bgpd.c revision 1.86 
1/*	$OpenBSD: bgpd.c,v 1.86 2004/03/11 14:22:22 claudio Exp $ */
2
3/*
4 * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19#include <sys/types.h>
20#include <sys/socket.h>
21#include <sys/wait.h>
22#include <netinet/in.h>
23#include <arpa/inet.h>
24#include <err.h>
25#include <errno.h>
26#include <fcntl.h>
27#include <poll.h>
28#include <pwd.h>
29#include <signal.h>
30#include <stdio.h>
31#include <stdlib.h>
32#include <string.h>
33#include <unistd.h>
34
35#include "mrt.h"
36#include "bgpd.h"
37#include "session.h"
38
39void	sighdlr(int);
40void	usage(void);
41int	main(int, char *[]);
42int	check_child(pid_t, const char *);
43int	reconfigure(char *, struct bgpd_config *, struct mrt_head *,
44	    struct peer **, struct filter_head *);
45int	dispatch_imsg(struct imsgbuf *, int, struct mrt_head *);
46
47int			rfd = -1;
48volatile sig_atomic_t	mrtdump = 0;
49volatile sig_atomic_t	quit = 0;
50volatile sig_atomic_t	reconfig = 0;
51volatile sig_atomic_t	sigchld = 0;
52struct imsgbuf		ibuf_se;
53struct imsgbuf		ibuf_rde;
54
55void
56sighdlr(int sig)
57{
58	switch (sig) {
59	case SIGTERM:
60	case SIGINT:
61		quit = 1;
62		break;
63	case SIGCHLD:
64		sigchld = 1;
65		break;
66	case SIGHUP:
67		reconfig = 1;
68		break;
69	case SIGALRM:
70	case SIGUSR1:
71		mrtdump = 1;
72		break;
73	}
74}
75
76void
77usage(void)
78{
79	extern char *__progname;
80
81	fprintf(stderr, "usage: %s [-dnv] ", __progname);
82	fprintf(stderr, "[-D macro=value] [-f file]\n");
83	exit(1);
84}
85
86#define POLL_MAX		8
87#define PFD_PIPE_SESSION	0
88#define PFD_PIPE_ROUTE		1
89#define PFD_SOCK_ROUTE		2
90#define PFD_MRT_START		3
91
92int
93main(int argc, char *argv[])
94{
95	struct bgpd_config	 conf;
96	struct peer		*peer_l, *p;
97	struct mrt_head		 mrt_l;
98	struct network_head	 net_l;
99	struct filter_head	*rules_l;
100	struct network		*net;
101	struct filter_rule	*r;
102	struct mrt		*(mrt[POLL_MAX]), *m;
103	struct pollfd		 pfd[POLL_MAX];
104	pid_t			 io_pid = 0, rde_pid = 0, pid;
105	char			*conffile;
106	int			 debug = 0;
107	int			 ch, csock, i, j, n, nfds, timeout;
108	int			 pipe_m2s[2];
109	int			 pipe_m2r[2];
110	int			 pipe_s2r[2];
111
112	conffile = CONFFILE;
113	bgpd_process = PROC_MAIN;
114
115	log_init(1);		/* log to stderr until daemonized */
116
117	if ((rules_l = calloc(1, sizeof(struct filter_head))) == NULL)
118		err(1, NULL);
119
120	bzero(&conf, sizeof(conf));
121	LIST_INIT(&mrt_l);
122	TAILQ_INIT(&net_l);
123	TAILQ_INIT(rules_l);
124	peer_l = NULL;
125
126	while ((ch = getopt(argc, argv, "dD:f:nv")) != -1) {
127		switch (ch) {
128		case 'd':
129			debug = 1;
130			break;
131		case 'D':
132			if (cmdline_symset(optarg) < 0)
133				log_warnx("could not parse macro definition %s",
134				    optarg);
135			break;
136		case 'f':
137			conffile = optarg;
138			break;
139		case 'n':
140			conf.opts |= BGPD_OPT_NOACTION;
141			break;
142		case 'v':
143			if (conf.opts & BGPD_OPT_VERBOSE)
144				conf.opts |= BGPD_OPT_VERBOSE2;
145			conf.opts |= BGPD_OPT_VERBOSE;
146			break;
147		default:
148			usage();
149			/* NOTREACHED */
150		}
151	}
152
153	if (parse_config(conffile, &conf, &mrt_l, &peer_l, &net_l, rules_l))
154		exit(1);
155
156	if (conf.opts & BGPD_OPT_NOACTION) {
157		if (conf.opts & BGPD_OPT_VERBOSE)
158			print_config(&conf, &net_l, peer_l, rules_l, &mrt_l);
