]> git.proxmox.com Git - mirror_frr.git/blame - ospfd/ospf_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
*: list_delete_and_null() -> list_delete()
[mirror_frr.git] / ospfd / ospf_packet.c
CommitLineData
718e3744 1/*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
896014f4
DL		 17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
718e3744 20 */
21
22#include <zebra.h>
23
cbf3e3eb 24#include "monotime.h"
718e3744 25#include "thread.h"
26#include "memory.h"
27#include "linklist.h"
28#include "prefix.h"
29#include "if.h"
30#include "table.h"
31#include "sockunion.h"
32#include "stream.h"
33#include "log.h"
2dd8bb4e 34#include "sockopt.h"
484315fd 35#include "checksum.h"
c1a03d47 36#include "md5.h"
7e2b7603 37#include "vrf.h"
c9cc11f6 38#include "lib_errors.h"
718e3744 39
40#include "ospfd/ospfd.h"
41#include "ospfd/ospf_network.h"
42#include "ospfd/ospf_interface.h"
43#include "ospfd/ospf_ism.h"
44#include "ospfd/ospf_asbr.h"
45#include "ospfd/ospf_lsa.h"
46#include "ospfd/ospf_lsdb.h"
47#include "ospfd/ospf_neighbor.h"
48#include "ospfd/ospf_nsm.h"
49#include "ospfd/ospf_packet.h"
50#include "ospfd/ospf_spf.h"
51#include "ospfd/ospf_flood.h"
52#include "ospfd/ospf_dump.h"
c9cc11f6 53#include "ospfd/ospf_errors.h"
718e3744 54
166b75c2
DS		 55/*
56 * OSPF Fragmentation / fragmented writes
57 *
58 * ospfd can support writing fragmented packets, for cases where
59 * kernel will not fragment IP_HDRINCL and/or multicast destined
60 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
61 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
62 * flags fields, hence user-space fragmentation will not work.
63 * Only Linux is known to leave IP header unmolested.
64 * Further, fragmentation really should be done the kernel, which already
65 * supports it, and which avoids nasty IP ID state problems.
66 *
67 * Fragmentation of OSPF packets can be required on networks with router
68 * with many many interfaces active in one area, or on networks with links
69 * with low MTUs.
70 */
71#ifdef GNU_LINUX
72#define WANT_OSPF_WRITE_FRAGMENT
73#endif
74
718e3744 75/* Packet Type String. */
d62a17ae 76const struct message ospf_packet_type_str[] = {
77 {OSPF_MSG_HELLO, "Hello"},
78 {OSPF_MSG_DB_DESC, "Database Description"},
79 {OSPF_MSG_LS_REQ, "Link State Request"},
80 {OSPF_MSG_LS_UPD, "Link State Update"},
81 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
82 {0}};
718e3744 83
75c8eabb
DO		 84/* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
85 particular types, offset is the "type" field of a packet. */
d7c0a89a 86static const uint16_t ospf_packet_minlen[] = {
d62a17ae 87 0,
88 OSPF_HELLO_MIN_SIZE,
89 OSPF_DB_DESC_MIN_SIZE,
90 OSPF_LS_REQ_MIN_SIZE,
91 OSPF_LS_UPD_MIN_SIZE,
92 OSPF_LS_ACK_MIN_SIZE,
75c8eabb
DO		 93};
94
4e31de79
DO		 95/* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
96 types, offset is the "LSA type" field. */
d7c0a89a 97static const uint16_t ospf_lsa_minlen[] = {
d62a17ae 98 0,
99 OSPF_ROUTER_LSA_MIN_SIZE,
100 OSPF_NETWORK_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_SUMMARY_LSA_MIN_SIZE,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 0,
108 0,
109 0,
4e31de79
DO		 110};
111
bd5651f0 112/* for ospf_check_auth() */
d62a17ae 113static int ospf_check_sum(struct ospf_header *);
bd5651f0 114
718e3744 115/* OSPF authentication checking function */
d62a17ae 116static int ospf_auth_type(struct ospf_interface *oi)
718e3744 117{
d62a17ae 118 int auth_type;
718e3744 119
d62a17ae 120 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
121 auth_type = oi->area->auth_type;
122 else
123 auth_type = OSPF_IF_PARAM(oi, auth_type);
718e3744 124
d62a17ae 125 /* Handle case where MD5 key list is not configured aka Cisco */
126 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
127 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
128 return OSPF_AUTH_NULL;
718e3744 129
d62a17ae 130 return auth_type;
718e3744 131}
132
d62a17ae 133struct ospf_packet *ospf_packet_new(size_t size)
718e3744 134{
d62a17ae 135 struct ospf_packet *new;
718e3744 136
d62a17ae 137 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
138 new->s = stream_new(size);
718e3744 139
d62a17ae 140 return new;
718e3744 141}
142
d62a17ae 143void ospf_packet_free(struct ospf_packet *op)
718e3744 144{
d62a17ae 145 if (op->s)
146 stream_free(op->s);
718e3744 147
d62a17ae 148 XFREE(MTYPE_OSPF_PACKET, op);
718e3744 149}
150
d62a17ae 151struct ospf_fifo *ospf_fifo_new()
718e3744 152{
d62a17ae 153 struct ospf_fifo *new;
718e3744 154
d62a17ae 155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
718e3744 157}
158
159/* Add new packet to fifo. */
d62a17ae 160void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
718e3744 161{
d62a17ae 162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
718e3744 166
d62a17ae 167 fifo->tail = op;
718e3744 168
d62a17ae 169 fifo->count++;
718e3744 170}
171
aa276fd7 172/* Add new packet to head of fifo. */
d62a17ae 173static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
aa276fd7 174{
d62a17ae 175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
aa276fd7
PJ		 183}
184
718e3744 185/* Delete first packet from fifo. */
d62a17ae 186struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
718e3744 187{
d62a17ae 188 struct ospf_packet *op;
718e3744 189
d62a17ae 190 op = fifo->head;
718e3744 191
d62a17ae 192 if (op) {
193 fifo->head = op->next;
718e3744 194
d62a17ae 195 if (fifo->head == NULL)
196 fifo->tail = NULL;
718e3744 197
d62a17ae 198 fifo->count--;
199 }
718e3744 200
d62a17ae 201 return op;
718e3744 202}
203
204/* Return first fifo entry. */
d62a17ae 205struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
718e3744 206{
d62a17ae 207 return fifo->head;
718e3744 208}
209
210/* Flush ospf packet fifo. */
d62a17ae 211void ospf_fifo_flush(struct ospf_fifo *fifo)
718e3744 212{
d62a17ae 213 struct ospf_packet *op;
214 struct ospf_packet *next;
718e3744 215
d62a17ae 216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
718e3744 222}
223
224/* Free ospf packet fifo. */
d62a17ae 225void ospf_fifo_free(struct ospf_fifo *fifo)
718e3744 226{
d62a17ae 227 ospf_fifo_flush(fifo);
718e3744 228
d62a17ae 229 XFREE(MTYPE_OSPF_FIFO, fifo);
718e3744 230}
231
d62a17ae 232void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
718e3744 233{
d62a17ae 234 if (!oi->obuf) {
af4c2728 235 flog_err(
cf444bcf 236 EC_OSPF_PKT_PROCESS,
d62a17ae 237 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
238 "destination %s) called with NULL obuf, ignoring "
239 "(please report this bug)!\n",
240 IF_NAME(oi), oi->state,
241 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
242 lookup_msg(ospf_packet_type_str,
243 stream_getc_from(op->s, 1), NULL),
244 inet_ntoa(op->dst));
245 return;
246 }
c3eab871 247
d62a17ae 248 /* Add packet to end of queue. */
249 ospf_fifo_push(oi->obuf, op);
718e3744 250
d62a17ae 251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
718e3744 253}
254
d62a17ae 255static void ospf_packet_add_top(struct ospf_interface *oi,
256 struct ospf_packet *op)
aa276fd7 257{
d62a17ae 258 if (!oi->obuf) {
af4c2728 259 flog_err(
cf444bcf 260 EC_OSPF_PKT_PROCESS,
d62a17ae 261 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
262 "destination %s) called with NULL obuf, ignoring "
263 "(please report this bug)!\n",
264 IF_NAME(oi), oi->state,
265 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
266 lookup_msg(ospf_packet_type_str,
267 stream_getc_from(op->s, 1), NULL),
268 inet_ntoa(op->dst));
269 return;
270 }
aa276fd7 271
d62a17ae 272 /* Add packet to head of queue. */
273 ospf_fifo_push_head(oi->obuf, op);
aa276fd7 274
d62a17ae 275 /* Debug of packet fifo*/
276 /* ospf_fifo_debug (oi->obuf); */
aa276fd7
PJ		 277}
278
d62a17ae 279void ospf_packet_delete(struct ospf_interface *oi)
718e3744 280{
d62a17ae 281 struct ospf_packet *op;
282
283 op = ospf_fifo_pop(oi->obuf);
718e3744 284
d62a17ae 285 if (op)
286 ospf_packet_free(op);
718e3744 287}
288
d62a17ae 289struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
718e3744 290{
d62a17ae 291 struct ospf_packet *new;
718e3744 292
d62a17ae 293 if (stream_get_endp(op->s) != op->length)
294 /* XXX size_t */
c9cc11f6 295 zlog_debug(
d62a17ae 296 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
d7c0a89a 297 (unsigned long)STREAM_SIZE(op->s), op->length);
30961a15 298
d62a17ae 299 /* Reserve space for MD5 authentication that may be added later. */
300 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
301 stream_copy(new->s, op->s);
718e3744 302
d62a17ae 303 new->dst = op->dst;
304 new->length = op->length;
718e3744 305
d62a17ae 306 return new;
718e3744 307}
308
86f1fd96 309/* XXX inline */
d62a17ae 310static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
86f1fd96 311{
d62a17ae 312 int auth = 0;
86f1fd96 313
d62a17ae 314 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
315 auth = OSPF_AUTH_MD5_SIZE;
86f1fd96 316
d62a17ae 317 return auth;
86f1fd96 318}
319
d62a17ae 320static unsigned int ospf_packet_max(struct ospf_interface *oi)
718e3744 321{
d62a17ae 322 int max;
718e3744 323
d62a17ae 324 max = oi->ifp->mtu - ospf_packet_authspace(oi);
86f1fd96 325
d62a17ae 326 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
718e3744 327
d62a17ae 328 return max;
718e3744 329}
330
6b0655a2 331
d62a17ae 332static int ospf_check_md5_digest(struct ospf_interface *oi,
333 struct ospf_header *ospfh)
718e3744 334{
d62a17ae 335 MD5_CTX ctx;
336 unsigned char digest[OSPF_AUTH_MD5_SIZE];
337 struct crypt_key *ck;
338 struct ospf_neighbor *nbr;
d7c0a89a 339 uint16_t length = ntohs(ospfh->length);
d62a17ae 340
341 /* Get secret key. */
342 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
343 ospfh->u.crypt.key_id);
344 if (ck == NULL) {
1c50c1c0
QY		 345 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
346 IF_NAME(oi), ospfh->u.crypt.key_id);
d62a17ae 347 return 0;
348 }
718e3744 349
d62a17ae 350 /* check crypto seqnum. */
351 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
718e3744 352
d62a17ae 353 if (nbr
354 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
c9cc11f6 355 flog_warn(
cf444bcf 356 EC_OSPF_MD5,
d62a17ae 357 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
358 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
359 ntohl(nbr->crypt_seqnum));
360 return 0;
361 }
718e3744 362
d62a17ae 363 /* Generate a digest for the ospf packet - their digest + our digest. */
364 memset(&ctx, 0, sizeof(ctx));
365 MD5Init(&ctx);
366 MD5Update(&ctx, ospfh, length);
367 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
368 MD5Final(digest, &ctx);
369
370 /* compare the two */
371 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
cf444bcf 372 flog_warn(EC_OSPF_MD5,
c9cc11f6 373 "interface %s: ospf_check_md5 checksum mismatch",
d62a17ae 374 IF_NAME(oi));
375 return 0;
376 }
718e3744 377
d62a17ae 378 /* save neighbor's crypt_seqnum */
379 if (nbr)
380 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
381 return 1;
718e3744 382}
383
384/* This function is called from ospf_write(), it will detect the
385 authentication scheme and if it is MD5, it will change the sequence
386 and update the MD5 digest. */
d62a17ae 387static int ospf_make_md5_digest(struct ospf_interface *oi,
388 struct ospf_packet *op)
389{
390 struct ospf_header *ospfh;
391 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
392 MD5_CTX ctx;
393 void *ibuf;
d7c0a89a 394 uint32_t t;
d62a17ae 395 struct crypt_key *ck;
d7c0a89a 396 const uint8_t *auth_key;
d62a17ae 397
398 ibuf = STREAM_DATA(op->s);
399 ospfh = (struct ospf_header *)ibuf;
400
401 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
402 return 0;
403
404 /* We do this here so when we dup a packet, we don't have to
405 waste CPU rewriting other headers.
