Merge branch 'master' into dev

configure.in

@@ -114,6 +114,10 @@ else
 				;;
 		ipv4:freebsd*)	sysdesc=bsd
 				;;
+		ipv6:openbsd*)	sysdesc=bsd-v6
+				;;
+		ipv4:openbsd*)	sysdesc=bsd
+				;;
 		*)		AC_MSG_ERROR([Cannot determine correct system configuration. Please use --with-sysconfig to set it manually.])
 				;;
 		esac

doc/bird.sgml

@@ -435,7 +435,7 @@ This argument can be omitted if there exists only a single instance.
 	<tag>show symbols</tag>
 	Show the list of symbols defined in the configuration (names of protocols, routing tables etc.).
 
-	<tag>show route [[for] <m/prefix/|<m/IP/] [table <m/sym/] [filter <m/f/|where <m/c/] [(import|preimport) <m/p/] [<m/options/]</tag>
+	<tag>show route [[for] <m/prefix/|<m/IP/] [table <m/sym/] [filter <m/f/|where <m/c/] [(import|preimport) <m/p/] [protocol <m/p/] [<m/options/]</tag>
 	Show contents of a routing table (by default of the main one),
 	that is routes, their metrics and (in case the <cf/all/ switch is given)
 	all their attributes.
@@ -454,6 +454,9 @@ This argument can be omitted if there exists only a single instance.
 	that are imported to the specified protocol. With <cf/preimport/, the
 	import filter of the protocol is skipped.
 
+	<p>You can also select just routes added by a specific protocol.
+	<cf>protocol <m/p/</cf>.
+
 	<p>The <cf/stats/ switch requests showing of route statistics (the
 	number of networks, number of routes before and after filtering). If
 	you use <cf/count/ instead, only the statistics will be printed.

nest/config.Y

@@ -56,7 +56,7 @@ CF_ENUM(T_ENUM_RTD, RTD_, ROUTER, DEVICE, BLACKHOLE, UNREACHABLE, PROHIBIT)
 %type <r> rtable
 %type <s> optsym
 %type <ra> r_args
-%type <i> echo_mask echo_size debug_mask debug_list debug_flag import_or_proto
+%type <i> echo_mask echo_size debug_mask debug_list debug_flag import_or_preimport
 %type <t> proto_patt
 
 CF_GRAMMAR
@@ -298,7 +298,7 @@ CF_CLI(SHOW INTERFACES,,, [[Show network interfaces]])
 CF_CLI(SHOW INTERFACES SUMMARY,,, [[Show summary of network interfaces]])
 { if_show_summary(); } ;
 
-CF_CLI(SHOW ROUTE, r_args, [[[<prefix>|for <prefix>|for <ip>] [table <t>] [filter <f>|where <cond>] [all] [primary] [(import|protocol) <p>] [stats|count]]], [[Show routing table]])
+CF_CLI(SHOW ROUTE, r_args, [[[<prefix>|for <prefix>|for <ip>] [table <t>] [filter <f>|where <cond>] [all] [primary] [(import|preimport) <p>] [protocol <p>] [stats|count]]], [[Show routing table]])
 { rt_show($3); } ;
 
 r_args:
@@ -344,7 +344,7 @@ r_args:
      $$ = $1;
      $$->primary_only = 1;
    }
- | r_args import_or_proto SYM {
+ | r_args import_or_preimport SYM {
      struct proto_config *c = (struct proto_config *) $3->def;
      $$ = $1;
      if ($$->import_mode) cf_error("Protocol specified twice");
@@ -354,6 +354,14 @@ r_args:
      $$->import_protocol = c->proto;
      $$->running_on_config = c->proto->cf->global;
    }
+ | r_args PROTOCOL SYM {
+     struct proto_config *c = (struct proto_config *) $3->def;
+     $$ = $1;
+     if ($$->show_protocol) cf_error("Protocol specified twice");
+     if ($3->class != SYM_PROTO || !c->proto) cf_error("%s is not a protocol", $3->name);
+     $$->show_protocol = c->proto;
+     $$->running_on_config = c->proto->cf->global;
+   }
  | r_args STATS {
      $$ = $1;
      $$->stats = 1;
@@ -364,7 +372,7 @@ r_args:
    }
  ;
 
-import_or_proto:
+import_or_preimport:
    PREIMPORT { $$ = 1; }
  | IMPORT { $$ = 2; }
  ;

nest/route.h

@@ -211,6 +211,7 @@ struct rt_show_data {
   struct filter *filter;
   int verbose;
   struct fib_iterator fit;
+  struct proto *show_protocol;
   struct proto *import_protocol;
   int import_mode, primary_only;
   struct config *running_on_config;

nest/rt-table.c

@@ -979,11 +979,13 @@ rt_show_net(struct cli *c, net *n, struct rt_show_data *d)
       struct ea_list *tmpa, *old_tmpa;
       struct proto *p0 = e->attrs->proto;
       struct proto *p1 = d->import_protocol;
+      struct proto *p2 = d->show_protocol;
       d->rt_counter++;
       ee = e;
       rte_update_lock();		/* We use the update buffer for filtering */
       old_tmpa = tmpa = p0->make_tmp_attrs ? p0->make_tmp_attrs(e, rte_update_pool) : NULL;
       ok = (d->filter == FILTER_ACCEPT || f_run(d->filter, &e, &tmpa, rte_update_pool, FF_FORCE_TMPATTR) <= F_ACCEPT);
+      if (p2 && p2 != p0) ok = 0;
       if (ok && d->import_mode)
 	{
 	  int ic = (p1->import_control ? p1->import_control(p1, &e, &tmpa, rte_update_pool) : 0);

