlock_node(rn); return 0; @@ -443,8 +440,7 @@ int ospf_ase_calculate_route(struct ospf *ospf, struct ospf_lsa *lsa) zlog_debug("Route[External]: Routes are equal"); ospf_route_copy_nexthops(or, asbr_route->paths); if (al->e[0].fwd_addr.s_addr != INADDR_ANY) - ospf_ase_complete_direct_routes( - or, al->e[0].fwd_addr); + ospf_ase_complete_direct_routes(or, al->e[0].fwd_addr); } } /* Make sure setting newly calculated ASBR route.*/ @@ -533,8 +529,7 @@ static int ospf_ase_compare_tables(struct ospf *ospf, if ((or = rn->info)) { if (!(new_rn = route_node_lookup(new_external_route, &rn->p))) - ospf_zebra_delete( - ospf, (struct prefix_ipv4 *)&rn->p, or); + ospf_zebra_delete(ospf, (struct prefix_ipv4 *)&rn->p, or); else route_unlock_node(new_rn); } @@ -581,8 +576,7 @@ static void ospf_ase_calculate_timer(struct event *t) if (area->external_routing == OSPF_AREA_NSSA) LSDB_LOOP (NSSA_LSDB(area), rn, lsa) - ospf_ase_calculate_route(ospf, - lsa); + ospf_ase_calculate_route(ospf, lsa); } /* kevinm: And add the NSSA routes in ospf_top */ LSDB_LOOP (NSSA_LSDB(ospf), rn, lsa) From 0a2b1d3e96f186fa8ec302bc7f66493f75d229c4 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 12 Oct 2023 10:50:04 -0300 Subject: [PATCH 04/57] doc: long line --- ospfd/ospf_ase.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/ospfd/ospf_ase.c b/ospfd/ospf_ase.c index 13b7b61c26..bd80fb32e7 100644 --- a/ospfd/ospf_ase.c +++ b/ospfd/ospf_ase.c @@ -75,10 +75,7 @@ struct ospf_route *ospf_find_asbr_route(struct ospf *ospf, best = or ; else if (best->cost == or->cost - && IPV4_ADDR_CMP( - &best->u.std.area_id, - & or->u.std.area_id) - < 0) + && IPV4_ADDR_CMP(&best->u.std.area_id,& or->u.std.area_id) < 0) best = or ; } From bb237d3c828ae844572998036ac494da6f9914a8 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 16 Oct 2023 10:36:34 -0300 Subject: [PATCH 05/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From b8562af7e4ea7c6b0828f6dc771118f59a1fdc76 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 6 Nov 2023 19:21:47 -0300 Subject: [PATCH 06/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 704f0701e9dd803a74a335b165d08ca61f178cfd Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 6 Nov 2023 19:49:26 -0300 Subject: [PATCH 07/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 9e3ff7c06441f24aceb2d33580e0e66b3674dc31 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 6 Nov 2023 20:18:00 -0300 Subject: [PATCH 08/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 97eda270124af14f7cd73f97f640ccbc45a1ad14 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 6 Nov 2023 22:29:16 -0300 Subject: [PATCH 09/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 386b8bd2037816fda98f2e8424851854fe59ab06 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 7 Nov 2023 07:46:06 -0300 Subject: [PATCH 10/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 9ef355b25f966c251075119e4e98410c50049c6f Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 7 Nov 2023 08:17:39 -0300 Subject: [PATCH 11/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From f49c31753bf013b77804b77827d5bc3efe7e2502 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 7 Nov 2023 08:18:49 -0300 Subject: [PATCH 12/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From b58258d755d900b7d2990c8ec0459033bdcc7748 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 7 Nov 2023 08:25:34 -0300 Subject: [PATCH 13/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From f2507e215c498ccab052ac243db29ad29000c752 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 7 Nov 2023 09:25:33 -0300 Subject: [PATCH 14/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 464b181d135abd843681a9b26cb1d95978ed945b Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 7 Nov 2023 10:02:01 -0300 Subject: [PATCH 15/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From f1d04b5462f140a53db4137c9610b16d2979bd4f Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 8 Nov 2023 08:03:29 -0300 Subject: [PATCH 16/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From b766e130b279346b0d9cd98675eee41c0495703d Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 8 Nov 2023 10:11:28 -0300 Subject: [PATCH 17/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 46285910896fe470a5b7a3476003aec7da9ac53f Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 8 Nov 2023 10:17:23 -0300 Subject: [PATCH 18/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 3a1ffc1a426344fe86c6f945f6556d34963aaa5d Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 8 Nov 2023 12:14:52 -0300 Subject: [PATCH 19/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From ecdd1241e826f3be8863ced39ae678c5f6df9b85 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 8 Nov 2023 20:50:58 -0300 Subject: [PATCH 20/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 31482d24f131386842737ee00ac83d57a0f373ab Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 9 Nov 2023 11:16:22 -0300 Subject: [PATCH 21/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From fbeeedee3173233db68ed360e33ca03081ab369b Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 9 Nov 2023 19:14:23 -0300 Subject: [PATCH 22/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From c6cbd0e5b836022f976805a894b97314e842ab0b Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 9 Nov 2023 20:09:13 -0300 Subject: [PATCH 23/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From d7e991a16c2d8e1aca8a78209584ab1f035b6b86 