On Fri, Sep 14, 2018 at 04:59:51PM +0200, Claudio Jeker wrote:
> This diff extends the existing trie code for prefix-set to also work with
> roa-set. Unlike prefix-set there is no need for a prefixlen mask during
> lookup, instead the source-as needs to be checked and also if the
> prefixlen of the prefix is allowed.
> The lookup can return 3 states:
> ROA_UNKNONW: prefix is not covered by any entry
> ROA_VALID: prefix is covered and the source-as matches as does the prefixlen
> ROA_INVALID: there was a covering ROA entry that did not match source-as
> or prefixlen
> The source-as check is done with an as_set and should therefor scale well.
> In general these lookups need to be quick since all prefixes will go
> through roa lookups.
>
> The frontend code (parse.y and imsg passing) is missing, since this is
> already fairly large and it is tested by the unit tests I decided to send
> this out as an idividual step.
>
Anyone having something against me committing this later today?
Will make it easier to send out the next bits to get us ROA support.
--
:wq Claudio
> Index: usr.sbin/bgpd/bgpd.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/bgpd.h,v
> retrieving revision 1.340
> diff -u -p -r1.340 bgpd.h
> --- usr.sbin/bgpd/bgpd.h 14 Sep 2018 10:22:11 -0000 1.340
> +++ usr.sbin/bgpd/bgpd.h 14 Sep 2018 14:08:49 -0000
> @@ -952,6 +952,11 @@ struct filter_set {
> enum action_types type;
> };
>
> +struct roa_set {
> + u_int32_t as; /* must be first */
> + u_int32_t maxlen; /* change type for better struct layout */
> +};
> +
> struct prefixset_item {
> struct filter_prefix p;
> SIMPLEQ_ENTRY(prefixset_item) entry;
> Index: usr.sbin/bgpd/rde.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/rde.h,v
> retrieving revision 1.190
> diff -u -p -r1.190 rde.h
> --- usr.sbin/bgpd/rde.h 9 Sep 2018 12:33:51 -0000 1.190
> +++ usr.sbin/bgpd/rde.h 14 Sep 2018 14:08:22 -0000
> @@ -36,6 +36,12 @@ enum peer_state {
> PEER_ERR /* error occurred going to PEER_DOWN state */
> };
>
> +enum roa_state {
> + ROA_UNKNOWN,
> + ROA_INVALID,
> + ROA_VALID
> +};
> +
> /*
> * How do we identify peers between the session handler and the rde?
> * Currently I assume that we can do that with the neighbor_ip...
> @@ -332,7 +338,8 @@ struct rde_prefixset {
> char name[SET_NAME_LEN];
> struct trie_head th;
> SIMPLEQ_ENTRY(rde_prefixset) entry;
> - int dirty;
> + int dirty;
> + int roa;
> };
> SIMPLEQ_HEAD(rde_prefixset_head, rde_prefixset);
>
> @@ -578,8 +585,12 @@ int up_dump_mp_reach(u_char *, u_int16
> /* rde_trie.c */
> int trie_add(struct trie_head *, struct bgpd_addr *, u_int8_t, u_int8_t,
> u_int8_t);
> +int trie_roa_add(struct trie_head *, struct bgpd_addr *, u_int8_t,
> + struct as_set *);
> void trie_free(struct trie_head *);
> int trie_match(struct trie_head *, struct bgpd_addr *, u_int8_t, int);
> +int trie_roa_check(struct trie_head *, struct bgpd_addr *, u_int8_t,
> + u_int32_t);
> void trie_dump(struct trie_head *);
> int trie_equal(struct trie_head *, struct trie_head *);
>
> Index: usr.sbin/bgpd/rde_trie.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/rde_trie.c,v
> retrieving revision 1.5
> diff -u -p -r1.5 rde_trie.c
> --- usr.sbin/bgpd/rde_trie.c 10 Sep 2018 13:15:50 -0000 1.5
> +++ usr.sbin/bgpd/rde_trie.c 14 Sep 2018 14:08:22 -0000
> @@ -57,22 +57,20 @@
> */
> struct tentry_v4 {
> struct tentry_v4 *trie[2];
> + struct as_set *aset; /* for roa source-as set */
> struct in_addr addr;
> struct in_addr plenmask;
> u_int8_t plen;
> u_int8_t node;
> -
> - /* roa source-as list pointer */
> };
>
> struct tentry_v6 {
> struct tentry_v6 *trie[2];
> + struct as_set *aset; /* for roa source-as set */
> struct in6_addr addr;
> struct in6_addr plenmask;
> u_int8_t plen;
> u_int8_t node;
> -
> - /* roa source-as list pointer */
> };
>
> /*
> @@ -143,37 +141,14 @@ inet6setbit(struct in6_addr *addr, u_int
> addr->s6_addr[bit / 8] |= (0x80 >> (bit % 8));
> }
>
> -static int
> -trie_add_v4(struct trie_head *th, struct in_addr *prefix, u_int8_t plen,
> - u_int8_t min, u_int8_t max)
> +static struct tentry_v4 *
> +trie_add_v4(struct trie_head *th, struct in_addr *prefix, u_int8_t plen)
> {
> struct tentry_v4 *n, *new, *b, **prev;
> - struct in_addr p, plenmask;
> - u_int8_t i;
> -
> - /*
> - * check for default route, this is special cased since prefixlen 0
> - * can't be checked in the prefixlen mask plenmask. Also there is only
> - * one default route so using a flag for this works.
> - */
> - if (min == 0) {
> - th->match_default_v4 = 1;
> - if (max == 0) /* just the default route */
> - return 0;
> - min = 1;
> - }
> + struct in_addr p;
>
> inet4applymask(&p, prefix, plen);
>
> - /*
> - * The prefixlen mask goes from 1 to 32 but the bitmask
> - * starts at 0 and so all bits are set with an offset of 1.
> - * The default /0 route is handled specially above.
> - */
> - memset(&plenmask, 0, sizeof(plenmask));
> - for (i = min; i <= max; i++)
> - inet4setbit(&plenmask, i - 1);
> -
> /* walk tree finding spot to insert */
> prev = &th->root_v4;
> n = *prev;
> @@ -189,7 +164,7 @@ trie_add_v4(struct trie_head *th, struct
> * np and n, then insert n and new node there
> */
> if ((b = calloc(1, sizeof(*b))) == NULL)
> - return -1;
> + return NULL;
> b->plen = inet4findmsb(&n->addr, &mp);
> inet4applymask(&b->addr, &n->addr, b->plen);
>
> @@ -213,8 +188,7 @@ trie_add_v4(struct trie_head *th, struct
> if (n->plen == plen) {
> /* matching node, adjust */
> n->node = 1;
> - n->plenmask.s_addr |= plenmask.s_addr;
> - return 0;
> + return n;
> }
>
> /* no need to check for n->plen == 32 because of above if */
> @@ -227,10 +201,9 @@ trie_add_v4(struct trie_head *th, struct
>
> /* create new node */
> if ((new = calloc(1, sizeof(*new))) == NULL)
> - return -1;
> + return NULL;
> new->addr = p;
> new->plen = plen;
> - new->plenmask = plenmask;
> new->node = 1;
>
> /* link node */
> @@ -241,40 +214,17 @@ trie_add_v4(struct trie_head *th, struct
> else
> new->trie[0] = n;
> }
> - return 0;
> + return new;
> }
>
> -static int
> -trie_add_v6(struct trie_head *th, struct in6_addr *prefix, u_int8_t plen,
> - u_int8_t min, u_int8_t max)
> +static struct tentry_v6 *
> +trie_add_v6(struct trie_head *th, struct in6_addr *prefix, u_int8_t plen)
> {
> struct tentry_v6 *n, *new, *b, **prev;
> - struct in6_addr p, plenmask;
> - u_int8_t i;
> -
> - /*
> - * check for default route, this is special cased since prefixlen 0
> - * can't be checked in the prefixlen mask plenmask. Also there is only
> - * one default route so using a flag for this works.
> - */
> - if (min == 0) {
> - th->match_default_v6 = 1;
> - if (max == 0) /* just the default route */
> - return 0;
> - min = 1;
> - }
> + struct in6_addr p;
>
> inet6applymask(&p, prefix, plen);
>
> - /*
> - * The prefixlen mask goes from 1 to 128 but the bitmask
> - * starts at 0 and so all bits are set with an offset of 1.
> - * The default /0 route is handled specially above.
> - */
> - memset(&plenmask, 0, sizeof(plenmask));
> - for (i = min; i <= max; i++)
> - inet6setbit(&plenmask, i - 1);
> -
> /* walk tree finding spot to insert */
> prev = &th->root_v6;
> n = *prev;
> @@ -290,7 +240,7 @@ trie_add_v6(struct trie_head *th, struct
> * np and n, then insert n and new node there
> */
> if ((b = calloc(1, sizeof(*b))) == NULL)
> - return -1;
> + return NULL;
> b->plen = inet6findmsb(&n->addr, &mp);
> inet6applymask(&b->addr, &n->addr, b->plen);
>
> @@ -314,9 +264,7 @@ trie_add_v6(struct trie_head *th, struct
> if (n->plen == plen) {
> /* matching node, adjust */
> n->node = 1;
> - for (i = 0; i < sizeof(plenmask); i++)
> - n->plenmask.s6_addr[i] |= plenmask.s6_addr[i];
> - return 0;
> + return n;
> }
>
> /* no need to check for n->plen == 128 because of above if */
> @@ -329,10 +277,9 @@ trie_add_v6(struct trie_head *th, struct
>
> /* create new node */
> if ((new = calloc(1, sizeof(*new))) == NULL)
> - return -1;
> + return NULL;
> new->addr = p;
> new->plen = plen;
> - new->plenmask = plenmask;
> new->node = 1;
>
> /* link node */
> @@ -343,30 +290,125 @@ trie_add_v6(struct trie_head *th, struct
> else
> new->trie[0] = n;
> }
> - return 0;
> + return new;
> }
>
> +/*
> + * Insert prefix/plen into the trie with a prefixlen mask covering min - max.