406
407 Note that quagga_time /deliberately/ is not used here */
408 t = (time(NULL) & 0xFFFFFFFF);
409 if (t > oi->crypt_seqnum)
410 oi->crypt_seqnum = t;
411 else
412 oi->crypt_seqnum++;
413
414 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
415
416 /* Get MD5 Authentication key from auth_key list. */
417 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
d7c0a89a 418 auth_key = (const uint8_t *)digest;
d62a17ae 419 else {
420 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
421 auth_key = ck->auth_key;
422 }
718e3744 423
d62a17ae 424 /* Generate a digest for the entire packet + our secret key. */
425 memset(&ctx, 0, sizeof(ctx));
426 MD5Init(&ctx);
427 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
428 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
429 MD5Final(digest, &ctx);
718e3744 430
d62a17ae 431 /* Append md5 digest to the end of the stream. */
432 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
718e3744 433
d62a17ae 434 /* We do *NOT* increment the OSPF header length. */
435 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
30961a15 436
d62a17ae 437 if (stream_get_endp(op->s) != op->length)
438 /* XXX size_t */
c9cc11f6 439 flog_warn(
cf444bcf 440 EC_OSPF_MD5,
d62a17ae 441 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
d7c0a89a 442 (unsigned long)stream_get_endp(op->s), op->length);
718e3744 443
d62a17ae 444 return OSPF_AUTH_MD5_SIZE;
718e3744 445}
446
6b0655a2 447
d62a17ae 448static int ospf_ls_req_timer(struct thread *thread)
718e3744 449{
d62a17ae 450 struct ospf_neighbor *nbr;
718e3744 451
d62a17ae 452 nbr = THREAD_ARG(thread);
453 nbr->t_ls_req = NULL;
718e3744 454
d62a17ae 455 /* Send Link State Request. */
456 if (ospf_ls_request_count(nbr))
457 ospf_ls_req_send(nbr);
718e3744 458
d62a17ae 459 /* Set Link State Request retransmission timer. */
460 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 461
d62a17ae 462 return 0;
718e3744 463}
464
d62a17ae 465void ospf_ls_req_event(struct ospf_neighbor *nbr)
718e3744 466{
d62a17ae 467 if (nbr->t_ls_req) {
468 thread_cancel(nbr->t_ls_req);
469 nbr->t_ls_req = NULL;
470 }
471 nbr->t_ls_req = NULL;
472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
718e3744 473}
474
475/* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
d62a17ae 477int ospf_ls_upd_timer(struct thread *thread)
478{
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
718e3744 524
d62a17ae 525 if (listcount(update) > 0)
996c9314
LB		 526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
6a154c88 528 list_delete(&update);
718e3744 529 }
530
d62a17ae 531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
718e3744 533
d62a17ae 534 return 0;
718e3744 535}
536
d62a17ae 537int ospf_ls_ack_timer(struct thread *thread)
718e3744 538{
d62a17ae 539 struct ospf_interface *oi;
718e3744 540
d62a17ae 541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
718e3744 543
d62a17ae 544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
718e3744 547
d62a17ae 548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
718e3744 550
d62a17ae 551 return 0;
718e3744 552}
553
0bfeca3f 554#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 555static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
d7c0a89a 557 unsigned int mtu, int flags, uint8_t type)
0bfeca3f 558{
559#define OSPF_WRITE_FRAG_SHIFT 3
d7c0a89a 560 uint16_t offset;
d62a17ae 561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
c9cc11f6 603 flog_err(
450971aa 604 EC_LIB_SOCKET,
d62a17ae 605 "*** ospf_write_frags: sendmsg failed to %s,"
606 " id %d, off %d, len %d, mtu %u failed with %s",
607 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
608 iph->ip_len, mtu, safe_strerror(errno));
609
610 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
611 zlog_debug(
612 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
613 iph->ip_id, iph->ip_off, iph->ip_len,
614 inet_ntoa(iph->ip_dst));
615 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
616 zlog_debug(
617 "-----------------IP Header Dump----------------------");
618 ospf_ip_header_dump(iph);
619 zlog_debug(
620 "-----------------------------------------------------");
621 }
622 }
623
624 iph->ip_off += offset;
625 stream_forward_getp(op->s, iovp->iov_len);
2d34fb80 626 iovp->iov_base = stream_pnt(op->s);
d62a17ae 627 }
628
629 /* setup for final fragment */
630 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
631 iph->ip_len = iovp->iov_len + sizeof(struct ip);
632 iph->ip_off &= (~IP_MF);
0bfeca3f 633}
634#endif /* WANT_OSPF_WRITE_FRAGMENT */
635
d62a17ae 636static int ospf_write(struct thread *thread)
637{
638 struct ospf *ospf = THREAD_ARG(thread);
639 struct ospf_interface *oi;
640 struct ospf_interface *last_serviced_oi = NULL;
641 struct ospf_packet *op;
642 struct sockaddr_in sa_dst;
643 struct ip iph;
644 struct msghdr msg;
645 struct iovec iov[2];
d7c0a89a 646 uint8_t type;
d62a17ae 647 int ret;
648 int flags = 0;
649 struct listnode *node;
0bfeca3f 650#ifdef WANT_OSPF_WRITE_FRAGMENT
d7c0a89a
QY		 651 static uint16_t ipid = 0;
652 uint16_t maxdatasize;
9d303b37 653#endif /* WANT_OSPF_WRITE_FRAGMENT */
68b7339a 654#define OSPF_WRITE_IPHL_SHIFT 2
d62a17ae 655 int pkt_count = 0;
e1b18df1
CS		 656
657#ifdef GNU_LINUX
e7503eab
CS		 658 unsigned char cmsgbuf[64] = {};
659 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
660 struct in_pktinfo *pi;
e1b18df1 661#endif
d62a17ae 662
663 ospf->t_write = NULL;
718e3744 664
d62a17ae 665 node = listhead(ospf->oi_write_q);
666 assert(node);
667 oi = listgetdata(node);
668 assert(oi);
0bfeca3f 669
670#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 671 /* seed ipid static with low order bits of time */
672 if (ipid == 0)
673 ipid = (time(NULL) & 0xffff);
0bfeca3f 674#endif /* WANT_OSPF_WRITE_FRAGMENT */
675
d62a17ae 676 while ((pkt_count < ospf->write_oi_count) && oi
677 && (last_serviced_oi != oi)) {
678 /* If there is only packet in the queue, the oi is removed from
679 write-q, so fix up the last interface that was serviced */
680 if (last_serviced_oi == NULL) {
681 last_serviced_oi = oi;
682 }
683 pkt_count++;
233cc0fb 684#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 685 /* convenience - max OSPF data per packet */
686 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
233cc0fb 687#endif /* WANT_OSPF_WRITE_FRAGMENT */
d62a17ae 688 /* Get one packet from queue. */
689 op = ospf_fifo_head(oi->obuf);
690 assert(op);
691 assert(op->length >= OSPF_HEADER_SIZE);
692
693 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
694 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
695 ospf_if_ipmulticast(ospf, oi->address,
696 oi->ifp->ifindex);
697
698 /* Rewrite the md5 signature & update the seq */
699 ospf_make_md5_digest(oi, op);
700
701 /* Retrieve OSPF packet type. */
702 stream_set_getp(op->s, 1);
703 type = stream_getc(op->s);
704
705 /* reset get pointer */
706 stream_set_getp(op->s, 0);
707
708 memset(&iph, 0, sizeof(struct ip));
709 memset(&sa_dst, 0, sizeof(sa_dst));
710
711 sa_dst.sin_family = AF_INET;
6f0e3f6e 712#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
d62a17ae 713 sa_dst.sin_len = sizeof(sa_dst);
6f0e3f6e 714#endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
d62a17ae 715 sa_dst.sin_addr = op->dst;
716 sa_dst.sin_port = htons(0);
717
718 /* Set DONTROUTE flag if dst is unicast. */
719 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
720 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
721 flags = MSG_DONTROUTE;
722
723 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
724 /* it'd be very strange for header to not be 4byte-word aligned
725 * but.. */
726 if (sizeof(struct ip)
727 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
728 iph.ip_hl++; /* we presume sizeof struct ip cant
729 overflow ip_hl.. */
730
731 iph.ip_v = IPVERSION;
732 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
733 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
68b7339a 734
0150c9c9 735#if defined(__DragonFly__)
d62a17ae 736 /*
737 * DragonFly's raw socket expects ip_len/ip_off in network byte
738 * order.
739 */
740 iph.ip_len = htons(iph.ip_len);
0150c9c9
DB		 741#endif
742
0bfeca3f 743#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 744 /* XXX-MT: not thread-safe at all..
745 * XXX: this presumes this is only programme sending OSPF
746 * packets
747 * otherwise, no guarantee ipid will be unique
748 */
749 iph.ip_id = ++ipid;
0bfeca3f 750#endif /* WANT_OSPF_WRITE_FRAGMENT */
751
d62a17ae 752 iph.ip_off = 0;
753 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
754 iph.ip_ttl = OSPF_VL_IP_TTL;
755 else
756 iph.ip_ttl = OSPF_IP_TTL;
757 iph.ip_p = IPPROTO_OSPFIGP;
758 iph.ip_sum = 0;
759 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
760 iph.ip_dst.s_addr = op->dst.s_addr;
761
762 memset(&msg, 0, sizeof(msg));
763 msg.msg_name = (caddr_t)&sa_dst;
764 msg.msg_namelen = sizeof(sa_dst);
765 msg.msg_iov = iov;
766 msg.msg_iovlen = 2;
e7503eab 767
d62a17ae 768 iov[0].iov_base = (char *)&iph;
769 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
2d34fb80 770 iov[1].iov_base = stream_pnt(op->s);
d62a17ae 771 iov[1].iov_len = op->length;
772
e1b18df1
CS		 773#ifdef GNU_LINUX
774 msg.msg_control = (caddr_t)cm;
e7503eab
CS		 775 cm->cmsg_level = SOL_IP;
776 cm->cmsg_type = IP_PKTINFO;
777 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
778 pi = (struct in_pktinfo *)CMSG_DATA(cm);
779 pi->ipi_ifindex = oi->ifp->ifindex;
780
781 msg.msg_controllen = cm->cmsg_len;
e1b18df1 782#endif
e7503eab 783
996c9314
LB		 784/* Sadly we can not rely on kernels to fragment packets
785 * because of either IP_HDRINCL and/or multicast
786 * destination being set.