159		else
160			fprintf(stderr, "configuration OK\n");
161		exit(0);
162	}
163
164	if (geteuid())
165		errx(1, "need root privileges");
166
167	if (getpwnam(BGPD_USER) == NULL)
168		errx(1, "unknown user %s", BGPD_USER);
169	endpwent();
170
171	log_init(debug);
172
173	if (!debug)
174		daemon(1, 0);
175
176	log_info("startup");
177
178	if (pipe(pipe_m2s) == -1)
179		fatal("pipe");
180	if (fcntl(pipe_m2s[0], F_SETFL, O_NONBLOCK) == -1 ||
181	    fcntl(pipe_m2s[1], F_SETFL, O_NONBLOCK) == -1)
182		fatal("fcntl");
183	if (pipe(pipe_m2r) == -1)
184		fatal("pipe");
185	if (fcntl(pipe_m2r[0], F_SETFL, O_NONBLOCK) == -1 ||
186	    fcntl(pipe_m2r[1], F_SETFL, O_NONBLOCK) == -1)
187		fatal("fcntl");
188	if (pipe(pipe_s2r) == -1)
189		fatal("pipe");
190	if (fcntl(pipe_s2r[0], F_SETFL, O_NONBLOCK) == -1 ||
191	    fcntl(pipe_s2r[1], F_SETFL, O_NONBLOCK) == -1)
192		fatal("fcntl");
193
194	if ((csock = control_init()) == -1)
195		fatalx("control socket setup failed");
196
197	/* fork children */
198	rde_pid = rde_main(&conf, peer_l, &net_l, rules_l, &mrt_l,
199	    pipe_m2r, pipe_s2r);
200	io_pid = session_main(&conf, peer_l, &net_l, rules_l, &mrt_l,
201	    pipe_m2s, pipe_s2r);
202
203	setproctitle("parent");
204
205	signal(SIGTERM, sighdlr);
206	signal(SIGINT, sighdlr);
207	signal(SIGCHLD, sighdlr);
208	signal(SIGHUP, sighdlr);
209	signal(SIGALRM, sighdlr);
210	signal(SIGUSR1, sighdlr);
211
212	close(pipe_m2s[1]);
213	close(pipe_m2r[1]);
214	close(pipe_s2r[0]);
215	close(pipe_s2r[1]);
216	close(csock);
217
218	imsg_init(&ibuf_se, pipe_m2s[0]);
219	imsg_init(&ibuf_rde, pipe_m2r[0]);
220	mrt_init(&ibuf_rde, &ibuf_se);
221	if ((rfd = kr_init(!(conf.flags & BGPD_FLAG_NO_FIB_UPDATE))) == -1)
222		quit = 1;
223
224	while ((net = TAILQ_FIRST(&net_l)) != NULL) {
225		TAILQ_REMOVE(&net_l, net, network_l);
226		free(net);
227	}
228
229	while ((r = TAILQ_FIRST(rules_l)) != NULL) {
230		TAILQ_REMOVE(rules_l, r, entries);
231		free(r);
232	}
233
234	while (quit == 0) {
235		pfd[PFD_PIPE_SESSION].fd = ibuf_se.sock;
236		pfd[PFD_PIPE_SESSION].events = POLLIN;
237		if (ibuf_se.w.queued)
238			pfd[PFD_PIPE_SESSION].events |= POLLOUT;
239		pfd[PFD_PIPE_ROUTE].fd = ibuf_rde.sock;
240		pfd[PFD_PIPE_ROUTE].events = POLLIN;
241		if (ibuf_rde.w.queued)
242			pfd[PFD_PIPE_ROUTE].events |= POLLOUT;
243		pfd[PFD_SOCK_ROUTE].fd = rfd;
244		pfd[PFD_SOCK_ROUTE].events = POLLIN;
245		i = PFD_MRT_START;
246		i = mrt_select(&mrt_l, pfd, mrt, i, POLL_MAX, &timeout);
247
248		if ((nfds = poll(pfd, i, INFTIM)) == -1)
249			if (errno != EINTR) {
250				log_warn("poll error");
251				quit = 1;
252			}
253
254		if (nfds > 0 && (pfd[PFD_PIPE_SESSION].revents & POLLOUT))
255			if ((n = msgbuf_write(&ibuf_se.w)) < 0) {
256				log_warn("pipe write error (to SE)");
257				quit = 1;
258			}
259
260		if (nfds > 0 && (pfd[PFD_PIPE_ROUTE].revents & POLLOUT))
261			if ((n = msgbuf_write(&ibuf_rde.w)) < 0) {
262				log_warn("pipe write error (to RDE)");
263				quit = 1;
264			}
265
266		if (nfds > 0 && pfd[PFD_PIPE_SESSION].revents & POLLIN) {
267			nfds--;
268			if (dispatch_imsg(&ibuf_se, PFD_PIPE_SESSION,
269			    &mrt_l) == -1)
270				quit = 1;
271		}
272
273		if (nfds > 0 && pfd[PFD_PIPE_ROUTE].revents & POLLIN) {
274			nfds--;
275			if (dispatch_imsg(&ibuf_rde, PFD_PIPE_ROUTE,
