bgpd.c revision 1.110
1/* $OpenBSD: bgpd.c,v 1.110 2004/10/19 12:02:49 henning Exp $ */ 2 3/* 4 * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#include <sys/types.h> 20#include <sys/socket.h> 21#include <sys/wait.h> 22#include <netinet/in.h> 23#include <arpa/inet.h> 24#include <err.h> 25#include <errno.h> 26#include <fcntl.h> 27#include <poll.h> 28#include <pwd.h> 29#include <signal.h> 30#include <stdio.h> 31#include <stdlib.h> 32#include <string.h> 33#include <unistd.h> 34 35#include "mrt.h" 36#include "bgpd.h" 37#include "session.h" 38 39void sighdlr(int); 40void usage(void); 41int main(int, char *[]); 42int check_child(pid_t, const char *); 43int reconfigure(char *, struct bgpd_config *, struct mrt_head *, 44 struct peer **, struct filter_head *); 45int dispatch_imsg(struct imsgbuf *, int); 46 47int rfd = -1; 48volatile sig_atomic_t mrtdump = 0; 49volatile sig_atomic_t quit = 0; 50volatile sig_atomic_t reconfig = 0; 51volatile sig_atomic_t sigchld = 0; 52struct imsgbuf *ibuf_se; 53struct imsgbuf *ibuf_rde; 54 55void 56sighdlr(int sig) 57{ 58 switch (sig) { 59 case SIGTERM: 60 case SIGINT: 61 quit = 1; 62 break; 63 case SIGCHLD: 64 sigchld = 1; 65 break; 66 case SIGHUP: 67 reconfig = 1; 68 break; 69 case SIGALRM: 70 case SIGUSR1: 71 mrtdump = 1; 72 break; 73 } 74} 75 76void 77usage(void) 78{ 79 extern char *__progname; 80 81 fprintf(stderr, "usage: %s [-dnv] ", __progname); 82 fprintf(stderr, "[-D macro=value] [-f file]\n"); 83 exit(1); 84} 85 86#define PFD_PIPE_SESSION 0 87#define PFD_PIPE_ROUTE 1 88#define PFD_SOCK_ROUTE 2 89#define POLL_MAX 3 90#define MAX_TIMEOUT 3600 91 92int 93main(int argc, char *argv[]) 94{ 95 struct bgpd_config conf; 96 struct peer *peer_l, *p; 97 struct mrt_head mrt_l; 98 struct network_head net_l; 99 struct filter_head *rules_l; 100 struct network *net; 101 struct filter_rule *r; 102 struct mrt *m; 103 struct listen_addr *la; 104 struct pollfd pfd[POLL_MAX]; 105 pid_t io_pid = 0, rde_pid = 0, pid; 106 char *conffile; 107 int debug = 0; 108 int ch, nfds, timeout; 109 int pipe_m2s[2]; 110 int pipe_m2r[2]; 111 int pipe_s2r[2]; 112 113 conffile = CONFFILE; 114 bgpd_process = PROC_MAIN; 115 116 log_init(1); /* log to stderr until daemonized */ 117 118 if ((rules_l = calloc(1, sizeof(struct filter_head))) == NULL) 119 err(1, NULL); 120 121 bzero(&conf, sizeof(conf)); 122 LIST_INIT(&mrt_l); 123 TAILQ_INIT(&net_l); 124 TAILQ_INIT(rules_l); 125 peer_l = NULL; 126 127 while ((ch = getopt(argc, argv, "dD:f:nv")) != -1) { 128 switch (ch) { 129 case 'd': 130 debug = 1; 131 break; 132 case 'D': 133 if (cmdline_symset(optarg) < 0) 134 log_warnx("could not parse macro definition %s", 135 optarg); 136 break; 137 case 'f': 138 conffile = optarg; 139 break; 140 case 'n': 141 conf.opts |= BGPD_OPT_NOACTION; 142 break; 143 case 'v': 144 if (conf.opts & BGPD_OPT_VERBOSE) 145 conf.opts |= BGPD_OPT_VERBOSE2; 146 conf.opts |= BGPD_OPT_VERBOSE; 147 break; 148 default: 149 usage(); 150 /* NOTREACHED */ 151 } 152 } 153 154 if (parse_config(conffile, &conf, &mrt_l, &peer_l, &net_l, rules_l)) 155 exit(1); 156 157 if (conf.opts & BGPD_OPT_NOACTION) { 158 if (conf.opts & BGPD_OPT_VERBOSE) 159 print_config(&conf, &net_l, peer_l, rules_l, &mrt_l); 160 else 161 fprintf(stderr, "configuration OK\n"); 162 exit(0); 163 } 164 165 if (geteuid()) 166 errx(1, "need root privileges"); 167 168 if (getpwnam(BGPD_USER) == NULL) 169 errx(1, "unknown user %s", BGPD_USER); 170 endpwent(); 171 172 log_init(debug); 173 174 if (!debug) 175 daemon(1, 0); 176 177 log_info("startup"); 178 179 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe_m2s) == -1) 180 fatal("socketpair"); 181 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe_m2r) == -1) 182 fatal("socketpair"); 183 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe_s2r) == -1) 184 fatal("socketpair"); 185 session_socket_blockmode(pipe_m2s[0], BM_NONBLOCK); 186 session_socket_blockmode(pipe_m2s[1], BM_NONBLOCK); 187 session_socket_blockmode(pipe_m2r[0], BM_NONBLOCK); 188 session_socket_blockmode(pipe_m2r[1], BM_NONBLOCK); 189 session_socket_blockmode(pipe_s2r[0], BM_NONBLOCK); 190 session_socket_blockmode(pipe_s2r[1], BM_NONBLOCK); 191 192 prepare_listeners(&conf); 193 194 /* fork children */ 195 rde_pid = rde_main(&conf, peer_l, &net_l, rules_l, &mrt_l, 196 pipe_m2r, pipe_s2r, pipe_m2s); 197 io_pid = session_main(&conf, peer_l, &net_l, rules_l, &mrt_l, 198 pipe_m2s, pipe_s2r, pipe_m2r); 199 200 setproctitle("parent"); 201 202 signal(SIGTERM, sighdlr); 203 signal(SIGINT, sighdlr); 204 signal(SIGCHLD, sighdlr); 205 signal(SIGHUP, sighdlr); 206 signal(SIGALRM, sighdlr); 207 signal(SIGUSR1, sighdlr); 208 209 close(pipe_m2s[1]); 210 close(pipe_m2r[1]); 211 close(pipe_s2r[0]); 212 close(pipe_s2r[1]); 213 214 if ((ibuf_se = malloc(sizeof(struct imsgbuf))) == NULL || 215 (ibuf_rde = malloc(sizeof(struct imsgbuf))) == NULL) 216 fatal(NULL); 217 imsg_init(ibuf_se, pipe_m2s[0]); 218 imsg_init(ibuf_rde, pipe_m2r[0]); 219 mrt_init(ibuf_rde, ibuf_se); 220 if ((rfd = kr_init(!(conf.flags & BGPD_FLAG_NO_FIB_UPDATE))) == -1) 221 quit = 1; 222 if (pftable_clear_all() != 0) 223 quit = 1; 224 225 while ((net = TAILQ_FIRST(&net_l)) != NULL) { 226 TAILQ_REMOVE(&net_l, net, entry); 227 free(net); 228 } 229 230 while ((r = TAILQ_FIRST(rules_l)) != NULL) { 231 TAILQ_REMOVE(rules_l, r, entry); 232 free(r); 233 } 234 235 while ((la = TAILQ_FIRST(conf.listen_addrs)) != NULL) { 236 TAILQ_REMOVE(conf.listen_addrs, la, entry); 237 close(la->fd); 238 free(la); 239 } 240 241 mrt_reconfigure(&mrt_l); 242 243 while (quit == 0) { 244 pfd[PFD_PIPE_SESSION].fd = ibuf_se->fd; 245 pfd[PFD_PIPE_SESSION].events = POLLIN; 246 if (ibuf_se->w.queued) 247 pfd[PFD_PIPE_SESSION].events |= POLLOUT; 248 pfd[PFD_PIPE_ROUTE].fd = ibuf_rde->fd; 249 pfd[PFD_PIPE_ROUTE].events = POLLIN; 250 if (ibuf_rde->w.queued) 251 pfd[PFD_PIPE_ROUTE].events |= POLLOUT; 252 pfd[PFD_SOCK_ROUTE].fd = rfd; 253 pfd[PFD_SOCK_ROUTE].events = POLLIN; 254 255 timeout = mrt_timeout(&mrt_l); 256 if (timeout > MAX_TIMEOUT) 257 timeout = MAX_TIMEOUT; 258 259 if ((nfds = poll(pfd, POLL_MAX, timeout * 1000)) == -1) 260 if (errno != EINTR) { 261 log_warn("poll error"); 262 quit = 1; 263 } 264 265 if (nfds > 0 && (pfd[PFD_PIPE_SESSION].revents & POLLOUT)) 266 if (msgbuf_write(&ibuf_se->w) < 0) { 267 log_warn("pipe write error (to SE)"); 268 quit = 1; 269 } 270 271 if (nfds > 0 && (pfd[PFD_PIPE_ROUTE].revents & POLLOUT)) 272 if (msgbuf_write(&ibuf_rde->w) < 0) { 273 log_warn("pipe write error (to RDE)"); 274 quit = 1; 275 } 276 277 if (nfds > 0 && pfd[PFD_PIPE_SESSION].revents & POLLIN) { 278 nfds--; 279 if (dispatch_imsg(ibuf_se, PFD_PIPE_SESSION) == -1) 280 quit = 1; 281 } 282 283 if (nfds > 0 && pfd[PFD_PIPE_ROUTE].revents & POLLIN) { 284 nfds--; 285 if (dispatch_imsg(ibuf_rde, PFD_PIPE_ROUTE) == -1) 286 quit = 1; 287 } 288 289 if (nfds > 0 && pfd[PFD_SOCK_ROUTE].revents & POLLIN) { 290 nfds--; 291 if (kr_dispatch_msg() == -1) 292 quit = 1; 293 } 294 295 if (reconfig) { 296 reconfig = 0; 297 log_info("rereading config"); 298 reconfigure(conffile, &conf, &mrt_l, &peer_l, rules_l); 299 } 300 301 if (sigchld) { 302 sigchld = 0; 303 if (check_child(io_pid, "session engine")) { 304 quit = 1; 305 io_pid = 0; 306 } 307 if (check_child(rde_pid, "route decision engine")) { 308 quit = 1; 309 rde_pid = 0; 310 } 311 } 312 313 if (mrtdump == 1) { 314 mrtdump = 0; 315 mrt_handler(&mrt_l); 316 } 317 } 318 319 signal(SIGCHLD, SIG_IGN); 320 321 if (io_pid) 322 kill(io_pid, SIGTERM); 323 324 if (rde_pid) 325 kill(rde_pid, SIGTERM); 326 327 while ((p = peer_l) != NULL) { 328 peer_l = p->next; 329 free(p); 330 } 331 while ((m = LIST_FIRST(&mrt_l)) != NULL) { 332 LIST_REMOVE(m, entry); 333 free(m); 334 } 335 336 free(rules_l); 337 control_cleanup(); 338 kr_shutdown(); 339 pftable_clear_all(); 340 free(conf.listen_addrs); 341 342 do { 343 if ((pid = wait(NULL)) == -1 && 344 errno != EINTR && errno != ECHILD) 345 fatal("wait"); 346 } while (pid != -1 || (pid == -1 && errno == EINTR)); 347 348 msgbuf_clear(&ibuf_se->w); 349 free(ibuf_se); 350 msgbuf_clear(&ibuf_rde->w); 351 free(ibuf_rde); 352 353 log_info("Terminating"); 354 return (0); 355} 356 357int 358check_child(pid_t pid, const char *pname) 359{ 360 int status; 361 362 if (waitpid(pid, &status, WNOHANG) > 0) { 363 if (WIFEXITED(status)) { 364 log_warnx("Lost child: %s exited", pname); 365 return (1); 366 } 367 if (WIFSIGNALED(status)) { 368 log_warnx("Lost child: %s terminated; signal %d", 369 pname, WTERMSIG(status)); 370 return (1); 371 } 372 } 373 374 return (0); 375} 376 377int 378reconfigure(char *conffile, struct bgpd_config *conf, struct mrt_head *mrt_l, 379 struct peer **peer_l, struct