787 */
e7503eab 788
0bfeca3f 789#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 790 if (op->length > maxdatasize)
791 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
792 oi->ifp->mtu, flags, type);
0bfeca3f 793#endif /* WANT_OSPF_WRITE_FRAGMENT */
718e3744 794
d62a17ae 795 /* send final fragment (could be first) */
796 sockopt_iphdrincl_swab_htosys(&iph);
797 ret = sendmsg(ospf->fd, &msg, flags);
798 sockopt_iphdrincl_swab_systoh(&iph);
799 if (IS_DEBUG_OSPF_EVENT)
800 zlog_debug(
801 "ospf_write to %s, "
802 "id %d, off %d, len %d, interface %s, mtu %u:",
803 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
804 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
805
806 if (ret < 0)
c9cc11f6 807 flog_err(
450971aa 808 EC_LIB_SOCKET,
d62a17ae 809 "*** sendmsg in ospf_write failed to %s, "
810 "id %d, off %d, len %d, interface %s, mtu %u: %s",
811 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
812 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
813 safe_strerror(errno));
814
815 /* Show debug sending packet. */
816 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
817 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
818 zlog_debug(
819 "-----------------------------------------------------");
820 ospf_ip_header_dump(&iph);
821 stream_set_getp(op->s, 0);
822 ospf_packet_dump(op->s);
823 }
824
825 zlog_debug("%s sent to [%s] via [%s].",
826 lookup_msg(ospf_packet_type_str, type, NULL),
827 inet_ntoa(op->dst), IF_NAME(oi));
828
829 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
830 zlog_debug(
831 "-----------------------------------------------------");
832 }
833
c9339663 834 switch (type) {
996c9314
LB		 835 case OSPF_MSG_HELLO:
836 oi->hello_out++;
837 break;
838 case OSPF_MSG_DB_DESC:
839 oi->db_desc_out++;
840 break;
841 case OSPF_MSG_LS_REQ:
842 oi->ls_req_out++;
843 break;
844 case OSPF_MSG_LS_UPD:
845 oi->ls_upd_out++;
846 break;
847 case OSPF_MSG_LS_ACK:
848 oi->ls_ack_out++;
849 break;
850 default:
851 break;
c9339663
CS		 852 }
853
d62a17ae 854 /* Now delete packet from queue. */
855 ospf_packet_delete(oi);
856
857 /* Move this interface to the tail of write_q to
858 serve everyone in a round robin fashion */
859 list_delete_node(ospf->oi_write_q, node);
860 if (ospf_fifo_head(oi->obuf) == NULL) {
861 oi->on_write_q = 0;
862 last_serviced_oi = NULL;
863 oi = NULL;
864 } else {
865 listnode_add(ospf->oi_write_q, oi);
e8f45e82 866 }
d62a17ae 867
868 /* Setup to service from the head of the queue again */
869 if (!list_isempty(ospf->oi_write_q)) {
870 node = listhead(ospf->oi_write_q);
871 assert(node);
872 oi = listgetdata(node);
873 assert(oi);
874 }
875 }
876
877 /* If packets still remain in queue, call write thread. */
878 if (!list_isempty(ospf->oi_write_q)) {
879 ospf->t_write = NULL;
880 thread_add_write(master, ospf_write, ospf, ospf->fd,
881 &ospf->t_write);
e8f45e82 882 }
718e3744 883
d62a17ae 884 return 0;
718e3744 885}
886
887/* OSPF Hello message read -- RFC2328 Section 10.5. */
d62a17ae 888static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
889 struct stream *s, struct ospf_interface *oi, int size)
890{
891 struct ospf_hello *hello;
892 struct ospf_neighbor *nbr;
893 int old_state;
894 struct prefix p;
895
896 /* increment statistics. */
897 oi->hello_in++;
898
2d34fb80 899 hello = (struct ospf_hello *)stream_pnt(s);
d62a17ae 900
901 /* If Hello is myself, silently discard. */
902 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
903 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
904 zlog_debug(
905 "ospf_header[%s/%s]: selforiginated, "
906 "dropping.",
907 lookup_msg(ospf_packet_type_str, ospfh->type,
908 NULL),
909 inet_ntoa(iph->ip_src));
910 }
911 return;
912 }
913
914 /* get neighbor prefix. */
915 p.family = AF_INET;
916 p.prefixlen = ip_masklen(hello->network_mask);
917 p.u.prefix4 = iph->ip_src;
918
919 /* Compare network mask. */
920 /* Checking is ignored for Point-to-Point and Virtual link. */
921 if (oi->type != OSPF_IFTYPE_POINTOPOINT
922 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
923 if (oi->address->prefixlen != p.prefixlen) {
c9cc11f6 924 flog_warn(
cf444bcf 925 EC_OSPF_PACKET,
d62a17ae 926 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
927 inet_ntoa(ospfh->router_id), IF_NAME(oi),
928 (int)oi->address->prefixlen, (int)p.prefixlen);
929 return;
930 }
931
932 /* Compare Router Dead Interval. */
933 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
cf444bcf 934 flog_warn(EC_OSPF_PACKET,
c9cc11f6
DS		 935 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
936 "(expected %u, but received %u).",
937 inet_ntoa(ospfh->router_id),
938 OSPF_IF_PARAM(oi, v_wait),
939 ntohl(hello->dead_interval));
d62a17ae 940 return;
941 }
942
943 /* Compare Hello Interval - ignored if fast-hellos are set. */
944 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
945 if (OSPF_IF_PARAM(oi, v_hello)
946 != ntohs(hello->hello_interval)) {
c9cc11f6 947 flog_warn(
cf444bcf 948 EC_OSPF_PACKET,
d62a17ae 949 "Packet %s [Hello:RECV]: HelloInterval mismatch "
950 "(expected %u, but received %u).",
951 inet_ntoa(ospfh->router_id),
952 OSPF_IF_PARAM(oi, v_hello),
953 ntohs(hello->hello_interval));
954 return;
955 }
956 }
957
958 if (IS_DEBUG_OSPF_EVENT)
b5a8894d 959 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
d62a17ae 960 inet_ntoa(ospfh->router_id),
b5a8894d
CS		 961 ospf_options_dump(hello->options),
962 ospf_vrf_id_to_name(oi->ospf->vrf_id));
d62a17ae 963
964/* Compare options. */
718e3744 965#define REJECT_IF_TBIT_ON 1 /* XXX */
966#ifdef REJECT_IF_TBIT_ON
d62a17ae 967 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
968 /*
969 * This router does not support non-zero TOS.
970 * Drop this Hello packet not to establish neighbor
971 * relationship.
972 */
cf444bcf 973 flog_warn(EC_OSPF_PACKET,
c9cc11f6 974 "Packet %s [Hello:RECV]: T-bit on, drop it.",
d62a17ae 975 inet_ntoa(ospfh->router_id));
976 return;
977 }
718e3744 978#endif /* REJECT_IF_TBIT_ON */
979
d62a17ae 980 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
981 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
982 /*
983 * This router does know the correct usage of O-bit
984 * the bit should be set in DD packet only.
985 */
cf444bcf 986 flog_warn(EC_OSPF_PACKET,
c9cc11f6 987 "Packet %s [Hello:RECV]: O-bit abuse?",
d62a17ae 988 inet_ntoa(ospfh->router_id));
718e3744 989#ifdef STRICT_OBIT_USAGE_CHECK
d62a17ae 990 return; /* Reject this packet. */
991#else /* STRICT_OBIT_USAGE_CHECK */
992 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
993#endif /* STRICT_OBIT_USAGE_CHECK */
994 }
718e3744 995
d62a17ae 996 /* new for NSSA is to ensure that NP is on and E is off */
997
998 if (oi->area->external_routing == OSPF_AREA_NSSA) {
999 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1000 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1001 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1002 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
c9cc11f6 1003 flog_warn(
cf444bcf 1004 EC_OSPF_PACKET,
d62a17ae 1005 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1006 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1007 hello->options);
1008 return;
1009 }
1010 if (IS_DEBUG_OSPF_NSSA)
1011 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1012 inet_ntoa(ospfh->router_id));
1013 } else
1014 /* The setting of the E-bit found in the Hello Packet's Options
1015 field must match this area's ExternalRoutingCapability A
1016 mismatch causes processing to stop and the packet to be
1017 dropped. The setting of the rest of the bits in the Hello
1018 Packet's Options field should be ignored. */
1019 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1020 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
c9cc11f6 1021 flog_warn(
cf444bcf 1022 EC_OSPF_PACKET,
d62a17ae 1023 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1024 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1025 hello->options);
1026 return;
1027 }
718e3744 1028
d62a17ae 1029 /* get neighbour struct */
1030 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1031
1032 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1033 assert(nbr);
1034
1035 old_state = nbr->state;
1036
1037 /* Add event to thread. */
1038 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1039
1040 /* RFC2328 Section 9.5.1
1041 If the router is not eligible to become Designated Router,
1042 (snip) It must also send an Hello Packet in reply to an
1043 Hello Packet received from any eligible neighbor (other than
1044 the current Designated Router and Backup Designated Router). */
1045 if (oi->type == OSPF_IFTYPE_NBMA)
1046 if (PRIORITY(oi) == 0 && hello->priority > 0
1047 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1048 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1049 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1050 ospf_hello_reply_timer,
1051 OSPF_HELLO_REPLY_DELAY);
1052
1053 /* on NBMA network type, it happens to receive bidirectional Hello
1054 packet
1055 without advance 1-Way Received event.