> + * If plen == min == max then only the prefix/plen will match and no longer
> + * match is possible. Else all prefixes under prefix/plen with a prefixlen
> + * between min and max will match.
> + */
> int
> trie_add(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen,
> u_int8_t min, u_int8_t max)
> {
> + struct tentry_v4 *n4;
> + struct tentry_v6 *n6;
> + u_int8_t i;
> +
> /* precondition plen <= min <= max */
> if (plen > min || min > max)
> return -1;
> + if (prefix->aid != AID_INET && prefix->aid != AID_INET6)
> + return -1;
> +
> + /*
> + * Check for default route, this is special cased since prefixlen 0
> + * can't be checked in the prefixlen mask plenmask. Also there is
> + * only one default route so using a flag for this works.
> + */
> + if (min == 0) {
> + if (prefix->aid == AID_INET)
> + th->match_default_v4 = 1;
> + else
> + th->match_default_v6 = 1;
> +
> + if (max == 0) /* just the default route */
> + return 0;
> + min = 1;
> + }
>
> switch (prefix->aid) {
> case AID_INET:
> if (max > 32)
> return -1;
> - return trie_add_v4(th, &prefix->v4, plen, min, max);
> +
> + n4 = trie_add_v4(th, &prefix->v4, plen);
> + if (n4 == NULL)
> + return -1;
> + /*
> + * The prefixlen min - max goes from 1 to 32 but the bitmask
> + * starts at 0 and so all bits are set with an offset of -1.
> + * The default /0 route is handled specially above.
> + */
> + for (i = min; i <= max; i++)
> + inet4setbit(&n4->plenmask, i - 1);
> + break;
> case AID_INET6:
> if (max > 128)
> return -1;
> - return trie_add_v6(th, &prefix->v6, plen, min, max);
> +
> + n6 = trie_add_v6(th, &prefix->v6, plen);
> + if (n6 == NULL)
> + return -1;
> +
> + /* See above for the - 1 reason. */
> + for (i = min; i <= max; i++)
> + inet6setbit(&n6->plenmask, i - 1);
> + break;
> + }
> + return 0;
> +}
> +
> +/*
> + * Insert a ROA entry for prefix/plen. The prefix will insert an as_set with
> + * source_as and the maxlen as data. This makes it possible to validate if a
> + * prefix is matching this ROA record. It is possible to insert prefixes with
> + * source_as = 0. These entries will never return ROA_VALID on check and can
> + * be used to cover a large prefix as ROA_INVALID unless a more specific
> route
> + * is a match.
> + */
> +int
> +trie_roa_add(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen,
> + struct as_set *aset)
> +{
> + struct tentry_v4 *n4;
> + struct tentry_v6 *n6;
> + struct as_set **ap;
> +
> + /* ignore possible default route since it does not make sense */
> +
> + switch (prefix->aid) {
> + case AID_INET:
> + if (plen > 32)
> + return -1;
> +
> + n4 = trie_add_v4(th, &prefix->v4, plen);
> + if (n4 == NULL)
> + return -1;
> + ap = &n4->aset;
> + break;
> + case AID_INET6:
> + if (plen > 128)
> + return -1;
> +
> + n6 = trie_add_v6(th, &prefix->v6, plen);
> + if (n6 == NULL)
> + return -1;
> + ap = &n6->aset;
> + break;
> default:
> /* anything else fails */
> return -1;
> }
> +
> + /* aset already set, error out */
> + if (*ap != NULL)
> + return -1;
> + *ap = aset;
> +
> + return 0;
> }
>
> static void
> @@ -376,6 +418,7 @@ trie_free_v4(struct tentry_v4 *n)
> return;
> trie_free_v4(n->trie[0]);
> trie_free_v4(n->trie[1]);
> + as_set_free(n->aset);
> free(n);
> }
>
> @@ -386,6 +429,7 @@ trie_free_v6(struct tentry_v6 *n)
> return;
> trie_free_v6(n->trie[0]);
> trie_free_v6(n->trie[1]);
> + as_set_free(n->aset);
> free(n);
> }
>
> @@ -490,6 +534,123 @@ trie_match(struct trie_head *th, struct
> default:
> /* anything else is no match */
> return 0;
> + }
> +}
> +
> +static int
> +trie_roa_check_v4(struct trie_head *th, struct in_addr *prefix, u_int8_t
> plen,
> + u_int32_t as)
> +{
> + struct tentry_v4 *n;
> + struct roa_set *rs;
> + int validity = ROA_UNKNOWN;
> +
> + /* ignore possible default route since it does not make sense */
> +
> + n = th->root_v4;
> + while (n) {
> + struct in_addr mp;
> +
> + if (n->plen > plen)
> + break; /* too specific, no match possible */
> +
> + inet4applymask(&mp, prefix, n->plen);
> + if (n->addr.s_addr != mp.s_addr)
> + break; /* off path, no other match possible */
> +
> + if (n->node) {
> + /*
> + * The prefix is covered by this roa node
> + * therefor invalid unless roa_set matches.
> + */
> + validity = ROA_INVALID;
> +
> + /* Treat AS 0 as NONE which can never be matched */
> + if (as != 0) {
> + rs = as_set_match(n->aset, as);
> + if (rs && plen <= rs->maxlen)
> + return ROA_VALID;
> + }
> + }
> +
> + if (n->plen == 32)
> + break; /* can't go deeper */
> + if (inet4isset(prefix, n->plen))
> + n = n->trie[1];
> + else
> + n = n->trie[0];
> + }
> +
> + return validity;
> +}
> +
> +static int
> +trie_roa_check_v6(struct trie_head *th, struct in6_addr *prefix, u_int8_t
> plen,
> + u_int32_t as)
> +{
> + struct tentry_v6 *n;
> + struct roa_set *rs;
> + int validity = ROA_UNKNOWN;
> +
> + /* ignore possible default route since it does not make sense */
> +
> + n = th->root_v6;
> + while (n) {
> + struct in6_addr mp;
> +
> + if (n->plen > plen)
> + break; /* too specific, no match possible */
> +
> + inet6applymask(&mp, prefix, n->plen);
> + if (memcmp(&n->addr, &mp, sizeof(mp)) != 0)
> + break; /* off path, no other match possible */
> +
> + if (n->node) {
> + /*
> + * This prefix is covered by this roa node.
> + * Therefor invalid unless proven otherwise.
> + */
> + validity = ROA_INVALID;
> +
> + /* Treat AS 0 as NONE which can never be matched */
> + if (as != 0) {
> + if ((rs = as_set_match(n->aset, as)) != NULL)
> + if (plen == n->plen || plen <= rs->maxlen)
> + return ROA_VALID;
> + }
> + }
> +
> + if (n->plen == 128)
> + break; /* can't go deeper */
> + if (inet6isset(prefix, n->plen))
> + n = n->trie[1];
> + else
> + n = n->trie[0];
> + }
> +
> + return validity;
> +}
> +
> +/*
> + * Do a ROA (Route Origin Validation) check. Look for elements in the trie
> + * which cover prefix "prefix/plen" and match the source-as as.
> + * AS 0 is treated here like AS NONE and should be used when the source-as
> + * is unknown (e.g. AS_SET). In other words the check will then only return
> + * ROA_UNKNOWN or ROA_INVALID depending if the prefix is covered by the ROA.