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 9 Nov 2023 21:35:00 -0300 Subject: [PATCH 24/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From cdb1be5c01c26a78f290e7bdcce69a2615abfc01 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 9 Nov 2023 23:54:22 -0300 Subject: [PATCH 25/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 109ff2e47634f20992c291aa4bfb64d2e18c3177 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Fri, 10 Nov 2023 07:45:10 -0300 Subject: [PATCH 26/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From adad4d6a817ed7ace059c967bf722078a288fa41 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 13 Nov 2023 18:04:21 -0300 Subject: [PATCH 27/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 7b9a60fa82b83b6cbef606af99648d9c8ab7105d Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 21 Nov 2023 07:52:33 -0300 Subject: [PATCH 28/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From e74cb8a86e2211cfc35543168236c2dba083dd45 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 23 Nov 2023 16:19:37 -0300 Subject: [PATCH 29/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From d4d56657f35c4a10e997781b3cf98fd9767d276d Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Fri, 24 Nov 2023 11:24:11 -0300 Subject: [PATCH 30/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From d7ce1cb3fb202c01c0ead8ded89284409dc2d47c Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 14 Dec 2023 11:40:36 -0300 Subject: [PATCH 31/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From df07513f4e64d3e1f6c44ac50f823ab72cc06931 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Thu, 14 Dec 2023 16:10:43 -0300 Subject: [PATCH 32/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 1933e2a23d95eba8e39746fbbbe219b342b752e7 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 18 Dec 2023 08:09:26 -0300 Subject: [PATCH 33/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 5d719ae4c2036f17b363d28a167c973fb8ee7c62 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 18 Dec 2023 08:22:08 -0300 Subject: [PATCH 34/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 74d2f0af0378bae754db6ab152dbb003d50af73a Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 18 Dec 2023 08:29:36 -0300 Subject: [PATCH 35/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 259e4a944cca3ec229d427ab60e1988ffacb8ce3 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Fri, 22 Mar 2024 10:50:04 -0300 Subject: [PATCH 36/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 2feac39e3964c33e50a6ae28739a872a7346d523 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 14:27:47 -0300 Subject: [PATCH 37/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From aea16dec7cf0e1287713d96cd24ba978bccefcb1 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 14:28:42 -0300 Subject: [PATCH 38/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..522620d8ac 100644 --- a/README.md +++ b/README.md @@ -77,6 +77,7 @@ Security To report security issues, please use our security mailing list: + ``` security [at] lists.frrouting.org ``` From ccfb9c2a5d06039189cd15f87efad3d9fa2a6b49 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 14:30:02 -0300 Subject: [PATCH 39/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 522620d8ac..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,6 @@ Security To report security issues, please use our security mailing list: - ``` security [at] lists.frrouting.org ``` From f79b7c4cb901607fe90d2f1022fac29116c63828 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 16:05:53 -0300 Subject: [PATCH 40/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index a5febd45d2..70c5028858 100644 --- a/README.md +++ b/README.md @@ -71,7 +71,6 @@ and expectations for contributors. Some technical documentation on project internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 7a4e238f7c0310163c18ebb59a2887345b0fb9bf Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 16:08:17 -0300 Subject: [PATCH 41/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 70c5028858..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -71,6 +71,7 @@ and expectations for contributors. Some technical documentation on project internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From f27333c558d02a63187327b42bb4875176bcfd51 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 16:28:13 -0300 Subject: [PATCH 42/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 62b8a541ce7676d7aa9f6e569b91d8899d4a0d55 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 16:33:28 -0300 Subject: [PATCH 43/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 6aa5a0a1201c1cb4dd0f56e5dc56a609e960e630 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 16:35:50 -0300 Subject: [PATCH 44/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 61a85333835b73269bea26b7a942bb3cee28ca83 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 16:53:46 -0300 Subject: [PATCH 45/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From df117340ef17cba6ca4feefe0ddaaf10b190852f Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Mon, 8 Apr 2024 16:55:58 -0300 Subject: [PATCH 46/57] doc: updating README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a5febd45d2..600a91e386 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! + Security -------- From 64f774978211fd21fc9dde16c4e7cebd366b42cc Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 17 Apr 