Remove the AFI dependency for ASPA

The AFI was removed from the ASPA profile so don't expect it anymore.
Now RTR is still using an old idea of ASPA profile so there just
duplicate the object once for IPv4 and once for IPv6. At some points
SIDROPS may finally fix this but for now this allows to export ASPA
objects that follow the rpki-client JSON (which no longer has the
AFI in the ASPA table).

cmd/rtrdump/rtrdump.go

@@ -117,22 +117,14 @@ func (c *Client) HandlePDU(cs *rtr.ClientSession, pdu rtr.PDU) {
 
 	case *rtr.PDUASPA:
 		if c.Data.ASPA == nil {
-			c.Data.ASPA = &prefixfile.ProviderAuthorizationsJson{
-				IPv4: make([]prefixfile.ASPAJson, 0),
-				IPv6: make([]prefixfile.ASPAJson, 0),
-			}
+			c.Data.ASPA = make([]prefixfile.ASPAJson, 0)
 		}
 		aj := prefixfile.ASPAJson{
 			CustomerAsid: pdu.CustomerASNumber,
 			Providers:    pdu.ProviderASNumbers,
 		}
 
-		switch pdu.AFIFlags {
-		case rtr.AFI_IPv4:
-			c.Data.ASPA.IPv4 = append(c.Data.ASPA.IPv4, aj)
-		case rtr.AFI_IPv6:
-			c.Data.ASPA.IPv6 = append(c.Data.ASPA.IPv6, aj)
-		}
+		c.Data.ASPA = append(c.Data.ASPA, aj)
 
 		if *LogDataPDU {
 			log.Debugf("Received: %v", pdu)

cmd/stayrtr/stayrtr.go

@@ -200,7 +200,7 @@ func isValidPrefixLength(prefix *net.IPNet, maxLength uint8) bool {
 // Will return a deduped slice, as well as total VRPs, IPv4 VRPs, IPv6 VRPs, BGPsec Keys and ASPA records
 func processData(vrplistjson []prefixfile.VRPJson,
 	brklistjson []prefixfile.BgpSecKeyJson,
-	aspajson *prefixfile.ProviderAuthorizationsJson) /*Export*/ ([]rtr.VRP, []rtr.BgpsecKey, []rtr.VAP, int, int, int) {
+	aspajson []prefixfile.ASPAJson) /*Export*/ ([]rtr.VRP, []rtr.BgpsecKey, []rtr.VAP, int, int, int) {
 	//
 	filterDuplicates := make(map[string]bool)
 
@@ -314,15 +314,12 @@ func processData(vrplistjson []prefixfile.VRPJson,
 		})
 	}
 
-	if aspajson != nil {
-		aspalist = handleASPAList(aspajson.IPv4, NowUnix, aspalist, rtr.AFI_IPv4)
-		aspalist = handleASPAList(aspajson.IPv6, NowUnix, aspalist, rtr.AFI_IPv6)
-	}
+	aspalist = handleASPAList(aspajson, NowUnix, aspalist)
 
 	return vrplist, brklist, aspalist, countv4 + countv6, countv4, countv6
 }
 
-func handleASPAList(list []prefixfile.ASPAJson, NowUnix int64, aspalist []rtr.VAP, AFI uint8) []rtr.VAP {
+func handleASPAList(list []prefixfile.ASPAJson, NowUnix int64, aspalist []rtr.VAP) []rtr.VAP {
 	for _, v := range list {
 		if v.Expires != nil {
 			if NowUnix > *v.Expires {
@@ -337,7 +334,6 @@ func handleASPAList(list []prefixfile.ASPAJson, NowUnix int64, aspalist []rtr.VA
 		})
 
