]>
Commit | Line | Data |
---|---|---|
8429abe0 RW |
1 | /* $OpenBSD$ */ |
2 | ||
3 | /* | |
4 | * Copyright (c) 2013, 2016 Renato Westphal <renato@openbsd.org> | |
5 | * Copyright (c) 2009 Michele Marchetto <michele@openbsd.org> | |
6 | * Copyright (c) 2004, 2005, 2008 Esben Norby <norby@openbsd.org> | |
7 | * | |
8 | * Permission to use, copy, modify, and distribute this software for any | |
9 | * purpose with or without fee is hereby granted, provided that the above | |
10 | * copyright notice and this permission notice appear in all copies. | |
11 | * | |
12 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |
13 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |
14 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | |
15 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
16 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |
17 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |
18 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
19 | */ | |
20 | ||
eac6e3f0 | 21 | #include <zebra.h> |
8429abe0 RW |
22 | |
23 | #include "ldpd.h" | |
24 | #include "ldpe.h" | |
25 | #include "log.h" | |
26 | ||
eac6e3f0 RW |
27 | #include "sockopt.h" |
28 | ||
8429abe0 RW |
29 | static struct iface *disc_find_iface(unsigned int, int, |
30 | union ldpd_addr *, int); | |
eac6e3f0 RW |
31 | static int session_read(struct thread *); |
32 | static int session_write(struct thread *); | |
8429abe0 RW |
33 | static ssize_t session_get_pdu(struct ibuf_read *, char **); |
34 | static void tcp_close(struct tcp_conn *); | |
35 | static struct pending_conn *pending_conn_new(int, int, union ldpd_addr *); | |
eac6e3f0 | 36 | static int pending_conn_timeout(struct thread *); |
8429abe0 RW |
37 | |
38 | int | |
39 | gen_ldp_hdr(struct ibuf *buf, uint16_t size) | |
40 | { | |
41 | struct ldp_hdr ldp_hdr; | |
42 | ||
43 | memset(&ldp_hdr, 0, sizeof(ldp_hdr)); | |
44 | ldp_hdr.version = htons(LDP_VERSION); | |
45 | /* exclude the 'Version' and 'PDU Length' fields from the total */ | |
46 | ldp_hdr.length = htons(size - LDP_HDR_DEAD_LEN); | |
eac6e3f0 | 47 | ldp_hdr.lsr_id = ldp_rtr_id_get(leconf); |
8429abe0 RW |
48 | ldp_hdr.lspace_id = 0; |
49 | ||
50 | return (ibuf_add(buf, &ldp_hdr, LDP_HDR_SIZE)); | |
51 | } | |
52 | ||
53 | int | |
54 | gen_msg_hdr(struct ibuf *buf, uint16_t type, uint16_t size) | |
55 | { | |
56 | static int msgcnt = 0; | |
57 | struct ldp_msg msg; | |
58 | ||
59 | memset(&msg, 0, sizeof(msg)); | |
60 | msg.type = htons(type); | |
61 | /* exclude the 'Type' and 'Length' fields from the total */ | |
62 | msg.length = htons(size - LDP_MSG_DEAD_LEN); | |
63 | msg.id = htonl(++msgcnt); | |
64 | ||
65 | return (ibuf_add(buf, &msg, sizeof(msg))); | |
66 | } | |
67 | ||
68 | /* send packets */ | |
69 | int | |
70 | send_packet(int fd, int af, union ldpd_addr *dst, struct iface_af *ia, | |
71 | void *pkt, size_t len) | |
72 | { | |
73 | struct sockaddr *sa; | |
74 | ||
75 | switch (af) { | |
76 | case AF_INET: | |
77 | if (ia && IN_MULTICAST(ntohl(dst->v4.s_addr))) { | |
78 | /* set outgoing interface for multicast traffic */ | |
79 | if (sock_set_ipv4_mcast(ia->iface) == -1) { | |
80 | log_debug("%s: error setting multicast " | |
81 | "interface, %s", __func__, ia->iface->name); | |
82 | return (-1); | |
83 | } | |
84 | } | |
85 | break; | |
86 | case AF_INET6: | |
87 | if (ia && IN6_IS_ADDR_MULTICAST(&dst->v6)) { | |
88 | /* set outgoing interface for multicast traffic */ | |
89 | if (sock_set_ipv6_mcast(ia->iface) == -1) { | |