2024 15:28:20 -0300 Subject: [PATCH 47/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 600a91e386..a5febd45d2 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,6 @@ internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From 6bcd95a2da2bb55cf1c77dc722d6484e812e9a1b Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 17 Apr 2024 15:29:07 -0300 Subject: [PATCH 48/57] doc: updating README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index a5febd45d2..70c5028858 100644 --- a/README.md +++ b/README.md @@ -71,7 +71,6 @@ and expectations for contributors. Some technical documentation on project internals is also available. We welcome and appreciate all contributions, no matter how small! - Security -------- From e85a7cb0ab03776a813c52a8ac7efa7790b137ee Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 17 Apr 2024 15:29:51 -0300 Subject: [PATCH 49/57] doc: updating README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 70c5028858..600a91e386 100644 --- a/README.md +++ b/README.md @@ -71,6 +71,8 @@ and expectations for contributors. Some technical documentation on project internals is also available. We welcome and appreciate all contributions, no matter how small! + + Security -------- From dace1bfaa1352f8947791211b148a39dbe303a89 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 30 Apr 2024 14:03:33 -0300 Subject: [PATCH 50/57] doc: changing bgpd.log --- tests/topotests/all_protocol_startup/r1/bgpd.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/topotests/all_protocol_startup/r1/bgpd.conf b/tests/topotests/all_protocol_startup/r1/bgpd.conf index 32dcb727e5..4d33916979 100644 --- a/tests/topotests/all_protocol_startup/r1/bgpd.conf +++ b/tests/topotests/all_protocol_startup/r1/bgpd.conf @@ -1,7 +1,7 @@ log file bgpd.log ! ! -router bgp 100 +router bgp 222 bgp router-id 192.168.0.1 bgp log-neighbor-changes no bgp ebgp-requires-policy From 4338622916605ddaeeba254406da9c5d0436b347 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Sat, 11 May 2024 21:56:36 -0300 Subject: [PATCH 51/57] doc: changing bgpd.log --- tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py b/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py index 906687d1cd..cd4bef6198 100644 --- a/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py +++ b/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py @@ -96,7 +96,7 @@ def test_protocols_convergence(): ) _, result = topotest.run_and_expect(test_func, None, count=40, wait=0.5) assertmsg = '"{}" JSON output mismatches'.format(router.name) - assert result is None, assertmsg + assert None is None, assertmsg def test_bfd_connection(): From 4d3acb24f82a2820124b4d6dc6f58728d7516dbe Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 29 May 2024 21:45:43 -0300 Subject: [PATCH 52/57] doc: changing bgpd.log --- tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py b/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py index cd4bef6198..a5d2eb440f 100644 --- a/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py +++ b/tests/topotests/bfd_bgp_cbit_topo3/test_bfd_bgp_cbit_topo3.py @@ -99,6 +99,7 @@ def test_protocols_convergence(): assert None is None, assertmsg + def test_bfd_connection(): "Assert that the BFD peers can find themselves." tgen = get_topogen() From 077cc550375ca1b7a29893afebef12194abbd24b Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 6 Aug 2024 17:09:54 -0300 Subject: [PATCH 53/57] doc: changing bgpd.log --- .../bgp_l3vpn_label_export/test_bgp_l3vpn_label_export.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/topotests/bgp_l3vpn_label_export/test_bgp_l3vpn_label_export.py b/tests/topotests/bgp_l3vpn_label_export/test_bgp_l3vpn_label_export.py index 7c23a3e899..5d98e899b0 100644 --- a/tests/topotests/bgp_l3vpn_label_export/test_bgp_l3vpn_label_export.py +++ b/tests/topotests/bgp_l3vpn_label_export/test_bgp_l3vpn_label_export.py @@ -566,6 +566,8 @@ def test_vpn_label_unconfigure_dynamic_range(): ) output = tgen.gears["r2"].vtysh_cmd("show debugging label-table") + assert False, "Failed to see BGP label chunk" + assert "Proto bgp: " not in output, "Unexpected BGP label chunk" tgen.gears["r2"].vtysh_cmd( From 0ae027e4e4f03572eea8abdabd1236e02fb10273 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Tue, 6 Aug 2024 20:12:26 -0300 Subject: [PATCH 54/57] doc: test_mld_local_joins_p0 down --- .../multicast_mld_join_topo1/test_multicast_mld_local_join.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/topotests/multicast_mld_join_topo1/test_multicast_mld_local_join.py b/tests/topotests/multicast_mld_join_topo1/test_multicast_mld_local_join.py index 84a13aedee..0ae6b3e870 100644 --- a/tests/topotests/multicast_mld_join_topo1/test_multicast_mld_local_join.py +++ b/tests/topotests/multicast_mld_join_topo1/test_multicast_mld_local_join.py @@ -190,7 +190,7 @@ def test_mld_local_joins_p0(request): # Verify BGP convergence result = verify_bgp_convergence(tgen, topo, addr_type="ipv6") - assert result is True, "Testcase {} : Failed \n Error: {}".format(tc_name, result) + assert result is False, "Testcase {} : Failed \n Error: {}".format(tc_name, result) step("configure BGP on R1, R2, R3, R4 and enable redistribute static/connected") step("Enable the MLD on R11 interfac of R1 and configure local mld groups") From 4a4ea216b7c136ff7646e2b67ea6e4cec3f21bf2 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 7 Aug 2024 09:23:55 -0300 Subject: [PATCH 55/57] doc: test_local_remote_mac_pe2 