> + */
> +int
> +trie_roa_check(struct trie_head *th, struct bgpd_addr *prefix, u_int8_t plen,
> + u_int32_t as)
> +{
> + /* valid, invalid, unknow */
> + switch (prefix->aid) {
> + case AID_INET:
> + return trie_roa_check_v4(th, &prefix->v4, plen, as);
> + case AID_INET6:
> + return trie_roa_check_v6(th, &prefix->v6, plen, as);
> + default:
> + /* anything else is unkown */
> + return ROA_UNKNOWN;
> }
> }
>
> Index: regress/usr.sbin/bgpd/unittests/Makefile
> ===================================================================
> RCS file: /cvs/src/regress/usr.sbin/bgpd/unittests/Makefile,v
> retrieving revision 1.3
> diff -u -p -r1.3 Makefile
> --- regress/usr.sbin/bgpd/unittests/Makefile 10 Sep 2018 20:51:59 -0000
> 1.3
> +++ regress/usr.sbin/bgpd/unittests/Makefile 14 Sep 2018 14:10:05 -0000
> @@ -18,13 +18,15 @@ run-regress-rde_sets_test: rde_sets_test
> ./rde_sets_test
>
> SRCS_rde_trie_test= rde_trie_test.c rde_trie.c util.c rde_sets.c
> -TRIE_TESTS=1 2 3 4
> +TRIE_TESTS=1 2 3 4 5
> +TRIE4_FLAGS=-o
> +TRIE5_FLAGS=-r
>
> .for n in ${TRIE_TESTS}
> TRIE_TARGETS+=run-regress-rde_trie_test-${n}
>
> run-regress-rde_trie_test-${n}: rde_trie_test
> - ./rde_trie_test ${.CURDIR}/rde_trie_test.${n}.in \
> + ./rde_trie_test ${TRIE${n}_FLAGS} ${.CURDIR}/rde_trie_test.${n}.in \
> ${.CURDIR}/rde_trie_test.${n}.check | \
> diff -u ${.CURDIR}/rde_trie_test.${n}.out /dev/stdin
> .endfor
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.1.out
> ===================================================================
> RCS file: /cvs/src/regress/usr.sbin/bgpd/unittests/rde_trie_test.1.out,v
> retrieving revision 1.2
> diff -u -p -r1.2 rde_trie_test.1.out
> --- regress/usr.sbin/bgpd/unittests/rde_trie_test.1.out 10 Sep 2018
> 20:51:59 -0000 1.2
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.1.out 14 Sep 2018
> 14:10:05 -0000
> @@ -1,11 +1,11 @@
> -62.48.0.0/19 MATCH 0
> -62.48.0.0/18 miss 0
> -62.48.0.0/20 miss 0
> -62.48.3.0/24 MATCH 0
> -62.48.2.0/24 miss 0
> -62.48.2.0/25 MATCH 0
> -62.48.2.0/26 MATCH 0
> -10.0.0.0/8 MATCH 0
> -10.0.0.0/24 MATCH 0
> -192.168.3.0/24 miss 0
> -192.168.3.66/30 MATCH 0
> +62.48.0.0/19 MATCH
> +62.48.0.0/18 miss
> +62.48.0.0/20 miss
> +62.48.3.0/24 MATCH
> +62.48.2.0/24 miss
> +62.48.2.0/25 MATCH
> +62.48.2.0/26 MATCH
> +10.0.0.0/8 MATCH
> +10.0.0.0/24 MATCH
> +192.168.3.0/24 miss
> +192.168.3.66/30 MATCH
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.2.out
> ===================================================================
> RCS file: /cvs/src/regress/usr.sbin/bgpd/unittests/rde_trie_test.2.out,v
> retrieving revision 1.2
> diff -u -p -r1.2 rde_trie_test.2.out
> --- regress/usr.sbin/bgpd/unittests/rde_trie_test.2.out 10 Sep 2018
> 20:51:59 -0000 1.2
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.2.out 14 Sep 2018
> 14:10:05 -0000
> @@ -1,14 +1,14 @@
> -46.21.0.0/20 MATCH 0
> -87.253.240.0/20 MATCH 0
> -185.108.8.0/22 MATCH 0
> -193.41.124.0/23 MATCH 0
> -195.110.26.0/23 MATCH 0
> -213.135.192.0/21 MATCH 0
> -2a01:7f8::/32 MATCH 0
> -199.185.136.0/23 miss 0
> -199.185.178.0/24 miss 0
> -199.185.230.0/23 miss 0
> -204.174.115.0/24 miss 0
> -204.209.252.0/24 miss 0
> -204.209.253.0/24 miss 0
> -2620:3d:c000::/48 miss 0
> +46.21.0.0/20 MATCH
> +87.253.240.0/20 MATCH
> +185.108.8.0/22 MATCH
> +193.41.124.0/23 MATCH
> +195.110.26.0/23 MATCH
> +213.135.192.0/21 MATCH
> +2a01:7f8::/32 MATCH
> +199.185.136.0/23 miss
> +199.185.178.0/24 miss
> +199.185.230.0/23 miss
> +204.174.115.0/24 miss
> +204.209.252.0/24 miss
> +204.209.253.0/24 miss
> +2620:3d:c000::/48 miss
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.3.out
> ===================================================================
> RCS file: /cvs/src/regress/usr.sbin/bgpd/unittests/rde_trie_test.3.out,v
> retrieving revision 1.2
> diff -u -p -r1.2 rde_trie_test.3.out
> --- regress/usr.sbin/bgpd/unittests/rde_trie_test.3.out 10 Sep 2018
> 20:51:59 -0000 1.2
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.3.out 14 Sep 2018
> 14:10:05 -0000
> @@ -1,143 +1,143 @@
> -82.130.64.0/18 MATCH 0
> -86.119.0.0/16 MATCH 0
> -89.206.64.0/18 MATCH 0
> -128.178.0.0/15 MATCH 0
> -129.129.0.0/16 MATCH 0
> -129.132.0.0/16 MATCH 0
> -129.194.0.0/15 MATCH 0
> -130.59.0.0/16 MATCH 0
> -130.60.0.0/16 MATCH 0
> -130.82.0.0/16 MATCH 0
> -130.92.0.0/16 MATCH 0
> -130.125.0.0/16 MATCH 0
> -130.223.0.0/16 MATCH 0
> -131.152.0.0/16 MATCH 0
> -134.21.0.0/16 MATCH 0
> -138.131.0.0/16 MATCH 0
> -141.249.0.0/16 MATCH 0
> -144.200.0.0/16 MATCH 0
> -146.136.0.0/16 MATCH 0
> -147.86.0.0/16 MATCH 0
> -147.87.0.0/16 MATCH 0
> -147.88.0.0/16 MATCH 0
> -148.187.0.0/16 MATCH 0
> -148.196.0.0/16 MATCH 0
> -152.88.0.0/16 MATCH 0
> -152.96.0.0/16 MATCH 0
> -153.109.0.0/16 MATCH 0
> -155.105.0.0/16 MATCH 0
> -155.228.0.0/16 MATCH 0
> -156.25.0.0/16 MATCH 0
> -156.135.0.0/21 MATCH 0
> -156.135.12.0/22 MATCH 0
> -156.135.16.0/21 MATCH 0
> -156.135.28.0/22 MATCH 0
> -156.135.32.0/19 MATCH 0
> -156.135.64.0/18 MATCH 0
> -156.135.128.0/17 MATCH 0
> -157.26.0.0/16 MATCH 0
> -160.85.0.0/16 MATCH 0
> -160.98.0.0/16 MATCH 0
> -161.62.0.0/16 MATCH 0
> -185.51.68.0/22 MATCH 0
> -185.133.44.0/22 MATCH 0
> -185.144.36.0/22 MATCH 0
> -185.194.180.0/22 MATCH 0
> -185.225.92.0/22 MATCH 0
> -192.12.247.0/24 MATCH 0
> -192.26.28.0/22 MATCH 0
> -192.26.32.0/21 MATCH 0
> -192.26.40.0/22 MATCH 0
> -192.26.44.0/24 MATCH 0
> -192.26.46.0/23 MATCH 0
> -192.33.87.0/24 MATCH 0
> -192.33.88.0/21 MATCH 0
> -192.33.96.0/21 MATCH 0
> -192.33.104.0/22 MATCH 0
> -192.33.108.0/23 MATCH 0
> -192.33.110.0/24 MATCH 0
> -192.33.118.0/23 MATCH 0
> -192.33.120.0/21 MATCH 0
> -192.33.192.0/19 MATCH 0
> -192.33.224.0/21 MATCH 0
> -192.41.132.0/22 MATCH 0
> -192.41.136.0/24 MATCH 0
> -192.41.149.0/24 MATCH 0
> -192.41.150.0/23 MATCH 0
> -192.41.152.0/21 MATCH 0
> -192.41.160.0/24 MATCH 0
> -192.42.42.0/23 MATCH 0
> -192.42.44.0/22 MATCH 0
> -192.42.180.0/22 MATCH 0
> -192.42.184.0/21 MATCH 0
> -192.42.192.0/21 MATCH 0
> -192.42.200.0/23 MATCH 0
> -192.43.192.0/22 MATCH 0
> -192.43.196.0/24 MATCH 0
> -192.47.244.0/22 MATCH 0
> -192.47.248.0/23 MATCH 0
> -192.65.92.0/23 MATCH 0
> -192.101.176.0/24 MATCH 0
> -192.135.150.0/23 MATCH 0
> -192.135.151.0/24 MATCH 0
> -192.135.152.0/21 MATCH 0
> -192.152.98.0/24 MATCH 0
> -193.5.22.0/24 MATCH 0
> -193.5.26.0/23 MATCH 0
> -193.5.54.0/23 MATCH 0
> -193.5.58.0/24 MATCH 0
> -193.5.60.0/24 MATCH 0
> -193.5.80.0/21 MATCH 0