filter_head *rules_l) 380{ 381 struct network_head net_l; 382 struct network *n; 383 struct peer *p; 384 struct filter_rule *r; 385 struct listen_addr *la; 386 387 if (parse_config(conffile, conf, mrt_l, peer_l, &net_l, rules_l)) { 388 log_warnx("config file %s has errors, not reloading", 389 conffile); 390 return (-1); 391 } 392 393 prepare_listeners(conf); 394 395 if (imsg_compose(ibuf_se, IMSG_RECONF_CONF, 0, 0, -1, 396 conf, sizeof(struct bgpd_config)) == -1) 397 return (-1); 398 if (imsg_compose(ibuf_rde, IMSG_RECONF_CONF, 0, 0, -1, 399 conf, sizeof(struct bgpd_config)) == -1) 400 return (-1); 401 for (p = *peer_l; p != NULL; p = p->next) 402 if (imsg_compose(ibuf_se, IMSG_RECONF_PEER, p->conf.id, 0, -1, 403 &p->conf, sizeof(struct peer_config)) == -1) 404 return (-1); 405 while ((n = TAILQ_FIRST(&net_l)) != NULL) { 406 if (imsg_compose(ibuf_rde, IMSG_NETWORK_ADD, 0, 0, -1, 407 &n->net, sizeof(struct network_config)) == -1) 408 return (-1); 409 TAILQ_REMOVE(&net_l, n, entry); 410 free(n); 411 } 412 while ((r = TAILQ_FIRST(rules_l)) != NULL) { 413 if (imsg_compose(ibuf_rde, IMSG_RECONF_FILTER, 0, 0, -1, 414 r, sizeof(struct filter_rule)) == -1) 415 return (-1); 416 TAILQ_REMOVE(rules_l, r, entry); 417 free(r); 418 } 419 while ((la = TAILQ_FIRST(conf->listen_addrs)) != NULL) { 420 if (imsg_compose(ibuf_se, IMSG_RECONF_LISTENER, 0, 0, la->fd, 421 la, sizeof(struct listen_addr)) == -1) 422 return (-1); 423 TAILQ_REMOVE(conf->listen_addrs, la, entry); 424 free(la); 425 } 426 free(conf->listen_addrs); 427 conf->listen_addrs = NULL; 428 429 if (imsg_compose(ibuf_se, IMSG_RECONF_DONE, 0, 0, -1, NULL, 0) == -1 || 430 imsg_compose(ibuf_rde, IMSG_RECONF_DONE, 0, 0, -1, NULL, 0) == -1) 431 return (-1); 432 433 /* mrt changes can be sent out of bound */ 434 mrt_reconfigure(mrt_l); 435 return (0); 436} 437 438int 439dispatch_imsg(struct imsgbuf *ibuf, int idx) 440{ 441 struct imsg imsg; 442 int n; 443 444 if ((n = imsg_read(ibuf)) == -1) 445 return (-1); 446 447 if (n == 0) { /* connection closed */ 448 log_warnx("dispatch_imsg in main: pipe closed"); 449 return (-1); 450 } 451 452 for (;;) { 453 if ((n = imsg_get(ibuf, &imsg)) == -1) 454 return (-1); 455 456 if (n == 0) 457 break; 458 459 switch (imsg.hdr.type) { 460 case IMSG_KROUTE_CHANGE: 461 if (idx != PFD_PIPE_ROUTE) 462 log_warnx("route request not from RDE"); 463 else if (kr_change(imsg.data)) 464 return (-1); 465 break; 466 case IMSG_KROUTE_DELETE: 467 if (idx != PFD_PIPE_ROUTE) 468 log_warnx("route request not from RDE"); 469 else if (kr_delete(imsg.data)) 470 return (-1); 471 break; 472 case IMSG_NEXTHOP_ADD: 473 if (idx != PFD_PIPE_ROUTE) 474 log_warnx("nexthop request not from RDE"); 475 else 476 if (imsg.hdr.len != IMSG_HEADER_SIZE + 477 sizeof(struct bgpd_addr)) 478 log_warnx("wrong imsg len"); 479 else if (kr_nexthop_add(imsg.data) == -1) 480 return (-1); 481 break; 482 case