90 | log_debug("%s: error setting multicast " | |
91 | "interface, %s", __func__, ia->iface->name); | |
92 | return (-1); | |
93 | } | |
94 | } | |
95 | break; | |
96 | default: | |
97 | fatalx("send_packet: unknown af"); | |
98 | } | |
99 | ||
100 | sa = addr2sa(af, dst, LDP_PORT); | |
eac6e3f0 | 101 | if (sendto(fd, pkt, len, 0, sa, sockaddr_len(sa)) == -1) { |
8429abe0 RW |
102 | log_warn("%s: error sending packet to %s", __func__, |
103 | log_sockaddr(sa)); | |
104 | return (-1); | |
105 | } | |
106 | ||
107 | return (0); | |
108 | } | |
109 | ||
110 | /* Discovery functions */ | |
eac6e3f0 RW |
111 | int |
112 | disc_recv_packet(struct thread *thread) | |
8429abe0 | 113 | { |
eac6e3f0 RW |
114 | int fd = THREAD_FD(thread); |
115 | struct thread **threadp = THREAD_ARG(thread); | |
116 | ||
8429abe0 RW |
117 | union { |
118 | struct cmsghdr hdr; | |
eac6e3f0 RW |
119 | #ifdef HAVE_STRUCT_SOCKADDR_DL |
120 | char buf[CMSG_SPACE(sizeof(struct sockaddr_dl))]; | |
121 | #else | |
122 | char buf[CMSG_SPACE(sizeof(struct in6_pktinfo))]; | |
123 | #endif | |
8429abe0 RW |
124 | } cmsgbuf; |
125 | struct msghdr m; | |
126 | struct sockaddr_storage from; | |
127 | struct iovec iov; | |
128 | char *buf; | |
eac6e3f0 | 129 | #ifndef MSG_MCAST |
8429abe0 | 130 | struct cmsghdr *cmsg; |
eac6e3f0 | 131 | #endif |
8429abe0 RW |
132 | ssize_t r; |
133 | int multicast; | |
134 | int af; | |
135 | union ldpd_addr src; | |
136 | unsigned int ifindex = 0; | |
137 | struct iface *iface; | |
138 | uint16_t len; | |
139 | struct ldp_hdr ldp_hdr; | |
140 | uint16_t pdu_len; | |
141 | struct ldp_msg msg; | |
142 | uint16_t msg_len; | |
143 | struct in_addr lsr_id; | |
144 | ||
eac6e3f0 RW |
145 | /* reschedule read */ |
146 | *threadp = thread_add_read(master, disc_recv_packet, threadp, fd); | |
8429abe0 RW |
147 | |
148 | /* setup buffer */ | |
149 | memset(&m, 0, sizeof(m)); | |
150 | iov.iov_base = buf = pkt_ptr; | |
151 | iov.iov_len = IBUF_READ_SIZE; | |
152 | m.msg_name = &from; | |
153 | m.msg_namelen = sizeof(from); | |
154 | m.msg_iov = &iov; | |
155 | m.msg_iovlen = 1; | |
156 | m.msg_control = &cmsgbuf.buf; | |
157 | m.msg_controllen = sizeof(cmsgbuf.buf); | |
158 | ||
159 | if ((r = recvmsg(fd, &m, 0)) == -1) { | |
160 | if (errno != EAGAIN && errno != EINTR) | |
161 | log_debug("%s: read error: %s", __func__, | |
162 | strerror(errno)); | |
eac6e3f0 | 163 | return (0); |
8429abe0 RW |
164 | } |
165 | ||
eac6e3f0 RW |
166 | sa2addr((struct sockaddr *)&from, &af, &src, NULL); |
167 | #ifdef MSG_MCAST | |
8429abe0 | 168 | multicast = (m.msg_flags & MSG_MCAST) ? 1 : 0; |
eac6e3f0 RW |
169 | #else |
170 | multicast = 0; | |
8429abe0 RW |
171 | for (cmsg = CMSG_FIRSTHDR(&m); cmsg != NULL; |
172 | cmsg = CMSG_NXTHDR(&m, cmsg)) { | |
eac6e3f0 RW |
173 | #if defined(HAVE_IP_PKTINFO) |
174 | if (af == AF_INET && cmsg->cmsg_level == IPPROTO_IP && | |
175 | cmsg->cmsg_type == IP_PKTINFO) { | |
176 | struct in_pktinfo *pktinfo; | |
177 | ||
178 | pktinfo = (struct in_pktinfo *)CMSG_DATA(cmsg); | |
179 | if (IN_MULTICAST(ntohl(pktinfo->ipi_addr.s_addr))) | |
180 | multicast = 1; | |
181 | break; | |
182 | } | |
183 | #elif defined(HAVE_IP_RECVDSTADDR) | |
8429abe0 | 184 | if (af == AF_INET && cmsg->cmsg_level == IPPROTO_IP && |
eac6e3f0 RW |
185 | cmsg->cmsg_type == IP_RECVDSTADDR) { |
186 | struct in_addr *addr; | |
187 | ||
188 | addr = (struct in_addr *)CMSG_DATA(cmsg); | |
189 | if (IN_MULTICAST(ntohl(addr->s_addr))) | |
190 | multicast = 1; | |