> -193.5.152.0/22 MATCH 0
> -193.5.168.0/22 MATCH 0
> -193.5.180.0/24 MATCH 0
> -193.5.182.0/24 MATCH 0
> -193.5.186.0/24 MATCH 0
> -193.5.188.0/24 MATCH 0
> -193.8.136.0/23 MATCH 0
> -193.36.32.0/24 MATCH 0
> -193.73.125.0/24 MATCH 0
> -193.134.200.0/21 MATCH 0
> -193.134.216.0/21 MATCH 0
> -193.135.168.0/22 MATCH 0
> -193.135.172.0/24 MATCH 0
> -193.135.240.0/21 MATCH 0
> -193.138.69.0/24 MATCH 0
> -193.222.112.0/20 MATCH 0
> -193.222.241.0/24 MATCH 0
> -193.222.242.0/23 MATCH 0
> -193.222.244.0/22 MATCH 0
> -193.222.248.0/23 MATCH 0
> -193.222.250.0/24 MATCH 0
> -193.246.121.0/24 MATCH 0
> -193.246.124.0/23 MATCH 0
> -193.246.176.0/20 MATCH 0
> -193.247.190.0/23 MATCH 0
> -193.247.203.0/24 MATCH 0
> -193.247.240.0/22 MATCH 0
> -193.247.248.0/23 MATCH 0
> -193.247.254.0/24 MATCH 0
> -194.153.96.0/24 MATCH 0
> -195.176.0.0/17 MATCH 0
> -195.176.160.0/19 MATCH 0
> -195.176.224.0/19 MATCH 0
> -198.21.18.0/24 miss 0
> -2001:620::/29 MATCH 0
> -2001:620::/32 MATCH 0
> -2001:678:678::/48 MATCH 0
> -2001:67c:10ec::/48 MATCH 0
> -2001:67c:13c0::/48 MATCH 0
> -2001:67c:16dc::/48 MATCH 0
> -2a02:7dc0::/32 MATCH 0
> -2a07:290a::/32 MATCH 0
> -2a07:3e00::/29 MATCH 0
> -2a07:6b40::/29 MATCH 0
> -2a0a:4ec0::/29 MATCH 0
> -2a0b:2040::/29 MATCH 0
> -199.185.136.0/23 miss 0
> -199.185.178.0/24 miss 0
> -199.185.230.0/23 miss 0
> -204.174.115.0/24 miss 0
> -204.209.252.0/24 miss 0
> -204.209.253.0/24 miss 0
> -2620:3d:c000::/48 miss 0
> +82.130.64.0/18 MATCH
> +86.119.0.0/16 MATCH
> +89.206.64.0/18 MATCH
> +128.178.0.0/15 MATCH
> +129.129.0.0/16 MATCH
> +129.132.0.0/16 MATCH
> +129.194.0.0/15 MATCH
> +130.59.0.0/16 MATCH
> +130.60.0.0/16 MATCH
> +130.82.0.0/16 MATCH
> +130.92.0.0/16 MATCH
> +130.125.0.0/16 MATCH
> +130.223.0.0/16 MATCH
> +131.152.0.0/16 MATCH
> +134.21.0.0/16 MATCH
> +138.131.0.0/16 MATCH
> +141.249.0.0/16 MATCH
> +144.200.0.0/16 MATCH
> +146.136.0.0/16 MATCH
> +147.86.0.0/16 MATCH
> +147.87.0.0/16 MATCH
> +147.88.0.0/16 MATCH
> +148.187.0.0/16 MATCH
> +148.196.0.0/16 MATCH
> +152.88.0.0/16 MATCH
> +152.96.0.0/16 MATCH
> +153.109.0.0/16 MATCH
> +155.105.0.0/16 MATCH
> +155.228.0.0/16 MATCH
> +156.25.0.0/16 MATCH
> +156.135.0.0/21 MATCH
> +156.135.12.0/22 MATCH
> +156.135.16.0/21 MATCH
> +156.135.28.0/22 MATCH
> +156.135.32.0/19 MATCH
> +156.135.64.0/18 MATCH
> +156.135.128.0/17 MATCH
> +157.26.0.0/16 MATCH
> +160.85.0.0/16 MATCH
> +160.98.0.0/16 MATCH
> +161.62.0.0/16 MATCH
> +185.51.68.0/22 MATCH
> +185.133.44.0/22 MATCH
> +185.144.36.0/22 MATCH
> +185.194.180.0/22 MATCH
> +185.225.92.0/22 MATCH
> +192.12.247.0/24 MATCH
> +192.26.28.0/22 MATCH
> +192.26.32.0/21 MATCH
> +192.26.40.0/22 MATCH
> +192.26.44.0/24 MATCH
> +192.26.46.0/23 MATCH
> +192.33.87.0/24 MATCH
> +192.33.88.0/21 MATCH
> +192.33.96.0/21 MATCH
> +192.33.104.0/22 MATCH
> +192.33.108.0/23 MATCH
> +192.33.110.0/24 MATCH
> +192.33.118.0/23 MATCH
> +192.33.120.0/21 MATCH
> +192.33.192.0/19 MATCH
> +192.33.224.0/21 MATCH
> +192.41.132.0/22 MATCH
> +192.41.136.0/24 MATCH
> +192.41.149.0/24 MATCH
> +192.41.150.0/23 MATCH
> +192.41.152.0/21 MATCH
> +192.41.160.0/24 MATCH
> +192.42.42.0/23 MATCH
> +192.42.44.0/22 MATCH
> +192.42.180.0/22 MATCH
> +192.42.184.0/21 MATCH
> +192.42.192.0/21 MATCH
> +192.42.200.0/23 MATCH
> +192.43.192.0/22 MATCH
> +192.43.196.0/24 MATCH
> +192.47.244.0/22 MATCH
> +192.47.248.0/23 MATCH
> +192.65.92.0/23 MATCH
> +192.101.176.0/24 MATCH
> +192.135.150.0/23 MATCH
> +192.135.151.0/24 MATCH
> +192.135.152.0/21 MATCH
> +192.152.98.0/24 MATCH
> +193.5.22.0/24 MATCH
> +193.5.26.0/23 MATCH
> +193.5.54.0/23 MATCH
> +193.5.58.0/24 MATCH
> +193.5.60.0/24 MATCH
> +193.5.80.0/21 MATCH
> +193.5.152.0/22 MATCH
> +193.5.168.0/22 MATCH
> +193.5.180.0/24 MATCH
> +193.5.182.0/24 MATCH
> +193.5.186.0/24 MATCH
> +193.5.188.0/24 MATCH
> +193.8.136.0/23 MATCH
> +193.36.32.0/24 MATCH
> +193.73.125.0/24 MATCH
> +193.134.200.0/21 MATCH
> +193.134.216.0/21 MATCH
> +193.135.168.0/22 MATCH
> +193.135.172.0/24 MATCH
> +193.135.240.0/21 MATCH
> +193.138.69.0/24 MATCH
> +193.222.112.0/20 MATCH
> +193.222.241.0/24 MATCH
> +193.222.242.0/23 MATCH
> +193.222.244.0/22 MATCH
> +193.222.248.0/23 MATCH
> +193.222.250.0/24 MATCH
> +193.246.121.0/24 MATCH
> +193.246.124.0/23 MATCH
> +193.246.176.0/20 MATCH
> +193.247.190.0/23 MATCH
> +193.247.203.0/24 MATCH
> +193.247.240.0/22 MATCH
> +193.247.248.0/23 MATCH
> +193.247.254.0/24 MATCH
> +194.153.96.0/24 MATCH
> +195.176.0.0/17 MATCH
> +195.176.160.0/19 MATCH
> +195.176.224.0/19 MATCH
> +198.21.18.0/24 miss
> +2001:620::/29 MATCH
> +2001:620::/32 MATCH
> +2001:678:678::/48 MATCH
> +2001:67c:10ec::/48 MATCH
> +2001:67c:13c0::/48 MATCH
> +2001:67c:16dc::/48 MATCH
> +2a02:7dc0::/32 MATCH
> +2a07:290a::/32 MATCH
> +2a07:3e00::/29 MATCH
> +2a07:6b40::/29 MATCH
> +2a0a:4ec0::/29 MATCH
> +2a0b:2040::/29 MATCH
> +199.185.136.0/23 miss
> +199.185.178.0/24 miss
> +199.185.230.0/23 miss
> +204.174.115.0/24 miss
> +204.209.252.0/24 miss
> +204.209.253.0/24 miss
> +2620:3d:c000::/48 miss
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.4.check
> ===================================================================
> RCS file: /cvs/src/regress/usr.sbin/bgpd/unittests/rde_trie_test.4.check,v
> retrieving revision 1.1
> diff -u -p -r1.1 rde_trie_test.4.check
> --- regress/usr.sbin/bgpd/unittests/rde_trie_test.4.check 11 Sep 2018
> 08:55:49 -0000 1.1
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.4.check 14 Sep 2018
> 14:10:05 -0000
> @@ -1,148 +1,148 @@
> -23.128.23.0/28 1
> -23.128.23.16/28 1
> -23.128.23.192/28 1
> -82.130.64.0/18 1
> -86.119.0.0/16 1
> -89.206.64.0/18 1
> -128.178.0.0/15 1
> -129.129.0.0/16 1
> -129.132.0.0/16 1
> -129.194.0.0/15 1
> -130.59.0.0/16 1
> -130.60.0.0/16 1
> -130.82.0.0/16 1
> -130.92.0.0/16 1
> -130.125.0.0/16 1
> -130.223.0.0/16 1
> -131.152.0.0/16 1
> -134.21.0.0/16 1
> -138.131.0.0/16 1
> -141.249.0.0/16 1
> -144.200.0.0/16 1
> -146.136.0.0/16 1
> -147.86.0.0/16 1
> -147.87.0.0/16 1
> -147.88.0.0/16 1
> -148.187.0.0/16 1
> -148.196.0.0/16 1
> -152.88.0.0/16 1
> -152.96.0.0/16 1
> -153.109.0.0/16 1
> -155.105.0.0/16 1
> -155.228.0.0/16 1
> -156.25.0.0/16 1
> -156.135.0.0/21 1
> -156.135.12.0/22 1
> -156.135.16.0/21 1
> -156.135.28.0/22 1
> -156.135.32.0/19 1
> -156.135.64.0/18 1
> -156.135.128.0/17 1
> -157.26.0.0/16 1
> -160.85.0.0/16 1
> -160.98.0.0/16 1
> -161.62.0.0/16 1
> -185.51.68.0/22 1
> -185.133.44.0/22 1
> -185.144.36.0/22 1
> -185.194.180.0/22 1
