import frr-7.5-11.el8

SOURCES/0008-ospf-multi-instance.patch

@@ -0,0 +1,119 @@
+diff --git a/ospfd/ospfd.c b/ospfd/ospfd.c
+index d8be19db9..6fe94f3a4 100644
+--- a/ospfd/ospfd.c
++++ b/ospfd/ospfd.c
+@@ -384,12 +384,50 @@ struct ospf *ospf_lookup_by_inst_name(unsigned short instance, const char *name)
+ 	return NULL;
+ }
+ 
+-struct ospf *ospf_get(unsigned short instance, const char *name, bool *created)
++static void ospf_init(struct ospf *ospf)
+ {
+-	struct ospf *ospf;
+ 	struct vrf *vrf;
+ 	struct interface *ifp;
+ 
++	ospf_opaque_type11_lsa_init(ospf);
++
++	if (ospf->vrf_id != VRF_UNKNOWN)
++		ospf->oi_running = 1;
++
++	/* Activate 'ip ospf area x' configured interfaces for given
++	 * vrf. Activate area on vrf x aware interfaces.
++	 * vrf_enable callback calls router_id_update which
++	 * internally will call ospf_if_update to trigger
++	 * network_run_state
++	 */
++	vrf = vrf_lookup_by_id(ospf->vrf_id);
++
++	FOR_ALL_INTERFACES (vrf, ifp) {
++		struct ospf_if_params *params;
++		struct route_node *rn;
++		uint32_t count = 0;
++
++		params = IF_DEF_PARAMS(ifp);
++		if (OSPF_IF_PARAM_CONFIGURED(params, if_area))
++			count++;
++
++		for (rn = route_top(IF_OIFS_PARAMS(ifp)); rn; rn = route_next(rn))
++			if ((params = rn->info) && OSPF_IF_PARAM_CONFIGURED(params, if_area))
++				count++;
++
++		if (count > 0) {
++			ospf_interface_area_set(ospf, ifp);
++			ospf->if_ospf_cli_count += count;
++		}
++	}
++
++	ospf_router_id_update(ospf);
++}
++
++struct ospf *ospf_get(unsigned short instance, const char *name, bool *created)
++{
++	struct ospf *ospf;
++
+ 	/* vrf name provided call inst and name based api
+ 	 * in case of no name pass default ospf instance */
+ 	if (name)
+@@ -402,39 +440,7 @@ struct ospf *ospf_get(unsigned short instance, const char *name, bool *created)
+ 		ospf = ospf_new(instance, name);
+ 		ospf_add(ospf);
+ 
+-		ospf_opaque_type11_lsa_init(ospf);
+-
+-		if (ospf->vrf_id != VRF_UNKNOWN)
+-			ospf->oi_running = 1;
+-
+-		/* Activate 'ip ospf area x' configured interfaces for given
+-		 * vrf. Activate area on vrf x aware interfaces.
+-		 * vrf_enable callback calls router_id_update which
+-		 * internally will call ospf_if_update to trigger
+-		 * network_run_state
+-		 */
+-		vrf = vrf_lookup_by_id(ospf->vrf_id);
+-
+-		FOR_ALL_INTERFACES (vrf, ifp) {
+-			struct ospf_if_params *params;
+-			struct route_node *rn;
+-			uint32_t count = 0;
+-
+-			params = IF_DEF_PARAMS(ifp);
+-			if (OSPF_IF_PARAM_CONFIGURED(params, if_area))
+-				count++;
+-
+-			for (rn = route_top(IF_OIFS_PARAMS(ifp)); rn; rn = route_next(rn))
+-				if ((params = rn->info) && OSPF_IF_PARAM_CONFIGURED(params, if_area))
+-					count++;
+-
+-			if (count > 0) {
+-				ospf_interface_area_set(ospf, ifp);
+-				ospf->if_ospf_cli_count += count;
+-			}
+-		}
+-
+-		ospf_router_id_update(ospf);
++		ospf_init(ospf);
+ 	}
+ 
+ 	return ospf;
+@@ -450,7 +456,7 @@ struct ospf *ospf_get_instance(unsigned short instance, bool *created)
+ 		ospf = ospf_new(instance, NULL /* VRF_DEFAULT*/);
+ 		ospf_add(ospf);
+ 
+-		ospf_opaque_type11_lsa_init(ospf);
++		ospf_init(ospf);
+ 	}
+ 
+ 	return ospf;
+diff --git a/ospfd/ospfd.h b/ospfd/ospfd.h
+index 192e54281..3087b735a 100644
+--- a/ospfd/ospfd.h
++++ b/ospfd/ospfd.h
+@@ -604,7 +604,6 @@ extern int ospf_nbr_nbma_poll_interval_set(struct ospf *, struct in_addr,
+ 					   unsigned int);
+ extern int ospf_nbr_nbma_poll_interval_unset(struct ospf *, struct in_addr);
+ extern void ospf_prefix_list_update(struct prefix_list *);
+-extern void ospf_init(void);
+ extern void ospf_if_update(struct ospf *, struct interface *);
+ extern void ospf_ls_upd_queue_empty(struct ospf_interface *);
+ extern void ospf_terminate(void);

