/* Hold timer expire. This is error of BGP connection. So cut the
peer and change to Idle status. */
static int
bgp_fsm_holdtime_expire (struct peer *peer)
{
if (BGP_DEBUG (fsm, FSM))
plog_debug (peer->log, "%s [FSM] Hold timer expire", peer->host);
return bgp_stop_with_notify (peer, BGP_NOTIFY_HOLD_ERR, 0);
}
/* BGP try to connect to the peer. */
int
bgp_connect (struct peer *peer)
{
unsigned int ifindex = 0;
/* Make socket for the peer. */
peer->fd = sockunion_socket (&peer->su);
if (peer->fd < 0)
return -1;
set_nonblocking (peer->fd);
/* Set socket send buffer size */
bgp_update_sock_send_buffer_size(peer->fd);
bgp_set_socket_ttl (peer, peer->fd);
sockopt_reuseaddr (peer->fd);
sockopt_reuseport (peer->fd);
#ifdef IPTOS_PREC_INTERNETCONTROL
if (bgpd_privs.change (ZPRIVS_RAISE))
zlog_err ("%s: could not raise privs", __func__);
if (sockunion_family (&peer->su) == AF_INET)
setsockopt_ipv4_tos (peer->fd, IPTOS_PREC_INTERNETCONTROL);
# ifdef HAVE_IPV6
else if (sockunion_family (&peer->su) == AF_INET6)
setsockopt_ipv6_tclass (peer->fd, IPTOS_PREC_INTERNETCONTROL);
# endif
if (bgpd_privs.change (ZPRIVS_LOWER))
zlog_err ("%s: could not lower privs", __func__);
#endif
if (peer->password)
bgp_md5_set_connect (peer->fd, &peer->su, peer->password);
/* Bind socket. */
bgp_bind (peer);
/* Update source bind. */
bgp_update_source (peer);
#ifdef HAVE_IPV6
if (peer->ifname)
ifindex = if_nametoindex (peer->ifname);
#endif /* HAVE_IPV6 */
if (BGP_DEBUG (events, EVENTS))
plog_debug (peer->log, "%s [Event] Connect start to %s fd %d",
peer->host, peer->host, peer->fd);
/* Connect to the remote peer. */
return sockunion_connect (peer->fd, &peer->su, htons (peer->port), ifindex);
}
/* BGP try to connect to the peer. */
int
bgp_connect (struct peer *peer)
{
unsigned int ifindex = 0;
/* Make socket for the peer. */
peer->fd = sockunion_socket (&peer->su);
if (peer->fd < 0)
return -1;
/* If we can get socket for the peer, adjest TTL and make connection. */
if (peer->sort == BGP_PEER_EBGP) {
sockopt_ttl (peer->su.sa.sa_family, peer->fd, peer->ttl);
if (peer->gtsm_hops)
sockopt_minttl (peer->su.sa.sa_family, peer->fd, MAXTTL + 1 - peer->gtsm_hops);
}
sockopt_reuseaddr (peer->fd);
sockopt_reuseport (peer->fd);
#ifdef IPTOS_PREC_INTERNETCONTROL
if (bgpd_privs.change (ZPRIVS_RAISE))
zlog_err ("%s: could not raise privs", __func__);
if (sockunion_family (&peer->su) == AF_INET)
setsockopt_ipv4_tos (peer->fd, IPTOS_PREC_INTERNETCONTROL);
# ifdef HAVE_IPV6
else if (sockunion_family (&peer->su) == AF_INET6)
setsockopt_ipv6_tclass (peer->fd, IPTOS_PREC_INTERNETCONTROL);
# endif
if (bgpd_privs.change (ZPRIVS_LOWER))
zlog_err ("%s: could not lower privs", __func__);
#endif
if (peer->password)
bgp_md5_set_connect (peer->fd, &peer->su, peer->password);
/* Bind socket. */
bgp_bind (peer);
/* Update source bind. */
bgp_update_source (peer);
#ifdef HAVE_IPV6
if (peer->ifname)
ifindex = if_nametoindex (peer->ifname);
#endif /* HAVE_IPV6 */
if (BGP_DEBUG (events, EVENTS))
plog_debug (peer->log, "%s [Event] Connect start to %s fd %d",
peer->host, peer->host, peer->fd);
/* Connect to the remote peer. */
return sockunion_connect (peer->fd, &peer->su, htons (peer->port), ifindex);
}
/* dump notify packet */
void