> -185.225.92.0/22 1
> -192.12.247.0/24 1
> -192.26.28.0/22 1
> -192.26.32.0/21 1
> -192.26.40.0/22 1
> -192.26.44.0/24 1
> -192.26.46.0/23 1
> -192.33.87.0/24 1
> -192.33.88.0/21 1
> -192.33.96.0/21 1
> -192.33.104.0/22 1
> -192.33.108.0/23 1
> -192.33.110.0/24 1
> -192.33.118.0/23 1
> -192.33.120.0/21 1
> -192.33.192.0/19 1
> -192.33.224.0/21 1
> -192.41.132.0/22 1
> -192.41.136.0/24 1
> -192.41.149.0/24 1
> -192.41.150.0/23 1
> -192.41.152.0/21 1
> -192.41.160.0/24 1
> -192.42.42.0/23 1
> -192.42.44.0/22 1
> -192.42.180.0/22 1
> -192.42.184.0/21 1
> -192.42.192.0/21 1
> -192.42.200.0/23 1
> -192.43.192.0/22 1
> -192.43.196.0/24 1
> -192.47.244.0/22 1
> -192.47.248.0/23 1
> -192.65.92.0/23 1
> -192.101.176.0/24 1
> -192.135.150.0/23 1
> -192.135.151.0/24 1
> -192.135.152.0/21 1
> -192.152.98.0/24 1
> -193.5.22.0/24 1
> -193.5.26.0/23 1
> -193.5.54.0/23 1
> -193.5.58.0/24 1
> -193.5.60.0/24 1
> -193.5.80.0/21 1
> -193.5.152.0/22 1
> -193.5.168.0/22 1
> -193.5.180.0/24 1
> -193.5.182.0/24 1
> -193.5.186.0/24 1
> -193.5.188.0/24 1
> -193.8.136.0/23 1
> -193.36.32.0/24 1
> -193.73.125.0/24 1
> -193.134.200.0/21 1
> -193.134.216.0/21 1
> -193.135.168.0/22 1
> -193.135.172.0/24 1
> -193.135.240.0/21 1
> -193.138.69.0/24 1
> -193.222.112.0/20 1
> -193.222.241.0/24 1
> -193.222.242.0/23 1
> -193.222.244.0/22 1
> -193.222.248.0/23 1
> -193.222.250.0/24 1
> -193.246.121.0/24 1
> -193.246.124.0/23 1
> -193.246.176.0/20 1
> -193.247.190.0/23 1
> -193.247.203.0/24 1
> -193.247.240.0/22 1
> -193.247.248.0/23 1
> -193.247.254.0/24 1
> -194.153.96.0/24 1
> -195.176.0.0/17 1
> -195.176.160.0/19 1
> -195.176.224.0/19 1
> -198.21.18.0/24 1
> -2001:620::/29 1
> -2001:620::/32 1
> -2001:678:678::/48 1
> -2001:67c:10ec::/48 1
> -2001:67c:13c0::/48 1
> -2001:67c:16dc::/48 1
> -2a02:7dc0::/32 1
> -2a07:290a::/32 1
> -2a07:3e00::/29 1
> -2a07:6b40::/29 1
> -2a0a:4ec0::/29 1
> -2a0b:2040::/29 1
> -199.185.136.0/23 1
> -199.185.178.0/24 1
> -199.185.230.0/23 1
> -204.174.115.0/24 1
> -204.209.252.0/24 1
> -204.209.253.0/24 1
> -2620:3d:c000::/48 1
> -2a0c:fffe::2/127 1 1
> -2a0c:fffd::/127 1
> \ No newline at end of file
> +23.128.23.0/28
> +23.128.23.16/28
> +23.128.23.192/28
> +82.130.64.0/18
> +86.119.0.0/16
> +89.206.64.0/18
> +128.178.0.0/15
> +129.129.0.0/16
> +129.132.0.0/16
> +129.194.0.0/15
> +130.59.0.0/16
> +130.60.0.0/16
> +130.82.0.0/16
> +130.92.0.0/16
> +130.125.0.0/16
> +130.223.0.0/16
> +131.152.0.0/16
> +134.21.0.0/16
> +138.131.0.0/16
> +141.249.0.0/16
> +144.200.0.0/16
> +146.136.0.0/16
> +147.86.0.0/16
> +147.87.0.0/16
> +147.88.0.0/16
> +148.187.0.0/16
> +148.196.0.0/16
> +152.88.0.0/16
> +152.96.0.0/16
> +153.109.0.0/16
> +155.105.0.0/16
> +155.228.0.0/16
> +156.25.0.0/16
> +156.135.0.0/21
> +156.135.12.0/22
> +156.135.16.0/21
> +156.135.28.0/22
> +156.135.32.0/19
> +156.135.64.0/18
> +156.135.128.0/17
> +157.26.0.0/16
> +160.85.0.0/16
> +160.98.0.0/16
> +161.62.0.0/16
> +185.51.68.0/22
> +185.133.44.0/22
> +185.144.36.0/22
> +185.194.180.0/22
> +185.225.92.0/22
> +192.12.247.0/24
> +192.26.28.0/22
> +192.26.32.0/21
> +192.26.40.0/22
> +192.26.44.0/24
> +192.26.46.0/23
> +192.33.87.0/24
> +192.33.88.0/21
> +192.33.96.0/21
> +192.33.104.0/22
> +192.33.108.0/23
> +192.33.110.0/24
> +192.33.118.0/23
> +192.33.120.0/21
> +192.33.192.0/19
> +192.33.224.0/21
> +192.41.132.0/22
> +192.41.136.0/24
> +192.41.149.0/24
> +192.41.150.0/23
> +192.41.152.0/21
> +192.41.160.0/24
> +192.42.42.0/23
> +192.42.44.0/22
> +192.42.180.0/22
> +192.42.184.0/21
> +192.42.192.0/21
> +192.42.200.0/23
> +192.43.192.0/22
> +192.43.196.0/24
> +192.47.244.0/22
> +192.47.248.0/23
> +192.65.92.0/23
> +192.101.176.0/24
> +192.135.150.0/23
> +192.135.151.0/24
> +192.135.152.0/21
> +192.152.98.0/24
> +193.5.22.0/24
> +193.5.26.0/23
> +193.5.54.0/23
> +193.5.58.0/24
> +193.5.60.0/24
> +193.5.80.0/21
> +193.5.152.0/22
> +193.5.168.0/22
> +193.5.180.0/24
> +193.5.182.0/24
> +193.5.186.0/24
> +193.5.188.0/24
> +193.8.136.0/23
> +193.36.32.0/24
> +193.73.125.0/24
> +193.134.200.0/21
> +193.134.216.0/21
> +193.135.168.0/22
> +193.135.172.0/24
> +193.135.240.0/21
> +193.138.69.0/24
> +193.222.112.0/20
> +193.222.241.0/24
> +193.222.242.0/23
> +193.222.244.0/22
> +193.222.248.0/23
> +193.222.250.0/24
> +193.246.121.0/24
> +193.246.124.0/23
> +193.246.176.0/20
> +193.247.190.0/23
> +193.247.203.0/24
> +193.247.240.0/22
> +193.247.248.0/23
> +193.247.254.0/24
> +194.153.96.0/24
> +195.176.0.0/17
> +195.176.160.0/19
> +195.176.224.0/19
> +198.21.18.0/24
> +2001:620::/29
> +2001:620::/32
> +2001:678:678::/48
> +2001:67c:10ec::/48
> +2001:67c:13c0::/48
> +2001:67c:16dc::/48
> +2a02:7dc0::/32
> +2a07:290a::/32
> +2a07:3e00::/29
> +2a07:6b40::/29
> +2a0a:4ec0::/29
> +2a0b:2040::/29
> +199.185.136.0/23
> +199.185.178.0/24
> +199.185.230.0/23
> +204.174.115.0/24
> +204.209.252.0/24
> +204.209.253.0/24
> +2620:3d:c000::/48
> +2a0c:fffe::2/127
> +2a0c:fffd::/127
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.4.out
> ===================================================================
> RCS file: /cvs/src/regress/usr.sbin/bgpd/unittests/rde_trie_test.4.out,v
> retrieving revision 1.1
> diff -u -p -r1.1 rde_trie_test.4.out
> --- regress/usr.sbin/bgpd/unittests/rde_trie_test.4.out 11 Sep 2018
> 08:55:49 -0000 1.1
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.4.out 14 Sep 2018
> 14:10:05 -0000
> @@ -1,148 +1,148 @@
> -23.128.23.0/28 MATCH 1
> -23.128.23.16/28 MATCH 1
> -23.128.23.192/28 miss 1
> -82.130.64.0/18 MATCH 1
> -86.119.0.0/16 MATCH 1
> -89.206.64.0/18 MATCH 1
> -128.178.0.0/15 MATCH 1
> -129.129.0.0/16 MATCH 1
> -129.132.0.0/16 MATCH 1
> -129.194.0.0/15 MATCH 1
> -130.59.0.0/16 MATCH 1
> -130.60.0.0/16 MATCH 1
> -130.82.0.0/16 MATCH 1
> -130.92.0.0/16 MATCH 1
> -130.125.0.0/16 MATCH 1
> -130.223.0.0/16 MATCH 1
> -131.152.0.0/16 MATCH 1
> -134.21.0.0/16 MATCH 1
> -138.131.0.0/16 MATCH 1
> -141.249.0.0/16 MATCH 1
> -144.200.0.0/16 MATCH 1
> -146.136.0.0/16 MATCH 1
> -147.86.0.0/16 MATCH 1
> -147.87.0.0/16 MATCH 1
> -147.88.0.0/16 MATCH 1
> -148.187.0.0/16 MATCH 1
> -148.196.0.0/16 MATCH 1
> -152.88.0.0/16 MATCH 1
> -152.96.0.0/16 MATCH 1
> -153.109.0.0/16 MATCH 1
> -155.105.0.0/16 MATCH 1
> -155.228.0.0/16 MATCH 1
> -156.25.0.0/16 MATCH 1
> -156.135.0.0/21 MATCH 1
> -156.135.12.0/22 MATCH 1
> -156.135.16.0/21 MATCH 1
> -156.135.28.0/22 MATCH 1
> -156.135.32.0/19 MATCH 1
> -156.135.64.0/18 MATCH 1
> -156.135.128.0/17 MATCH 1