SOURCES/0009-bgp-ttl-security.patch

@@ -0,0 +1,92 @@
+From 8a66632391db5f5181a4afef6aae41f48bee7fdb Mon Sep 17 00:00:00 2001
+From: Donald Sharp <sharpd@nvidia.com>
+Date: Fri, 15 Jan 2021 08:14:49 -0500
+Subject: [PATCH] bgpd: Allow peer-groups to have `ttl-security hops`
+ configured
+
+The command `neighbor PGROUP ttl-security hops X` was being
+accepted but ignored.  Allow it to be stored.  I am still
+not sure that this is applied correctly, but that is another
+problem.
+
+Fixes: #7848
+Signed-off-by: Donald Sharp <sharpd@nvidia.com>
+---
+ bgpd/bgpd.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
+index 9297ec4711c..4ebd3da0620 100644
+--- a/bgpd/bgpd.c
++++ b/bgpd/bgpd.c
+@@ -7150,6 +7150,7 @@ int is_ebgp_multihop_configured(struct peer *peer)
+ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ {
+ 	struct peer_group *group;
++	struct peer *gpeer;
+ 	struct listnode *node, *nnode;
+ 	int ret;
+ 
+@@ -7186,9 +7187,10 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 				return ret;
+ 		} else {
+ 			group = peer->group;
++			group->conf->gtsm_hops = gtsm_hops;
+ 			for (ALL_LIST_ELEMENTS(group->peer, node, nnode,
+-					       peer)) {
+-				peer->gtsm_hops = group->conf->gtsm_hops;
++					       gpeer)) {
++				gpeer->gtsm_hops = group->conf->gtsm_hops;
+ 
+ 				/* Calling ebgp multihop also resets the
+ 				 * session.
+@@ -7198,7 +7200,7 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 				 * value is
+ 				 * irrelevant.
+ 				 */
+-				peer_ebgp_multihop_set(peer, MAXTTL);
++				peer_ebgp_multihop_set(gpeer, MAXTTL);
+ 			}
+ 		}
+ 	} else {
+@@ -7219,9 +7221,10 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 					       MAXTTL + 1 - gtsm_hops);
+ 		} else {
+ 			group = peer->group;
++			group->conf->gtsm_hops = gtsm_hops;
+ 			for (ALL_LIST_ELEMENTS(group->peer, node, nnode,
+-					       peer)) {
+-				peer->gtsm_hops = group->conf->gtsm_hops;
++					       gpeer)) {
++				gpeer->gtsm_hops = group->conf->gtsm_hops;
+ 
+ 				/* Change setting of existing peer
+ 				 *   established then change value (may break
+@@ -7231,17 +7234,18 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 				 *   no session then do nothing (will get
+ 				 * handled by next connection)
+ 				 */
+-				if (peer->fd >= 0
+-				    && peer->gtsm_hops
++				if (gpeer->fd >= 0
++				    && gpeer->gtsm_hops
+ 					       != BGP_GTSM_HOPS_DISABLED)
+ 					sockopt_minttl(
+-						peer->su.sa.sa_family, peer->fd,
+-						MAXTTL + 1 - peer->gtsm_hops);
+-				if ((peer->status < Established)
+-				    && peer->doppelganger
+-				    && (peer->doppelganger->fd >= 0))
+-					sockopt_minttl(peer->su.sa.sa_family,
+-						       peer->doppelganger->fd,
++						gpeer->su.sa.sa_family,
++						gpeer->fd,
++						MAXTTL + 1 - gpeer->gtsm_hops);
++				if ((gpeer->status < Established)
++				    && gpeer->doppelganger
++				    && (gpeer->doppelganger->fd >= 0))
++					sockopt_minttl(gpeer->su.sa.sa_family,
++						       gpeer->doppelganger->fd,
+ 						       MAXTTL + 1 - gtsm_hops);
+ 			}
+ 		}

