/* BGP try to connect to the peer. */ int bgp_connect (struct peer *peer) { unsigned int ifindex = 0; /* Make socket for the peer. */ peer->fd = sockunion_socket (&peer->su); if (peer->fd < 0) return -1; set_nonblocking (peer->fd); /* Set socket send buffer size */ bgp_update_sock_send_buffer_size(peer->fd); bgp_set_socket_ttl (peer, peer->fd); sockopt_reuseaddr (peer->fd); sockopt_reuseport (peer->fd); #ifdef IPTOS_PREC_INTERNETCONTROL if (bgpd_privs.change (ZPRIVS_RAISE)) zlog_err ("%s: could not raise privs", __func__); if (sockunion_family (&peer->su) == AF_INET) setsockopt_ipv4_tos (peer->fd, IPTOS_PREC_INTERNETCONTROL); # ifdef HAVE_IPV6 else if (sockunion_family (&peer->su) == AF_INET6) setsockopt_ipv6_tclass (peer->fd, IPTOS_PREC_INTERNETCONTROL); # endif if (bgpd_privs.change (ZPRIVS_LOWER)) zlog_err ("%s: could not lower privs", __func__); #endif if (peer->password) bgp_md5_set_connect (peer->fd, &peer->su, peer->password); /* Bind socket. */ bgp_bind (peer); /* Update source bind. */ bgp_update_source (peer); #ifdef HAVE_IPV6 if (peer->ifname) ifindex = if_nametoindex (peer->ifname); #endif /* HAVE_IPV6 */ if (BGP_DEBUG (events, EVENTS)) plog_debug (peer->log, "%s [Event] Connect start to %s fd %d", peer->host, peer->host, peer->fd); /* Connect to the remote peer. */ return sockunion_connect (peer->fd, &peer->su, htons (peer->port), ifindex); }
/* BGP try to connect to the peer. */ int bgp_connect (struct peer *peer) { unsigned int ifindex = 0; /* Make socket for the peer. */ peer->fd = sockunion_socket (&peer->su); if (peer->fd < 0) return -1; /* If we can get socket for the peer, adjest TTL and make connection. */ if (peer->sort == BGP_PEER_EBGP) { sockopt_ttl (peer->su.sa.sa_family, peer->fd, peer->ttl); if (peer->gtsm_hops) sockopt_minttl (peer->su.sa.sa_family, peer->fd, MAXTTL + 1 - peer->gtsm_hops); } sockopt_reuseaddr (peer->fd); sockopt_reuseport (peer->fd); #ifdef IPTOS_PREC_INTERNETCONTROL if (bgpd_privs.change (ZPRIVS_RAISE)) zlog_err ("%s: could not raise privs", __func__); if (sockunion_family (&peer->su) == AF_INET) setsockopt_ipv4_tos (peer->fd, IPTOS_PREC_INTERNETCONTROL); # ifdef HAVE_IPV6 else if (sockunion_family (&peer->su) == AF_INET6) setsockopt_ipv6_tclass (peer->fd, IPTOS_PREC_INTERNETCONTROL); # endif if (bgpd_privs.change (ZPRIVS_LOWER)) zlog_err ("%s: could not lower privs", __func__); #endif if (peer->password) bgp_md5_set_connect (peer->fd, &peer->su, peer->password); /* Bind socket. */ bgp_bind (peer); /* Update source bind. */ bgp_update_source (peer); #ifdef HAVE_IPV6 if (peer->ifname) ifindex = if_nametoindex (peer->ifname); #endif /* HAVE_IPV6 */ if (BGP_DEBUG (events, EVENTS)) plog_debug (peer->log, "%s [Event] Connect start to %s fd %d", peer->host, peer->host, peer->fd); /* Connect to the remote peer. */ return sockunion_connect (peer->fd, &peer->su, htons (peer->port), ifindex); }
