CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2019/10/30 14:02:19
Modified files:
usr.sbin/bgpd : Tag: OPENBSD_6_6 rde.c rde.h rde_rib.c
Log message:
bgpd(8) can crash on nexthop changes or during startup in certain
configurations.
This is OpenBSD 6.6 errata 003 and combines the following commits from
-current:
---------------------------------------------
CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2019/10/29 00:47:04
Modified files:
usr.sbin/bgpd : rde_rib.c
Log message:
Replace the fatal non existing prefix call with a pt_add() call that
actually inserts the missing prefix in the prefix tree. While for
regular updates to the Adj-RIB-Out this case is indeed not reachable
it is reachable when using 'export default-route'.
Problem reported and fix tested by Esa Kuusisto.
OK benno@
---------------------------------------------
CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2019/10/29 23:27:50
Modified files:
usr.sbin/bgpd : rde.c rde.h rde_rib.c
Log message:
Add PREFIX_FLAG_STALE to mark prefixes in the Adj-RIB-Out as stale during
graceful reload. At the same time extend peer_dump() to force all updates
getting sent by adding every entry in the Adj-RIB-Out to the update tree
unless they are PREFIX_FLAG_DEAD or PREFIX_FLAG_STALE. The latter will be
removed during that stage since peer_dump() just did a full update of the
Adj-RIB-Out. Also fix prefix_withdraw to check the correct prefix flags
before removing a prefix from the update or withdraw tree.
OK benno@
---------------------------------------------
CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2019/10/29 00:42:05
Modified files:
usr.sbin/bgpd : rde_rib.c
Log message:
Fix two cases where the nexthop_runners tail queue can get corrupted.
First by requeuing an element that is already on the list and second
by freeing a nexthop that is still on the list resulting in a use after
free. This should fix bgpd crashes seen by various people.
Problem report including backtrace from benno@
OK benno@