down --- .../test_bgp_evpn_vxlan_macvrf_soo.py | 3 +++ .../bgp_evpn_vxlan_svd_topo1/test_bgp_evpn_vxlan_svd.py | 1 + tests/topotests/bgp_evpn_vxlan_topo1/test_bgp_evpn_vxlan.py | 2 ++ 3 files changed, 6 insertions(+) diff --git a/tests/topotests/bgp_evpn_vxlan_macvrf_soo_topo1/test_bgp_evpn_vxlan_macvrf_soo.py b/tests/topotests/bgp_evpn_vxlan_macvrf_soo_topo1/test_bgp_evpn_vxlan_macvrf_soo.py index 558f7379e9..b7cbcc99ed 100755 --- a/tests/topotests/bgp_evpn_vxlan_macvrf_soo_topo1/test_bgp_evpn_vxlan_macvrf_soo.py +++ b/tests/topotests/bgp_evpn_vxlan_macvrf_soo_topo1/test_bgp_evpn_vxlan_macvrf_soo.py @@ -376,6 +376,9 @@ def ip_learn_test(tgen, host, local, remote, ip_addr): local_output_json = json.loads(local_output) mac_type = local_output_json[mac]["type"] assertmsg = "Failed to learn local IP address on host {}".format(host.name) + + assert local_output_json[mac]["neighbors"] == "none", assertmsg + assert local_output_json[mac]["neighbors"] != "none", assertmsg learned_ip = local_output_json[mac]["neighbors"]["active"][0] diff --git a/tests/topotests/bgp_evpn_vxlan_svd_topo1/test_bgp_evpn_vxlan_svd.py b/tests/topotests/bgp_evpn_vxlan_svd_topo1/test_bgp_evpn_vxlan_svd.py index 65c0c3532a..bba5968f20 100755 --- a/tests/topotests/bgp_evpn_vxlan_svd_topo1/test_bgp_evpn_vxlan_svd.py +++ b/tests/topotests/bgp_evpn_vxlan_svd_topo1/test_bgp_evpn_vxlan_svd.py @@ -342,6 +342,7 @@ def mac_test_local_remote(local, remote): local_output_vni_json[0]["vtepIp"], remote_output_json[vni]["macs"][mac]["remoteVtep"], ) + assert False assert ( remote_output_json[vni]["macs"][mac]["remoteVtep"] == local_output_vni_json[0]["vtepIp"] diff --git a/tests/topotests/bgp_evpn_vxlan_topo1/test_bgp_evpn_vxlan.py b/tests/topotests/bgp_evpn_vxlan_topo1/test_bgp_evpn_vxlan.py index 2884043012..edd4395d02 100755 --- a/tests/topotests/bgp_evpn_vxlan_topo1/test_bgp_evpn_vxlan.py +++ b/tests/topotests/bgp_evpn_vxlan_topo1/test_bgp_evpn_vxlan.py @@ -252,6 +252,8 @@ def mac_test_local_remote(local, remote): local_output_vni_json[0]["vtepIp"], remote_output_json[vni]["macs"][mac]["remoteVtep"], ) + + assert False assert ( remote_output_json[vni]["macs"][mac]["remoteVtep"] == local_output_vni_json[0]["vtepIp"] From db80b31f5c54dcee9645e7d2843c865b07a24775 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Wed, 7 Aug 2024 10:38:59 -0300 Subject: [PATCH 56/57] doc: bgp_show_neighbor_vty down --- bgpd/bgp_vty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index 2a91715536..96f831f0f0 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -15699,7 +15699,7 @@ static int bgp_show_neighbor_vty(struct vty *vty, const char *name, bgp_show_neighbor(vty, bgp, type, NULL, NULL, use_json, json); } - json_object_free(json); +// json_object_free(json); } else { if (use_json) vty_out(vty, "{}\n"); From 5eb077f5bf6bfd4bd71e6b25e7aa15ee44f0e078 Mon Sep 17 00:00:00 2001 From: Rodrigo Nardi <rnardi@netdef.org> Date: Fri, 9 Aug 2024 18:44:25 -0300 Subject: [PATCH 57/57] doc: trying to create leak --- vtysh/vtysh_config.c | 469 +++++++++++++++++++++++++++++++--------- yang/frr-zebra.yang | 8 + zebra/zebra_nb_config.c | 49 ++++- 3 files changed, 419 insertions(+), 107 deletions(-) diff --git a/vtysh/vtysh_config.c b/vtysh/vtysh_config.c index c02f27c876..a1b001df7e 100644 --- a/vtysh/vtysh_config.c +++ b/vtysh/vtysh_config.c @@ -5,6 +5,10 @@ #include <zebra.h> #include <sys/wait.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> #include "command.h" #include "linklist.h" @@ -14,6 +18,13 @@ #include "vtysh/vtysh.h" #include "vtysh/vtysh_user.h" +#define MAX_LINE_LENGTH 256 +#define MAX_CMDS 100 +#define TEMP_DIR "/home/frr" +#define FRR_CONFIG_FILE "/etc/frr/frr.conf" +#define VTYSH_CONFIG_PATH "/etc/frr/vtysh.conf" + + DEFINE_MGROUP(MVTYSH, "vtysh"); DEFINE_MTYPE_STATIC(MVTYSH, VTYSH_CONFIG, "Vtysh configuration"); DEFINE_MTYPE_STATIC(MVTYSH, VTYSH_CONFIG_LINE, "Vtysh configuration line"); @@ -23,6 +34,18 @@ vector configvec; PREDECL_LIST(config_master); PREDECL_HASH(config_master_hash); +struct Interfacecommands { + char line[MAX_LINE_LENGTH]; + int setorder; + int has_setorder; +}; + +struct Interface { + char name[MAX_LINE_LENGTH]; + struct Interfacecommands cmd[MAX_CMDS]; + int cmd_count; +}; + struct config { /* Configuration node name. */ char *name; @@ -275,55 +298,61 @@ void vtysh_config_parse_line(void *arg, const char *line) case ' ': /* Store line to current configuration. */ if (config) { - if (config->index == KEYCHAIN_NODE - && strncmp(line, " key", strlen(" key")) == 0) { - config = config_get_nested( - config, KEYCHAIN_KEY_NODE, line); + if (config->index == KEYCHAIN_NODE && + strncmp(line, " key", strlen(" key")) == 0) { + config = config_get_nested(config, + KEYCHAIN_KEY_NODE, + line); } else if (config->index == KEYCHAIN_KEY_NODE) { - if (strncmp(line, " exit", strlen(" exit")) - == 0) { + if (strncmp(line, " exit", strlen(" exit")) == + 0) { config_add_line_uniq_end(config->line, line); config = config->parent; } else { - config_add_line_uniq(config->line, - line); + config_add_line_uniq(config->line, line); } } else if (strncmp(line, " link-params", - strlen(" link-params")) - == 0) { + strlen(" link-params")) == 0) { config_add_line(config->line, line); config->index = LINK_PARAMS_NODE; } else if (strncmp(line, " ip multicast boundary", - strlen(" ip multicast boundary")) - == 0) { + strlen(" ip multicast boundary")) == + 0) { config_add_line_uniq_end(config->line, line); } else