1056 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1057 if (oi->type == OSPF_IFTYPE_NBMA
1058 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1059 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1060 nbr->priority = hello->priority;
1061 nbr->d_router = hello->d_router;
1062 nbr->bd_router = hello->bd_router;
1063 return;
1064 }
1065
1066 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1067 size - OSPF_HELLO_MIN_SIZE)) {
1068 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1069 nbr->options |= hello->options;
1070 } else {
1071 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1072 /* Set neighbor information. */
1073 nbr->priority = hello->priority;
1074 nbr->d_router = hello->d_router;
1075 nbr->bd_router = hello->bd_router;
1076 return;
1077 }
1078
1079 /* If neighbor itself declares DR and no BDR exists,
1080 cause event BackupSeen */
1081 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1082 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1083 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1084
1085 /* neighbor itself declares BDR. */
1086 if (oi->state == ISM_Waiting
1087 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1088 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1089
1090 /* had not previously. */
1091 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1092 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1093 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1094 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1095 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1096
1097 /* had not previously. */
1098 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1099 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1100 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1101 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1102 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1103
1104 /* Neighbor priority check. */
1105 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1106 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1107
1108 /* Set neighbor information. */
1109 nbr->priority = hello->priority;
1110 nbr->d_router = hello->d_router;
1111 nbr->bd_router = hello->bd_router;
718e3744 1112}
1113
1114/* Save DD flags/options/Seqnum received. */
d62a17ae 1115static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1116 struct ospf_db_desc *dd)
718e3744 1117{
d62a17ae 1118 nbr->last_recv.flags = dd->flags;
1119 nbr->last_recv.options = dd->options;
1120 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
718e3744 1121}
1122
1123/* Process rest of DD packet. */
d62a17ae 1124static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1125 struct ospf_neighbor *nbr,
d7c0a89a 1126 struct ospf_db_desc *dd, uint16_t size)
d62a17ae 1127{
1128 struct ospf_lsa *new, *find;
1129 struct lsa_header *lsah;
1130
1131 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1132 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1133 size -= OSPF_LSA_HEADER_SIZE) {
2d34fb80 1134 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1135 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1136
1137 /* Unknown LS type. */
1138 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1139 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1140 "Packet [DD:RECV]: Unknown LS type %d.",
d62a17ae 1141 lsah->type);
1142 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1143 return;
1144 }
1145
1146 if (IS_OPAQUE_LSA(lsah->type)
1147 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
cf444bcf 1148 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1149 "LSA[Type%d:%s]: Opaque capability mismatch?",
d62a17ae 1150 lsah->type, inet_ntoa(lsah->id));
1151 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1152 return;
1153 }
1154
1155 switch (lsah->type) {
1156 case OSPF_AS_EXTERNAL_LSA:
1157 case OSPF_OPAQUE_AS_LSA:
1158 /* Check for stub area. Reject if AS-External from stub
1159 but
1160 allow if from NSSA. */
1161 if (oi->area->external_routing == OSPF_AREA_STUB) {
c9cc11f6 1162 flog_warn(
cf444bcf 1163 EC_OSPF_PACKET,
d62a17ae 1164 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1165 lsah->type, inet_ntoa(lsah->id),
1166 (oi->area->external_routing
1167 == OSPF_AREA_STUB)
1168 ? "STUB"
1169 : "NSSA");
1170 OSPF_NSM_EVENT_SCHEDULE(nbr,
1171 NSM_SeqNumberMismatch);
1172 return;
1173 }
1174 break;
1175 default:
1176 break;
1177 }
1178
1179 /* Create LS-request object. */
1180 new = ospf_ls_request_new(lsah);
1181
1182 /* Lookup received LSA, then add LS request list. */
1183 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1184
1185 /* ospf_lsa_more_recent is fine with NULL pointers */
1186 switch (ospf_lsa_more_recent(find, new)) {
1187 case -1:
1188 /* Neighbour has a more recent LSA, we must request it
1189 */
1190 ospf_ls_request_add(nbr, new);
1191 /* fallthru */
1192 case 0:
1193 /* If we have a copy of this LSA, it's either less
1194 * recent
1195 * and we're requesting it from neighbour (the case
1196 * above), or
1197 * it's as recent and we both have same copy (this
1198 * case).
1199 *
1200 * In neither of these two cases is there any point in
1201 * describing our copy of the LSA to the neighbour in a
1202 * DB-Summary packet, if we're still intending to do so.
1203 *
1204 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1205 * backward compatible optimisation to OSPF DB Exchange
1206 * /
1207 * DB Description process implemented here.
1208 */
1209 if (find)
1210 ospf_lsdb_delete(&nbr->db_sum, find);
1211 ospf_lsa_discard(new);
1212 break;
1213 default:
1214 /* We have the more recent copy, nothing specific to do:
1215 * - no need to request neighbours stale copy
1216 * - must leave DB summary list copy alone
1217 */
1218 if (IS_DEBUG_OSPF_EVENT)
1219 zlog_debug(
1220 "Packet [DD:RECV]: LSA received Type %d, "
1221 "ID %s is not recent.",
1222 lsah->type, inet_ntoa(lsah->id));
1223 ospf_lsa_discard(new);
1224 }
1225 }
1226
1227 /* Master */
1228 if (IS_SET_DD_MS(nbr->dd_flags)) {
1229 nbr->dd_seqnum++;
1230
1231 /* Both sides have no More, then we're done with Exchange */
1232 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1233 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1234 else
1235 ospf_db_desc_send(nbr);
1236 }
1237 /* Slave */
1238 else {
1239 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1240
1241 /* Send DD packet in reply.
1242 *
1243 * Must be done to acknowledge the Master's DD, regardless of
1244 * whether we have more LSAs ourselves to describe.
1245 *
1246 * This function will clear the 'More' bit, if after this DD
1247 * we have no more LSAs to describe to the master..
1248 */
1249 ospf_db_desc_send(nbr);
1250
1251 /* Slave can raise ExchangeDone now, if master is also done */
1252 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1253 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1254 }
1255
1256 /* Save received neighbor values from DD. */
1257 ospf_db_desc_save_current(nbr, dd);
1258
1259 if (!nbr->t_ls_req)
1260 ospf_ls_req_send(nbr);
1261}
1262
1263static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1264 struct ospf_neighbor *nbr)
1265{
1266 /* Is DD duplicated? */
1267 if (dd->options == nbr->last_recv.options
1268 && dd->flags == nbr->last_recv.flags
1269 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1270 return 1;
1271
1272 return 0;
718e3744 1273}
1274
1275/* OSPF Database Description message read -- RFC2328 Section 10.6. */
d62a17ae 1276static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1277 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1278 uint16_t size)
d62a17ae 1279{
1280 struct ospf_db_desc *dd;
1281 struct ospf_neighbor *nbr;
d363df2c 1282
d62a17ae 1283 /* Increment statistics. */
1284 oi->db_desc_in++;
718e3744 1285
2d34fb80 1286 dd = (struct ospf_db_desc *)stream_pnt(s);
d62a17ae 1287
1288 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1289 if (nbr == NULL) {
cf444bcf 1290 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
d62a17ae 1291 inet_ntoa(ospfh->router_id));
1292 return;
718e3744 1293 }
d62a17ae 1294
1295 /* Check MTU. */
1296 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1297 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
c9cc11f6 1298 flog_warn(
cf444bcf 1299 EC_OSPF_PACKET,
d62a17ae 1300 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1301 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1302 oi->ifp->mtu);
1303 return;
718e3744 1304 }
1305
d62a17ae 1306 /*
1307 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1308 * not
1309 * required. In fact at least JunOS sends DD packets with P bit clear.
1310 * Until proper solution is developped, this hack should help.
1311 *
1312 * Update: According to the RFCs, N bit is specified /only/ for Hello
1313 * options, unfortunately its use in DD options is not specified. Hence
1314 * some
1315 * implementations follow E-bit semantics and set it in DD options, and
1316 * some
1317 * treat it as unspecified and hence follow the directive "default for
1318 * options is clear", ie unset.
1319 *
1320 * Reset the flag, as ospfd follows E-bit semantics.
1321 */
1322 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1323 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1324 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1325 if (IS_DEBUG_OSPF_EVENT)
1326 zlog_debug(
1327 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1328 inet_ntoa(nbr->router_id));
1329 SET_FLAG(dd->options, OSPF_OPTION_NP);
718e3744 1330 }
1331
d62a17ae 1332#ifdef REJECT_IF_TBIT_ON
1333 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1334 /*
1335 * In Hello protocol, optional capability must have checked
1336 * to prevent this T-bit enabled router be my neighbor.
1337 */
1c50c1c0 1338 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
d62a17ae 1339 inet_ntoa(nbr->router_id));
1340 return;
1341 }
1342#endif /* REJECT_IF_TBIT_ON */
1343
1344 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1345 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1346 /*
1347 * This node is not configured to handle O-bit, for now.
1348 * Clear it to ignore unsupported capability proposed by
1349 * neighbor.
1350 */
1351 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1352 }
1353
1354 /* Add event to thread. */
1355 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1356
1357 /* Process DD packet by neighbor status. */
1358 switch (nbr->state) {
1359 case NSM_Down:
1360 case NSM_Attempt:
1361 case NSM_TwoWay:
c9cc11f6 1362 flog_warn(
cf444bcf 1363 EC_OSPF_PACKET,
d62a17ae 1364 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1365 inet_ntoa(nbr->router_id),
1366 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1367 break;
1368 case NSM_Init:
1369 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1370 /* If the new state is ExStart, the processing of the current
1371 packet should then continue in this new state by falling
1372 through to case ExStart below. */
1373 if (nbr->state != NSM_ExStart)
1374 break;
1375 /* fallthru */
1376 case NSM_ExStart:
1377 /* Initial DBD */
1378 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1379 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1380 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1381 > 0) {
1382 /* We're Slave---obey */
05ba78e4
CS		 1383 if (CHECK_FLAG(oi->ospf->config,
1384 OSPF_LOG_ADJACENCY_DETAIL))
996c9314
LB		 1385 zlog_info(
1386 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1387 inet_ntoa(nbr->router_id));
05ba78e4 1388
d62a17ae 1389 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1390
1391 /* Reset I/MS */
1392 UNSET_FLAG(nbr->dd_flags,
1393 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1394 } else {
1395 /* We're Master, ignore the initial DBD from
1396 * Slave */
05ba78e4
CS		 1397 if (CHECK_FLAG(oi->ospf->config,
1398 OSPF_LOG_ADJACENCY_DETAIL))
1399 zlog_info(
1400 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1401 "ignoring.",
1402 inet_ntoa(nbr->router_id));
d62a17ae 1403 break;
1404 }
1405 }
1406 /* Ack from the Slave */
1407 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1408 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1409 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1410 < 0) {
1411 zlog_info(
1412 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1413 inet_ntoa(nbr->router_id));
1414 /* Reset I, leaving MS */
1415 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1416 } else {
cf444bcf 1417 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1418 "Packet[DD]: Neighbor %s Negotiation fails.",
d62a17ae 1419 inet_ntoa(nbr->router_id));
1420 break;
1421 }
1422
1423 /* This is where the real Options are saved */
1424 nbr->options = dd->options;
1425
1426 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1427 if (IS_DEBUG_OSPF_EVENT)
1428 zlog_debug(
1429 "Neighbor[%s] is %sOpaque-capable.",
1430 inet_ntoa(nbr->router_id),
1431 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1432 ? ""
1433 : "NOT ");
1434
1435 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1436 && IPV4_ADDR_SAME(&DR(oi),
1437 &nbr->address.u.prefix4)) {
c9cc11f6 1438 flog_warn(
cf444bcf 1439 EC_OSPF_PACKET,
c9cc11f6 1440 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
d62a17ae 1441 inet_ntoa(nbr->router_id));
1442 /* This situation is undesirable, but not a real
1443 * error. */
1444 }
1445 }
1446
1447 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1448
1449 /* continue processing rest of packet. */
1450 ospf_db_desc_proc(s, oi, nbr, dd, size);
1451 break;
1452 case NSM_Exchange:
1453 if (ospf_db_desc_is_dup(dd, nbr)) {
1454 if (IS_SET_DD_MS(nbr->dd_flags))
1455 /* Master: discard duplicated DD packet. */
1456 zlog_info(
1457 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1458 inet_ntoa(nbr->router_id));
1459 else
1460 /* Slave: cause to retransmit the last Database
1461 Description. */
1462 {
1463 zlog_info(
1464 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1465 inet_ntoa(nbr->router_id));
1466 ospf_db_desc_resend(nbr);
1467 }
1468 break;
1469 }
1470
1471 /* Otherwise DD packet should be checked. */
1472 /* Check Master/Slave bit mismatch */
1473 if (IS_SET_DD_MS(dd->flags)
1474 != IS_SET_DD_MS(nbr->last_recv.flags)) {
cf444bcf 1475 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1476 "Packet[DD]: Neighbor %s MS-bit mismatch.",
d62a17ae 1477 inet_ntoa(nbr->router_id));
1478 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1479 if (IS_DEBUG_OSPF_EVENT)
1480 zlog_debug(
1481 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1482 dd->flags, nbr->dd_flags);
1483 break;
1484 }
1485
1486 /* Check initialize bit is set. */
1487 if (IS_SET_DD_I(dd->flags)) {
1488 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1489 inet_ntoa(nbr->router_id));
1490 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1491 break;
1492 }
1493
1494 /* Check DD Options. */
1495 if (dd->options != nbr->options) {
718e3744 1496#ifdef ORIGINAL_CODING
d62a17ae 1497 /* Save the new options for debugging */
1498 nbr->options = dd->options;
718e3744 1499#endif /* ORIGINAL_CODING */
cf444bcf 1500 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1501 "Packet[DD]: Neighbor %s options mismatch.",
d62a17ae 1502 inet_ntoa(nbr->router_id));
1503 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1504 break;
1505 }
718e3744 1506
d62a17ae 1507 /* Check DD sequence number. */
1508 if ((IS_SET_DD_MS(nbr->dd_flags)
1509 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1510 || (!IS_SET_DD_MS(nbr->dd_flags)
1511 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
c9cc11f6 1512 flog_warn(
cf444bcf 1513 EC_OSPF_PACKET,
d62a17ae 1514 "Packet[DD]: Neighbor %s sequence number mismatch.",
1515 inet_ntoa(nbr->router_id));
1516 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1517 break;
1518 }
1519
1520 /* Continue processing rest of packet. */
1521 ospf_db_desc_proc(s, oi, nbr, dd, size);
1522 break;
1523 case NSM_Loading:
1524 case NSM_Full:
1525 if (ospf_db_desc_is_dup(dd, nbr)) {
1526 if (IS_SET_DD_MS(nbr->dd_flags)) {
1527 /* Master should discard duplicate DD packet. */
1528 zlog_info(
1529 "Packet[DD]: Neighbor %s duplicated, "
1530 "packet discarded.",
1531 inet_ntoa(nbr->router_id));
1532 break;
1533 } else {
1534 if (monotime_since(&nbr->last_send_ts, NULL)
1535 < nbr->v_inactivity * 1000000LL) {
1536 /* In states Loading and Full the slave
1537 must resend
1538 its last Database Description packet
1539 in response to
1540 duplicate Database Description
1541 packets received
1542 from the master. For this reason the
1543 slave must
1544 wait RouterDeadInterval seconds
1545 before freeing the
1546 last Database Description packet.
