For now, only Linux is supported.
Signed-off-by: FUJITA Tomonori <[email protected]>
---
ryu/services/protocols/bgp/base.py | 33 ++++++++++++++++----------
ryu/services/protocols/bgp/bgpspeaker.py | 7 +++++-
ryu/services/protocols/bgp/peer.py | 4 +++-
ryu/services/protocols/bgp/rtconf/neighbors.py | 15 +++++++++++-
4 files changed, 44 insertions(+), 15 deletions(-)
diff --git a/ryu/services/protocols/bgp/base.py
b/ryu/services/protocols/bgp/base.py
index e0338c2..87060cd 100644
--- a/ryu/services/protocols/bgp/base.py
+++ b/ryu/services/protocols/bgp/base.py
@@ -24,6 +24,7 @@ import weakref
import netaddr
from ryu.lib import hub
+from ryu.lib import sockopt
from ryu.lib.hub import Timeout
from ryu.lib.packet.bgp import RF_IPv4_UC
from ryu.lib.packet.bgp import RF_IPv6_UC
@@ -353,7 +354,7 @@ class Activity(object):
self._spawn(client_name, conn_handle, sock)
def _connect_tcp(self, peer_addr, conn_handler, time_out=None,
- bind_address=None):
+ bind_address=None, password=None):
"""Creates a TCP connection to given peer address.
Tries to create a socket for `timeout` number of seconds. If
@@ -367,17 +368,25 @@ class Activity(object):
else:
family = socket.AF_INET6
with Timeout(time_out, socket.error):
- sock = hub.connect(peer_addr, family=family, bind=bind_address)
- if sock:
- # Connection name for pro-active connection is made up
- # of local end address + remote end address
- local = self.get_localname(sock)[0]
- remote = self.get_remotename(sock)[0]
- conn_name = ('L: ' + local + ', R: ' + remote)
- self._asso_socket_map[conn_name] = sock
- # If connection is established, we call connection handler
- # in a new thread.
- self._spawn(conn_name, conn_handler, sock)
+ sock = socket.socket(family)
+ if bind_address:
+ sock.bind(bind_address)
+ if password:
+ sockopt.set_tcp_md5sig(sock, peer_addr[0], password)
+ sock.connect(peer_addr)
+ # socket.error exception is rasied in cese of timeout and
+ # the following code is executed only when the connection
+ # is established.
+
+ # Connection name for pro-active connection is made up of
+ # local end address + remote end address
+ local = self.get_localname(sock)[0]
+ remote = self.get_remotename(sock)[0]
+ conn_name = ('L: ' + local + ', R: ' + remote)
+ self._asso_socket_map[conn_name] = sock
+ # If connection is established, we call connection handler
+ # in a new thread.
+ self._spawn(conn_name, conn_handler, sock)
return sock
diff --git a/ryu/services/protocols/bgp/bgpspeaker.py
b/ryu/services/protocols/bgp/bgpspeaker.py
index 73bc72d..aa851c5 100644
--- a/ryu/services/protocols/bgp/bgpspeaker.py
+++ b/ryu/services/protocols/bgp/bgpspeaker.py
@@ -51,6 +51,7 @@ from ryu.services.protocols.bgp.rtconf.neighbors import
DEFAULT_CAP_MBGP_IPV4
from ryu.services.protocols.bgp.rtconf.neighbors import DEFAULT_CAP_MBGP_VPNV4
from ryu.services.protocols.bgp.rtconf.neighbors import DEFAULT_CAP_MBGP_VPNV6
from ryu.services.protocols.bgp.rtconf.neighbors import PEER_NEXT_HOP
+from ryu.services.protocols.bgp.rtconf.neighbors import PASSWORD
from ryu.services.protocols.bgp.application import RyuBGPSpeaker
@@ -169,7 +170,7 @@ class BGPSpeaker(object):
enable_ipv4=DEFAULT_CAP_MBGP_IPV4,
enable_vpnv4=DEFAULT_CAP_MBGP_VPNV4,
enable_vpnv6=DEFAULT_CAP_MBGP_VPNV6,
- next_hop=None):
+ next_hop=None, password=None):
""" This method registers a new neighbor. The BGP speaker tries to
establish a bgp session with the peer (accepts a connection
from the peer and also tries to connect to it).