 		aspalist = append(aspalist, rtr.VAP{
-			AFI:         AFI,
 			CustomerASN: v.CustomerAsid,
 			Providers:   v.Providers,
 		})
@@ -369,10 +365,7 @@ func (s *state) updateFromNewState() error {
 	}
 	aspajson := s.lastdata.ASPA
 	if aspajson == nil {
-		aspajson = &prefixfile.ProviderAuthorizationsJson{
-			IPv4: make([]prefixfile.ASPAJson, 0),
-			IPv6: make([]prefixfile.ASPAJson, 0),
-		}
+		aspajson = make([]prefixfile.ASPAJson, 0)
 	}
 
 	buildtime, err := time.Parse(time.RFC3339, s.lastdata.Metadata.Buildtime)
@@ -391,7 +384,7 @@ func (s *state) updateFromNewState() error {
 	}
 
 	if s.slurm != nil {
-		vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson, log.StandardLogger())
+		vrpsjson, aspajson, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson, bgpsecjson, log.StandardLogger())
 	}
 
 	vrps, brks, vaps, count, countv4, countv6 := processData(vrpsjson, bgpsecjson, aspajson)
@@ -414,10 +407,7 @@ func (s *state) reloadFromCurrentState() error {
 	}
 	aspajson := s.lastdata.ASPA
 	if aspajson == nil {
-		aspajson = &prefixfile.ProviderAuthorizationsJson{
-			IPv4: make([]prefixfile.ASPAJson, 0),
-			IPv6: make([]prefixfile.ASPAJson, 0),
-		}
+		aspajson = make([]prefixfile.ASPAJson, 0)
 	}
 
 	buildtime, err := time.Parse(time.RFC3339, s.lastdata.Metadata.Buildtime)
@@ -436,7 +426,7 @@ func (s *state) reloadFromCurrentState() error {
 	}
 
 	if s.slurm != nil {
-		vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson, log.StandardLogger())
+		vrpsjson, aspajson, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson, bgpsecjson, log.StandardLogger())
 	}
 
 	vrps, brks, vaps, count, countv4, countv6 := processData(vrpsjson, bgpsecjson, aspajson)
@@ -449,7 +439,7 @@ func (s *state) reloadFromCurrentState() error {
 
 func (s *state) applyUpdateFromNewState(vrps []rtr.VRP, brks []rtr.BgpsecKey, vaps []rtr.VAP,
 	sessid uint16,
-	vrpsjson []prefixfile.VRPJson, brksjson []prefixfile.BgpSecKeyJson, aspajson *prefixfile.ProviderAuthorizationsJson,
+	vrpsjson []prefixfile.VRPJson, brksjson []prefixfile.BgpSecKeyJson, aspajson []prefixfile.ASPAJson,
 	countv4 int, countv6 int) error {
 
 	SDs := make([]rtr.SendableData, 0)

lib/server.go

@@ -985,7 +985,6 @@ func (brk *BgpsecKey) GetFlag() uint8 {
 
 type VAP struct {
 	Flags       uint8
-	AFI         uint8
 	CustomerASN uint32
 	Providers   []uint32
 }
@@ -995,11 +994,11 @@ func (vap *VAP) Type() string {
 }
 
 func (vap *VAP) String() string {
-	return fmt.Sprintf("ASPA AS%v -> AFI %d, Providers: %v", vap.CustomerASN, vap.AFI, vap.Providers)
+	return fmt.Sprintf("ASPA AS%v -> Providers: %v", vap.CustomerASN, vap.Providers)
 }
 
 func (vap *VAP) HashKey() string {
-	return fmt.Sprintf("%v-%x-%v", vap.CustomerASN, vap.AFI, vap.Providers)
+	return fmt.Sprintf("%v-%v", vap.CustomerASN, vap.Providers)
 }
 
 func (r1 *VAP) Equals(r2 SendableData) bool {
@@ -1014,7 +1013,6 @@ func (r1 *VAP) Equals(r2 SendableData) bool {
 func (vap *VAP) Copy() SendableData {
 	cop := VAP{
 		CustomerASN: vap.CustomerASN,
-		AFI:         vap.AFI,
 		Flags:       vap.Flags,
 		Providers:   make([]uint32, 0),
 	}
@@ -1125,15 +1123,24 @@ func (c *Client) SendData(sd SendableData) {
 			return
 		}
 