1547 Reception of a
1548 Database Description packet from the
1549 master after
1550 this interval will generate a
1551 SeqNumberMismatch
1552 neighbor event. RFC2328 Section 10.8
1553 */
1554 ospf_db_desc_resend(nbr);
1555 break;
1556 }
1557 }
718e3744 1558 }
718e3744 1559
d62a17ae 1560 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1561 break;
1562 default:
cf444bcf 1563 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1564 "Packet[DD]: Neighbor %s NSM illegal status %u.",
d62a17ae 1565 inet_ntoa(nbr->router_id), nbr->state);
1566 break;
1567 }
718e3744 1568}
1569
1570#define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1571
1572/* OSPF Link State Request Read -- RFC2328 Section 10.7. */
d62a17ae 1573static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1574 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1575 uint16_t size)
d62a17ae 1576{
1577 struct ospf_neighbor *nbr;
d7c0a89a 1578 uint32_t ls_type;
d62a17ae 1579 struct in_addr ls_id;
1580 struct in_addr adv_router;
1581 struct ospf_lsa *find;
1582 struct list *ls_upd;
1583 unsigned int length;
1584
1585 /* Increment statistics. */
1586 oi->ls_req_in++;
1587
1588 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1589 if (nbr == NULL) {
cf444bcf 1590 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1591 "Link State Request: Unknown Neighbor %s.",
d62a17ae 1592 inet_ntoa(ospfh->router_id));
1593 return;
718e3744 1594 }
1595
d62a17ae 1596 /* Add event to thread. */
1597 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1598
1599 /* Neighbor State should be Exchange or later. */
1600 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1601 && nbr->state != NSM_Full) {
c9cc11f6 1602 flog_warn(
cf444bcf 1603 EC_OSPF_PACKET,
c9cc11f6 1604 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
d62a17ae 1605 inet_ntoa(ospfh->router_id),
1606 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1607 return;
718e3744 1608 }
1609
d62a17ae 1610 /* Send Link State Update for ALL requested LSAs. */
1611 ls_upd = list_new();
1612 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1613
1614 while (size >= OSPF_LSA_KEY_SIZE) {
1615 /* Get one slice of Link State Request. */
1616 ls_type = stream_getl(s);
1617 ls_id.s_addr = stream_get_ipv4(s);
1618 adv_router.s_addr = stream_get_ipv4(s);
1619
1620 /* Verify LSA type. */
1621 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1622 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1623 list_delete(&ls_upd);
d62a17ae 1624 return;
1625 }
718e3744 1626
d62a17ae 1627 /* Search proper LSA in LSDB. */
b5a8894d
CS		 1628 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1629 adv_router);
d62a17ae 1630 if (find == NULL) {
1631 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1632 list_delete(&ls_upd);
d62a17ae 1633 return;
1634 }
718e3744 1635
d62a17ae 1636 /* Packet overflows MTU size, send immediately. */
1637 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1638 if (oi->type == OSPF_IFTYPE_NBMA)
1639 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1640 OSPF_SEND_PACKET_DIRECT, 0);
d62a17ae 1641 else
1642 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1643 OSPF_SEND_PACKET_INDIRECT, 0);
d62a17ae 1644
1645 /* Only remove list contents. Keep ls_upd. */
1646 list_delete_all_node(ls_upd);
718e3744 1647
d62a17ae 1648 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1649 }
1650
1651 /* Append LSA to update list. */
1652 listnode_add(ls_upd, find);
1653 length += ntohs(find->data->length);
718e3744 1654
d62a17ae 1655 size -= OSPF_LSA_KEY_SIZE;
1656 }
718e3744 1657
d62a17ae 1658 /* Send rest of Link State Update. */
1659 if (listcount(ls_upd) > 0) {
1660 if (oi->type == OSPF_IFTYPE_NBMA)
996c9314
LB		 1661 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1662 0);
d62a17ae 1663 else
996c9314
LB		 1664 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1665 0);
718e3744 1666
6a154c88 1667 list_delete(&ls_upd);
d62a17ae 1668 } else
6a154c88 1669 list_delete(&ls_upd);
718e3744 1670}
1671
1672/* Get the list of LSAs from Link State Update packet.
1673 And process some validation -- RFC2328 Section 13. (1)-(2). */
d62a17ae 1674static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1675 struct stream *s,
1676 struct ospf_interface *oi, size_t size)
1677{
d7c0a89a
QY		 1678 uint16_t count, sum;
1679 uint32_t length;
d62a17ae 1680 struct lsa_header *lsah;
1681 struct ospf_lsa *lsa;
1682 struct list *lsas;
1683
1684 lsas = list_new();
1685
1686 count = stream_getl(s);
1687 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1688
1689 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1690 size -= length, stream_forward_getp(s, length), count--) {
2d34fb80 1691 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1692 length = ntohs(lsah->length);
1693
1694 if (length > size) {
c9cc11f6 1695 flog_warn(
cf444bcf 1696 EC_OSPF_PACKET,
d62a17ae 1697 "Link State Update: LSA length exceeds packet size.");
1698 break;
1699 }
718e3744 1700
d62a17ae 1701 /* Validate the LSA's LS checksum. */
1702 sum = lsah->checksum;
1703 if (!ospf_lsa_checksum_valid(lsah)) {
1704 /* (bug #685) more details in a one-line message make it
1705 * possible
1706 * to identify problem source on the one hand and to
1707 * have a better
1708 * chance to compress repeated messages in syslog on the
1709 * other */
c9cc11f6 1710 flog_warn(
cf444bcf 1711 EC_OSPF_PACKET,
d62a17ae 1712 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1713 sum, lsah->checksum, inet_ntoa(lsah->id),
1714 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1715 inet_ntoa(lsah->adv_router));
1716 continue;
1717 }
718e3744 1718
d62a17ae 1719 /* Examine the LSA's LS type. */
1720 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1721 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1722 "Link State Update: Unknown LS type %d",
d62a17ae 1723 lsah->type);
1724 continue;
1725 }
718e3744 1726
d62a17ae 1727 /*
1728 * What if the received LSA's age is greater than MaxAge?
1729 * Treat it as a MaxAge case -- endo.
1730 */
1731 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1732 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
718e3744 1733
d62a17ae 1734 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1735#ifdef STRICT_OBIT_USAGE_CHECK
1736 if ((IS_OPAQUE_LSA(lsah->type)
1737 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1738 || (!IS_OPAQUE_LSA(lsah->type)
1739 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1740 /*
1741 * This neighbor must know the exact usage of
1742 * O-bit;
1743 * the bit will be set in Type-9,10,11 LSAs
1744 * only.
