def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.type == BGP_MSG_OPEN
# Validate remote ASN.
remote_asnum = open_msg.my_as
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum) or
remote_asnum != self._peer.remote_as):
raise bgp.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise bgp.UnsupportedVersion(BGP_VERSION_NUM)
adv_caps = open_msg.opt_param
for cap in adv_caps:
if cap.cap_code == BGP_CAP_ROUTE_REFRESH:
rr_cap_adv = cap
elif cap.cap_code == BGP_CAP_ENHANCED_ROUTE_REFRESH:
err_cap_adv = cap
# If either RTC or RR/ERR are MUST capability if peer does not support
# either one of them we have to end session as we have to request peer
# to send prefixes for new VPNs that may be created automatically.
# TODO(PH): Check with experts if error is suitable in this case
if not (rr_cap_adv or err_cap_adv or
self._check_route_fmly_adv(open_msg, RF_RTC_UC)):
raise bgp.UnsupportedOptParam()
def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.TYPE_CODE == Open.TYPE_CODE
# Validate remote ASN.
remote_asnum = open_msg.asnum
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum) or
remote_asnum != self._peer.remote_as):
raise exceptions.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise exceptions.UnsupportedVersion(BGP_VERSION_NUM)
adv_caps = open_msg.caps
rr_cap_adv = adv_caps.get(RouteRefreshCap.CODE)
err_cap_adv = adv_caps.get(EnhancedRouteRefreshCap.CODE)
# If either RTC or RR/ERR are MUST capability if peer does not support
# either one of them we have to end session as we have to request peer
# to send prefixes for new VPNs that may be created automatically.
# TODO(PH): Check with experts if error is suitable in this case
if not (rr_cap_adv or err_cap_adv or
self._check_route_fmly_adv(open_msg, RF_RTC_UC)):
raise exceptions.UnsupportedOptParam()
def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.type == BGP_MSG_OPEN
# Validate remote ASN.
remote_asnum = open_msg.my_as
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum)
or remote_asnum != self._peer.remote_as):
raise bgp.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise bgp.UnsupportedVersion(BGP_VERSION_NUM)
adv_caps = open_msg.opt_param
for cap in adv_caps:
if cap.cap_code == BGP_CAP_ROUTE_REFRESH:
rr_cap_adv = cap
elif cap.cap_code == BGP_CAP_ENHANCED_ROUTE_REFRESH:
err_cap_adv = cap
# If either RTC or RR/ERR are MUST capability if peer does not support
# either one of them we have to end session as we have to request peer
# to send prefixes for new VPNs that may be created automatically.
# TODO(PH): Check with experts if error is suitable in this case
if not (rr_cap_adv or err_cap_adv
or self._check_route_fmly_adv(open_msg, RF_RTC_UC)):
raise bgp.UnsupportedOptParam()
def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.TYPE_CODE == Open.TYPE_CODE
# Validate remote ASN.
remote_asnum = open_msg.asnum
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum)
or remote_asnum != self._peer.remote_as):
raise exceptions.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise exceptions.UnsupportedVersion(BGP_VERSION_NUM)
adv_caps = open_msg.caps
rr_cap_adv = adv_caps.get(RouteRefreshCap.CODE)
err_cap_adv = adv_caps.get(EnhancedRouteRefreshCap.CODE)