static int bgp_listener (int sock, struct sockaddr *sa, socklen_t salen) { struct bgp_listener *listener; int ret, en; sockopt_reuseaddr (sock); sockopt_reuseport (sock); #ifdef IPTOS_PREC_INTERNETCONTROL if (sa->sa_family == AF_INET) setsockopt_ipv4_tos (sock, IPTOS_PREC_INTERNETCONTROL); #endif #ifdef IPV6_V6ONLY /* Want only IPV6 on ipv6 socket (not mapped addresses) */ if (sa->sa_family == AF_INET6) { int on = 1; setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, (void *) &on, sizeof (on)); } #endif if (bgpd_privs.change (ZPRIVS_RAISE) ) zlog_err ("bgp_socket: could not raise privs"); ret = bind (sock, sa, salen); en = errno; if (bgpd_privs.change (ZPRIVS_LOWER) ) zlog_err ("bgp_bind_address: could not lower privs"); if (ret < 0) { zlog_err ("bind: %s", safe_strerror (en)); return ret; } ret = listen (sock, 3); if (ret < 0) { zlog_err ("listen: %s", safe_strerror (errno)); return ret; } listener = XMALLOC (MTYPE_BGP_LISTENER, sizeof(*listener)); listener->fd = sock; memcpy(&listener->su, sa, salen); listener->thread = thread_add_read (master, bgp_accept, listener, sock); listnode_add (bm->listen_sockets, listener); return 0; }
static int bgp_listener(int sock, struct sockaddr *sa, socklen_t salen, struct bgp *bgp) { struct bgp_listener *listener; int ret, en; sockopt_reuseaddr(sock); sockopt_reuseport(sock); frr_elevate_privs(&bgpd_privs) { #ifdef IPTOS_PREC_INTERNETCONTROL if (sa->sa_family == AF_INET) setsockopt_ipv4_tos(sock, IPTOS_PREC_INTERNETCONTROL); else if (sa->sa_family == AF_INET6) setsockopt_ipv6_tclass(sock, IPTOS_PREC_INTERNETCONTROL); #endif sockopt_v6only(sa->sa_family, sock); ret = bind(sock, sa, salen); en = errno; } if (ret < 0) { flog_err_sys(EC_LIB_SOCKET, "bind: %s", safe_strerror(en)); return ret; } ret = listen(sock, SOMAXCONN); if (ret < 0) { flog_err_sys(EC_LIB_SOCKET, "listen: %s", safe_strerror(errno)); return ret; } listener = XCALLOC(MTYPE_BGP_LISTENER, sizeof(*listener)); listener->fd = sock; /* this socket needs a change of ns. record bgp back pointer */ if (bgp->vrf_id != VRF_DEFAULT && vrf_is_backend_netns()) listener->bgp = bgp; memcpy(&listener->su, sa, salen); listener->thread = NULL; thread_add_read(bm->master, bgp_accept, listener, sock, &listener->thread); listnode_add(bm->listen_sockets, listener); return 0; }
static int bgp_listener (int sock, struct sockaddr *sa, socklen_t salen) { struct bgp_listener *listener; int ret, en; sockopt_reuseaddr (sock); sockopt_reuseport (sock); if (bgpd_privs.change (ZPRIVS_RAISE)) zlog_err ("%s: could not raise privs", __func__); #ifdef IPTOS_PREC_INTERNETCONTROL if (sa->sa_family == AF_INET) setsockopt_ipv4_tos (sock, IPTOS_PREC_INTERNETCONTROL); # ifdef HAVE_IPV6 else if (sa->sa_family == AF_INET6) setsockopt_ipv6_tclass (sock, IPTOS_PREC_INTERNETCONTROL); # endif #endif sockopt_v6only (sa->sa_family, sock); ret = bind (sock, sa, salen); en = errno; if (bgpd_privs.change (ZPRIVS_LOWER)) zlog_err ("%s: could not lower privs", __func__); if (ret < 0) { zlog_err ("bind: %s", safe_strerror (en)); return ret; } ret = listen (sock, 3); if (ret < 0) { zlog_err ("listen: %s", safe_strerror (errno)); return ret; } listener = XMALLOC (MTYPE_BGP_LISTENER, sizeof(*listener)); listener->fd = sock; memcpy(&listener->su, sa, salen); listener->thread = thread_add_read (master, bgp_accept, listener, sock); listnode_add (bm->listen_sockets, listener); return 0; }