8429abe0 RW |
191 | break; |
192 | } | |
eac6e3f0 RW |
193 | #else |
194 | #error "Unsupported socket API" | |
195 | #endif | |
8429abe0 RW |
196 | if (af == AF_INET6 && cmsg->cmsg_level == IPPROTO_IPV6 && |
197 | cmsg->cmsg_type == IPV6_PKTINFO) { | |
eac6e3f0 RW |
198 | struct in6_pktinfo *pktinfo; |
199 | ||
200 | pktinfo = (struct in6_pktinfo *)CMSG_DATA(cmsg); | |
201 | if (IN6_IS_ADDR_MULTICAST(&pktinfo->ipi6_addr)) | |
202 | multicast = 1; | |
8429abe0 RW |
203 | break; |
204 | } | |
205 | } | |
eac6e3f0 RW |
206 | #endif /* MSG_MCAST */ |
207 | if (bad_addr(af, &src)) { | |
208 | log_debug("%s: invalid source address: %s", __func__, | |
209 | log_addr(af, &src)); | |
210 | return (0); | |
211 | } | |
212 | ifindex = getsockopt_ifindex(af, &m); | |
8429abe0 RW |
213 | |
214 | /* find a matching interface */ | |
215 | iface = disc_find_iface(ifindex, af, &src, multicast); | |
216 | if (iface == NULL) | |
eac6e3f0 | 217 | return (0); |
8429abe0 RW |
218 | |
219 | /* check packet size */ | |
220 | len = (uint16_t)r; | |
221 | if (len < (LDP_HDR_SIZE + LDP_MSG_SIZE) || len > LDP_MAX_LEN) { | |
222 | log_debug("%s: bad packet size, source %s", __func__, | |
223 | log_addr(af, &src)); | |
eac6e3f0 | 224 | return (0); |
8429abe0 RW |
225 | } |
226 | ||
227 | /* LDP header sanity checks */ | |
228 | memcpy(&ldp_hdr, buf, sizeof(ldp_hdr)); | |
229 | if (ntohs(ldp_hdr.version) != LDP_VERSION) { | |
230 | log_debug("%s: invalid LDP version %d, source %s", __func__, | |
231 | ntohs(ldp_hdr.version), log_addr(af, &src)); | |
eac6e3f0 | 232 | return (0); |
8429abe0 RW |
233 | } |
234 | if (ntohs(ldp_hdr.lspace_id) != 0) { | |
235 | log_debug("%s: invalid label space %u, source %s", __func__, | |
236 | ntohs(ldp_hdr.lspace_id), log_addr(af, &src)); | |
eac6e3f0 | 237 | return (0); |
8429abe0 RW |
238 | } |
239 | /* check "PDU Length" field */ | |
240 | pdu_len = ntohs(ldp_hdr.length); | |
241 | if ((pdu_len < (LDP_HDR_PDU_LEN + LDP_MSG_SIZE)) || | |
242 | (pdu_len > (len - LDP_HDR_DEAD_LEN))) { | |
243 | log_debug("%s: invalid LDP packet length %u, source %s", | |
244 | __func__, ntohs(ldp_hdr.length), log_addr(af, &src)); | |
eac6e3f0 | 245 | return (0); |
8429abe0 RW |
246 | } |
247 | buf += LDP_HDR_SIZE; | |
248 | len -= LDP_HDR_SIZE; | |
249 | ||
250 | lsr_id.s_addr = ldp_hdr.lsr_id; | |
251 | ||
252 | /* | |
253 | * For UDP, we process only the first message of each packet. This does | |
254 | * not impose any restrictions since LDP uses UDP only for sending Hello | |
255 | * packets. | |
256 | */ | |
257 | memcpy(&msg, buf, sizeof(msg)); | |
258 | ||
259 | /* check "Message Length" field */ | |
260 | msg_len = ntohs(msg.length); | |
261 | if (msg_len < LDP_MSG_LEN || ((msg_len + LDP_MSG_DEAD_LEN) > pdu_len)) { | |
262 | log_debug("%s: invalid LDP message length %u, source %s", | |
263 | __func__, ntohs(msg.length), log_addr(af, &src)); | |
eac6e3f0 | 264 | return (0); |
8429abe0 RW |
265 | } |
266 | buf += LDP_MSG_SIZE; | |
267 | len -= LDP_MSG_SIZE; | |
268 | ||
269 | /* switch LDP packet type */ | |
270 | switch (ntohs(msg.type)) { | |
271 | case MSG_TYPE_HELLO: | |
272 | recv_hello(lsr_id, &msg, af, &src, iface, multicast, buf, len); | |
273 | break; | |
274 | default: | |
275 | log_debug("%s: unknown LDP packet type, source %s", __func__, | |
276 | log_addr(af, &src)); | |
277 | } | |
eac6e3f0 RW |
278 | |
279 | return (0); | |
8429abe0 RW |
280 | } |
281 | ||
282 | static struct iface * | |
283 | disc_find_iface(unsigned int ifindex, int af, union ldpd_addr *src, | |