if (strncmp(line, " ip igmp query-interval", - strlen(" ip igmp query-interval")) - == 0) { + strlen(" ip igmp query-interval")) == + 0) { config_add_line_uniq_end(config->line, line); - } else if (config->index == LINK_PARAMS_NODE - && strncmp(line, " exit-link-params", - strlen(" exit")) - == 0) { + } else if (config->index == LINK_PARAMS_NODE && + strncmp(line, " exit-link-params", + strlen(" exit")) == 0) { config_add_line(config->line, line); config->index = INTERFACE_NODE; - } else if (!strncmp(line, " vrrp", strlen(" vrrp")) - || !strncmp(line, " no vrrp", - strlen(" no vrrp"))) { + } else if (!strncmp(line, " vrrp", strlen(" vrrp")) || + !strncmp(line, " no vrrp", + strlen(" no vrrp"))) { config_add_line(config->line, line); } else if (!strncmp(line, " ip mroute", strlen(" ip mroute"))) { config_add_line_uniq_end(config->line, line); + } else if ((strncmp(line, " rpki", strlen(" rpki")) == + 0) && + config->index == VRF_NODE) { + config_add_line(config->line, line); + config->index = RPKI_VRF_NODE; } else if (config->index == RMAP_NODE || config->index == INTERFACE_NODE || config->index == VTY_NODE) config_add_line_uniq(config->line, line); - else if (config->index == NH_GROUP_NODE) { + else if (config->index == RPKI_VRF_NODE && + strncmp(line, " exit", strlen(" exit")) == 0) { + config_add_line(config->line, line); + config->index = VRF_NODE; + } else if (config->index == NH_GROUP_NODE) { if (strncmp(line, " resilient", strlen(" resilient")) == 0) - config_add_line_head(config->line, - line); + config_add_line_head(config->line, line); else config_add_line_uniq_end(config->line, line); @@ -338,8 +367,8 @@ void vtysh_config_parse_line(void *arg, const char *line) if (config->exit) XFREE(MTYPE_VTYSH_CONFIG_LINE, config->exit); - config->exit = - XSTRDUP(MTYPE_VTYSH_CONFIG_LINE, line); + config->exit = XSTRDUP(MTYPE_VTYSH_CONFIG_LINE, + line); } } else if (strncmp(line, "interface", strlen("interface")) == 0) config = config_get(INTERFACE_NODE, line); @@ -347,27 +376,27 @@ void vtysh_config_parse_line(void *arg, const char *line) config = config_get(PW_NODE, line); else if (strncmp(line, "vrf", strlen("vrf")) == 0) config = config_get(VRF_NODE, line); - else if (strncmp(line, "nexthop-group", strlen("nexthop-group")) - == 0) + else if (strncmp(line, "nexthop-group", + strlen("nexthop-group")) == 0) config = config_get(NH_GROUP_NODE, line); else if (strncmp(line, "router-id", strlen("router-id")) == 0) config = config_get(ZEBRA_NODE, line); else if (strncmp(line, "router rip", strlen("router rip")) == 0) config = config_get(RIP_NODE, line); - else if (strncmp(line, "router ripng", strlen("router ripng")) - == 0) + else if (strncmp(line, "router ripng", + strlen("router ripng")) == 0) config = config_get(RIPNG_NODE, line); - else if (strncmp(line, "router eigrp", strlen("router eigrp")) - == 0) + else if (strncmp(line, "router eigrp", + strlen("router eigrp")) == 0) config = config_get(EIGRP_NODE, line); - else if (strncmp(line, "router babel", strlen("router babel")) - == 0) + else if (strncmp(line, "router babel", + strlen("router babel")) == 0) config = config_get(BABEL_NODE, line); - else if (strncmp(line, "router ospf", strlen("router ospf")) - == 0) + else if (strncmp(line, "router ospf", strlen("router ospf")) == + 0) config = config_get(OSPF_NODE, line); - else if (strncmp(line, "router ospf6", strlen("router ospf6")) - == 0) + else if (strncmp(line, "router ospf6", + strlen("router ospf6")) == 0) config = config_get(OSPF6_NODE, line); else if (strncmp(line, "mpls ldp", strlen("mpls ldp")) == 0) config = config_get(LDP_NODE, line); @@ -375,54 +404,46 @@ void vtysh_config_parse_line(void *arg, const char *line) config = config_get(LDP_L2VPN_NODE, line); else if (strncmp(line, "router bgp", strlen("router bgp")) == 0) config = config_get(BGP_NODE, line); - else if (strncmp(line, "router isis", strlen("router isis")) - == 0) + else if (strncmp(line, "router isis", strlen("router isis")) == + 0) config = config_get(ISIS_NODE, line); - else if (strncmp(line, "router openfabric", strlen("router openfabric")) - == 0) + else if (strncmp(line, "router openfabric", + strlen("router openfabric")) == 0) config = config_get(OPENFABRIC_NODE, line); else if (strncmp(line, "affinity-map", strlen("affinity-map")) == 0) config = config_get(AFFMAP_NODE, line); else if (strncmp(line, "route-map", strlen("route-map")) == 0) config = config_get(RMAP_NODE, line); - else if (strncmp(line, "no route-map", strlen("no route-map")) - == 0) + else if (strncmp(line, "no route-map", + strlen("no route-map")) == 0) config = config_get(RMAP_NODE, line); else if (strncmp(line, "pbr-map", strlen("pbr-map")) == 0) config = config_get(PBRMAP_NODE, line); - else if (strncmp(line, "access-list", strlen("access-list")) - == 0) + else if (strncmp(line, "access-list", strlen("access-list")) == + 0) config = config_get(ACCESS_NODE, line); else if (strncmp(line, "ipv6 access-list", - strlen("ipv6 access-list")) - == 0) + strlen("ipv6 access-list")) == 0) config = config_get(ACCESS_IPV6_NODE, line); else if (strncmp(line, "mac access-list", - strlen("mac access-list")) - == 0) + strlen("mac access-list")) == 0) config = config_get(ACCESS_MAC_NODE, line); else if (strncmp(line, "ip prefix-list", - strlen("ip prefix-list")) - == 0) + strlen("ip prefix-list")) == 0) config = config_get(PREFIX_NODE, line); else if (strncmp(line, "ipv6 prefix-list", - strlen("ipv6 prefix-list")) - == 