def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.type == BGP_MSG_OPEN
# Validate remote ASN.
remote_asnum = open_msg.my_as
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum)
or remote_asnum != self._peer.remote_as):
raise bgp.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise bgp.UnsupportedVersion(BGP_VERSION_NUM)
adv_caps = open_msg.opt_param
for cap in adv_caps:
if cap.cap_code == BGP_CAP_ROUTE_REFRESH:
rr_cap_adv = cap
elif cap.cap_code == BGP_CAP_ENHANCED_ROUTE_REFRESH:
err_cap_adv = cap
# If either RTC or RR/ERR are MUST capability if peer does not support
# either one of them we have to end session as we have to request peer
# to send prefixes for new VPNs that may be created automatically.
# TODO(PH): Check with experts if error is suitable in this case
if not (rr_cap_adv or err_cap_adv
or self._check_route_fmly_adv(open_msg, RF_RTC_UC)):
raise bgp.UnsupportedOptParam()
def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.type == BGP_MSG_OPEN
opt_param_cap_map = open_msg.opt_param_cap_map
# Validate remote AS number.
remote_as = open_msg.my_as
# Try to get AS number from Four-Octet AS number capability.
cap4as = opt_param_cap_map.get(BGP_CAP_FOUR_OCTET_AS_NUMBER, None)
if cap4as is None:
if remote_as == AS_TRANS:
# Raise Bad Peer AS error message, if my_as is AS_TRANS
# and without Four-Octet AS number capability.
raise bgp.BadPeerAs()
self.cap_four_octet_as_number = False
else:
# Note: Even if the peer has Four-Octet AS number capability,
# keep the local capability setting
remote_as = cap4as.as_number
self.cap_four_octet_as_number = True
# Validate remote AS number with local setting.
if remote_as != self._peer.remote_as:
raise bgp.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise bgp.UnsupportedVersion(BGP_VERSION_NUM)
def _validate_open_msg(self, open_msg):
"""Validates BGP OPEN message according from application context.
Parsing modules takes care of validating OPEN message that need no
context. But here we validate it according to current application
settings. RTC or RR/ERR are MUST capability if peer does not support
either one of them we have to end session.
"""
assert open_msg.type == BGP_MSG_OPEN
# Validate remote ASN.
remote_asnum = open_msg.my_as
# Since 4byte AS is not yet supported, we validate AS as old style AS.
if (not is_valid_old_asn(remote_asnum)
or remote_asnum != self._peer.remote_as):
raise bgp.BadPeerAs()
# Validate bgp version number.
if open_msg.version != BGP_VERSION_NUM:
raise bgp.UnsupportedVersion(BGP_VERSION_NUM)