1745 */
cf444bcf 1746 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1747 "LSA[Type%d:%s]: O-bit abuse?",
d62a17ae 1748 lsah->type, inet_ntoa(lsah->id));
1749 continue;
1750 }
1751#endif /* STRICT_OBIT_USAGE_CHECK */
718e3744 1752
d62a17ae 1753 /* Do not take in AS External Opaque-LSAs if we are a
1754 * stub. */
1755 if (lsah->type == OSPF_OPAQUE_AS_LSA
1756 && nbr->oi->area->external_routing
1757 != OSPF_AREA_DEFAULT) {
1758 if (IS_DEBUG_OSPF_EVENT)
1759 zlog_debug(
1760 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1761 lsah->type,
1762 inet_ntoa(lsah->id));
1763 continue;
1764 }
1765 } else if (IS_OPAQUE_LSA(lsah->type)) {
cf444bcf 1766 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1767 "LSA[Type%d:%s]: Opaque capability mismatch?",
d62a17ae 1768 lsah->type, inet_ntoa(lsah->id));
1769 continue;
1770 }
718e3744 1771
d62a17ae 1772 /* Create OSPF LSA instance. */
5b3d4186 1773 lsa = ospf_lsa_new_and_data(length);
d62a17ae 1774
b5a8894d 1775 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 1776 /* We may wish to put some error checking if type NSSA comes in
1777 and area not in NSSA mode */
1778 switch (lsah->type) {
1779 case OSPF_AS_EXTERNAL_LSA:
1780 case OSPF_OPAQUE_AS_LSA:
1781 lsa->area = NULL;
1782 break;
1783 case OSPF_OPAQUE_LINK_LSA:
1784 lsa->oi = oi; /* Remember incoming interface for
1785 flooding control. */
1786 /* Fallthrough */
1787 default:
1788 lsa->area = oi->area;
1789 break;
1790 }
718e3744 1791
d62a17ae 1792 memcpy(lsa->data, lsah, length);
1793
1794 if (IS_DEBUG_OSPF_EVENT)
1795 zlog_debug(
1796 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1797 lsa->data->type, inet_ntoa(lsa->data->id),
1798 (void *)lsa);
1799 listnode_add(lsas, lsa);
1800 }
718e3744 1801
d62a17ae 1802 return lsas;
718e3744 1803}
1804
1805/* Cleanup Update list. */
d62a17ae 1806static void ospf_upd_list_clean(struct list *lsas)
718e3744 1807{
d62a17ae 1808 struct listnode *node, *nnode;
1809 struct ospf_lsa *lsa;
718e3744 1810
d62a17ae 1811 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1812 ospf_lsa_discard(lsa);
718e3744 1813
6a154c88 1814 list_delete(&lsas);
718e3744 1815}
1816
1817/* OSPF Link State Update message read -- RFC2328 Section 13. */
d62a17ae 1818static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1819 struct ospf_header *ospfh, struct stream *s,
d7c0a89a 1820 struct ospf_interface *oi, uint16_t size)
d62a17ae 1821{
1822 struct ospf_neighbor *nbr;
1823 struct list *lsas;
1824 struct listnode *node, *nnode;
1825 struct ospf_lsa *lsa = NULL;
1826 /* unsigned long ls_req_found = 0; */
1827
1828 /* Dis-assemble the stream, update each entry, re-encapsulate for
1829 * flooding */
1830
1831 /* Increment statistics. */
1832 oi->ls_upd_in++;
1833
1834 /* Check neighbor. */
1835 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1836 if (nbr == NULL) {
cf444bcf 1837 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1838 "Link State Update: Unknown Neighbor %s on int: %s",
d62a17ae 1839 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1840 return;
718e3744 1841 }
1842
d62a17ae 1843 /* Add event to thread. */
1844 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1845
1846 /* Check neighbor state. */
1847 if (nbr->state < NSM_Exchange) {
1848 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1849 zlog_debug(
1850 "Link State Update: "
1851 "Neighbor[%s] state %s is less than Exchange",
1852 inet_ntoa(ospfh->router_id),
1853 lookup_msg(ospf_nsm_state_msg, nbr->state,
1854 NULL));
1855 return;
1856 }
718e3744 1857
d62a17ae 1858 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1859 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1860 * of section 13.
1861 */
1862 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1863
35955c14
CS		 1864 if (lsas == NULL)
1865 return;
d62a17ae 1866#define DISCARD_LSA(L, N) \
1867 { \
1868 if (IS_DEBUG_OSPF_EVENT) \
1869 zlog_debug( \
1870 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1871 " Type-%d", \
1872 N, (void *)lsa, (int)lsa->data->type); \
1873 ospf_lsa_discard(L); \
1874 continue; \
718e3744 1875 }
1876
d62a17ae 1877 /* Process each LSA received in the one packet.
1878 *
1879 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1880 * text below are from the steps in RFC 2328, Section 13.
1881 */
1882 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1883 struct ospf_lsa *ls_ret, *current;
1884 int ret = 1;
1885
1886 if (IS_DEBUG_OSPF_NSSA) {
1887 char buf1[INET_ADDRSTRLEN];
1888 char buf2[INET_ADDRSTRLEN];
1889 char buf3[INET_ADDRSTRLEN];
1890
1891 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1892 lsa->data->type,
1893 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1894 INET_ADDRSTRLEN),
1895 inet_ntop(AF_INET, &lsa->data->id, buf2,
1896 INET_ADDRSTRLEN),
1897 inet_ntop(AF_INET, &lsa->data->adv_router,
1898 buf3, INET_ADDRSTRLEN));
1899 }
718e3744 1900
d62a17ae 1901 listnode_delete(lsas,
1902 lsa); /* We don't need it in list anymore */
1903
1904 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1905 */
1906
1907 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1908
1909 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1910 */
1911
1912 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1913 */
1914
1915 /* Do take in Type-7's if we are an NSSA */
1916
1917 /* If we are also an ABR, later translate them to a Type-5
1918 * packet */
1919
1920 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1921 translate them to a separate Type-5 packet. */
1922
1923 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1924 /* Reject from STUB or NSSA */
1925 if (nbr->oi->area->external_routing
1926 != OSPF_AREA_DEFAULT) {
1927 if (IS_DEBUG_OSPF_NSSA)
1928 zlog_debug(
1929 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1930 DISCARD_LSA(lsa, 1);
1931 }
1932
1933 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1934 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1935 if (IS_DEBUG_OSPF_NSSA)
1936 zlog_debug(
1937 "Incoming NSSA LSA Discarded: Not NSSA Area");
1938 DISCARD_LSA(lsa, 2);
1939 }
1940
1941 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1942 if (lsa->data->type == OSPF_ROUTER_LSA)
1943 if (!IPV4_ADDR_SAME(&lsa->data->id,
1944 &lsa->data->adv_router)) {
1945 char buf1[INET_ADDRSTRLEN];
1946 char buf2[INET_ADDRSTRLEN];
1947 char buf3[INET_ADDRSTRLEN];
1948
cf444bcf 1949 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1c50c1c0
QY		 1950 "Incoming Router-LSA from %s with "
1951 "Adv-ID[%s] != LS-ID[%s]",
1952 inet_ntop(AF_INET, &ospfh->router_id,
1953 buf1, INET_ADDRSTRLEN),
1954 inet_ntop(AF_INET, &lsa->data->id,
1955 buf2, INET_ADDRSTRLEN),
1956 inet_ntop(AF_INET,
1957 &lsa->data->adv_router, buf3,
1958 INET_ADDRSTRLEN));
af4c2728 1959 flog_err(
cf444bcf 1960 EC_OSPF_DOMAIN_CORRUPT,
d62a17ae 1961 "OSPF domain compromised by attack or corruption. "
1962 "Verify correct operation of -ALL- OSPF routers.");
1963 DISCARD_LSA(lsa, 0);
1964 }
1965
1966 /* Find the LSA in the current database. */
1967
1968 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1969
1970 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1971 currently
1972 no instance of the LSA in the router's link state database,
1973 and none of router's neighbors are in states Exchange or
1974 Loading,
1975 then take the following actions: */
1976
1977 if (IS_LSA_MAXAGE(lsa) && !current
1978 && ospf_check_nbr_status(oi->ospf)) {
1979 /* (4a) Response Link State Acknowledgment. */
1980 ospf_ls_ack_send(nbr, lsa);
1981
1982 /* (4b) Discard LSA. */
1983 if (IS_DEBUG_OSPF(lsa, LSA)) {
1984 zlog_debug(
1985 "Link State Update[%s]: LS age is equal to MaxAge.",
1986 dump_lsa_key(lsa));
1987 }
1988 DISCARD_LSA(lsa, 3);
1989 }
1990
1991 if (IS_OPAQUE_LSA(lsa->data->type)
1992 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1993 &oi->ospf->router_id)) {
1994 /*
1995 * Even if initial flushing seems to be completed, there
1996 * might
1997 * be a case that self-originated LSA with MaxAge still
1998 * remain
1999 * in the routing domain.
2000 * Just send an LSAck message to cease retransmission.
2001 */
2002 if (IS_LSA_MAXAGE(lsa)) {
c9cc11f6 2003 zlog_info("LSA[%s]: Boomerang effect?",
d62a17ae 2004 dump_lsa_key(lsa));
2005 ospf_ls_ack_send(nbr, lsa);
2006 ospf_lsa_discard(lsa);
2007
2008 if (current != NULL && !IS_LSA_MAXAGE(current))
2009 ospf_opaque_lsa_refresh_schedule(
2010 current);
2011 continue;
2012 }
2013
2014 /*
2015 * If an instance of self-originated Opaque-LSA is not
2016 * found
2017 * in the LSDB, there are some possible cases here.
2018 *
2019 * 1) This node lost opaque-capability after restart.
2020 * 2) Else, a part of opaque-type is no more supported.
2021 * 3) Else, a part of opaque-id is no more supported.
2022 *
2023 * Anyway, it is still this node's responsibility to
2024 * flush it.
2025 * Otherwise, the LSA instance remains in the routing
2026 * domain
2027 * until its age reaches to MaxAge.
2028 */
2029 /* XXX: We should deal with this for *ALL* LSAs, not
2030 * just opaque */
2031 if (current == NULL) {
2032 if (IS_DEBUG_OSPF_EVENT)
2033 zlog_debug(
2034 "LSA[%s]: Previously originated Opaque-LSA,"
2035 "not found in the LSDB.",
2036 dump_lsa_key(lsa));
2037
2038 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2039
2040 ospf_opaque_self_originated_lsa_received(nbr,
2041 lsa);
2042 ospf_ls_ack_send(nbr, lsa);
2043
2044 continue;
2045 }
2046 }
2047
2048 /* It might be happen that received LSA is self-originated
2049 * network LSA, but
2050 * router ID is changed. So, we should check if LSA is a
2051 * network-LSA whose
2052 * Link State ID is one of the router's own IP interface
2053 * addresses but whose
2054 * Advertising Router is not equal to the router's own Router ID
2055 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2056 * flushed.
2057 */
2058
2059 if (lsa->data->type == OSPF_NETWORK_LSA) {
2060 struct listnode *oinode, *oinnode;
2061 struct ospf_interface *out_if;
2062 int Flag = 0;
2063
2064 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2065 oinnode, out_if)) {
2066 if (out_if == NULL)
2067 break;
2068
2069 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2070 &lsa->data->id))
2071 && (!(IPV4_ADDR_SAME(
2072 &oi->ospf->router_id,
2073 &lsa->data->adv_router)))) {
2074 if (out_if->network_lsa_self) {
2075 ospf_lsa_flush_area(
2076 lsa, out_if->area);
2077 if (IS_DEBUG_OSPF_EVENT)
2078 zlog_debug(
2079 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2080 (void *)lsa,
2081 (int)lsa->data
2082 ->type);
2083 ospf_lsa_discard(lsa);
2084 Flag = 1;
2085 }
2086 break;
2087 }
2088 }
2089 if (Flag)
2090 continue;
2091 }
2092
2093 /* (5) Find the instance of this LSA that is currently contained
2094 in the router's link state database. If there is no
2095 database copy, or the received LSA is more recent than
2096 the database copy the following steps must be performed.