SOURCES/0010-bfd-reload.patch

@@ -0,0 +1,60 @@
+From 46a2b560fa84c5f8ece8dbb82cbf355af675ad41 Mon Sep 17 00:00:00 2001
+From: Rafael Zalamena <rzalamena@opensourcerouting.org>
+Date: Tue, 19 Jan 2021 08:49:23 -0300
+Subject: [PATCH] tools: fix frr-reload BFD profile support
+
+Fix the handling of multiple BFD profiles by adding the appropriated
+code to push/pop contexts inside BFD configuration node.
+
+Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
+---
+ tools/frr-reload.py | 28 ++++++++++++++++++++++++++++
+ 1 file changed, 28 insertions(+)
+
+diff --git a/tools/frr-reload.py b/tools/frr-reload.py
+index da005b6f874..ca6fe81f007 100755
+--- a/tools/frr-reload.py
++++ b/tools/frr-reload.py
+@@ -533,6 +533,18 @@ def load_contexts(self):
+             if line.startswith('!') or line.startswith('#'):
+                 continue
+ 
++            if (len(ctx_keys) == 2
++                and ctx_keys[0].startswith('bfd')
++                and ctx_keys[1].startswith('profile ')
++                and line == 'end'):
++                log.debug('LINE %-50s: popping from sub context, %-50s', line, ctx_keys)
++
++                if main_ctx_key:
++                    self.save_contexts(ctx_keys, current_context_lines)
++                    ctx_keys = copy.deepcopy(main_ctx_key)
++                    current_context_lines = []
++                    continue
++
+             # one line contexts
+             # there is one exception though: ldpd accepts a 'router-id' clause
+             # as part of its 'mpls ldp' config context. If we are processing
+@@ -649,6 +661,22 @@ def load_contexts(self):
+                 log.debug('LINE %-50s: entering sub-sub-context, append to ctx_keys', line)
+                 ctx_keys.append(line)
+ 
++            elif (
++                line.startswith('profile ')
++                and len(ctx_keys) == 1
++                and ctx_keys[0].startswith('bfd')
++            ):
++
++                # Save old context first
++                self.save_contexts(ctx_keys, current_context_lines)
++                current_context_lines = []
++                main_ctx_key = copy.deepcopy(ctx_keys)
++                log.debug(
++                    "LINE %-50s: entering BFD profile sub-context, append to ctx_keys",
++                    line
++                )
++                ctx_keys.append(line)
++
+             else:
+                 # Continuing in an existing context, add non-commented lines to it
+                 current_context_lines.append(line)
+

SOURCES/0011-designated-router.patch

@@ -0,0 +1,33 @@
+diff --git a/ospfd/ospf_vty.c b/ospfd/ospf_vty.c
+index 69a3e4587..57ef6029a 100644
+--- a/ospfd/ospf_vty.c
++++ b/ospfd/ospf_vty.c
+@@ -3737,6 +3737,28 @@ static void show_ip_ospf_interface_sub(struct vty *vty, struct ospf *ospf,
+ 				vty_out(vty,
+ 					"  No backup designated router on this network\n");
+ 		} else {
++			nbr = ospf_nbr_lookup_by_addr(oi->nbrs, &DR(oi));
++			if (nbr) {
++				if (use_json) {
++					json_object_string_add(
++						json_interface_sub, "drId",
++						inet_ntoa(nbr->router_id));
++					json_object_string_add(
++						json_interface_sub, "drAddress",
++						inet_ntoa(nbr->address.u
++								.prefix4));
++				} else {
++					vty_out(vty,
++						"  Designated Router (ID) %s",
++						inet_ntoa(nbr->router_id));
++					vty_out(vty,
++						" Interface Address %s\n",
++						inet_ntoa(nbr->address.u
++								.prefix4));
++				}
++			}
++			nbr = NULL;
++
+ 			nbr = ospf_nbr_lookup_by_addr(oi->nbrs, &BDR(oi));
+ 			if (nbr == NULL) {
+ 				if (!use_json)