284 | int multicast) | |
285 | { | |
286 | struct iface *iface; | |
287 | struct iface_af *ia; | |
288 | struct if_addr *if_addr; | |
289 | in_addr_t mask; | |
290 | ||
291 | iface = if_lookup(leconf, ifindex); | |
292 | if (iface == NULL) | |
293 | return (NULL); | |
294 | ||
295 | /* | |
296 | * For unicast packets, we just need to make sure that the interface | |
297 | * is enabled for the given address-family. | |
298 | */ | |
299 | if (!multicast) { | |
300 | ia = iface_af_get(iface, af); | |
301 | if (ia->enabled) | |
302 | return (iface); | |
303 | return (NULL); | |
304 | } | |
305 | ||
306 | switch (af) { | |
307 | case AF_INET: | |
308 | LIST_FOREACH(if_addr, &iface->addr_list, entry) { | |
309 | if (if_addr->af != AF_INET) | |
310 | continue; | |
311 | ||
312 | switch (iface->type) { | |
313 | case IF_TYPE_POINTOPOINT: | |
314 | if (if_addr->dstbrd.v4.s_addr == src->v4.s_addr) | |
315 | return (iface); | |
316 | break; | |
317 | default: | |
318 | mask = prefixlen2mask(if_addr->prefixlen); | |
319 | if ((if_addr->addr.v4.s_addr & mask) == | |
320 | (src->v4.s_addr & mask)) | |
321 | return (iface); | |
322 | break; | |
323 | } | |
324 | } | |
325 | break; | |
326 | case AF_INET6: | |
327 | if (IN6_IS_ADDR_LINKLOCAL(&src->v6)) | |
328 | return (iface); | |
329 | break; | |
330 | default: | |
331 | fatalx("disc_find_iface: unknown af"); | |
332 | } | |
333 | ||
334 | return (NULL); | |
335 | } | |
336 | ||
eac6e3f0 RW |
337 | int |
338 | session_accept(struct thread *thread) | |
8429abe0 | 339 | { |
eac6e3f0 | 340 | int fd = THREAD_FD(thread); |
8429abe0 RW |
341 | struct sockaddr_storage src; |
342 | socklen_t len = sizeof(src); | |
343 | int newfd; | |
344 | int af; | |
345 | union ldpd_addr addr; | |
346 | struct nbr *nbr; | |
347 | struct pending_conn *pconn; | |
348 | ||
eac6e3f0 | 349 | newfd = accept(fd, (struct sockaddr *)&src, &len); |
8429abe0 RW |
350 | if (newfd == -1) { |
351 | /* | |
352 | * Pause accept if we are out of file descriptors, or | |
353 | * libevent will haunt us here too. | |
354 | */ | |
355 | if (errno == ENFILE || errno == EMFILE) { | |
356 | accept_pause(); | |
357 | } else if (errno != EWOULDBLOCK && errno != EINTR && | |
358 | errno != ECONNABORTED) | |
359 | log_debug("%s: accept error: %s", __func__, | |
360 | strerror(errno)); | |
eac6e3f0 | 361 | return (0); |
8429abe0 | 362 | } |
eac6e3f0 | 363 | sock_set_nonblock(newfd); |
8429abe0 | 364 | |
eac6e3f0 | 365 | sa2addr((struct sockaddr *)&src, &af, &addr, NULL); |
8429abe0 RW |
366 | |
367 | /* | |
368 | * Since we don't support label spaces, we can identify this neighbor | |
369 | * just by its source address. This way we don't need to wait for its | |
370 | * Initialization message to know who we are talking to. | |
371 | */ | |
372 | nbr = nbr_find_addr(af, &addr); | |
373 | if (nbr == NULL) { | |
374 | /* | |
375 | * According to RFC 5036, we would need to send a No Hello | |
376 | * Error Notification message and close this TCP connection | |
377 | * right now. But doing so would trigger the backoff exponential | |
378 | * timer in the remote peer, which would considerably slow down | |
379 | * the session establishment process. The trick here is to wait | |
380 | * five seconds before sending the Notification Message. There's | |
381 | * a good chance that the remote peer will send us a Hello | |
382 | * message within this interval, so it's worth waiting before | |
383 | * taking a more drastic measure. | |