@@ -192,11 +193,15 @@ class BGPSpeaker(object):
``next_hop`` specifies the next hop IP address. If not
specified, host's ip address to access to a peer is used.
+
+ ``password`` is used for the MD5 authentication if it's
+ specified. By default, the MD5 authenticaiton is disabled.
"""
bgp_neighbor = {}
bgp_neighbor[neighbors.IP_ADDRESS] = address
bgp_neighbor[neighbors.REMOTE_AS] = remote_as
bgp_neighbor[PEER_NEXT_HOP] = next_hop
+ bgp_neighbor[PASSWORD] = password
# v6 advertizement is available with only v6 peering
if netaddr.valid_ipv4(address):
bgp_neighbor[CAP_MBGP_IPV4] = enable_ipv4
diff --git a/ryu/services/protocols/bgp/peer.py
b/ryu/services/protocols/bgp/peer.py
index 1483807..47f3c17 100644
--- a/ryu/services/protocols/bgp/peer.py
+++ b/ryu/services/protocols/bgp/peer.py
@@ -822,10 +822,12 @@ class Peer(Source, Sink, NeighborConfListener, Activity):
LOG.debug('%s trying to connect to %s' % (self, peer_address))
tcp_conn_timeout = self._common_conf.tcp_conn_timeout
try:
+ password = self._neigh_conf.password
sock = self._connect_tcp(peer_address,
client_factory,
time_out=tcp_conn_timeout,
- bind_address=bind_addr)
+ bind_address=bind_addr,
+ password=password)
except socket.error:
self.state.bgp_state = const.BGP_FSM_ACTIVE
LOG.debug('Socket could not be created in time (%s secs),'
diff --git a/ryu/services/protocols/bgp/rtconf/neighbors.py
b/ryu/services/protocols/bgp/rtconf/neighbors.py
index 1078e95..9ba5761 100644
--- a/ryu/services/protocols/bgp/rtconf/neighbors.py
+++ b/ryu/services/protocols/bgp/rtconf/neighbors.py
@@ -72,6 +72,7 @@ CHANGES = 'changes'
LOCAL_ADDRESS = 'local_address'
LOCAL_PORT = 'local_port'
PEER_NEXT_HOP = 'next_hop'
+PASSWORD = 'password'
# Default value constants.
DEFAULT_CAP_GR_NULL = True
@@ -141,6 +142,11 @@ def validate_next_hop(ip_address):
return str(netaddr.IPAddress(ip_address))
+@validate(name=PASSWORD)
+def validate_password(password):
+ return password
+
+
@validate(name=LOCAL_PORT)
def validate_local_port(port):
if not isinstance(port, (int, long)):
@@ -174,7 +180,7 @@ class NeighborConf(ConfWithId, ConfWithStats):
ENABLED, MULTI_EXIT_DISC, MAX_PREFIXES,
ADVERTISE_PEER_AS, SITE_OF_ORIGINS,
LOCAL_ADDRESS, LOCAL_PORT,
- PEER_NEXT_HOP])
+ PEER_NEXT_HOP, PASSWORD])
def __init__(self, **kwargs):
super(NeighborConf, self).__init__(**kwargs)
@@ -226,6 +232,9 @@ class NeighborConf(ConfWithId, ConfWithStats):
self._settings[PEER_NEXT_HOP] = compute_optional_conf(
PEER_NEXT_HOP, None, **kwargs)
+ self._settings[PASSWORD] = compute_optional_conf(
+ PASSWORD, None, **kwargs)
+
# RTC configurations.
self._settings[CAP_RTC] = \
compute_optional_conf(CAP_RTC, DEFAULT_CAP_RTC, **kwargs)
@@ -282,6 +291,10 @@ class NeighborConf(ConfWithId, ConfWithStats):
def next_hop(self):
return self._settings[PEER_NEXT_HOP]
+ @property
+ def password(self):
+ return self._settings[PASSWORD]
+
# =========================================================================
# Optional attributes with valid defaults.
# =========================================================================
--
1.8.5.2 (Apple Git-48)
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