-		pdu := &PDUASPA{
+		pdu4 := &PDUASPA{
 			Version:           c.version,
 			Flags:             t.Flags,
-			AFIFlags:          t.AFI,
+			AFIFlags:          AFI_IPv4,
 			ProviderASCount:   uint16(len(t.Providers)),
 			CustomerASNumber:  t.CustomerASN,
 			ProviderASNumbers: t.Providers,
 		}
-		c.SendPDU(pdu)
+		pdu6 := &PDUASPA{
+			Version:           c.version,
+			Flags:             t.Flags,
+			AFIFlags:          AFI_IPv6,
+			ProviderASCount:   uint16(len(t.Providers)),
+			CustomerASNumber:  t.CustomerASN,
+			ProviderASNumbers: t.Providers,
+		}
+		c.SendPDU(pdu4)
+		c.SendPDU(pdu6)
 	}
 }
 

prefixfile/prefixfile.go

@@ -36,7 +36,7 @@ type VRPList struct {
 	Metadata   MetaData                    `json:"metadata,omitempty"`
 	Data       []VRPJson                   `json:"roas"` // for historical reasons this is called 'roas', but should've been called vrps
 	BgpSecKeys []BgpSecKeyJson             `json:"bgpsec_keys,omitempty"`
-	ASPA       *ProviderAuthorizationsJson `json:"provider_authorizations,omitempty"`
+	ASPA       []ASPAJson                  `json:"aspas,omitempty"`
 }
 
 type BgpSecKeyJson struct {
@@ -53,11 +53,6 @@ type BgpSecKeyJson struct {
 }
 
 // ASPA
-type ProviderAuthorizationsJson struct {
-	IPv4 []ASPAJson `json:"ipv4"`
-	IPv6 []ASPAJson `json:"ipv6"`
-}
-
 type ASPAJson struct {
 	CustomerAsid uint32   `json:"customer_asid"`
 	Expires      *int64   `json:"expires,omitempty"`

prefixfile/slurm.go

@@ -263,24 +263,20 @@ func (s *SlurmLocallyAddedAssertions) AssertVRPs() []VRPJson {
 	return vrps
 }
 
-func (s *SlurmLocallyAddedAssertions) AssertVAPs() (v4, v6 []ASPAJson) {
-	vapsv4, vapsv6 := make([]ASPAJson, 0), make([]ASPAJson, 0)
+func (s *SlurmLocallyAddedAssertions) AssertVAPs() []ASPAJson {
+	vaps := make([]ASPAJson, 0)
 
 	if s.AspaAssertions == nil || len(s.AspaAssertions) == 0 {
-		return vapsv4, vapsv6
+		return vaps
 	}
 	for _, assertion := range s.AspaAssertions {
 		vap := ASPAJson{
 			CustomerAsid: assertion.CustomerASNid,
 			Providers:    assertion.ProviderSet,
 		}
-		if strings.Contains(assertion.Afi, "6") {
-			vapsv6 = append(vapsv6, vap)
-		} else {
-			vapsv4 = append(vapsv4, vap)
-		}
+		vaps = append(vaps, vap)
 	}
-	return vapsv4, vapsv6
+	return vaps
 }
 
 func (s *SlurmLocallyAddedAssertions) AssertBRKs() []BgpSecKeyJson {
@@ -301,26 +297,24 @@ func (s *SlurmLocallyAddedAssertions) AssertBRKs() []BgpSecKeyJson {
 	return brks
 }
 