384 | */ | |
385 | pconn = pending_conn_find(af, &addr); | |
386 | if (pconn) | |
387 | close(newfd); | |
388 | else | |
389 | pending_conn_new(newfd, af, &addr); | |
eac6e3f0 | 390 | return (0); |
8429abe0 RW |
391 | } |
392 | /* protection against buggy implementations */ | |
393 | if (nbr_session_active_role(nbr)) { | |
394 | close(newfd); | |
eac6e3f0 | 395 | return (0); |
8429abe0 RW |
396 | } |
397 | if (nbr->state != NBR_STA_PRESENT) { | |
398 | log_debug("%s: lsr-id %s: rejecting additional transport " | |
399 | "connection", __func__, inet_ntoa(nbr->id)); | |
400 | close(newfd); | |
eac6e3f0 | 401 | return (0); |
8429abe0 RW |
402 | } |
403 | ||
404 | session_accept_nbr(nbr, newfd); | |
eac6e3f0 RW |
405 | |
406 | return (0); | |
8429abe0 RW |
407 | } |
408 | ||
409 | void | |
410 | session_accept_nbr(struct nbr *nbr, int fd) | |
411 | { | |
eac6e3f0 | 412 | #ifdef __OpenBSD__ |
8429abe0 RW |
413 | struct nbr_params *nbrp; |
414 | int opt; | |
415 | socklen_t len; | |
416 | ||
417 | nbrp = nbr_params_find(leconf, nbr->id); | |
418 | if (nbr_gtsm_check(fd, nbr, nbrp)) { | |
419 | close(fd); | |
420 | return; | |
421 | } | |
422 | ||
423 | if (nbrp && nbrp->auth.method == AUTH_MD5SIG) { | |
424 | if (sysdep.no_pfkey || sysdep.no_md5sig) { | |
425 | log_warnx("md5sig configured but not available"); | |
426 | close(fd); | |
427 | return; | |
428 | } | |
429 | ||
430 | len = sizeof(opt); | |
431 | if (getsockopt(fd, IPPROTO_TCP, TCP_MD5SIG, &opt, &len) == -1) | |
432 | fatal("getsockopt TCP_MD5SIG"); | |
433 | if (!opt) { /* non-md5'd connection! */ | |
434 | log_warnx("connection attempt without md5 signature"); | |
435 | close(fd); | |
436 | return; | |
437 | } | |
438 | } | |
eac6e3f0 | 439 | #endif |
8429abe0 RW |
440 | |
441 | nbr->tcp = tcp_new(fd, nbr); | |
442 | nbr_fsm(nbr, NBR_EVT_MATCH_ADJ); | |
443 | } | |
444 | ||
eac6e3f0 RW |
445 | static int |
446 | session_read(struct thread *thread) | |
8429abe0 | 447 | { |
eac6e3f0 RW |
448 | int fd = THREAD_FD(thread); |
449 | struct nbr *nbr = THREAD_ARG(thread); | |
8429abe0 RW |
450 | struct tcp_conn *tcp = nbr->tcp; |
451 | struct ldp_hdr *ldp_hdr; | |
452 | struct ldp_msg *msg; | |
eac6e3f0 | 453 | char *buf = NULL, *pdu; |
8429abe0 RW |
454 | ssize_t n, len; |
455 | uint16_t pdu_len, msg_len, msg_size, max_pdu_len; | |
456 | int ret; | |
457 | ||
eac6e3f0 | 458 | tcp->rev = thread_add_read(master, session_read, nbr, fd); |
8429abe0 RW |
459 | |
460 | if ((n = read(fd, tcp->rbuf->buf + tcp->rbuf->wpos, | |
461 | sizeof(tcp->rbuf->buf) - tcp->rbuf->wpos)) == -1) { | |
462 | if (errno != EINTR && errno != EAGAIN) { | |
463 | log_warn("%s: read error", __func__); | |
464 | nbr_fsm(nbr, NBR_EVT_CLOSE_SESSION); | |
eac6e3f0 | 465 | return (0); |
8429abe0 RW |
466 | } |
467 | /* retry read */ | |
eac6e3f0 | 468 | return (0); |
8429abe0 RW |
469 | } |
470 | if (n == 0) { | |
471 | /* connection closed */ | |
472 | log_debug("%s: connection closed by remote end", __func__); | |
473 | nbr_fsm(nbr, NBR_EVT_CLOSE_SESSION); | |
eac6e3f0 | 474 | return (0); |
8429abe0 RW |
475 | } |
476 | tcp->rbuf->wpos += n; | |
477 | ||
478 | while ((len = session_get_pdu(tcp->rbuf, &buf)) > 0) { | |
479 | pdu = buf; | |
480 | ldp_hdr = (struct ldp_hdr *)pdu; | |
481 | if (ntohs(ldp_hdr->version) != LDP_VERSION) { | |
482 | session_shutdown(nbr, S_BAD_PROTO_VER, 0, 0); | |
483 | free(buf); | |
eac6e3f0 | 484 | return (0); |
8429abe0 RW |
485 | } |
486 | ||
487 | pdu_len = ntohs(ldp_hdr->length); | |