276			    &mrt_l) == -1)
277				quit = 1;
278		}
279
280		if (nfds > 0 && pfd[PFD_SOCK_ROUTE].revents & POLLIN) {
281			nfds--;
282			if (kr_dispatch_msg() == -1)
283				quit = 1;
284		}
285
286		for (j = PFD_MRT_START; j < i && nfds > 0 ; j++) {
287			if (pfd[j].revents & POLLOUT) {
288				if ((n = mrt_write(mrt[j])) < 0) {
289					log_warn("mrt write error");
290				}
291			}
292		}
293
294		if (reconfig) {
295			log_info("rereading config");
296			reconfigure(conffile, &conf, &mrt_l, &peer_l, rules_l);
297			reconfig = 0;
298		}
299
300		if (sigchld) {
301			if (check_child(io_pid, "session engine"))
302				quit = 1;
303			if (check_child(rde_pid, "route decision engine"))
304				quit = 1;
305			sigchld = 0;
306		}
307
308		if (mrtdump == 1) {
309			mrt_handler(&mrt_l);
310			mrtdump = 0;
311		}
312	}
313
314	signal(SIGCHLD, SIG_IGN);
315
316	if (io_pid)
317		kill(io_pid, SIGTERM);
318
319	if (rde_pid)
320		kill(rde_pid, SIGTERM);
321
322	do {
323		pid = waitpid(-1, NULL, WNOHANG);
324	} while (pid > 0 || (pid == -1 && errno == EINTR));
325
326	while ((p = peer_l) != NULL) {
327		peer_l = p->next;
328		free(p);
329	}
330	while ((m = LIST_FIRST(&mrt_l)) != NULL) {
331		LIST_REMOVE(m, list);
332		free(m);
333	}
334
335	free(rules_l);
336	control_cleanup();
337	kr_shutdown();
338
339	log_info("Terminating");
340	return (0);
341}
342
343int
344check_child(pid_t pid, const char *pname)
345{
346	int	status;
347
348	if (waitpid(pid, &status, WNOHANG) > 0) {
349		if (WIFEXITED(status)) {
350			log_warnx("Lost child: %s exited", pname);
351			return (1);
352		}
353		if (WIFSIGNALED(status)) {
354			log_warnx("Lost child: %s terminated; signal %d",
355			    pname, WTERMSIG(status));
356			return (1);
357		}
358	}
359
360	return (0);
361}
362
363int
364reconfigure(char *conffile, struct bgpd_config *conf, struct mrt_head *mrt_l,
365    struct peer **peer_l, struct filter_head *rules_l)
366{
367	struct network_head	 net_l;
368	struct network		*n;
369	struct peer		*p;
370	struct filter_rule	*r;
371
372	if (parse_config(conffile, conf, mrt_l, peer_l, &net_l, rules_l)) {
373		log_warnx("config file %s has errors, not reloading",
374		    conffile);
375		return (-1);
376	}
377
378	if (imsg_compose(&ibuf_se, IMSG_RECONF_CONF, 0,
379	    conf, sizeof(struct bgpd_config)) == -1)
380		return (-1);
381	if (imsg_compose(&ibuf_rde, IMSG_RECONF_CONF, 0,
382	    conf, sizeof(struct bgpd_config)) == -1)
383		return (-1);
384	for (p = *peer_l; p != NULL; p = p->next) {
385		if (imsg_compose(&ibuf_se, IMSG_RECONF_PEER, p->conf.id,
386		    &p->conf, sizeof(struct peer_config)) == -1)
387			return (-1);
388		if (imsg_compose(&ibuf_rde, IMSG_RECONF_PEER, p->conf.id,
389		    &p->conf, sizeof(struct peer_config)) == -1)
390			return (-1);
391	}
392	while ((n = TAILQ_FIRST(&net_l)) != NULL) {
393		if (imsg_compose(&ibuf_rde, IMSG_RECONF_NETWORK, 0,
394		    &n->net, sizeof(struct network_config)) == -1)
395			return (-1);
396		TAILQ_REMOVE(&net_l, n, network_l);
397		free(n);
398	}
399	while ((r = TAILQ_FIRST(rules_l)) != NULL) {
400		if (imsg_compose(&ibuf_rde, IMSG_RECONF_FILTER, 0,
401		    r, sizeof(struct filter_rule)) == -1)
402			return (-1);
403		TAILQ_REMOVE(rules_l, r, entries);
404		free(r);
405	}
406	if (imsg_compose(&ibuf_se, IMSG_RECONF_DONE, 0, NULL, 0) == -1 ||