static int ext_client_bgp_listener(struct ext_client_bgp * ext_client_bgp, int sock, struct sockaddr * sa, socklen_t salen) { struct bgp_listener *listener; int ret, en; sockopt_reuseaddr (sock); sockopt_reuseport (sock); #ifdef IPTOS_PREC_INTERNETCONTROL if (sa->sa_family == AF_INET) setsockopt_ipv4_tos (sock, IPTOS_PREC_INTERNETCONTROL); #endif #ifdef IPV6_V6ONLY /* Want only IPV6 on ipv6 socket (not mapped addresses) */ if (sa->sa_family == AF_INET6) { int on = 1; setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, (void *) &on, sizeof (on)); } #endif ret = bind (sock, sa, salen); if (ret < 0) { printf ("bind: %s", strerror (en)); return ret; } ret = listen (sock, 3); if (ret < 0) { printf("listen: %s", strerror (errno)); return ret; } listener = calloc(1, sizeof(struct bgp_listener)); listener->accept_fd = sock; listener->peer_fd = -1; memcpy(&listener->su, sa, salen); ext_client_bgp_event(EXT_CLIENT_BGP_ACCEPT, ext_client_bgp, listener); list_push_back(&ext_client_bgp->listen_sockets, &listener->node); return 0; }
int ospf_sock_init (int packet_flag) { int ospf_sock; int ret, hincl = 1; int ospf_hello = OSPF_IP_HELLO_PACKET; int ospf_other = OSPF_IP_OTHER_PACKET; ospf_sock = socket (AF_INET, SOCK_RAW, IPPROTO_OSPFIGP); if (ospf_sock < 0) { int save_errno = errno; zlog_err ("ospf_read_sock_init: socket: %s", safe_strerror (save_errno)); exit(1); } #ifdef IP_HDRINCL /* we will include IP header with packet */ ret = setsockopt (ospf_sock, IPPROTO_IP, IP_HDRINCL, &hincl, sizeof (hincl)); if (ret < 0) { int save_errno = errno; zlog_warn ("Can't set IP_HDRINCL option for fd %d: %s", ospf_sock, safe_strerror(save_errno)); } #elif defined (IPTOS_PREC_INTERNETCONTROL) #warning "IP_HDRINCL not available on this system" #warning "using IPTOS_PREC_INTERNETCONTROL" ret = setsockopt_ipv4_tos(ospf_sock, IPTOS_PREC_INTERNETCONTROL); if (ret < 0) { int save_errno = errno; zlog_warn ("can't set sockopt IP_TOS %d to socket %d: %s", tos, ospf_sock, safe_strerror(save_errno)); close (ospf_sock); /* Prevent sd leak. */ return ret; } #else /* !IPTOS_PREC_INTERNETCONTROL */ #warning "IP_HDRINCL not available, nor is IPTOS_PREC_INTERNETCONTROL" zlog_warn ("IP_HDRINCL option not available"); #endif /* IP_HDRINCL */ ret = setsockopt_ifindex (AF_INET, ospf_sock, 1); if (ret < 0) { zlog_warn ("Can't set pktinfo option for fd %d", ospf_sock); } ret = setsockopt_so_recvbuf (ospf_sock, OSPF_PACKET_RECV_BUFFLEN); if (ret < 0) { zlog_warn ("Can't set SO_RCVBUF %d to socket %d", OSPF_PACKET_RECV_BUFFLEN, ospf_sock); } if(packet_flag == OSPF_IP_HELLO_PACKET) { set_nonblocking(ospf_sock); setsockopt (ospf_sock, SOL_SOCKET, SO_SET_OSPF_FILTER, &ospf_hello, sizeof (ospf_hello)); } if(packet_flag == OSPF_IP_OTHER_PACKET) { set_nonblocking(ospf_sock); setsockopt (ospf_sock, SOL_SOCKET, SO_SET_OSPF_FILTER, &ospf_other, sizeof (ospf_hello)); } return ospf_sock; }
/* BGP try to connect to the peer. */ int bgp_connect(struct peer *peer) { assert(!CHECK_FLAG(peer->thread_flags, PEER_THREAD_WRITES_ON)); assert(!CHECK_FLAG(peer->thread_flags, PEER_THREAD_READS_ON)); ifindex_t ifindex = 0; if (peer->conf_if && BGP_PEER_SU_UNSPEC(peer)) { zlog_debug("Peer address not learnt: Returning from connect"); return 0; } frr_elevate_privs(&bgpd_privs) { /* Make socket for the peer. */ peer->fd = vrf_sockunion_socket(&peer->su, peer->bgp->vrf_id, bgp_get_bound_name(peer)); } if (peer->fd < 0) return -1; set_nonblocking(peer->fd); /* Set socket send buffer size */ setsockopt_so_sendbuf(peer->fd, BGP_SOCKET_SNDBUF_SIZE); if (bgp_set_socket_ttl(peer, peer->fd) < 0) return -1; sockopt_reuseaddr(peer->fd); sockopt_reuseport(peer->fd); #ifdef IPTOS_PREC_INTERNETCONTROL frr_elevate_privs(&bgpd_privs) { if (sockunion_family(&peer->su) == AF_INET) setsockopt_ipv4_tos(peer->fd, IPTOS_PREC_INTERNETCONTROL); else if (sockunion_family(&peer->su) == AF_INET6) setsockopt_ipv6_tclass(peer->fd, IPTOS_PREC_INTERNETCONTROL); } #endif if (peer->password) { uint16_t prefixlen = peer->su.sa.sa_family == AF_INET ? IPV4_MAX_PREFIXLEN : IPV6_MAX_PREFIXLEN; bgp_md5_set_connect(peer->fd, &peer->su, prefixlen, peer->password); } /* Update source bind. */ if (bgp_update_source(peer) < 0) { return connect_error; } if (peer->conf_if || peer->ifname) ifindex = ifname2ifindex(peer->conf_if ? peer->conf_if : peer->ifname, peer->bgp->vrf_id); if (bgp_debug_neighbor_events(peer)) zlog_debug("%s [Event] Connect start to %s fd %d", peer->host, peer->host, peer->fd); /* Connect to the remote peer. */ return sockunion_connect(peer->fd, &peer->su, htons(peer->port), ifindex); }
/* BGP try to connect to the peer. */ int bgp_connect (struct peer *peer) { printf("\n BGP CONNECT: I am in BGP Connect\n"); unsigned int ifindex = 0; /*setting up TLS for a second*/ printf("\n BGP CONNECT: I am just about to initialise SSL\n"); ssl_init(); //initialise the library, method, contact of ssl session, returns nothing if(BGPTLS.psCTX==NULL) { printf("\n BGP CONNECT: There is no entry in the .psCTX pointer \n"); } else { printf("\n BGP CONNECT: There is an entry in the .psCTX pointer, it is %i \n", BGPTLS_sess_server.psCTX); } printf("\n BGP CONNECT: There is an entry in the .psCTX pointer: "); printf("%i \n", BGPTLS.psCTX); /*if (SSL_CTX_use_certificate_chain_file(BGPTLS_sess_server.psCTX,"/usr/home/dugald/subcert.pem")!=1) { printf("Error loading certificate from file"); } else { printf("Certificate has loaded correctly"); } */ /* Make socket for the peer. */ printf("BGP CONNECT: Here's sockets"); peer->fd = sockunion_socket (&peer->su); SSL_connect(BGPTLS->ssl); if (peer->fd < 0) return -1; /* If we can get socket for the peer, adjest TTL and make connection. */ if (peer->sort == BGP_PEER_EBGP) { sockopt_ttl (peer->su.sa.sa_family, peer->fd, peer->ttl); if (peer->gtsm_hops) sockopt_minttl (peer->su.sa.sa_family, peer->fd, MAXTTL + 1 - peer->gtsm_hops); } sockopt_reuseaddr (peer->fd); sockopt_reuseport (peer->fd); #ifdef IPTOS_PREC_INTERNETCONTROL if (bgpd_privs.change (ZPRIVS_RAISE)) zlog_err ("%s: could not raise privs", __func__); if (sockunion_family (&peer->su) == AF_INET) setsockopt_ipv4_tos (peer->fd, IPTOS_PREC_INTERNETCONTROL); # ifdef HAVE_IPV6 else if (sockunion_family (&peer->su) == AF_INET6) setsockopt_ipv6_tclass (peer->fd, IPTOS_PREC_INTERNETCONTROL); # endif if (bgpd_privs.change (ZPRIVS_LOWER)) zlog_err ("%s: could not lower privs", __func__); #endif if (peer->password) bgp_md5_set_connect (peer->fd, &peer->su, peer->password); /* Bind socket. */ //bgp_bind (peer); /* Update source bind. */ //bgp_update_source (peer); #ifdef HAVE_IPV6 if (peer->ifname) ifindex = if_nametoindex (peer->ifname); #endif /* HAVE_IPV6 */ if (BGP_DEBUG (events, EVENTS)) plog_debug (peer->log, "%s [Event] Connect start to %s fd %d", peer->host, peer->host, peer->fd); /* Connect to the remote peer. */ return sockunion_connect (peer->fd, &peer->su, htons (peer->port), ifindex); }