-func (s *SlurmConfig) GetAssertions() (vrps []VRPJson, VAPv4, VAPv6 []ASPAJson, BRKs []BgpSecKeyJson) {
+func (s *SlurmConfig) GetAssertions() (vrps []VRPJson, vaps []ASPAJson, BRKs []BgpSecKeyJson) {
 	vrps = s.LocallyAddedAssertions.AssertVRPs()
-	VAPv4, VAPv6 = s.LocallyAddedAssertions.AssertVAPs()
+	vaps = s.LocallyAddedAssertions.AssertVAPs()
 	BRKs = s.LocallyAddedAssertions.AssertBRKs()
 	return
 }
 
-func (s *SlurmConfig) FilterAssert(vrps []VRPJson, VAPv4, VAPv6 []ASPAJson, BRKs []BgpSecKeyJson, log Logger) (
-	ovrps []VRPJson, oVAPv4, oVAPv6 []ASPAJson, oBRKs []BgpSecKeyJson) {
+func (s *SlurmConfig) FilterAssert(vrps []VRPJson, vaps []ASPAJson, BRKs []BgpSecKeyJson, log Logger) (
+	ovrps []VRPJson, ovaps []ASPAJson, oBRKs []BgpSecKeyJson) {
 	//
 	filteredVRPs, removedVRPs := s.ValidationOutputFilters.FilterOnVRPs(vrps)
-	filteredVAP4s, removedVAP4s := s.ValidationOutputFilters.FilterOnVAPs(VAPv4, false)
-	filteredVAP6s, removedVAP6s := s.ValidationOutputFilters.FilterOnVAPs(VAPv6, true)
+	filteredVAPs, removedVAPs := s.ValidationOutputFilters.FilterOnVAPs(vaps, false)
 	filteredBRKs, removedBRKs := s.ValidationOutputFilters.FilterOnBRKs(BRKs)
 
-	assertVRPs, assertVAP4, assertVAP6, assertBRKs := s.GetAssertions()
+	assertVRPs, assertVAPs, assertBRKs := s.GetAssertions()
 
 	ovrps = append(filteredVRPs, assertVRPs...)
-	oVAPv4 = append(filteredVAP4s, assertVAP4...)
-	oVAPv6 = append(filteredVAP6s, assertVAP6...)
+	ovaps = append(filteredVAPs, assertVAPs...)
 	oBRKs = append(filteredBRKs, assertBRKs...)
 
 	if log != nil {
@@ -333,8 +327,7 @@ func (s *SlurmConfig) FilterAssert(vrps []VRPJson, VAPv4, VAPv6 []ASPAJson, BRKs
 		}
 
 		if len(s.ValidationOutputFilters.AspaFilters) != 0 {
-			log.Infof("Slurm ASPA v4 filtering: %v kept, %v removed, %v asserted", len(filteredVAP4s), len(removedVAP4s), len(oVAPv4))
-			log.Infof("Slurm ASPA v6 filtering: %v kept, %v removed, %v asserted", len(filteredVAP6s), len(removedVAP6s), len(oVAPv6))
+			log.Infof("Slurm ASPA filtering: %v kept, %v removed, %v asserted", len(filteredVAPs), len(removedVAPs), len(ovaps))
 		}
 	}
 	return

prefixfile/slurm_test.go

@@ -241,8 +241,8 @@ func TestSlurmEndToEnd(t *testing.T) {
 		panic(err)
 	}
 
-	finalVRP, _, finalASPA6, finalBgpsec :=
-		config.FilterAssert(vrplist.Data, vrplist.ASPA.IPv4, vrplist.ASPA.IPv6, vrplist.BgpSecKeys, nil)
+	finalVRP, finalASPA, finalBgpsec :=
+		config.FilterAssert(vrplist.Data, vrplist.ASPA, vrplist.BgpSecKeys, nil)
 
 	foundAssertVRP := false
 	for _, vrps := range finalVRP {
@@ -259,7 +259,7 @@ func TestSlurmEndToEnd(t *testing.T) {
 	}
 
 	foundAssertVAP := false
-	for _, vaps := range finalASPA6 {
+	for _, vaps := range finalASPA {
 		if vaps.CustomerAsid == 64499 {
 			foundAssertVAP = true
 		}