407	    imsg_compose(&ibuf_rde, IMSG_RECONF_DONE, 0, NULL, 0) == -1)
408		return (-1);
409
410	return (0);
411}
412
413int
414dispatch_imsg(struct imsgbuf *ibuf, int idx, struct mrt_head *mrt_l)
415{
416	struct imsg		 imsg;
417	int			 n;
418
419	if ((n = imsg_read(ibuf)) == -1)
420		return (-1);
421
422	if (n == 0) {	/* connection closed */
423		log_warnx("dispatch_imsg in main: pipe closed");
424		return (-1);
425	}
426
427	for (;;) {
428		if ((n = imsg_get(ibuf, &imsg)) == -1)
429			return (-1);
430
431		if (n == 0)
432			break;
433
434		switch (imsg.hdr.type) {
435		case IMSG_MRT_MSG:
436		case IMSG_MRT_END:
437			if (mrt_queue(mrt_l, &imsg) == -1)
438				log_warnx("mrt_queue failed.");
439			break;
440		case IMSG_KROUTE_CHANGE:
441			if (idx != PFD_PIPE_ROUTE)
442				log_warnx("route request not from RDE");
443			else if (kr_change(imsg.data))
444				return (-1);
445			break;
446		case IMSG_KROUTE_DELETE:
447			if (idx != PFD_PIPE_ROUTE)
448				log_warnx("route request not from RDE");
449			else if (kr_delete(imsg.data))
450				return (-1);
451			break;
452		case IMSG_NEXTHOP_ADD:
453			if (idx != PFD_PIPE_ROUTE)
454				log_warnx("nexthop request not from RDE");
455			else
456				if (imsg.hdr.len != IMSG_HEADER_SIZE +
457				    sizeof(struct bgpd_addr))
458					log_warnx("wrong imsg len");
459				else if (kr_nexthop_add(imsg.data) == -1)
460					return (-1);
461			break;
462		case IMSG_NEXTHOP_REMOVE:
463			if (idx != PFD_PIPE_ROUTE)
464				log_warnx("nexthop request not from RDE");
465			else
466				if (imsg.hdr.len != IMSG_HEADER_SIZE +
467				    sizeof(struct bgpd_addr))
468					log_warnx("wrong imsg len");
469				else kr_nexthop_delete(imsg.data);
470			break;
471		case IMSG_CTL_RELOAD:
472			if (idx != PFD_PIPE_SESSION)
473				log_warnx("reload request not from SE");
474			else
475				reconfig = 1;
476			break;
477		case IMSG_CTL_FIB_COUPLE:
478			if (idx != PFD_PIPE_SESSION)
479				log_warnx("couple request not from SE");
480			else
481				kr_fib_couple();
482			break;
483		case IMSG_CTL_FIB_DECOUPLE:
484			if (idx != PFD_PIPE_SESSION)
485				log_warnx("decouple request not from SE");
486			else
487				kr_fib_decouple();
488			break;
489		case IMSG_CTL_KROUTE:
490		case IMSG_CTL_KROUTE_ADDR:
491		case IMSG_CTL_SHOW_NEXTHOP:
492		case IMSG_CTL_SHOW_INTERFACE:
493			if (idx != PFD_PIPE_SESSION)
494				log_warnx("kroute request not from SE");
495			else
496				kr_show_route(&imsg);
497			break;
498		default:
499			break;
500		}
501		imsg_free(&imsg);
502	}
503	return (0);
504}
505
506void
507send_nexthop_update(struct kroute_nexthop *msg)
508{
509	char	*gw = NULL;
510
511	if (msg->gateway.af)
512		if (asprintf(&gw, ": via %s",
513		    log_addr(&msg->gateway)) == -1) {
514			log_warn("send_nexthop_update");
515			quit = 1;
516		}
517
518	log_info("nexthop %s now %s%s%s", log_addr(&msg->nexthop),
519	    msg->valid ? "valid" : "invalid",
520	    msg->connected ? ": directly connected" : "",
521	    msg->gateway.af ? gw : "");
522
523	free(gw);
524
525	if (imsg_compose(&ibuf_rde, IMSG_NEXTHOP_UPDATE, 0,
526	    msg, sizeof(struct kroute_nexthop)) == -1)
527		quit = 1;
528}
529
530void
531send_imsg_session(int type, pid_t pid, void *data, u_int16_t datalen)
532{
533	imsg_compose_pid(&ibuf_se, type, pid, data, datalen);
534}
535