# If either RTC or RR/ERR are MUST capability if peer does not support
# either one of them we have to end session as we have to request peer
# to send prefixes for new VPNs that may be created automatically.
# TODO(PH): Check with experts if error is suitable in this case
if not (rr_cap_adv or err_cap_adv
or self._check_route_fmly_adv(open_msg, RF_RTC_UC)):
raise exceptions.UnsupportedOptParam()
def validate_local_as(asn):
if asn is None:
raise MissingRequiredConf(conf_name=LOCAL_AS)
if not is_valid_old_asn(asn):
raise ConfigValueError(desc='Invalid local_as configuration value: %s'
% asn)
return asn
def validate_local_as(asn):
if asn is None:
raise MissingRequiredConf(conf_name=LOCAL_AS)
if not is_valid_old_asn(asn):
raise ConfigValueError(
desc='Invalid local_as configuration value: %s' % asn)
return asn
def __init__(self, origin_as, route_target):
Nlri.__init__(self)
# If given is not default_as and default_rt
if not (origin_as is RtNlri.DEFAULT_AS
and route_target is RtNlri.DEFAULT_RT):
# We validate them
if (not is_valid_old_asn(origin_as)
or not is_valid_ext_comm_attr(route_target)):
raise ValueError('Invalid params.')
self._origin_as = origin_as
self._route_target = route_target
def __init__(self, origin_as, route_target):
Nlri.__init__(self)
# If given is not default_as and default_rt
if not (origin_as is RtNlri.DEFAULT_AS and
route_target is RtNlri.DEFAULT_RT):
# We validate them
if (not is_valid_old_asn(origin_as) or
not is_valid_ext_comm_attr(route_target)):
raise ValueError('Invalid params.')
self._origin_as = origin_as
self._route_target = route_target
def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.type == BGP_MSG_OPEN
# Validate remote ASN.
remote_asnum = open_msg.my_as
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum)
or remote_asnum != self._peer.remote_as):
raise bgp.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise bgp.UnsupportedVersion(BGP_VERSION_NUM)
def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.type == BGP_MSG_OPEN
# Validate remote ASN.
remote_asnum = open_msg.my_as
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum) or
remote_asnum != self._peer.remote_as):
raise bgp.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise bgp.UnsupportedVersion(BGP_VERSION_NUM)
def __init__(self, version, asnum, holdtime, bgpid, caps,
unrec_params=None):
# Validate arguments.
if version < 1:
raise ValueError('Invalid version number %s' % version)
if not is_valid_old_asn(asnum):
raise ValueError('Invalid AS number %s' % asnum)
if holdtime <= 2:
raise ValueError('Holdtime has to be greater than 2 sec.')
if not caps:
raise ValueError('Invalid capabilities.')
if not is_valid_ipv4(bgpid):
raise ValueError('Invalid bgp ID, should be valid IPv4, '
'but given %s' % bgpid)
BgpMessage.__init__(self)
self._version = version
self._holdtime = holdtime
self._asnum = asnum
self._bgpid = bgpid
self._caps = caps
self._unrec_params = unrec_params
if not unrec_params:
self._unrec_params = OrderedDict()
def test_is_valid_old_asn_negative(self):
eq_(False, validation.is_valid_old_asn(-1))
def test_is_valid_old_asn(self):
ok_(validation.is_valid_old_asn(65000))
def validate_remote_as(asn):
if not is_valid_old_asn(asn):
raise ConfigValueError(desc="Invalid remote as value %s" % asn)
return asn
def validate_cap_rtc_as(rtc_as):
if not is_valid_old_asn(rtc_as):
raise ConfigValueError(desc='Invalid RTC AS configuration value: %s'
% rtc_as)
return rtc_as
def test_is_valid_old_asn(self):
ok_(validation.is_valid_old_asn(65000))
def test_is_valid_old_asn_over(self):
eq_(False, validation.is_valid_old_asn(0xffff + 1))
def test_is_valid_old_asn_over(self):
eq_(False, validation.is_valid_old_asn(0xFFFF + 1))
def test_is_valid_old_asn_negative(self):
eq_(False, validation.is_valid_old_asn(-1))
def validate_cap_rtc_as(rtc_as):
if not is_valid_old_asn(rtc_as):
raise ConfigValueError(desc='Invalid RTC AS configuration value: %s' %
rtc_as)
return rtc_as
def validate_remote_as(asn):
if not is_valid_old_asn(asn):
raise ConfigValueError(desc='Invalid remote as value %s' % asn)
return asn
