func TestValidate0(t *testing.T) { assert := assert.New(t) manager, _ := NewROAManager(0) manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("192.168.0.0").To4(), 24, 32, 100, "")) manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("192.168.0.0").To4(), 24, 24, 200, "")) var r config.RpkiValidationResultType tree := manager.Roas[bgp.RF_IPv4_UC] r = validateOne(tree, "192.168.0.0/24", "100") assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_VALID) r = validateOne(tree, "192.168.0.0/24", "100 200") assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_VALID) r = validateOne(tree, "192.168.0.0/24", "300") assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_INVALID) r = validateOne(tree, "192.168.0.0/25", "100") assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_VALID) r = validateOne(tree, "192.168.0.0/25", "200") assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_INVALID) r = validateOne(tree, "192.168.0.0/25", "300") assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_INVALID) }
func TestValidate5(t *testing.T) { assert := assert.New(t) manager, _ := NewROAManager(0) manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("10.0.0.0").To4(), 17, 17, 65000, "")) manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("10.0.128.0").To4(), 17, 17, 65000, "")) var r config.RpkiValidationResultType tree := manager.Roas[bgp.RF_IPv4_UC] r = validateOne(tree, "10.0.0.0/16", "65000") assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_NOT_FOUND) }
func (cli *GoBGPClient) GetROA(family bgp.RouteFamily) ([]*table.ROA, error) { rsp, err := cli.cli.GetRoa(context.Background(), &api.GetRoaRequest{ Family: uint32(family), }) if err != nil { return nil, err } roas := make([]*table.ROA, 0, len(rsp.Roas)) for _, r := range rsp.Roas { ip := net.ParseIP(r.Prefix) if ip.To4() != nil { ip = ip.To4() } afi, _ := bgp.RouteFamilyToAfiSafi(family) roa := table.NewROA(int(afi), []byte(ip), uint8(r.Prefixlen), uint8(r.Maxlen), r.As, net.JoinHostPort(r.Conf.Address, r.Conf.RemotePort)) roas = append(roas, roa) } return roas, nil }
func (c *roaManager) handleRTRMsg(client *roaClient, state *config.RpkiServerState, buf []byte) { received := &state.RpkiMessages.RpkiReceived m, err := rtr.ParseRTR(buf) if err == nil { switch msg := m.(type) { case *rtr.RTRSerialNotify: if before(client.serialNumber, msg.RTRCommon.SerialNumber) { client.enable(client.serialNumber) } else if client.serialNumber == msg.RTRCommon.SerialNumber { // nothing } else { // should not happen. try to get the whole ROAs. client.softReset() } received.SerialNotify++ case *rtr.RTRSerialQuery: case *rtr.RTRResetQuery: case *rtr.RTRCacheResponse: received.CacheResponse++ client.endOfData = false case *rtr.RTRIPPrefix: family := bgp.AFI_IP if msg.Type == rtr.RTR_IPV4_PREFIX { received.Ipv4Prefix++ } else { family = bgp.AFI_IP6 received.Ipv6Prefix++ } roa := table.NewROA(family, msg.Prefix, msg.PrefixLen, msg.MaxLen, msg.AS, client.host) if (msg.Flags & 1) == 1 { if client.endOfData { c.addROA(roa) } else { client.pendingROAs = append(client.pendingROAs, roa) } } else { c.deleteROA(roa) } case *rtr.RTREndOfData: received.EndOfData++ if client.sessionID != msg.RTRCommon.SessionID { // remove all ROAs related with the // previous session c.deleteAllROA(client.host) } client.sessionID = msg.RTRCommon.SessionID client.serialNumber = msg.RTRCommon.SerialNumber client.endOfData = true if client.timer != nil { client.timer.Stop() client.timer = nil } for _, roa := range client.pendingROAs { c.addROA(roa) } client.pendingROAs = make([]*table.ROA, 0) case *rtr.RTRCacheReset: client.softReset() received.CacheReset++ case *rtr.RTRErrorReport: received.Error++ } } else { log.WithFields(log.Fields{ "Topic": "rpki", "Host": client.host, "Error": err, }).Info("Failed to parse an RTR message") } }