488 | /* | |
489 | * RFC 5036 - Section 3.5.3: | |
490 | * "Prior to completion of the negotiation, the maximum | |
491 | * allowable length is 4096 bytes". | |
492 | */ | |
493 | if (nbr->state == NBR_STA_OPER) | |
494 | max_pdu_len = nbr->max_pdu_len; | |
495 | else | |
496 | max_pdu_len = LDP_MAX_LEN; | |
497 | if (pdu_len < (LDP_HDR_PDU_LEN + LDP_MSG_SIZE) || | |
498 | pdu_len > max_pdu_len) { | |
499 | session_shutdown(nbr, S_BAD_PDU_LEN, 0, 0); | |
500 | free(buf); | |
eac6e3f0 | 501 | return (0); |
8429abe0 RW |
502 | } |
503 | pdu_len -= LDP_HDR_PDU_LEN; | |
504 | if (ldp_hdr->lsr_id != nbr->id.s_addr || | |
505 | ldp_hdr->lspace_id != 0) { | |
506 | session_shutdown(nbr, S_BAD_LDP_ID, 0, 0); | |
507 | free(buf); | |
eac6e3f0 | 508 | return (0); |
8429abe0 RW |
509 | } |
510 | pdu += LDP_HDR_SIZE; | |
511 | len -= LDP_HDR_SIZE; | |
512 | ||
513 | nbr_fsm(nbr, NBR_EVT_PDU_RCVD); | |
514 | ||
515 | while (len >= LDP_MSG_SIZE) { | |
516 | uint16_t type; | |
517 | ||
518 | msg = (struct ldp_msg *)pdu; | |
519 | type = ntohs(msg->type); | |
520 | msg_len = ntohs(msg->length); | |
521 | if (msg_len < LDP_MSG_LEN || | |
522 | (msg_len + LDP_MSG_DEAD_LEN) > pdu_len) { | |
523 | session_shutdown(nbr, S_BAD_TLV_LEN, msg->id, | |
524 | msg->type); | |
525 | free(buf); | |
eac6e3f0 | 526 | return (0); |
8429abe0 RW |
527 | } |
528 | msg_size = msg_len + LDP_MSG_DEAD_LEN; | |
529 | pdu_len -= msg_size; | |
530 | ||
531 | /* check for error conditions earlier */ | |
532 | switch (type) { | |
533 | case MSG_TYPE_INIT: | |
534 | if ((nbr->state != NBR_STA_INITIAL) && | |
535 | (nbr->state != NBR_STA_OPENSENT)) { | |
536 | session_shutdown(nbr, S_SHUTDOWN, | |
537 | msg->id, msg->type); | |
538 | free(buf); | |
eac6e3f0 | 539 | return (0); |
8429abe0 RW |
540 | } |
541 | break; | |
542 | case MSG_TYPE_KEEPALIVE: | |
543 | if ((nbr->state == NBR_STA_INITIAL) || | |
544 | (nbr->state == NBR_STA_OPENSENT)) { | |
545 | session_shutdown(nbr, S_SHUTDOWN, | |
546 | msg->id, msg->type); | |
547 | free(buf); | |
eac6e3f0 | 548 | return (0); |
8429abe0 RW |
549 | } |
550 | break; | |
551 | case MSG_TYPE_ADDR: | |
552 | case MSG_TYPE_ADDRWITHDRAW: | |
553 | case MSG_TYPE_LABELMAPPING: | |
554 | case MSG_TYPE_LABELREQUEST: | |
555 | case MSG_TYPE_LABELWITHDRAW: | |
556 | case MSG_TYPE_LABELRELEASE: | |
557 | case MSG_TYPE_LABELABORTREQ: | |
558 | if (nbr->state != NBR_STA_OPER) { | |
559 | session_shutdown(nbr, S_SHUTDOWN, | |
560 | msg->id, msg->type); | |
561 | free(buf); | |
eac6e3f0 | 562 | return (0); |
8429abe0 RW |
563 | } |
564 | break; | |
565 | default: | |
566 | break; | |
567 | } | |
568 | ||
569 | /* switch LDP packet type */ | |
570 | switch (type) { | |
571 | case MSG_TYPE_NOTIFICATION: | |
572 | ret = recv_notification(nbr, pdu, msg_size); | |
573 | break; | |
574 | case MSG_TYPE_INIT: | |
575 | ret = recv_init(nbr, pdu, msg_size); | |
576 | break; | |
577 | case MSG_TYPE_KEEPALIVE: | |
578 | ret = recv_keepalive(nbr, pdu, msg_size); | |
579 | break; | |
580 | case MSG_TYPE_ADDR: | |
581 | case MSG_TYPE_ADDRWITHDRAW: | |
582 | ret = recv_address(nbr, pdu, msg_size); | |
583 | break; | |
584 | case MSG_TYPE_LABELMAPPING: | |
585 | case MSG_TYPE_LABELREQUEST: | |
586 | case MSG_TYPE_LABELWITHDRAW: | |
587 | case MSG_TYPE_LABELRELEASE: | |
588 | case MSG_TYPE_LABELABORTREQ: | |
589 | ret = recv_labelmessage(nbr, pdu, msg_size, | |
590 | type); | |
591 | break; | |
592 | default: | |
593 | log_debug("%s: unknown LDP message from nbr %s", | |