sysdep/autoconf.h.in

@@ -54,3 +54,7 @@
 
 /* struct sockaddr_in(6) */
 #undef HAVE_SIN_LEN
+
+/* We have stdint.h */
+#undef HAVE_STDINT_H
+

sysdep/bsd/sysio.h

@@ -74,3 +74,48 @@ sysio_mcast_join(sock * s)
 }
 
 #endif
+
+
+#include <netinet/tcp.h>
+#ifndef TCP_KEYLEN_MAX
+#define TCP_KEYLEN_MAX 80
+#endif
+#ifndef TCP_SIG_SPI
+#define TCP_SIG_SPI 0x1000
+#endif
+
+/* 
+ * FIXME: Passwords has to be set by setkey(8) command. This is the same
+ * behaviour like Quagga. We need to add code for SA/SP entries
+ * management.
+ */
+
+static int
+sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd)
+{
+  int enable = 0;
+  if (passwd)
+    {
+      int len = strlen(passwd);
+
+      enable = len ? TCP_SIG_SPI : 0;
+
+      if (len > TCP_KEYLEN_MAX)
+	{
+	  log(L_ERR "MD5 password too long");
+	  return -1;
+	}
+    }
+
+  int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &enable, sizeof(enable));
+
+  if (rv < 0) 
+    {
+      if (errno == ENOPROTOOPT)
+	log(L_ERR "Kernel does not support TCP MD5 signatures");
+      else
+	log(L_ERR "sk_set_md5_auth_int: setsockopt: %m");
+    }
+
+  return rv;
+}

sysdep/linux/sysio.h

@@ -160,3 +160,38 @@ struct tcp_md5sig {
 };
 
 #endif
+
+static int
+sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd)
+{
+  struct tcp_md5sig md5;
+
+  memset(&md5, 0, sizeof(md5));
+  memcpy(&md5.tcpm_addr, (struct sockaddr *) sa, sizeof(*sa));
+
+  if (passwd)
+    {
+      int len = strlen(passwd);
+
+      if (len > TCP_MD5SIG_MAXKEYLEN)
+	{
+	  log(L_ERR "MD5 password too long");
+	  return -1;
+	}
+
+      md5.tcpm_keylen = len;
+      memcpy(&md5.tcpm_key, passwd, len);
+    }
+
+  int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &md5, sizeof(md5));
+
+  if (rv < 0) 
+    {
+      if (errno == ENOPROTOOPT)
+	log(L_ERR "Kernel does not support TCP MD5 signatures");
+      else
+	log(L_ERR "sk_set_md5_auth_int: setsockopt: %m");
+    }
+
+  return rv;
+}

sysdep/unix/endian.h

@@ -13,5 +13,8 @@
 
 #include <sys/types.h>
 #include <netinet/in.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
 
 #endif

sysdep/unix/io.c

@@ -738,43 +738,6 @@ sk_set_ttl(sock *s, int ttl)
 }
 
 
-/* FIXME: check portability  */
-
-static int
-sk_set_md5_auth_int(sock *s, sockaddr *sa, char *passwd)
-{
-  struct tcp_md5sig md5;
-
-  memset(&md5, 0, sizeof(md5));
-  memcpy(&md5.tcpm_addr, (struct sockaddr *) sa, sizeof(*sa));
-
-  if (passwd)
-    {
-      int len = strlen(passwd);
-
-      if (len > TCP_MD5SIG_MAXKEYLEN)
-	{
-	  log(L_ERR "MD5 password too long");
-	  return -1;
-	}
-
-      md5.tcpm_keylen = len;
-      memcpy(&md5.tcpm_key, passwd, len);
-    }
-
-  int rv = setsockopt(s->fd, IPPROTO_TCP, TCP_MD5SIG, &md5, sizeof(md5));
-
-  if (rv < 0) 
-    {
-      if (errno == ENOPROTOOPT)
-	log(L_ERR "Kernel does not support TCP MD5 signatures");
-      else
-	log(L_ERR "sk_set_md5_auth_int: setsockopt: %m");
-    }
-
-  return rv;
-}
-
 /**
  * sk_set_md5_auth - add / remove MD5 security association for given socket.
  * @s: socket

sysdep/unix/krt.c

@@ -637,8 +637,8 @@ krt_got_route_async(struct krt_proto *p, rte *e, int new UNUSED)
       DBG("It's a redirect, kill him! Kill! Kill!\n");
       krt_set_notify(p, net, NULL, e);
       break;
-    case KRT_SRC_ALIEN:
 #ifdef KRT_ALLOW_LEARN
+    case KRT_SRC_ALIEN:
       if (KRT_CF->learn)
 	{
 	  krt_learn_async(p, e, new);