From e3ec1e30e863d3189f25f0f0c6878aacf9fa1e5e Mon Sep 17 00:00:00 2001
From: acinonyx <acinonyx@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Sun, 26 Jul 2009 11:52:56 +0000
Subject: [PATCH] [packages] quagga-unstable: Implement BGP confederation error
 handling (RFC5065, Par. 5)

git-svn-id: svn://svn.openwrt.org/openwrt/packages@17008 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 .../patches/120-confed_errorhandle.patch      | 76 +++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 net/quagga-unstable/patches/120-confed_errorhandle.patch

diff --git a/net/quagga-unstable/patches/120-confed_errorhandle.patch b/net/quagga-unstable/patches/120-confed_errorhandle.patch
new file mode 100644
index 000000000..0b7d33d88
--- /dev/null
+++ b/net/quagga-unstable/patches/120-confed_errorhandle.patch
@@ -0,0 +1,76 @@
+--- a/bgpd/bgp_aspath.c
++++ b/bgpd/bgp_aspath.c
+@@ -1122,6 +1122,42 @@ aspath_private_as_check (struct aspath *
+   return 1;
+ }
+ 
++/* AS path confed check.  If aspath contains confed set or sequence then return 1. */
++int
++aspath_confed_check (struct aspath *aspath)
++{
++  struct assegment *seg;
++
++  if ( !(aspath && aspath->segments) )
++    return 0;
++
++  seg = aspath->segments;
++
++  while (seg)
++    {
++      if (seg->type == AS_CONFED_SET || seg->type == AS_CONFED_SEQUENCE)
++	  return 1;
++      seg = seg->next;
++    }
++  return 0;
++}
++
++/* Leftmost AS path segment confed check.  If leftmost AS segment is of type
++  AS_CONFED_SEQUENCE or AS_CONFED_SET then return 1.  */
++int
++aspath_left_confed_check (struct aspath *aspath)
++{
++
++  if ( !(aspath && aspath->segments) )
++    return 0;
++
++  if ( (aspath->segments->type == AS_CONFED_SEQUENCE)
++      || (aspath->segments->type == AS_CONFED_SET) )
++    return 1;
++
++  return 0;
++}
++
+ /* Merge as1 to as2.  as2 should be uninterned aspath. */
+ static struct aspath *
+ aspath_merge (struct aspath *as1, struct aspath *as2)
+--- a/bgpd/bgp_aspath.h
++++ b/bgpd/bgp_aspath.h
+@@ -88,6 +88,8 @@ extern unsigned int aspath_key_make (voi
+ extern int aspath_loop_check (struct aspath *, as_t);
+ extern int aspath_private_as_check (struct aspath *);
+ extern int aspath_firstas_check (struct aspath *, as_t);
++extern int aspath_confed_check (struct aspath *);
++extern int aspath_left_confed_check (struct aspath *);
+ extern unsigned long aspath_count (void);
+ extern unsigned int aspath_count_hops (struct aspath *);
+ extern unsigned int aspath_count_confeds (struct aspath *);
+--- a/bgpd/bgp_attr.c
++++ b/bgpd/bgp_attr.c
+@@ -872,6 +872,17 @@ static int bgp_attr_aspath_check( struct
+ 
+   bgp = peer->bgp;
+     
++  /* Confederation sanity check. */
++  if ((peer_sort (peer) == BGP_PEER_CONFED && ! aspath_left_confed_check (attr->aspath)) ||
++     (peer_sort (peer) == BGP_PEER_EBGP && aspath_confed_check (attr->aspath)))
++    {
++      zlog (peer->log, LOG_ERR, "Malformed AS path from %s", peer->host);
++      bgp_notify_send (peer, 
++		       BGP_NOTIFY_UPDATE_ERR, 
++		       BGP_NOTIFY_UPDATE_MAL_AS_PATH);
++      return -1;
++    }
++
+   /* First AS check for EBGP. */
+   if (bgp != NULL && bgp_flag_check (bgp, BGP_FLAG_ENFORCE_FIRST_AS))
+     {