594 | __func__, inet_ntoa(nbr->id)); | |
595 | if (!(ntohs(msg->type) & UNKNOWN_FLAG)) | |
596 | send_notification_nbr(nbr, | |
597 | S_UNKNOWN_MSG, msg->id, msg->type); | |
598 | /* ignore the message */ | |
599 | ret = 0; | |
600 | break; | |
601 | } | |
602 | ||
603 | if (ret == -1) { | |
604 | /* parser failed, giving up */ | |
605 | free(buf); | |
eac6e3f0 | 606 | return (0); |
8429abe0 RW |
607 | } |
608 | ||
609 | /* Analyse the next message */ | |
610 | pdu += msg_size; | |
611 | len -= msg_size; | |
612 | } | |
613 | free(buf); | |
614 | if (len != 0) { | |
615 | session_shutdown(nbr, S_BAD_PDU_LEN, 0, 0); | |
eac6e3f0 | 616 | return (0); |
8429abe0 RW |
617 | } |
618 | } | |
eac6e3f0 RW |
619 | |
620 | return (0); | |
8429abe0 RW |
621 | } |
622 | ||
eac6e3f0 RW |
623 | static int |
624 | session_write(struct thread *thread) | |
8429abe0 | 625 | { |
eac6e3f0 | 626 | struct tcp_conn *tcp = THREAD_ARG(thread); |
8429abe0 RW |
627 | struct nbr *nbr = tcp->nbr; |
628 | ||
eac6e3f0 | 629 | tcp->wbuf.ev = NULL; |
8429abe0 RW |
630 | |
631 | if (msgbuf_write(&tcp->wbuf.wbuf) <= 0) | |
632 | if (errno != EAGAIN && nbr) | |
633 | nbr_fsm(nbr, NBR_EVT_CLOSE_SESSION); | |
634 | ||
635 | if (nbr == NULL && !tcp->wbuf.wbuf.queued) { | |
636 | /* | |
637 | * We are done sending the notification message, now we can | |
638 | * close the socket. | |
639 | */ | |
640 | tcp_close(tcp); | |
eac6e3f0 | 641 | return (0); |
8429abe0 RW |
642 | } |
643 | ||
644 | evbuf_event_add(&tcp->wbuf); | |
eac6e3f0 RW |
645 | |
646 | return (0); | |
8429abe0 RW |
647 | } |
648 | ||
649 | void | |
650 | session_shutdown(struct nbr *nbr, uint32_t status, uint32_t msg_id, | |
651 | uint32_t msg_type) | |
652 | { | |
653 | switch (nbr->state) { | |
654 | case NBR_STA_PRESENT: | |
655 | if (nbr_pending_connect(nbr)) | |
eac6e3f0 | 656 | THREAD_WRITE_OFF(nbr->ev_connect); |
8429abe0 RW |
657 | break; |
658 | case NBR_STA_INITIAL: | |
659 | case NBR_STA_OPENREC: | |
660 | case NBR_STA_OPENSENT: | |
661 | case NBR_STA_OPER: | |
662 | log_debug("%s: lsr-id %s", __func__, inet_ntoa(nbr->id)); | |
663 | ||
664 | send_notification_nbr(nbr, status, msg_id, msg_type); | |
665 | ||
666 | nbr_fsm(nbr, NBR_EVT_CLOSE_SESSION); | |
667 | break; | |
668 | default: | |
669 | fatalx("session_shutdown: unknown neighbor state"); | |
670 | } | |
671 | } | |
672 | ||
673 | void | |
674 | session_close(struct nbr *nbr) | |
675 | { | |
676 | log_debug("%s: closing session with lsr-id %s", __func__, | |
677 | inet_ntoa(nbr->id)); | |
678 | ||
679 | tcp_close(nbr->tcp); | |
680 | nbr_stop_ktimer(nbr); | |
681 | nbr_stop_ktimeout(nbr); | |
682 | nbr_stop_itimeout(nbr); | |
683 | } | |
684 | ||
685 | static ssize_t | |
686 | session_get_pdu(struct ibuf_read *r, char **b) | |
687 | { | |
688 | struct ldp_hdr l; | |
689 | size_t av, dlen, left; | |
690 | ||
691 | av = r->wpos; | |
692 | if (av < sizeof(l)) | |
693 | return (0); | |
694 | ||
695 | memcpy(&l, r->buf, sizeof(l)); | |
696 | dlen = ntohs(l.length) + LDP_HDR_DEAD_LEN; | |
697 | if (dlen > av) | |
698 | return (0); | |
699 | ||
700 | if ((*b = malloc(dlen)) == NULL) | |
701 | return (-1); | |
702 | ||
703 | memcpy(*b, r->buf, dlen); | |
704 | if (dlen < av) { | |
705 | left = av - dlen; | |
706 | memmove(r->buf, r->buf + dlen, left); | |
707 | r->wpos = left; | |
708 | } else | |
709 | r->wpos = 0; | |
710 | ||
711 | return (dlen); | |
712 | } | |
713 | ||
714 | struct tcp_conn * | |
715 | tcp_new(int fd, struct nbr *nbr) | |