2097 (The sub steps from RFC 2328 section 13 step (5) will be
2098 performed in
2099 ospf_flood() ) */
2100
2101 if (current == NULL
2102 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2103 /* Actual flooding procedure. */
2104 if (ospf_flood(oi->ospf, nbr, current, lsa)
2105 < 0) /* Trap NSSA later. */
2106 DISCARD_LSA(lsa, 4);
2107 continue;
2108 }
2109
2110 /* (6) Else, If there is an instance of the LSA on the sending
2111 neighbor's Link state request list, an error has occurred in
2112 the Database Exchange process. In this case, restart the
2113 Database Exchange process by generating the neighbor event
2114 BadLSReq for the sending neighbor and stop processing the
2115 Link State Update packet. */
2116
2117 if (ospf_ls_request_lookup(nbr, lsa)) {
2118 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
c9cc11f6 2119 flog_warn(
cf444bcf 2120 EC_OSPF_PACKET,
d62a17ae 2121 "LSA[%s] instance exists on Link state request list",
2122 dump_lsa_key(lsa));
2123
2124 /* Clean list of LSAs. */
2125 ospf_upd_list_clean(lsas);
2126 /* this lsa is not on lsas list already. */
2127 ospf_lsa_discard(lsa);
2128 return;
2129 }
2130
2131 /* If the received LSA is the same instance as the database copy
2132 (i.e., neither one is more recent) the following two steps
2133 should be performed: */
2134
2135 if (ret == 0) {
2136 /* If the LSA is listed in the Link state retransmission
2137 list
2138 for the receiving adjacency, the router itself is
2139 expecting
2140 an acknowledgment for this LSA. The router should
2141 treat the
2142 received LSA as an acknowledgment by removing the LSA
2143 from
2144 the Link state retransmission list. This is termed
2145 an
2146 "implied acknowledgment". */
2147
2148 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2149
2150 if (ls_ret != NULL) {
2151 ospf_ls_retransmit_delete(nbr, ls_ret);
2152
2153 /* Delayed acknowledgment sent if advertisement
2154 received
2155 from Designated Router, otherwise do nothing.
2156 */
2157 if (oi->state == ISM_Backup)
2158 if (NBR_IS_DR(nbr))
2159 listnode_add(
2160 oi->ls_ack,
2161 ospf_lsa_lock(lsa));
2162
2163 DISCARD_LSA(lsa, 5);
2164 } else
2165 /* Acknowledge the receipt of the LSA by sending a
2166 Link State Acknowledgment packet back out the
2167 receiving
2168 interface. */
2169 {
2170 ospf_ls_ack_send(nbr, lsa);
2171 DISCARD_LSA(lsa, 6);
2172 }
2173 }
2174
2175 /* The database copy is more recent. If the database copy
2176 has LS age equal to MaxAge and LS sequence number equal to
2177 MaxSequenceNumber, simply discard the received LSA without
2178 acknowledging it. (In this case, the LSA's LS sequence number
2179 is
2180 wrapping, and the MaxSequenceNumber LSA must be completely
2181 flushed before any new LSA instance can be introduced). */
2182
2183 else if (ret > 0) /* Database copy is more recent */
2184 {
2185 if (IS_LSA_MAXAGE(current)
2186 && current->data->ls_seqnum
2187 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2188 DISCARD_LSA(lsa, 7);
2189 }
2190 /* Otherwise, as long as the database copy has not been
2191 sent in a
2192 Link State Update within the last MinLSArrival
2193 seconds, send the
2194 database copy back to the sending neighbor,
2195 encapsulated within
2196 a Link State Update Packet. The Link State Update
2197 Packet should
2198 be sent directly to the neighbor. In so doing, do not
2199 put the
2200 database copy of the LSA on the neighbor's link state
2201 retransmission list, and do not acknowledge the
2202 received (less
2203 recent) LSA instance. */
2204 else {
2205 if (monotime_since(&current->tv_orig, NULL)
2206 >= ospf->min_ls_arrival * 1000LL)
2207 /* Trap NSSA type later.*/
2208 ospf_ls_upd_send_lsa(
2209 nbr, current,
2210 OSPF_SEND_PACKET_DIRECT);
2211 DISCARD_LSA(lsa, 8);
2212 }
2213 }
2214 }
2cd754de
PJ		 2215#undef DISCARD_LSA
2216
d62a17ae 2217 assert(listcount(lsas) == 0);
6a154c88 2218 list_delete(&lsas);
718e3744 2219}
2220
2221/* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
d62a17ae 2222static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2223 struct stream *s, struct ospf_interface *oi,
d7c0a89a 2224 uint16_t size)
d62a17ae 2225{
2226 struct ospf_neighbor *nbr;
2227
2228 /* increment statistics. */
2229 oi->ls_ack_in++;
2230
2231 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2232 if (nbr == NULL) {
cf444bcf 2233 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2234 "Link State Acknowledgment: Unknown Neighbor %s.",
d62a17ae 2235 inet_ntoa(ospfh->router_id));
2236 return;
2237 }
2238
2239 /* Add event to thread. */
2240 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2241
2242 if (nbr->state < NSM_Exchange) {
2243 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2244 zlog_debug(
2245 "Link State Acknowledgment: "
2246 "Neighbor[%s] state %s is less than Exchange",
2247 inet_ntoa(ospfh->router_id),
2248 lookup_msg(ospf_nsm_state_msg, nbr->state,
2249 NULL));
2250 return;
2251 }
2252
2253 while (size >= OSPF_LSA_HEADER_SIZE) {
2254 struct ospf_lsa *lsa, *lsr;
2255
2256 lsa = ospf_lsa_new();
2d34fb80 2257 lsa->data = (struct lsa_header *)stream_pnt(s);
b5a8894d 2258 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 2259
2d34fb80 2260 /* lsah = (struct lsa_header *) stream_pnt (s); */
d62a17ae 2261 size -= OSPF_LSA_HEADER_SIZE;
2262 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2263
2264 if (lsa->data->type < OSPF_MIN_LSA
2265 || lsa->data->type >= OSPF_MAX_LSA) {
2266 lsa->data = NULL;
2267 ospf_lsa_discard(lsa);
2268 continue;
2269 }
2270
2271 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2272
2273 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2274 ospf_ls_retransmit_delete(nbr, lsr);
2275
2276 lsa->data = NULL;
2277 ospf_lsa_discard(lsa);
2278 }
2279
2280 return;
2281}
2282
b5a8894d
CS		 2283static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2284 struct interface **ifp,
d62a17ae 2285 struct stream *ibuf)
2286{
2287 int ret;
2288 struct ip *iph;
d7c0a89a 2289 uint16_t ip_len;
d62a17ae 2290 ifindex_t ifindex = 0;
2291 struct iovec iov;
2292 /* Header and data both require alignment. */
2293 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2294 struct msghdr msgh;
2295
2296 memset(&msgh, 0, sizeof(struct msghdr));
2297 msgh.msg_iov = &iov;
2298 msgh.msg_iovlen = 1;
2299 msgh.msg_control = (caddr_t)buff;
2300 msgh.msg_controllen = sizeof(buff);
2301
2302 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2303 if (ret < 0) {
cf444bcf 2304 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
c9cc11f6 2305 safe_strerror(errno));
d62a17ae 2306 return NULL;
2307 }
2308 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
718e3744 2309 {
c9cc11f6 2310 flog_warn(
cf444bcf 2311 EC_OSPF_PACKET,
d62a17ae 2312 "ospf_recv_packet: discarding runt packet of length %d "
2313 "(ip header size is %u)",
d7c0a89a 2314 ret, (unsigned int)sizeof(iph));
d62a17ae 2315 return NULL;
2316 }
2317
2318 /* Note that there should not be alignment problems with this assignment
2319 because this is at the beginning of the stream data buffer. */
2320 iph = (struct ip *)STREAM_DATA(ibuf);
2321 sockopt_iphdrincl_swab_systoh(iph);
2322
2323 ip_len = iph->ip_len;
2324
de5ccb96 2325#if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
d62a17ae 2326 /*
2327 * Kernel network code touches incoming IP header parameters,
2328 * before protocol specific processing.
2329 *
2330 * 1) Convert byteorder to host representation.
2331 * --> ip_len, ip_id, ip_off
2332 *
2333 * 2) Adjust ip_len to strip IP header size!
2334 * --> If user process receives entire IP packet via RAW
2335 * socket, it must consider adding IP header size to
2336 * the "ip_len" field of "ip" structure.
2337 *
2338 * For more details, see <netinet/ip_input.c>.
2339 */
2340 ip_len = ip_len + (iph->ip_hl << 2);
718e3744 2341#endif
d62a17ae 2342
0150c9c9 2343#if defined(__DragonFly__)
d62a17ae 2344 /*
2345 * in DragonFly's raw socket, ip_len/ip_off are read
2346 * in network byte order.
2347 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2348 */
2349 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
0150c9c9
DB		 2350#endif
2351
d62a17ae 2352 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2353
b5a8894d 2354 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
d62a17ae 2355
2356 if (ret != ip_len) {
c9cc11f6 2357 flog_warn(
cf444bcf 2358 EC_OSPF_PACKET,
d62a17ae 2359 "ospf_recv_packet read length mismatch: ip_len is %d, "
2360 "but recvmsg returned %d",
2361 ip_len, ret);
2362 return NULL;
2363 }
718e3744 2364
d62a17ae 2365 return ibuf;
718e3744 2366}
2367
4dadc291 2368static struct ospf_interface *
d62a17ae 2369ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2370 struct ip *iph, struct ospf_header *ospfh)
2371{
2372 struct ospf_interface *rcv_oi;
2373 struct ospf_vl_data *vl_data;
2374 struct ospf_area *vl_area;
2375 struct listnode *node;
2376
2377 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2378 || !OSPF_IS_AREA_BACKBONE(ospfh))
2379 return NULL;
2380
2381 /* look for local OSPF interface matching the destination
2382 * to determine Area ID. We presume therefore the destination address
2383 * is unique, or at least (for "unnumbered" links), not used in other
2384 * areas
2385 */
2386 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2387 == NULL)
2388 return NULL;
2389
2390 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2391 vl_area =
2392 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2393 if (!vl_area)
2394 continue;
2395
2396 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2397 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2398 if (IS_DEBUG_OSPF_EVENT)
2399 zlog_debug("associating packet with %s",
2400 IF_NAME(vl_data->vl_oi));
2401 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2402 if (IS_DEBUG_OSPF_EVENT)
2403 zlog_debug(
2404 "This VL is not up yet, sorry");
2405 return NULL;
2406 }
2407
2408 return vl_data->vl_oi;
2409 }
718e3744 2410 }
718e3744 2411
d62a17ae 2412 if (IS_DEBUG_OSPF_EVENT)
2413 zlog_debug("couldn't find any VL to associate the packet with");
2414
2415 return NULL;
718e3744 2416}
2417
d62a17ae 2418static int ospf_check_area_id(struct ospf_interface *oi,
2419 struct ospf_header *ospfh)
718e3744 2420{
d62a17ae 2421 /* Check match the Area ID of the receiving interface. */
2422 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2423 return 1;
718e3744 2424
d62a17ae 2425 return 0;
718e3744 2426}
2427
2428/* Unbound socket will accept any Raw IP packets if proto is matched.