IMSG_NEXTHOP_REMOVE: 483 if (idx != PFD_PIPE_ROUTE) 484 log_warnx("nexthop request not from RDE"); 485 else 486 if (imsg.hdr.len != IMSG_HEADER_SIZE + 487 sizeof(struct bgpd_addr)) 488 log_warnx("wrong imsg len"); 489 else 490 kr_nexthop_delete(imsg.data); 491 break; 492 case IMSG_PFTABLE_ADD: 493 if (idx != PFD_PIPE_ROUTE) 494 log_warnx("pftable request not from RDE"); 495 else 496 if (imsg.hdr.len != IMSG_HEADER_SIZE + 497 sizeof(struct pftable_msg)) 498 log_warnx("wrong imsg len"); 499 else if (pftable_addr_add(imsg.data) != 0) 500 return (-1); 501 break; 502 case IMSG_PFTABLE_REMOVE: 503 if (idx != PFD_PIPE_ROUTE) 504 log_warnx("pftable request not from RDE"); 505 else 506 if (imsg.hdr.len != IMSG_HEADER_SIZE + 507 sizeof(struct pftable_msg)) 508 log_warnx("wrong imsg len"); 509 else if (pftable_addr_remove(imsg.data) != 0) 510 return (-1); 511 break; 512 case IMSG_PFTABLE_COMMIT: 513 if (idx != PFD_PIPE_ROUTE) 514 log_warnx("pftable request not from RDE"); 515 else 516 if (imsg.hdr.len != IMSG_HEADER_SIZE) 517 log_warnx("wrong imsg len"); 518 else if (pftable_commit() != 0) 519 return (-1); 520 break; 521 case IMSG_CTL_RELOAD: 522 if (idx != PFD_PIPE_SESSION) 523 log_warnx("reload request not from SE"); 524 else 525 reconfig = 1; 526 break; 527 case IMSG_CTL_FIB_COUPLE: 528 if (idx != PFD_PIPE_SESSION) 529 log_warnx("couple request not from SE"); 530 else 531 kr_fib_couple(); 532 break; 533 case IMSG_CTL_FIB_DECOUPLE: 534 if (idx != PFD_PIPE_SESSION) 535 log_warnx("decouple request not from SE"); 536 else 537 kr_fib_decouple(); 538 break; 539 case IMSG_CTL_KROUTE: 540 case IMSG_CTL_KROUTE_ADDR: 541 case IMSG_CTL_SHOW_NEXTHOP: 542 case IMSG_CTL_SHOW_INTERFACE: 543 if (idx != PFD_PIPE_SESSION) 544 log_warnx("kroute request not from SE"); 545 else 546 kr_show_route(&imsg); 547 break; 548 case IMSG_IFINFO: 549 if (idx != PFD_PIPE_SESSION) 550 log_warnx("IFINFO request not from SE"); 551 else if (imsg.hdr.len != IMSG_HEADER_SIZE + IFNAMSIZ) 552 log_warnx("IFINFO request with wrong len"); 553 else 554 kr_ifinfo(imsg.data); 555 break; 556 default: 557 break; 558 } 559 imsg_free(&imsg); 560 } 561 return (0); 562} 563 564void 565send_nexthop_update(struct kroute_nexthop *msg) 566{ 567 char *gw = NULL; 568 569 if (msg->gateway.af) 570 if (asprintf(&gw, ": via %s", 571 log_addr(&msg->gateway)) == -1) { 572 log_warn("send_nexthop_update"); 573 quit = 1; 574 } 575 576 log_info("nexthop %s now %s%s%s", log_addr(&msg->nexthop), 577 msg->valid ? "valid" : "invalid", 578 msg->connected ? ": directly connected" : "", 579 msg->gateway.af ? gw : ""); 580 581 free(gw); 582 583 if (imsg_compose(ibuf_rde, IMSG_NEXTHOP_UPDATE, 0, 0, -1, 584 msg, sizeof(struct kroute_nexthop)) == -1) 585 quit = 1; 586} 587 588void 589send_imsg_session(int type, pid_t pid, void *data, u_int16_t datalen) 590{ 591 imsg_compose(ibuf_se, type, 0, pid, -1, data, datalen); 592} 593