716 | { | |
eac6e3f0 RW |
717 | struct tcp_conn *tcp; |
718 | struct sockaddr_storage src; | |
719 | socklen_t len = sizeof(src); | |
8429abe0 RW |
720 | |
721 | if ((tcp = calloc(1, sizeof(*tcp))) == NULL) | |
722 | fatal(__func__); | |
723 | ||
724 | tcp->fd = fd; | |
725 | evbuf_init(&tcp->wbuf, tcp->fd, session_write, tcp); | |
726 | ||
727 | if (nbr) { | |
728 | if ((tcp->rbuf = calloc(1, sizeof(struct ibuf_read))) == NULL) | |
729 | fatal(__func__); | |
730 | ||
eac6e3f0 | 731 | tcp->rev = thread_add_read(master, session_read, nbr, tcp->fd); |
8429abe0 RW |
732 | tcp->nbr = nbr; |
733 | } | |
734 | ||
eac6e3f0 RW |
735 | getsockname(fd, (struct sockaddr *)&src, &len); |
736 | sa2addr((struct sockaddr *)&src, NULL, NULL, &tcp->lport); | |
737 | getpeername(fd, (struct sockaddr *)&src, &len); | |
738 | sa2addr((struct sockaddr *)&src, NULL, NULL, &tcp->rport); | |
739 | ||
8429abe0 RW |
740 | return (tcp); |
741 | } | |
742 | ||
743 | static void | |
744 | tcp_close(struct tcp_conn *tcp) | |
745 | { | |
746 | /* try to flush write buffer */ | |
747 | msgbuf_write(&tcp->wbuf.wbuf); | |
748 | evbuf_clear(&tcp->wbuf); | |
749 | ||
750 | if (tcp->nbr) { | |
eac6e3f0 | 751 | THREAD_READ_OFF(tcp->rev); |
8429abe0 RW |
752 | free(tcp->rbuf); |
753 | tcp->nbr->tcp = NULL; | |
754 | } | |
755 | ||
756 | close(tcp->fd); | |
757 | accept_unpause(); | |
758 | free(tcp); | |
759 | } | |
760 | ||
761 | static struct pending_conn * | |
762 | pending_conn_new(int fd, int af, union ldpd_addr *addr) | |
763 | { | |
764 | struct pending_conn *pconn; | |
8429abe0 RW |
765 | |
766 | if ((pconn = calloc(1, sizeof(*pconn))) == NULL) | |
767 | fatal(__func__); | |
768 | ||
769 | pconn->fd = fd; | |
770 | pconn->af = af; | |
771 | pconn->addr = *addr; | |
8429abe0 | 772 | TAILQ_INSERT_TAIL(&global.pending_conns, pconn, entry); |
eac6e3f0 RW |
773 | pconn->ev_timeout = thread_add_timer(master, pending_conn_timeout, |
774 | pconn, PENDING_CONN_TIMEOUT); | |
8429abe0 RW |
775 | |
776 | return (pconn); | |
777 | } | |
778 | ||
779 | void | |
780 | pending_conn_del(struct pending_conn *pconn) | |
781 | { | |
eac6e3f0 | 782 | THREAD_TIMER_OFF(pconn->ev_timeout); |
8429abe0 RW |
783 | TAILQ_REMOVE(&global.pending_conns, pconn, entry); |
784 | free(pconn); | |
785 | } | |
786 | ||
787 | struct pending_conn * | |
788 | pending_conn_find(int af, union ldpd_addr *addr) | |
789 | { | |
790 | struct pending_conn *pconn; | |
791 | ||
792 | TAILQ_FOREACH(pconn, &global.pending_conns, entry) | |
793 | if (af == pconn->af && | |
794 | ldp_addrcmp(af, addr, &pconn->addr) == 0) | |
795 | return (pconn); | |
796 | ||
797 | return (NULL); | |
798 | } | |
799 | ||
eac6e3f0 RW |
800 | static int |
801 | pending_conn_timeout(struct thread *thread) | |
8429abe0 | 802 | { |
eac6e3f0 | 803 | struct pending_conn *pconn = THREAD_ARG(thread); |
8429abe0 RW |
804 | struct tcp_conn *tcp; |
805 | ||
eac6e3f0 RW |
806 | pconn->ev_timeout = NULL; |
807 | ||
8429abe0 RW |
808 | log_debug("%s: no adjacency with remote end: %s", __func__, |
809 | log_addr(pconn->af, &pconn->addr)); | |
810 | ||
811 | /* | |
812 | * Create a write buffer detached from any neighbor to send a | |
813 | * notification message reliably. | |
814 | */ | |
815 | tcp = tcp_new(pconn->fd, NULL); | |
816 | send_notification(S_NO_HELLO, tcp, 0, 0); | |
817 | msgbuf_write(&tcp->wbuf.wbuf); | |
818 | ||
819 | pending_conn_del(pconn); | |
eac6e3f0 RW |
820 | |
821 | return (0); | |
8429abe0 | 822 | } |