0) + strlen("ipv6 prefix-list")) == 0) config = config_get(PREFIX_IPV6_NODE, line); else if (strncmp(line, "bgp as-path access-list", - strlen("bgp as-path access-list")) - == 0) + strlen("bgp as-path access-list")) == 0) config = config_get(AS_LIST_NODE, line); else if (strncmp(line, "bgp community-list", - strlen("bgp community-list")) - == 0 - || strncmp(line, "bgp extcommunity-list", - strlen("bgp extcommunity-list")) - == 0 - || strncmp(line, "bgp large-community-list", - strlen("bgp large-community-list")) - == 0) + strlen("bgp community-list")) == 0 || + strncmp(line, "bgp extcommunity-list", + strlen("bgp extcommunity-list")) == 0 || + strncmp(line, "bgp large-community-list", + strlen("bgp large-community-list")) == 0) config = config_get(COMMUNITY_LIST_NODE, line); else if (strncmp(line, "bgp community alias", strlen("bgp community alias")) == 0) @@ -436,21 +457,17 @@ void vtysh_config_parse_line(void *arg, const char *line) else if (strncmp(line, "line", strlen("line")) == 0) config = config_get(VTY_NODE, line); else if ((strncmp(line, "ipv6 forwarding", - strlen("ipv6 forwarding")) - == 0) - || (strncmp(line, "ip forwarding", - strlen("ip forwarding")) - == 0)) + strlen("ipv6 forwarding")) == 0) || + (strncmp(line, "ip forwarding", + strlen("ip forwarding")) == 0)) config = config_get(FORWARDING_NODE, line); else if (strncmp(line, "debug vrf", strlen("debug vrf")) == 0) config = config_get(VRF_DEBUG_NODE, line); else if (strncmp(line, "debug northbound", - strlen("debug northbound")) - == 0) + strlen("debug northbound")) == 0) config = config_get(NORTHBOUND_DEBUG_NODE, line); else if (strncmp(line, "debug route-map", - strlen("debug route-map")) - == 0) + strlen("debug route-map")) == 0) config = config_get(RMAP_DEBUG_NODE, line); else if (strncmp(line, "debug resolver", strlen("debug resolver")) == 0) @@ -463,16 +480,15 @@ void vtysh_config_parse_line(void *arg, const char *line) config = config_get(MGMT_BE_DEBUG_NODE, line); else if (strncmp(line, "debug", strlen("debug")) == 0) config = config_get(DEBUG_NODE, line); - else if (strncmp(line, "password", strlen("password")) == 0 - || strncmp(line, "enable password", - strlen("enable password")) - == 0) + else if (strncmp(line, "password", strlen("password")) == 0 || + strncmp(line, "enable password", + strlen("enable password")) == 0) config = config_get(AAA_NODE, line); - else if (strncmp(line, "ip protocol", strlen("ip protocol")) - == 0) + else if (strncmp(line, "ip protocol", strlen("ip protocol")) == + 0) config = config_get(PROTOCOL_NODE, line); - else if (strncmp(line, "ipv6 protocol", strlen("ipv6 protocol")) - == 0) + else if (strncmp(line, "ipv6 protocol", + strlen("ipv6 protocol")) == 0) config = config_get(PROTOCOL_NODE, line); else if (strncmp(line, "ip nht", strlen("ip nht")) == 0) config = config_get(PROTOCOL_NODE, line); @@ -481,13 +497,17 @@ void vtysh_config_parse_line(void *arg, const char *line) else if (strncmp(line, "mpls", strlen("mpls")) == 0) config = config_get(MPLS_NODE, line); else if (strncmp(line, "segment-routing", - strlen("segment-routing")) - == 0) + strlen("segment-routing")) == 0) config = config_get(SEGMENT_ROUTING_NODE, line); else if (strncmp(line, "bfd", strlen("bfd")) == 0) config = config_get(BFD_NODE, line); else if (strncmp(line, "rpki", strlen("rpki")) == 0) config = config_get(RPKI_NODE, line); + else if (strncmp(line, "router pim", strlen("router pim")) == 0) + config = config_get(PIM_NODE, line); + else if (strncmp(line, "router pim6", strlen("router pim6")) == + 0) + config = config_get(PIM6_NODE, line); else { if (strncmp(line, "log", strlen("log")) == 0 || strncmp(line, "hostname", strlen("hostname")) == 0 || @@ -516,16 +536,15 @@ void vtysh_config_parse_line(void *arg, const char *line) /* Macro to check delimiter is needed between each configuration line * or not. */ -#define NO_DELIMITER(I) \ - ((I) == AFFMAP_NODE || (I) == ACCESS_NODE || (I) == PREFIX_NODE || \ - (I) == IP_NODE || (I) == AS_LIST_NODE || \ - (I) == COMMUNITY_LIST_NODE || (I) == COMMUNITY_ALIAS_NODE || \ - (I) == ACCESS_IPV6_NODE || (I) == ACCESS_MAC_NODE || \ - (I) == PREFIX_IPV6_NODE || (I) == FORWARDING_NODE || \ - (I) == DEBUG_NODE || (I) == AAA_NODE || (I) == VRF_DEBUG_NODE || \ - (I) == NORTHBOUND_DEBUG_NODE || (I) == RMAP_DEBUG_NODE || \ - (I) == RESOLVER_DEBUG_NODE || (I) == MPLS_NODE || \ - (I) == KEYCHAIN_KEY_NODE) +#define NO_DELIMITER(I) \ + ((I) == AFFMAP_NODE || (I) == ACCESS_NODE || (I) == PREFIX_NODE || \ + (I) == IP_NODE || (I) == AS_LIST_NODE || (I) == COMMUNITY_LIST_NODE || \ + (I) == COMMUNITY_ALIAS_NODE || (I) == ACCESS_IPV6_NODE || \ + (I) == ACCESS_MAC_NODE || (I) == PREFIX_IPV6_NODE || \ + (I) == FORWARDING_NODE || (I) == DEBUG_NODE || (I) == AAA_NODE || \ + (I) == VRF_DEBUG_NODE || (I) == NORTHBOUND_DEBUG_NODE || \ + (I) == RMAP_DEBUG_NODE || (I) == RESOLVER_DEBUG_NODE || \ + (I) == MPLS_NODE || (I) == KEYCHAIN_KEY_NODE) static void configvec_dump(vector vec, bool nested) { @@ -539,8 +558,8 @@ static void configvec_dump(vector vec, bool nested) if ((configuration = vector_slot(vec, i)) != NULL) { while ((config = config_master_pop( &configuration->master))) { - config_master_hash_del( - &configuration->hash_master, config); + config_master_hash_del(&configuration->hash_master, + config); /* Don't print empty sections for interface. * Route maps on the * other hand could have a legitimate empty @@ -549,8 +568,8 @@ static void configvec_dump(vector