> -157.26.0.0/16 MATCH 1
> -160.85.0.0/16 MATCH 1
> -160.98.0.0/16 MATCH 1
> -161.62.0.0/16 MATCH 1
> -185.51.68.0/22 MATCH 1
> -185.133.44.0/22 MATCH 1
> -185.144.36.0/22 MATCH 1
> -185.194.180.0/22 MATCH 1
> -185.225.92.0/22 MATCH 1
> -192.12.247.0/24 MATCH 1
> -192.26.28.0/22 MATCH 1
> -192.26.32.0/21 MATCH 1
> -192.26.40.0/22 MATCH 1
> -192.26.44.0/24 MATCH 1
> -192.26.46.0/23 MATCH 1
> -192.33.87.0/24 MATCH 1
> -192.33.88.0/21 MATCH 1
> -192.33.96.0/21 MATCH 1
> -192.33.104.0/22 MATCH 1
> -192.33.108.0/23 MATCH 1
> -192.33.110.0/24 MATCH 1
> -192.33.118.0/23 MATCH 1
> -192.33.120.0/21 MATCH 1
> -192.33.192.0/19 MATCH 1
> -192.33.224.0/21 MATCH 1
> -192.41.132.0/22 MATCH 1
> -192.41.136.0/24 MATCH 1
> -192.41.149.0/24 MATCH 1
> -192.41.150.0/23 MATCH 1
> -192.41.152.0/21 MATCH 1
> -192.41.160.0/24 MATCH 1
> -192.42.42.0/23 MATCH 1
> -192.42.44.0/22 MATCH 1
> -192.42.180.0/22 MATCH 1
> -192.42.184.0/21 MATCH 1
> -192.42.192.0/21 MATCH 1
> -192.42.200.0/23 MATCH 1
> -192.43.192.0/22 MATCH 1
> -192.43.196.0/24 MATCH 1
> -192.47.244.0/22 MATCH 1
> -192.47.248.0/23 MATCH 1
> -192.65.92.0/23 MATCH 1
> -192.101.176.0/24 MATCH 1
> -192.135.150.0/23 MATCH 1
> -192.135.151.0/24 MATCH 1
> -192.135.152.0/21 MATCH 1
> -192.152.98.0/24 MATCH 1
> -193.5.22.0/24 MATCH 1
> -193.5.26.0/23 MATCH 1
> -193.5.54.0/23 MATCH 1
> -193.5.58.0/24 MATCH 1
> -193.5.60.0/24 MATCH 1
> -193.5.80.0/21 MATCH 1
> -193.5.152.0/22 MATCH 1
> -193.5.168.0/22 MATCH 1
> -193.5.180.0/24 MATCH 1
> -193.5.182.0/24 MATCH 1
> -193.5.186.0/24 MATCH 1
> -193.5.188.0/24 MATCH 1
> -193.8.136.0/23 MATCH 1
> -193.36.32.0/24 MATCH 1
> -193.73.125.0/24 MATCH 1
> -193.134.200.0/21 MATCH 1
> -193.134.216.0/21 MATCH 1
> -193.135.168.0/22 MATCH 1
> -193.135.172.0/24 MATCH 1
> -193.135.240.0/21 MATCH 1
> -193.138.69.0/24 MATCH 1
> -193.222.112.0/20 MATCH 1
> -193.222.241.0/24 MATCH 1
> -193.222.242.0/23 MATCH 1
> -193.222.244.0/22 MATCH 1
> -193.222.248.0/23 MATCH 1
> -193.222.250.0/24 MATCH 1
> -193.246.121.0/24 MATCH 1
> -193.246.124.0/23 MATCH 1
> -193.246.176.0/20 MATCH 1
> -193.247.190.0/23 MATCH 1
> -193.247.203.0/24 MATCH 1
> -193.247.240.0/22 MATCH 1
> -193.247.248.0/23 MATCH 1
> -193.247.254.0/24 MATCH 1
> -194.153.96.0/24 MATCH 1
> -195.176.0.0/17 MATCH 1
> -195.176.160.0/19 MATCH 1
> -195.176.224.0/19 MATCH 1
> -198.21.18.0/24 miss 1
> -2001:620::/29 MATCH 1
> -2001:620::/32 MATCH 1
> -2001:678:678::/48 MATCH 1
> -2001:67c:10ec::/48 MATCH 1
> -2001:67c:13c0::/48 MATCH 1
> -2001:67c:16dc::/48 MATCH 1
> -2a02:7dc0::/32 MATCH 1
> -2a07:290a::/32 MATCH 1
> -2a07:3e00::/29 MATCH 1
> -2a07:6b40::/29 MATCH 1
> -2a0a:4ec0::/29 MATCH 1
> -2a0b:2040::/29 MATCH 1
> -199.185.136.0/23 miss 1
> -199.185.178.0/24 miss 1
> -199.185.230.0/23 miss 1
> -204.174.115.0/24 miss 1
> -204.209.252.0/24 miss 1
> -204.209.253.0/24 miss 1
> -2620:3d:c000::/48 miss 1
> -2a0c:fffe::2/127 MATCH 1
> -2a0c:fffd::/127 miss 1
> +23.128.23.0/28 MATCH
> +23.128.23.16/28 MATCH
> +23.128.23.192/28 miss
> +82.130.64.0/18 MATCH
> +86.119.0.0/16 MATCH
> +89.206.64.0/18 MATCH
> +128.178.0.0/15 MATCH
> +129.129.0.0/16 MATCH
> +129.132.0.0/16 MATCH
> +129.194.0.0/15 MATCH
> +130.59.0.0/16 MATCH
> +130.60.0.0/16 MATCH
> +130.82.0.0/16 MATCH
> +130.92.0.0/16 MATCH
> +130.125.0.0/16 MATCH
> +130.223.0.0/16 MATCH
> +131.152.0.0/16 MATCH
> +134.21.0.0/16 MATCH
> +138.131.0.0/16 MATCH
> +141.249.0.0/16 MATCH
> +144.200.0.0/16 MATCH
> +146.136.0.0/16 MATCH
> +147.86.0.0/16 MATCH
> +147.87.0.0/16 MATCH
> +147.88.0.0/16 MATCH
> +148.187.0.0/16 MATCH
> +148.196.0.0/16 MATCH
> +152.88.0.0/16 MATCH
> +152.96.0.0/16 MATCH
> +153.109.0.0/16 MATCH
> +155.105.0.0/16 MATCH
> +155.228.0.0/16 MATCH
> +156.25.0.0/16 MATCH
> +156.135.0.0/21 MATCH
> +156.135.12.0/22 MATCH
> +156.135.16.0/21 MATCH
> +156.135.28.0/22 MATCH
> +156.135.32.0/19 MATCH
> +156.135.64.0/18 MATCH
> +156.135.128.0/17 MATCH
> +157.26.0.0/16 MATCH
> +160.85.0.0/16 MATCH
> +160.98.0.0/16 MATCH
> +161.62.0.0/16 MATCH
> +185.51.68.0/22 MATCH
> +185.133.44.0/22 MATCH
> +185.144.36.0/22 MATCH
> +185.194.180.0/22 MATCH
> +185.225.92.0/22 MATCH
> +192.12.247.0/24 MATCH
> +192.26.28.0/22 MATCH
> +192.26.32.0/21 MATCH
> +192.26.40.0/22 MATCH
> +192.26.44.0/24 MATCH
> +192.26.46.0/23 MATCH
> +192.33.87.0/24 MATCH
> +192.33.88.0/21 MATCH
> +192.33.96.0/21 MATCH
> +192.33.104.0/22 MATCH
> +192.33.108.0/23 MATCH
> +192.33.110.0/24 MATCH
> +192.33.118.0/23 MATCH
> +192.33.120.0/21 MATCH
> +192.33.192.0/19 MATCH
> +192.33.224.0/21 MATCH
> +192.41.132.0/22 MATCH
> +192.41.136.0/24 MATCH
> +192.41.149.0/24 MATCH
> +192.41.150.0/23 MATCH
> +192.41.152.0/21 MATCH
> +192.41.160.0/24 MATCH
> +192.42.42.0/23 MATCH
> +192.42.44.0/22 MATCH
> +192.42.180.0/22 MATCH
> +192.42.184.0/21 MATCH
> +192.42.192.0/21 MATCH
> +192.42.200.0/23 MATCH
> +192.43.192.0/22 MATCH
> +192.43.196.0/24 MATCH
> +192.47.244.0/22 MATCH
> +192.47.248.0/23 MATCH
> +192.65.92.0/23 MATCH
> +192.101.176.0/24 MATCH
> +192.135.150.0/23 MATCH
> +192.135.151.0/24 MATCH
> +192.135.152.0/21 MATCH
> +192.152.98.0/24 MATCH
> +193.5.22.0/24 MATCH
> +193.5.26.0/23 MATCH
> +193.5.54.0/23 MATCH
> +193.5.58.0/24 MATCH
> +193.5.60.0/24 MATCH
> +193.5.80.0/21 MATCH
> +193.5.152.0/22 MATCH
> +193.5.168.0/22 MATCH
> +193.5.180.0/24 MATCH
> +193.5.182.0/24 MATCH
> +193.5.186.0/24 MATCH
> +193.5.188.0/24 MATCH
> +193.8.136.0/23 MATCH
> +193.36.32.0/24 MATCH
> +193.73.125.0/24 MATCH
> +193.134.200.0/21 MATCH
> +193.134.216.0/21 MATCH
> +193.135.168.0/22 MATCH
> +193.135.172.0/24 MATCH
> +193.135.240.0/21 MATCH
> +193.138.69.0/24 MATCH
> +193.222.112.0/20 MATCH
> +193.222.241.0/24 MATCH
> +193.222.242.0/23 MATCH
> +193.222.244.0/22 MATCH
> +193.222.248.0/23 MATCH
> +193.222.250.0/24 MATCH
> +193.246.121.0/24 MATCH
> +193.246.124.0/23 MATCH
> +193.246.176.0/20 MATCH
> +193.247.190.0/23 MATCH
> +193.247.203.0/24 MATCH
> +193.247.240.0/22 MATCH
> +193.247.248.0/23 MATCH
> +193.247.254.0/24 MATCH
> +194.153.96.0/24 MATCH
> +195.176.0.0/17 MATCH
> +195.176.160.0/19 MATCH
> +195.176.224.0/19 MATCH
> +198.21.18.0/24 miss
> +2001:620::/29 MATCH
> +2001:620::/32 MATCH
> +2001:678:678::/48 MATCH
> +2001:67c:10ec::/48 MATCH
> +2001:67c:13c0::/48 MATCH
> +2001:67c:16dc::/48 MATCH
> +2a02:7dc0::/32 MATCH
> +2a07:290a::/32 MATCH
> +2a07:3e00::/29 MATCH
> +2a07:6b40::/29 MATCH
> +2a0a:4ec0::/29 MATCH
> +2a0b:2040::/29 MATCH
> +199.185.136.0/23 miss
> +199.185.178.0/24 miss
> +199.185.230.0/23 miss