SOURCES/0012-bfd-peers-crash.patch

@@ -0,0 +1,25 @@
+From 1d923374f64e099d734899aff219d90cb0213fa6 Mon Sep 17 00:00:00 2001
+From: Emanuele Bovisio <emanuele.bovisio@eolo.it>
+Date: Thu, 5 Nov 2020 14:27:51 +0100
+Subject: [PATCH] bfdd: fix crash on show bfd peers counters json
+
+wrong pointer passed to bfd_id_iterate function
+
+Signed-off-by: Emanuele Bovisio <emanuele.bovisio@eolo.it>
+---
+ bfdd/bfdd_vty.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bfdd/bfdd_vty.c b/bfdd/bfdd_vty.c
+index a3f1638e5f6..837a7b7d7d6 100644
+--- a/bfdd/bfdd_vty.c
++++ b/bfdd/bfdd_vty.c
+@@ -447,7 +447,7 @@ static void _display_peers_counter(struct vty *vty, char *vrfname, bool use_json
+ 
+ 	jo = json_object_new_array();
+ 	bvt.jo = jo;
+-	bfd_id_iterate(_display_peer_counter_json_iter, jo);
++	bfd_id_iterate(_display_peer_counter_json_iter, &bvt);
+ 
+ 	vty_out(vty, "%s\n", json_object_to_json_string_ext(jo, 0));
+ 	json_object_free(jo);

SPECS/frr.spec

@@ -5,7 +5,7 @@
 
 Name: frr
 Version: 7.5
-Release: 4%{?checkout}%{?dist}
+Release: 11%{?checkout}%{?dist}
 Summary: Routing daemon
 License: GPLv2+
 URL: http://www.frrouting.org
@@ -37,6 +37,11 @@ Patch0003: 0003-disable-eigrp-crypto.patch
 Patch0004: 0004-fips-mode.patch
 Patch0006: 0006-CVE-2020-12831.patch
 Patch0007: 0007-frrinit.patch
+Patch0008: 0008-ospf-multi-instance.patch
+Patch0009: 0009-bgp-ttl-security.patch
+Patch0010: 0010-bfd-reload.patch
+Patch0011: 0011-designated-router.patch
+Patch0012: 0012-bfd-peers-crash.patch
 
 %description
 FRRouting is free software that manages TCP/IP based routing protocols. It takes
@@ -197,6 +202,28 @@ make check PYTHON=%{__python3}
 %{_tmpfilesdir}/%{name}.conf
 
 %changelog
+* Wed Jan 05 2022 Michal Ruprich <mruprich@redhat.com> - 7.5-11
+- Resolves: #2034328 - Bfdd crash in metallb CI
+
+* Tue Jan 04 2022 Michal Ruprich <mruprich@redhat.com> - 7.5-10
+- Resolves: #2020878 - frr ospfd show ip ospf interface does not show designated router info
+
+* Fri Dec 10 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-9
+- Resolves: #2029958 - FRR reloader generating invalid BFD configurations, exits with error
+
+* Tue Nov 16 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-8
+- Resolves: #2021819 - Rebuilding for the new json-c
+
+* Thu Sep 30 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-7
+- Related: #1917269 - Wrong value in gating file
+
+* Fri Sep 17 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-6
+- Related: #1917269 - Incomplete patch, adding gating rules
+
+* Thu Sep 16 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-5
+- Resolves: #1979426 - Unable to configure OSPF in multi-instance mode
+- Resolves: #1917269 - vtysh running-config output not showing bgp ttl-security hops option
+
 * Tue Jan 12 2021 root - 7.5-4
 - Related: #1889323 - Fixing start-up with old config file