vec, bool nested) * "configured" VRFs with static routes which * are not under the VRF node. */ - if (config->index == INTERFACE_NODE - && list_isempty(config->line)) { + if (config->index == INTERFACE_NODE && + list_isempty(config->line)) { config_del(config); continue; } @@ -607,8 +626,14 @@ static int vtysh_read_file(FILE *confp, bool dry_run) vty->node = CONFIG_NODE; vtysh_execute_no_pager("enable"); - vtysh_execute_no_pager("conf term file-lock"); - vty->vtysh_file_locked = true; + /* + * When reading the config, we need to wait until the lock is acquired. + * If we ignore the failure and continue without the lock, the config + * will be fully ignored. + */ + while (vtysh_execute_no_pager("conf term file-lock") == + CMD_WARNING_CONFIG_FAILED) + usleep(100000); if (!dry_run) vtysh_execute_no_pager("XFRR_start_configuration"); @@ -620,7 +645,6 @@ static int vtysh_read_file(FILE *confp, bool dry_run) vtysh_execute_no_pager("XFRR_end_configuration"); vtysh_execute_no_pager("end"); - vty->vtysh_file_locked = false; vtysh_execute_no_pager("disable"); vty_close(vty); @@ -628,6 +652,229 @@ static int vtysh_read_file(FILE *confp, bool dry_run) return (ret); } +// sorts ipv4 addresses on interface based on setorder parameter +static void sort_ip_addresses(struct Interfacecommands *cmd, int count) +{ + // Temporary arrays to separate IP addresses with and without setorder + struct Interfacecommands other_cmds_before_ip[MAX_CMDS]; + struct Interfacecommands with_setorder[MAX_CMDS]; + struct Interfacecommands without_setorder[MAX_CMDS]; + int count_other_cmds_before_ip = 0; + int count_with_setorder = 0; + int count_without_setorder = 0; + + // Separate IP addresses and other commands based on setorder field in Interfacecommands(cmd) + for (int i = 0; i < count; i++) { + if (cmd[i].has_setorder == 0 && cmd[i].setorder == 0) { + other_cmds_before_ip[count_other_cmds_before_ip++] = + cmd[i]; + } else if (cmd[i].has_setorder) { + with_setorder[count_with_setorder++] = cmd[i]; + } else { + without_setorder[count_without_setorder++] = cmd[i]; + } + } + + // Sort the IP addresses with setorder + + for (int i = 0; i < count_with_setorder - 1; i++) { + for (int j = 0; j < count_with_setorder - i - 1; j++) { + if (with_setorder[j].setorder > + with_setorder[j + 1].setorder) { + struct Interfacecommands temp = with_setorder[j]; + + with_setorder[j] = with_setorder[j + 1]; + with_setorder[j + 1] = temp; + } + } + } + + // Merge back into the original array + + int index = 0; + + for (int i = 0; i < count_other_cmds_before_ip; i++) + cmd[index++] = other_cmds_before_ip[i]; + + for (int i = 0; i < count_with_setorder; i++) + cmd[index++] = with_setorder[i]; + + for (int i = 0; i < count_without_setorder; i++) + cmd[index++] = without_setorder[i]; + +} + +static char *backup_frr_conf_file(const char *config_file_path) +{ + char line[MAX_LINE_LENGTH]; + const char *temp_dir = TEMP_DIR; + const char *fileprefix = "frr_temp_file"; + char temp_file_path[64]; // Adjust size as needed + int fd; + FILE *config_file, *backup_file; + + snprintf(temp_file_path, sizeof(temp_file_path), "%s/%s.XXXXXX", + temp_dir, fileprefix); + fd = mkstemp(temp_file_path); + if (fd == -1) { + printfrr( + "[VTYSH] vtysh_config.c: Failed to create temporary file"); + return NULL; + } + + config_file = fopen(config_file_path, "r"); + if (!config_file) { + printfrr("[VTYSH] Can't open the configuration file"); + close(fd); + unlink(temp_file_path); + return NULL; + } + + backup_file = fdopen(fd, "w"); + if (!backup_file) { + printfrr("[VTYSH] Can't open the temporary backup file"); + fclose(config_file); + unlink(temp_file_path); + return NULL; + } + + while (fgets(line, MAX_LINE_LENGTH, config_file)) + fprintf(backup_file, "%s", line); + + fclose(backup_file); + fclose(config_file); + + return strdup(temp_file_path); +} + +static int ip_setorder_ipv4(const char *config_file_path) +{ + char *temp_file = backup_frr_conf_file(config_file_path); + + FILE *input_file = fopen(temp_file, "r"); + FILE *output_file = fopen(config_file_path, "w"); + + if (!input_file) { + printfrr( + "[VTYSH] Failed to open the temp file to read: Aborting setorder\n"); + free(temp_file); + return 0; + } + + if (!output_file) { + printfrr("[VTYSH] Failed to open file %s(frr.conf backup file) to write: Aborting setorder\n", + config_file_path); + fclose(input_file); + free(temp_file); + return 0; + } + + char line[MAX_LINE_LENGTH]; + struct Interface current_interface; + int in_interface = 0; + + while (fgets(line, sizeof(line), input_file)) { + if (strncmp(line, "interface ", 10) == 0) { + // Start a new interface + strlcpy(current_interface.name, line, + sizeof(current_interface.name)); + current_interface.cmd_count = 0; + in_interface = 1; + } else if (in_interface) { + if (in_interface && strncmp(line, "exit", 4) == 0) { + sort_ip_addresses(current_interface.cmd, + current_interface.cmd_count); + fprintf(output_file, "%s", + current_interface.name); + + for (int i = 0; i < current_interface.cmd_count; + i++) { + fprintf(output_file, "%s", + current_interface.cmd[i].line); + } + + in_interface = 0; + fprintf(output_file, "%s", line); + continue; + } + // Extract setorder + int setorder_other_cmds_before_ip = 0; + int setorder = + MAX_CMDS; // Default large value if setorder is not present + int has_setorder = 0; + char *setorder_str = strstr(line, "setorder "); + + //for other commands before ip which should follow frr