The portable version returns -1 in kr_init() because then the fd is
skipped in the poll loop. Now the problem is I changed this some time ago
to exit bgpd. I changed the function to pass the fd a pointer arg and so
the return -1 still works.
Additionally introduce a tcp_md5_unset() function which will be used by
the linux compat to unregister TCP MD5SUM keys from listening sockets when
a peer is removed.
Last but not least, remove the call to pfkey_remove() in session.c (the
session engine does not even have the pfkey socket to talk to) and also
use the right bgpd_config pointer in merge_peers (don't fall back to the
gloabl conf).
OK?
--
:wq Claudio
Index: bgpd.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/bgpd.c,v
retrieving revision 1.225
diff -u -p -r1.225 bgpd.c
--- bgpd.c 8 Aug 2019 11:33:08 -0000 1.225
+++ bgpd.c 30 Sep 2019 13:28:42 -0000
@@ -234,7 +234,7 @@ main(int argc, char *argv[])
imsg_init(ibuf_se, pipe_m2s[0]);
imsg_init(ibuf_rde, pipe_m2r[0]);
mrt_init(ibuf_rde, ibuf_se);
- if ((rfd = kr_init()) == -1)
+ if (kr_init(&rfd) == -1)
quit = 1;
keyfd = pfkey_init();
Index: bgpd.h
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/bgpd.h,v
retrieving revision 1.393
diff -u -p -r1.393 bgpd.h
--- bgpd.h 27 Sep 2019 10:33:06 -0000 1.393
+++ bgpd.h 30 Sep 2019 13:28:21 -0000
@@ -1185,7 +1185,7 @@ int prefixset_cmp(struct prefixset_item
RB_PROTOTYPE(prefixset_tree, prefixset_item, entry, prefixset_cmp);
/* kroute.c */
-int kr_init(void);
+int kr_init(int *);
int ktable_update(u_int, char *, int, u_int8_t);
void ktable_preload(void);
void ktable_postload(u_int8_t);
Index: kroute.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/kroute.c,v
retrieving revision 1.238
diff -u -p -r1.238 kroute.c
--- kroute.c 8 Aug 2019 20:06:29 -0000 1.238
+++ kroute.c 30 Sep 2019 13:28:13 -0000
@@ -213,7 +213,7 @@ RB_GENERATE(kif_tree, kif_node, entry, k
*/
int
-kr_init(void)
+kr_init(int *fd)
{
int opt = 0, rcvbuf, default_rcvbuf;
unsigned int tid = RTABLE_ANY;
@@ -257,7 +257,8 @@ kr_init(void)
if (fetchifs(0) == -1)
return (-1);
- return (kr_state.fd);
+ *fd = kr_state.fd;
+ return (0);
}
int
Index: pfkey.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/pfkey.c,v
retrieving revision 1.59
diff -u -p -r1.59 pfkey.c
--- pfkey.c 30 Sep 2019 12:10:38 -0000 1.59
+++ pfkey.c 30 Sep 2019 14:05:16 -0000
@@ -866,3 +866,9 @@ tcp_md5_listen(struct listen_addr *la, s
}
return 0;
}
+
+/* dummy function for portable */
+void
+tcp_md5_unset(struct bgpd_config *conf, struct peer *p)
+{
+}
Index: session.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/session.c,v
retrieving revision 1.391
diff -u -p -r1.391 session.c
--- session.c 30 Sep 2019 12:10:38 -0000 1.391
+++ session.c 30 Sep 2019 14:03:50 -0000
@@ -276,7 +276,7 @@ session_main(int debug, int verbose)
log_peer_warnx(&p->conf, "removed");
RB_REMOVE(peer_head, &conf->peers, p);
timer_remove_all(p);
- pfkey_remove(p);
+ tcp_md5_unset(conf, p);
free(p);
peer_cnt--;
continue;
@@ -3170,7 +3170,7 @@ merge_peers(struct bgpd_config *c, struc
{
struct peer *p, *np, *next;
- RB_FOREACH(p, peer_head, &conf->peers) {
+ RB_FOREACH(p, peer_head, &c->peers) {
/* templates are handled specially */
if (p->template != NULL)
continue;
@@ -3203,7 +3203,7 @@ merge_peers(struct bgpd_config *c, struc
/* apply the config to all clones of a template */
if (p->conf.template) {
struct peer *xp;
- RB_FOREACH(xp, peer_head, &conf->peers) {
+ RB_FOREACH(xp, peer_head, &c->peers) {
if (xp->template != p)
continue;
session_template_clone(xp, NULL, xp->conf.id,
@@ -3218,7 +3218,7 @@ merge_peers(struct bgpd_config *c, struc
/* pfkeys of new peers already loaded by the parent process */
RB_FOREACH_SAFE(np, peer_head, &nc->peers, next) {
RB_REMOVE(peer_head, &nc->peers, np);
- if (RB_INSERT(peer_head, &conf->peers, np) != NULL)
+ if (RB_INSERT(peer_head, &c->peers, np) != NULL)
fatalx("%s: peer tree is corrupt", __func__);
}
}
Index: session.h
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/session.h,v
retrieving revision 1.140
diff -u -p -r1.140 session.h
--- session.h 30 Sep 2019 12:10:38 -0000 1.140
+++ session.h 30 Sep 2019 14:05:40 -0000
@@ -286,6 +286,7 @@ int pfkey_init(void);
int tcp_md5_check(int, struct peer *);
int tcp_md5_set(int, struct peer *);
int tcp_md5_listen(struct listen_addr *, struct peer_head *);
+void tcp_md5_unset(struct bgpd_config *, struct peer *);
/* printconf.c */
void print_config(struct bgpd_config *, struct rib_names *);