bgp_notify_print(struct peer *peer, struct bgp_notify *bgp_notify,
const char *direct)
{
const char *subcode_str;
subcode_str = "";
switch (bgp_notify->code)
{
case BGP_NOTIFY_HEADER_ERR:
subcode_str = LOOKUP (bgp_notify_head_msg, bgp_notify->subcode);
break;
case BGP_NOTIFY_OPEN_ERR:
subcode_str = LOOKUP (bgp_notify_open_msg, bgp_notify->subcode);
break;
case BGP_NOTIFY_UPDATE_ERR:
subcode_str = LOOKUP (bgp_notify_update_msg, bgp_notify->subcode);
break;
case BGP_NOTIFY_HOLD_ERR:
subcode_str = "";
break;
case BGP_NOTIFY_FSM_ERR:
subcode_str = "";
break;
case BGP_NOTIFY_CEASE:
subcode_str = LOOKUP (bgp_notify_cease_msg, bgp_notify->subcode);
break;
case BGP_NOTIFY_CAPABILITY_ERR:
subcode_str = LOOKUP (bgp_notify_capability_msg, bgp_notify->subcode);
break;
}
if (bgp_flag_check (peer->bgp, BGP_FLAG_LOG_NEIGHBOR_CHANGES))
zlog_info ("%%NOTIFICATION: %s neighbor %s %d/%d (%s%s) %d bytes %s",
strcmp (direct, "received") == 0 ? "received from" : "sent to",
peer->host, bgp_notify->code, bgp_notify->subcode,
LOOKUP (bgp_notify_msg, bgp_notify->code),
subcode_str, bgp_notify->length,
bgp_notify->data ? bgp_notify->data : "");
else if (BGP_DEBUG (normal, NORMAL))
plog_debug (peer->log, "%s %s NOTIFICATION %d/%d (%s%s) %d bytes %s",
peer ? peer->host : "",
direct, bgp_notify->code, bgp_notify->subcode,
LOOKUP (bgp_notify_msg, bgp_notify->code),
subcode_str, bgp_notify->length,
bgp_notify->data ? bgp_notify->data : "");
}
/* Execute event process. */
int
bgp_event (struct thread *thread)
{
int ret = 0;
int event;
int next;
struct peer *peer;
peer = THREAD_ARG (thread);
event = THREAD_VAL (thread);
/* Logging this event. */
next = FSM [peer->status -1][event - 1].next_state;
if (BGP_DEBUG (fsm, FSM) && peer->status != next)
plog_debug (peer->log, "%s [FSM] %s (%s->%s)", peer->host,
bgp_event_str[event],
LOOKUP (bgp_status_msg, peer->status),
LOOKUP (bgp_status_msg, next));
/* Call function. */
if (FSM [peer->status -1][event - 1].func)
ret = (*(FSM [peer->status - 1][event - 1].func))(peer);
/* When function do not want proceed next job return -1. */
if (ret >= 0)
{
/* If status is changed. */
if (next != peer->status)
{
/* Transition into Clearing must /always/ clear all routes.. */
if (next == Clearing)
bgp_clear_route_all (peer);
bgp_fsm_change_status (peer, next);
}
/* Make sure timer is set. */
bgp_timer_set (peer);
}
return ret;
}
/* This function is the first starting point of all BGP connection. It
try to connect to remote peer with non-blocking IO. */
int
bgp_start (struct peer *peer)
{
int status;
if (BGP_PEER_START_SUPPRESSED (peer))
{
if (BGP_DEBUG (fsm, FSM))
plog_err (peer->log, "%s [FSM] Trying to start suppressed peer"
" - this is never supposed to happen!", peer->host);
return -1;
}
/* Scrub some information that might be left over from a previous,
* session
*/
/* Connection information. */
if (peer->su_local)
{
sockunion_free (peer->su_local);
peer->su_local = NULL;
}
if (peer->su_remote)
{
sockunion_free (peer->su_remote);
peer->su_remote = NULL;
}
/* Clear remote router-id. */
peer->remote_id.s_addr = 0;
/* Clear peer capability flag. */
peer->cap = 0;
/* If the peer is passive mode, force to move to Active mode. */
if (CHECK_FLAG (peer->flags, PEER_FLAG_PASSIVE))