> +204.174.115.0/24 miss
> +204.209.252.0/24 miss
> +204.209.253.0/24 miss
> +2620:3d:c000::/48 miss
> +2a0c:fffe::2/127 MATCH
> +2a0c:fffd::/127 miss
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.5.check
> ===================================================================
> RCS file: regress/usr.sbin/bgpd/unittests/rde_trie_test.5.check
> diff -N regress/usr.sbin/bgpd/unittests/rde_trie_test.5.check
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.5.check 14 Sep 2018
> 14:10:05 -0000
> @@ -0,0 +1,37 @@
> +2a01:c00::/24 source-as 6805
> +2a01:c00::/24 source-as 42
> +2a01:c00::/26 source-as 6805
> +2a01:c00::/26 source-as 42
> +2a01:c00::/28 source-as 6805
> +2a01:c00::/28 source-as 42
> +2a01:c50::/28 source-as 12479
> +2a01:c500::/31 source-as 12479
> +2a01:c500::/32 source-as 12479
> +2a01:c500::/42 source-as 12479
> +2a01:c500::/42 source-as 6805
> +2a01:c500::/42 source-as 42
> +2a01:c500::/46 source-as 12479
> +2a01:c500::/48 source-as 12479
> +2a01:c500::/48 source-as 6805
> +2a01:c500::/48 source-as 42
> +80.128.0.0/11
> +80.128.0.0/11 source-as 3320
> +80.128.0.0/11 source-as 42
> +80.128.0.0/12 source-as 3320
> +80.128.0.0/12 source-as 42
> +80.128.0.0/13 source-as 3320
> +80.128.0.0/13 source-as 42
> +80.144.0.0/13 source-as 3320
> +80.144.0.0/14 source-as 3320
> +80.157.16.0/20 source-as 3320
> +80.157.16.0/21 source-as 3320
> +80.158.0.0/17 source-as 34086
> +80.158.120.0/21 source-as 34086
> +80.158.0.0/17 source-as 3320
> +80.158.120.0/21 source-as 42
> +80.159.224.0/19 source-as 2792
> +80.159.225.0/24 source-as 2792
> +80.159.224.0/19 source-as 3320
> +80.159.225.0/24 source-as 3320
> +80.159.224.0/19 source-as 42
> +80.159.225.0/24 source-as 42
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.5.in
> ===================================================================
> RCS file: regress/usr.sbin/bgpd/unittests/rde_trie_test.5.in
> diff -N regress/usr.sbin/bgpd/unittests/rde_trie_test.5.in
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.5.in 14 Sep 2018
> 14:10:05 -0000
> @@ -0,0 +1,47 @@
> +source-as 6805
> +prefix 2a01:c00::/26
> +source-as 12479 maxlen 46
> +prefix 2a01:c500::/28
> +source-as 12479 maxlen 42
> +prefix 2a01:c500::/31
> +source-as 3215 maxlen 48
> +prefix 2a01:c910::/29
> +source-as 51964 maxlen 48
> +prefix 2a01:ce80::/26
> +source-as 20603 maxlen 48
> +prefix 2a01:cf00::/40
> +source-as 2278 maxlen 48
> +prefix 2a01:cf00::/42
> +source-as 2278
> +prefix 2a01:cf00:f::/48
> +source-as 12322 maxlen 32
> +prefix 2a01:e00::/26
> +source-as 12322
> +prefix 2a01:e00::/32
> +source-as 12322
> +prefix 2a01:e01::/32
> +source-as 12322
> +prefix 2a01:e02::/32
> +source-as 12322
> +prefix 2a01:e0a::/38
> +source-as 0 maxlen 11
> +source-as 3320
> +prefix 80.128.0.0/11
> +source-as 3320
> +prefix 80.128.0.0/12
> +source-as 3320
> +prefix 80.144.0.0/13
> +source-as 3320
> +prefix 80.152.0.0/14
> +source-as 3320
> +prefix 80.156.0.0/16
> +source-as 3320
> +prefix 80.157.0.0/16
> +source-as 3320
> +prefix 80.157.16.0/20
> +source-as 3320
> +prefix 80.157.8.0/21
> +source-as 34086 maxlen 21
> +prefix 80.158.0.0/17
> +source-as 2792 maxlen 24
> +prefix 80.159.224.0/19
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.5.out
> ===================================================================
> RCS file: regress/usr.sbin/bgpd/unittests/rde_trie_test.5.out
> diff -N regress/usr.sbin/bgpd/unittests/rde_trie_test.5.out
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.5.out 14 Sep 2018
> 14:10:05 -0000
> @@ -0,0 +1,37 @@
> +2a01:c00::/24 source-as 6805 is not found
> +2a01:c00::/24 source-as 42 is not found
> +2a01:c00::/26 source-as 6805 is VALID
> +2a01:c00::/26 source-as 42 is invalid
> +2a01:c00::/28 source-as 6805 is invalid
> +2a01:c00::/28 source-as 42 is invalid
> +2a01:c50::/28 source-as 12479 is not found
> +2a01:c500::/31 source-as 12479 is VALID
> +2a01:c500::/32 source-as 12479 is VALID
> +2a01:c500::/42 source-as 12479 is VALID
> +2a01:c500::/42 source-as 6805 is invalid
> +2a01:c500::/42 source-as 42 is invalid
> +2a01:c500::/46 source-as 12479 is VALID
> +2a01:c500::/48 source-as 12479 is invalid
> +2a01:c500::/48 source-as 6805 is invalid
> +2a01:c500::/48 source-as 42 is invalid
> +80.128.0.0/11 source-as 0 is invalid
> +80.128.0.0/11 source-as 3320 is invalid
> +80.128.0.0/11 source-as 42 is invalid
> +80.128.0.0/12 source-as 3320 is invalid
> +80.128.0.0/12 source-as 42 is invalid
> +80.128.0.0/13 source-as 3320 is invalid
> +80.128.0.0/13 source-as 42 is invalid
> +80.144.0.0/13 source-as 3320 is invalid
> +80.144.0.0/14 source-as 3320 is invalid
> +80.157.16.0/20 source-as 3320 is invalid
> +80.157.16.0/21 source-as 3320 is invalid
> +80.158.0.0/17 source-as 34086 is VALID
> +80.158.120.0/21 source-as 34086 is VALID
> +80.158.0.0/17 source-as 3320 is invalid
> +80.158.120.0/21 source-as 42 is invalid
> +80.159.224.0/19 source-as 2792 is VALID
> +80.159.225.0/24 source-as 2792 is VALID
> +80.159.224.0/19 source-as 3320 is invalid
> +80.159.225.0/24 source-as 3320 is invalid
> +80.159.224.0/19 source-as 42 is invalid
> +80.159.225.0/24 source-as 42 is invalid
> Index: regress/usr.sbin/bgpd/unittests/rde_trie_test.c
> ===================================================================
> RCS file: /cvs/src/regress/usr.sbin/bgpd/unittests/rde_trie_test.c,v
> retrieving revision 1.3
> diff -u -p -r1.3 rde_trie_test.c
> --- regress/usr.sbin/bgpd/unittests/rde_trie_test.c 10 Sep 2018 20:51:59
> -0000 1.3
> +++ regress/usr.sbin/bgpd/unittests/rde_trie_test.c 14 Sep 2018 14:10:05
> -0000
> @@ -20,6 +20,7 @@
> #include <sys/socket.h>
>
> #include <err.h>
> +#include <limits.h>
> #include <netdb.h>
> #include <string.h>
> #include <stdlib.h>
> @@ -30,9 +31,11 @@
> #include "bgpd.h"
> #include "rde.h"
>
> +int roa;
> +int orlonger;
>
> static int
> -host_v4(const char *s, struct bgpd_addr *h, u_int8_t *len, int *orl)
> +host_v4(const char *s, struct bgpd_addr *h, u_int8_t *len)
> {
> struct in_addr ina = { 0 };
> int bits = 32;
> @@ -52,7 +55,7 @@ host_v4(const char *s, struct bgpd_addr
> }
>
> static int
> -host_v6(const char *s, struct bgpd_addr *h, u_int8_t *len, int *orl)
> +host_v6(const char *s, struct bgpd_addr *h, u_int8_t *len)
> {
> struct addrinfo hints, *res;
> const char *errstr;
> @@ -85,21 +88,11 @@ host_v6(const char *s, struct bgpd_addr
> }
>
> static int
> -host_l(char *s, struct bgpd_addr *h, u_int8_t *len, int *orl)