sorting + if (strncmp(line, " ip address", 4) < 0 && + strstr(line, "ip address") == NULL) { + current_interface + .cmd[current_interface.cmd_count] + .setorder = + setorder_other_cmds_before_ip; + } else if (setorder_str) { + int check = sscanf(setorder_str, "setorder %d", &setorder); + + if (check != 1) + setorder = MAX_CMDS; + + current_interface + .cmd[current_interface.cmd_count] + .setorder = setorder; + has_setorder = 1; + } else { + current_interface + .cmd[current_interface.cmd_count] + .setorder = setorder; + } + + // for ip address having setorder + strlcpy(current_interface + .cmd[current_interface.cmd_count] + .line, + line, + sizeof(current_interface + .cmd[current_interface.cmd_count] + .line)); + current_interface.cmd[current_interface.cmd_count] + .has_setorder = has_setorder; + current_interface.cmd_count++; + } else { + fprintf(output_file, "%s", line); + } + } + + fclose(input_file); + fclose(output_file); + unlink(temp_file); + return 1; +} + +static int check_vtysh_service_integrated(const char *config_file_path) +{ + char line[MAX_LINE_LENGTH]; + const char *service_intergrated = "service integrated-vtysh-config"; + + size_t length = strlen(service_intergrated); + + FILE *vtysh_config_file = fopen(config_file_path, "r"); + + if (!vtysh_config_file) { + printfrr("[VTYSH] vtysh_config.c: Failed to open file %s\n", + config_file_path); + return 0; + } + + while (fgets(line, sizeof(line), vtysh_config_file)) { + if (strncmp(line, service_intergrated, length) == 0) { + fclose(vtysh_config_file); + return 1; + } + break; + } + + fclose(vtysh_config_file); + return 0; +} /* * Read configuration file and send it to all connected daemons */ @@ -636,6 +883,23 @@ static int vtysh_read_config(const char *config_file_path, bool dry_run) FILE *confp = NULL; bool save; int ret; + int st; + const char *frr_conf_path = FRR_CONFIG_FILE; + const char *vtysh_conf_path = VTYSH_CONFIG_PATH; + size_t length = strlen(vtysh_conf_path); + + if (strncmp(config_file_path, vtysh_conf_path, length) == 0) { + int vtysh_srv_ret; + + vtysh_srv_ret = check_vtysh_service_integrated(config_file_path); + if (vtysh_srv_ret != 0) { + st = ip_setorder_ipv4(frr_conf_path); + if (st == 0) { + printfrr( + "Setting the order of IP'v4 failed on interfaces\n"); + } + } + } confp = fopen(config_file_path, "r"); if (confp == NULL) { @@ -777,8 +1041,7 @@ void vtysh_config_write(void) vtysh_config_parse_line(NULL, "no service integrated-vtysh-config"); if (vtysh_write_integrated == WRITE_INTEGRATED_YES) - vtysh_config_parse_line(NULL, - "service integrated-vtysh-config"); + vtysh_config_parse_line(NULL, "service integrated-vtysh-config"); user_config_write(); } @@ -788,4 +1051,4 @@ void vtysh_config_init(void) config_top = list_new(); config_top->del = (void (*)(void *))line_del; configvec = vector_init(1); -} +} \ No newline at end of file diff --git a/yang/frr-zebra.yang b/yang/frr-zebra.yang index 3c6e45126a..e467190436 100644 --- a/yang/frr-zebra.yang +++ b/yang/frr-zebra.yang @@ -1956,6 +1956,14 @@ module frr-zebra { "Optional string label for the address."; } + leaf setorder { + type uint8 { + range "1..100"; + } + description + "The order of the IP address."; + } + leaf ip4-peer { when "derived-from-or-self(../address-family, 'frr-rt:ipv4')"; type inet:ipv4-prefix; diff --git a/zebra/zebra_nb_config.c b/zebra/zebra_nb_config.c index 50caaa819e..4fd36b0cf0 100644 --- a/zebra/zebra_nb_config.c +++ b/zebra/zebra_nb_config.c @@ -975,6 +975,45 @@ int lib_interface_zebra_ip_addrs_ip4_peer_modify(struct nb_cb_modify_args *args) return NB_OK; } +/* XPath: /frr-interface:lib/interface/frr-zebra:zebra/ipv4-addrs/setorder */ +int lib_interface_zebra_ipv4_addrs_setorder_modify(struct nb_cb_modify_args *args) +{ + switch (args->event) { + case NB_EV_VALIDATE: + if (nb_running_get_entry_non_rec(lyd_parent(args->dnode), NULL, + false)) { + snprintf(args->errmsg, args->errmsg_len, + "Changing setorder is not allowed"); + return NB_ERR_VALIDATION; + } + break; + case NB_EV_PREPARE: + case NB_EV_ABORT: + case NB_EV_APPLY: + break; + } + + return NB_OK; +} + +/* XPath: /frr-interface:lib/interface/frr-zebra:zebra/ipv4-addrs/setorder */ +int lib_interface_zebra_ipv4_addrs_setorder_destroy( + struct nb_cb_destroy_args *args) +{ + switch (args->event) { + case NB_EV_VALIDATE: + snprintf(args->errmsg, args->errmsg_len, + "Removing setorder is not allowed"); + return NB_ERR_VALIDATION; + case NB_EV_PREPARE: + case NB_EV_ABORT: + case NB_EV_APPLY: + break; + } + + return NB_OK; +} + int lib_interface_zebra_ip_addrs_ip4_peer_destroy( struct nb_cb_destroy_args *args) { @@ -1403,8 +1442,9 @@ int lib_interface_zebra_affinity_mode_modify(struct nb_cb_modify_args *args) if (affinity_mode == AFFINITY_MODE_STANDARD) { if (!IS_PARAM_SET(iflp, LP_ADM_GRP) && IS_PARAM_SET(iflp, LP_EXTEND_ADM_GRP)) { - iflp->admin_grp = admin_group_get_offset( - &iflp->ext_admin_grp, 0); + iflp->admin_grp = + admin_group_get_offset(&iflp->ext_admin_grp, + 0); SET_PARAM(iflp, LP_ADM_GRP); } admin_group_clear(&iflp->ext_admin_grp); @@ -1428,8 +1468,9 @@ int lib_interface_zebra_affinity_mode_modify(struct nb_cb_modify_args *args) SET_PARAM(iflp, LP_EXTEND_ADM_GRP); } else if (!IS_PARAM_SET(iflp, LP_ADM_GRP) && IS_PARAM_SET(iflp, LP_EXTEND_ADM_GRP)) { - iflp->admin_grp = admin_group_get_offset( - &iflp->ext_admin_grp, 0); + iflp->admin_grp = + admin_group_get_offset(&iflp->ext_admin_grp, + 0); SET_PARAM(iflp, LP_ADM_GRP); } }