{
BGP_EVENT_ADD (peer, TCP_connection_open_failed);
return 0;
}
status = bgp_connect (peer);
switch (status)
{
case connect_error:
if (BGP_DEBUG (fsm, FSM))
plog_debug (peer->log, "%s [FSM] Connect error", peer->host);
BGP_EVENT_ADD (peer, TCP_connection_open_failed);
break;
case connect_success:
if (BGP_DEBUG (fsm, FSM))
plog_debug (peer->log, "%s [FSM] Connect immediately success",
peer->host);
BGP_EVENT_ADD (peer, TCP_connection_open);
break;
case connect_in_progress:
/* To check nonblocking connect, we wait until socket is
readable or writable. */
if (BGP_DEBUG (fsm, FSM))
plog_debug (peer->log, "%s [FSM] Non blocking connect waiting result",
peer->host);
if (peer->fd < 0)
{
zlog_err ("bgp_start peer's fd is negative value %d",
peer->fd);
return -1;
}
BGP_READ_ON (peer->t_read, bgp_read, peer->fd);
BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
break;
}
return 0;
}
/* BGP try to connect to the peer. */
int bgp_connect (struct peer *peer)
{
printf("\n BGP CONNECT: I am in BGP Connect\n");
unsigned int ifindex = 0;
/*setting up TLS for a second*/
printf("\n BGP CONNECT: I am just about to initialise SSL\n");
ssl_init(); //initialise the library, method, contact of ssl session, returns nothing
if(BGPTLS.psCTX==NULL)
{
printf("\n BGP CONNECT: There is no entry in the .psCTX pointer \n");
}
else
{
printf("\n BGP CONNECT: There is an entry in the .psCTX pointer, it is %i \n", BGPTLS_sess_server.psCTX);
}
printf("\n BGP CONNECT: There is an entry in the .psCTX pointer: ");
printf("%i \n", BGPTLS.psCTX);
/*if (SSL_CTX_use_certificate_chain_file(BGPTLS_sess_server.psCTX,"/usr/home/dugald/subcert.pem")!=1)
{
printf("Error loading certificate from file");
}
else
{
printf("Certificate has loaded correctly");
} */
/* Make socket for the peer. */
printf("BGP CONNECT: Here's sockets");
peer->fd = sockunion_socket (&peer->su);
SSL_connect(BGPTLS->ssl);
if (peer->fd < 0)
return -1;
/* If we can get socket for the peer, adjest TTL and make connection. */
if (peer->sort == BGP_PEER_EBGP)
{
sockopt_ttl (peer->su.sa.sa_family, peer->fd, peer->ttl);
if (peer->gtsm_hops)
sockopt_minttl (peer->su.sa.sa_family, peer->fd, MAXTTL + 1 - peer->gtsm_hops);
}
sockopt_reuseaddr (peer->fd);
sockopt_reuseport (peer->fd);
#ifdef IPTOS_PREC_INTERNETCONTROL
if (bgpd_privs.change (ZPRIVS_RAISE))
zlog_err ("%s: could not raise privs", __func__);
if (sockunion_family (&peer->su) == AF_INET)
setsockopt_ipv4_tos (peer->fd, IPTOS_PREC_INTERNETCONTROL);
# ifdef HAVE_IPV6
else if (sockunion_family (&peer->su) == AF_INET6)
setsockopt_ipv6_tclass (peer->fd, IPTOS_PREC_INTERNETCONTROL);
# endif
if (bgpd_privs.change (ZPRIVS_LOWER))
zlog_err ("%s: could not lower privs", __func__);
#endif
if (peer->password)
bgp_md5_set_connect (peer->fd, &peer->su, peer->password);
/* Bind socket. */
//bgp_bind (peer);
/* Update source bind. */
//bgp_update_source (peer);
#ifdef HAVE_IPV6
if (peer->ifname)
ifindex = if_nametoindex (peer->ifname);
#endif /* HAVE_IPV6 */
if (BGP_DEBUG (events, EVENTS))
plog_debug (peer->log, "%s [Event] Connect start to %s fd %d", peer->host, peer->host, peer->fd);
/* Connect to the remote peer. */
return sockunion_connect (peer->fd, &peer->su, htons (peer->port), ifindex);
}