> +host_l(char *s, struct bgpd_addr *h, u_int8_t *len)
> {
> - char *c, *t;
> -
> - *orl = 0;
> - if ((c = strchr(s, '\t')) != NULL) {
> - if (c[1] == '1') {
> - *orl = 1;
> - }
> - *c = '\0';
> - }
> -
> - if (host_v4(s, h, len, orl))
> + if (host_v4(s, h, len))
> return (1);
> - if (host_v6(s, h, len, orl))
> + if (host_v6(s, h, len))
> return (1);
> return (0);
> }
> @@ -127,34 +120,31 @@ parse_file(FILE *in, struct trie_head *t
> const char *errstr;
> char *line, *s;
> struct bgpd_addr prefix;
> - u_int8_t plen, min, max, maskmax;
> - int foo;
> + u_int8_t plen;
>
> while ((line = fparseln(in, NULL, NULL, NULL, FPARSELN_UNESCALL))) {
> int state = 0;
> - while ((s = strsep(&line, " \t"))) {
> + u_int8_t min = 255, max = 255, maskmax = 0;
> +
> + while ((s = strsep(&line, " \t\n"))) {
> if (*s == '\0')
> - break;
> + continue;
> switch (state) {
> case 0:
> - if (!host_l(s, &prefix, &plen, &foo))
> - errx(1, "could not parse prefix \"%s\"",
> - s);
> - break;
> - case 1:
> + if (!host_l(s, &prefix, &plen))
> + errx(1, "%s: could not parse "
> + "prefix \"%s\"", __func__, s);
> if (prefix.aid == AID_INET6)
> maskmax = 128;
> else
> maskmax = 32;
> + break;
> + case 1:
> min = strtonum(s, 0, maskmax, &errstr);
> if (errstr != NULL)
> errx(1, "min is %s: %s", errstr, s);
> break;
> case 2:
> - if (prefix.aid == AID_INET6)
> - maskmax = 128;
> - else
> - maskmax = 32;
> max = strtonum(s, 0, maskmax, &errstr);
> if (errstr != NULL)
> errx(1, "max is %s: %s", errstr, s);
> @@ -164,6 +154,12 @@ parse_file(FILE *in, struct trie_head *t
> }
> state++;
> }
> + if (state == 0)
> + continue;
> + if (max == 255)
> + max = maskmax;
> + if (min == 255)
> + min = plen;
>
> if (trie_add(th, &prefix, plen, min, max) != 0)
> errx(1, "trie_add(%s, %u, %u, %u) failed",
> @@ -174,21 +170,142 @@ parse_file(FILE *in, struct trie_head *t
> }
>
> static void
> +parse_roa_file(FILE *in, struct trie_head *th)
> +{
> + const char *errstr;
> + char *line, *s;
> + struct as_set *aset = NULL;
> + struct roa_set rs;
> + struct bgpd_addr prefix;
> + u_int8_t plen;
> +
> + while ((line = fparseln(in, NULL, NULL, NULL, FPARSELN_UNESCALL))) {
> + int state = 0;
> + u_int32_t as;
> + u_int8_t max = 0;
> +
> + while ((s = strsep(&line, " \t\n"))) {
> + if (*s == '\0')
> + continue;
> + if (strcmp(s, "source-as") == 0) {
> + state = 4;
> + continue;
> + }
> + if (strcmp(s, "maxlen") == 0) {
> + state = 2;
> + continue;
> + }
> + if (strcmp(s, "prefix") == 0) {
> + state = 0;
> + continue;
> + }
> + switch (state) {
> + case 0:
> + if (!host_l(s, &prefix, &plen))
> + errx(1, "%s: could not parse "
> + "prefix \"%s\"", __func__, s);
> + break;
> + case 2:
> + max = strtonum(s, 0, 128, &errstr);
> + if (errstr != NULL)
> + errx(1, "max is %s: %s", errstr, s);
> + break;
> + case 4:
> + as = strtonum(s, 0, UINT_MAX, &errstr);
> + if (errstr != NULL)
> + errx(1, "source-as is %s: %s", errstr,
> + s);
> + break;
> + default:
> + errx(1, "could not parse \"%s\", confused", s);
> + }
> + }
> +
> + if (state == 0) {
> + as_set_prep(aset);
> + if (trie_roa_add(th, &prefix, plen, aset) != 0)
> + errx(1, "trie_roa_add(%s, %u) failed",
> + print_prefix(&prefix), plen);
> + aset = NULL;
> + } else {
> + if (aset == NULL) {
> + if ((aset = as_set_new("", 1, sizeof(rs))) ==
> + NULL)
> + err(1, "as_set_new");
> + }
> + rs.as = as;
> + rs.maxlen = max;
> + if (as_set_add(aset, &rs, 1) != 0)
> + err(1, "as_set_add");
> + }
> +
> + free(line);
> + }
> +}
> +
> +static void
> test_file(FILE *in, struct trie_head *th)
> {
> char *line;
> struct bgpd_addr prefix;
> u_int8_t plen;
> - int orlonger;
>
> while ((line = fparseln(in, NULL, NULL, NULL, FPARSELN_UNESCALL))) {
> - if (!host_l(line, &prefix, &plen, &orlonger))
> - errx(1, "could not parse prefix \"%s\"", line);
> - printf("%s ", line);
> + if (!host_l(line, &prefix, &plen))
> + errx(1, "%s: could not parse prefix \"%s\"",
> + __func__, line);
> + printf("%s/%u ", print_prefix(&prefix), plen);
> if (trie_match(th, &prefix, plen, orlonger))
> - printf("MATCH %i\n", orlonger);
> + printf("MATCH\n");
> else
> - printf("miss %i\n", orlonger);
> + printf("miss\n");
> + free(line);
> + }
> +}
> +
> +static void
> +test_roa_file(FILE *in, struct trie_head *th)
> +{
> + const char *errstr;
> + char *line, *s;
> + struct bgpd_addr prefix;
> + u_int8_t plen;
> + u_int32_t as;
> + int r;
> +
> + while ((line = fparseln(in, NULL, NULL, NULL, FPARSELN_UNESCALL))) {
> + s = strchr(line, ' ');
> + if (s)
> + *s++ = '\0';
> + if (!host_l(line, &prefix, &plen))
> + errx(1, "%s: could not parse prefix \"%s\"",
> + __func__, line);
> + if (s)
> + s = strstr(s, "source-as");
> + if (s) {
> + s += strlen("source-as");
> + as = strtonum(s, 0, UINT_MAX, &errstr);
> + if (errstr != NULL)
> + errx(1, "source-as is %s: %s", errstr, s);
> + } else
> + as = 0;
> + printf("%s/%u source-as %u is ",
> + print_prefix(&prefix), plen, as);
> + r = trie_roa_check(th, &prefix, plen, as);
> + switch (r) {
> + case ROA_UNKNOWN:
> + printf("not found\n");
> + break;
> + case ROA_VALID:
> + printf("VALID\n");
> + break;
> + case ROA_INVALID:
> + printf("invalid\n");
> + break;
> + default:
> + printf("UNEXPECTED %d\n", r);
> + break;
> + }
> free(line);
> }
> }
> @@ -197,7 +314,7 @@ static void
> usage(void)
> {
> extern char *__progname;
> - fprintf(stderr, "usage: %s prefixfile testfile\n", __progname);
> + fprintf(stderr, "usage: %s [-or] prefixfile testfile\n", __progname);
> exit(1);
> }
>
> @@ -208,21 +325,43 @@ main(int argc, char **argv)
> FILE *in, *tin;
> int ch;
>
> - if (argc != 3)
> + while ((ch = getopt(argc, argv, "or")) != -1) {
> + switch (ch) {
> + case 'o':
> + orlonger = 1;
> + break;
> + case 'r':
> + roa = 1;
> + break;
> + default:
> + usage();
> + /* NOTREACHED */
> + }
> + }
> + argc -= optind;
> + argv += optind;
> +
> + if (argc != 2)
> usage();
>
> - in = fopen(argv[1], "r");
> + in = fopen(argv[0], "r");
> if (in == NULL)
> err(1, "fopen(%s)", argv[0]);
> - tin = fopen(argv[2], "r");
> + tin = fopen(argv[1], "r");
> if (tin == NULL)
> err(1, "fopen(%s)", argv[1]);
>
> - parse_file(in, &th);
> + if (roa)
> + parse_roa_file(in, &th);
> + else
> + parse_file(in, &th);
> /* trie_dump(&th); */
> if (trie_equal(&th, &th) == 0)
> errx(1, "trie_equal failure");
> - test_file(tin, &th);
> + if (roa)
> + test_roa_file(tin, &th);
> + else
> + test_file(tin, &th);
>
> trie_free(&th);
> }
>