2429 To prevent it, compare src IP address and i/f address with masking
2430 i/f network mask. */
d62a17ae 2431static int ospf_check_network_mask(struct ospf_interface *oi,
2432 struct in_addr ip_src)
718e3744 2433{
d62a17ae 2434 struct in_addr mask, me, him;
718e3744 2435
d62a17ae 2436 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2437 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2438 return 1;
718e3744 2439
d62a17ae 2440 masklen2ip(oi->address->prefixlen, &mask);
718e3744 2441
d62a17ae 2442 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2443 him.s_addr = ip_src.s_addr & mask.s_addr;
718e3744 2444
d62a17ae 2445 if (IPV4_ADDR_SAME(&me, &him))
2446 return 1;
718e3744 2447
d62a17ae 2448 return 0;
718e3744 2449}
2450
bd5651f0
DO		 2451/* Return 1, if the packet is properly authenticated and checksummed,
2452 0 otherwise. In particular, check that AuType header field is valid and
2453 matches the locally configured AuType, and that D.5 requirements are met. */
d62a17ae 2454static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2455{
2456 struct crypt_key *ck;
d7c0a89a
QY		 2457 uint16_t iface_auth_type;
2458 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
d62a17ae 2459
2460 switch (pkt_auth_type) {
2461 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2462 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2463 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2464 flog_warn(
cf444bcf 2465 EC_OSPF_PACKET,
d62a17ae 2466 "interface %s: auth-type mismatch, local %s, rcvd Null",
2467 IF_NAME(oi),
2468 lookup_msg(ospf_auth_type_str,
2469 iface_auth_type, NULL));
2470 return 0;
2471 }
2472 if (!ospf_check_sum(ospfh)) {
2473 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2474 flog_warn(
cf444bcf 2475 EC_OSPF_PACKET,
d62a17ae 2476 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2477 IF_NAME(oi),
2478 inet_ntoa(ospfh->router_id));
2479 return 0;
2480 }
2481 return 1;
2482 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2483 if (OSPF_AUTH_SIMPLE
2484 != (iface_auth_type = ospf_auth_type(oi))) {
2485 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2486 flog_warn(
cf444bcf 2487 EC_OSPF_PACKET,
d62a17ae 2488 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2489 IF_NAME(oi),
2490 lookup_msg(ospf_auth_type_str,
2491 iface_auth_type, NULL));
2492 return 0;
2493 }
2494 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2495 OSPF_AUTH_SIMPLE_SIZE)) {
2496 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2497 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2498 "interface %s: Simple auth failed",
d62a17ae 2499 IF_NAME(oi));
2500 return 0;
2501 }
2502 if (!ospf_check_sum(ospfh)) {
2503 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2504 flog_warn(
cf444bcf 2505 EC_OSPF_PACKET,
d62a17ae 2506 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2507 IF_NAME(oi),
2508 inet_ntoa(ospfh->router_id));
2509 return 0;
2510 }
2511 return 1;
2512 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2513 if (OSPF_AUTH_CRYPTOGRAPHIC
2514 != (iface_auth_type = ospf_auth_type(oi))) {
2515 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2516 flog_warn(
cf444bcf 2517 EC_OSPF_PACKET,
d62a17ae 2518 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2519 IF_NAME(oi),
2520 lookup_msg(ospf_auth_type_str,
2521 iface_auth_type, NULL));
2522 return 0;
2523 }
2524 if (ospfh->checksum) {
2525 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2526 flog_warn(
cf444bcf 2527 EC_OSPF_PACKET,
d62a17ae 2528 "interface %s: OSPF header checksum is not 0",
2529 IF_NAME(oi));
2530 return 0;
2531 }
2532 /* only MD5 crypto method can pass ospf_packet_examin() */
996c9314
LB		 2533 if (NULL == (ck = listgetdata(
2534 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2535 || ospfh->u.crypt.key_id != ck->key_id ||
2536 /* Condition above uses the last key ID on the list,
2537 which is
2538 different from what ospf_crypt_key_lookup() does. A
2539 bug? */
2540 !ospf_check_md5_digest(oi, ospfh)) {
d62a17ae 2541 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2542 flog_warn(EC_OSPF_MD5,
c9cc11f6 2543 "interface %s: MD5 auth failed",
d62a17ae 2544 IF_NAME(oi));
2545 return 0;
2546 }
2547 return 1;
2548 default:
2549 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2550 flog_warn(
cf444bcf 2551 EC_OSPF_PACKET,
d62a17ae 2552 "interface %s: invalid packet auth-type (%02x)",
2553 IF_NAME(oi), pkt_auth_type);
2554 return 0;
2555 }
2556}
2557
2558static int ospf_check_sum(struct ospf_header *ospfh)
2559{
d7c0a89a
QY		 2560 uint32_t ret;
2561 uint16_t sum;
d62a17ae 2562
2563 /* clear auth_data for checksum. */
2564 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2565
2566 /* keep checksum and clear. */
2567 sum = ospfh->checksum;
d7c0a89a 2568 memset(&ospfh->checksum, 0, sizeof(uint16_t));
d62a17ae 2569
2570 /* calculate checksum. */
2571 ret = in_cksum(ospfh, ntohs(ospfh->length));
2572
2573 if (ret != sum) {
2574 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2575 ret, sum);
2576 return 0;
2577 }
2578
2579 return 1;
718e3744 2580}
2581
4e31de79
DO		 2582/* Verify, that given link/TOS records are properly sized/aligned and match
2583 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
d62a17ae 2584static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
d7c0a89a
QY		 2585 uint16_t linkbytes,
2586 const uint16_t num_links)
d62a17ae 2587{
2588 unsigned counted_links = 0, thislinklen;
2589
2590 while (linkbytes) {
2591 thislinklen =
2592 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2593 if (thislinklen > linkbytes) {
2594 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2595 zlog_debug("%s: length error in link block #%u",
2596 __func__, counted_links);
2597 return MSG_NG;
2598 }
2599 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2600 linkbytes -= thislinklen;
2601 counted_links++;
2602 }
2603 if (counted_links != num_links) {
2604 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2605 zlog_debug("%s: %u link blocks declared, %u present",
2606 __func__, num_links, counted_links);
2607 return MSG_NG;
2608 }
2609 return MSG_OK;
4e31de79
DO		 2610}
2611
2612/* Verify, that the given LSA is properly sized/aligned (including type-specific
2613 minimum length constraint). */
d7c0a89a
QY		 2614static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2615 const uint8_t headeronly)
d62a17ae 2616{
2617 unsigned ret;
2618 struct router_lsa *rlsa;
2619 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2620 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2621 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2622 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2623 lookup_msg(ospf_lsa_type_msg, lsah->type,
2624 NULL));
2625 return MSG_NG;
2626 }
2627 switch (lsah->type) {
2628 case OSPF_ROUTER_LSA:
2629 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2630 * (12+)-byte link blocks */
2631 if (headeronly) {
2632 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2633 - OSPF_ROUTER_LSA_MIN_SIZE)
2634 % 4
2635 ? MSG_NG
2636 : MSG_OK;
2637 break;
2638 }
2639 rlsa = (struct router_lsa *)lsah;
2640 ret = ospf_router_lsa_links_examin(
2641 (struct router_lsa_link *)rlsa->link,
2642 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2643 header, "flags",
2644 0, "# links" */
2645 ntohs(rlsa->links) /* 16 bits */
9d303b37 2646 );
d62a17ae 2647 break;
2648 case OSPF_AS_EXTERNAL_LSA:
2649 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2650 * blocks */
2651 case OSPF_AS_NSSA_LSA:
2652 /* RFC3101 C, idem */
2653 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2654 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2655 % 12
2656 ? MSG_NG
2657 : MSG_OK;
2658 break;
2659 /* Following LSA types are considered OK length-wise as soon as their
2660 * minimum
2661 * length constraint is met and length of the whole LSA is a multiple of
2662 * 4
2663 * (basic LSA header size is already a multiple of 4). */
2664 case OSPF_NETWORK_LSA:
2665 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2666 case OSPF_SUMMARY_LSA:
2667 case OSPF_ASBR_SUMMARY_LSA:
2668 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2669 * blocks */
2670 case OSPF_OPAQUE_LINK_LSA:
2671 case OSPF_OPAQUE_AREA_LSA:
2672 case OSPF_OPAQUE_AS_LSA:
2673 /* RFC5250 A.2, "some number of octets (of application-specific
2674 * data) padded to 32-bit alignment." This is considered
2675 * equivalent
2676 * to 4-byte alignment of all other LSA types, see
2677 * OSPF-ALIGNMENT.txt
2678 * file for the detailed analysis of this passage. */
2679 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2680 break;
2681 default:
2682 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2683 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2684 lsah->type);
2685 return MSG_NG;
2686 }
2687 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2688 zlog_debug("%s: alignment error in %s", __func__,
2689 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2690 return ret;
4e31de79
DO		 2691}
2692
2693/* Verify if the provided input buffer is a valid sequence of LSAs. This
2694 includes verification of LSA blocks length/alignment and dispatching
2695 of deeper-level checks. */
2696static unsigned
d62a17ae 2697ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
d7c0a89a 2698 size_t length, const uint8_t headeronly,
d62a17ae 2699 /* When declared_num_lsas is not 0, compare it to the real
2700 number of LSAs
2701 and treat the difference as an error. */
d7c0a89a 2702 const uint32_t declared_num_lsas)
d62a17ae 2703{
d7c0a89a 2704 uint32_t counted_lsas = 0;
d62a17ae 2705
2706 while (length) {
d7c0a89a 2707 uint16_t lsalen;
d62a17ae 2708 if (length < OSPF_LSA_HEADER_SIZE) {
2709 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2710 zlog_debug(
2711 "%s: undersized (%zu B) trailing (#%u) LSA header",
2712 __func__, length, counted_lsas);
2713 return MSG_NG;
2714 }
2715 /* save on ntohs() calls here and in the LSA validator */
2716 lsalen = ntohs(lsah->length);
2717 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2718 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2719 zlog_debug(
2720 "%s: malformed LSA header #%u, declared length is %u B",
2721 __func__, counted_lsas, lsalen);
2722 return MSG_NG;
2723 }
2724 if (headeronly) {
2725 /* less checks here and in ospf_lsa_examin() */
2726 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2727 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2728 zlog_debug(
2729 "%s: malformed header-only LSA #%u",
2730 __func__, counted_lsas);
2731 return MSG_NG;
2732 }
2733 lsah = (struct lsa_header *)((caddr_t)lsah
2734 + OSPF_LSA_HEADER_SIZE);
2735 length -= OSPF_LSA_HEADER_SIZE;
2736 } else {
2737 /* make sure the input buffer is deep enough before
2738 * further checks */
2739 if (lsalen > length) {
2740 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2741 zlog_debug(
2742 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2743 __func__, counted_lsas, lsalen,
2744 length);
2745 return MSG_NG;
2746 }
2747 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2748 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2749 zlog_debug("%s: malformed LSA #%u",
2750 __func__, counted_lsas);
2751 return MSG_NG;
2752 }
2753 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2754 length -= lsalen;
2755 }
2756 counted_lsas++;
2757 }
2758
2759 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2760 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2761 zlog_debug(
2762 "%s: #LSAs declared (%u) does not match actual (%u)",
2763 __func__, declared_num_lsas, counted_lsas);
2764 return MSG_NG;
2765 }
2766 return MSG_OK;
4e31de79
DO		 2767}
2768
75c8eabb 2769/* Verify a complete OSPF packet for proper sizing/alignment. */
d62a17ae 2770static unsigned ospf_packet_examin(struct ospf_header *oh,
2771 const unsigned bytesonwire)
2772{
d7c0a89a 2773 uint16_t bytesdeclared, bytesauth;
d62a17ae 2774 unsigned ret;
2775 struct ospf_ls_update *lsupd;
2776
2777 /* Length, 1st approximation. */
2778 if (bytesonwire < OSPF_HEADER_SIZE) {
2779 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2780 zlog_debug("%s: undersized (%u B) packet", __func__,
2781 bytesonwire);
2782 return MSG_NG;
2783 }
2784 /* Now it is safe to access header fields. Performing length check,
2785 * allow
2786 * for possible extra bytes of crypto auth/padding, which are not
2787 * counted
2788 * in the OSPF header "length" field. */
2789 if (oh->version != OSPF_VERSION) {
2790 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2791 zlog_debug("%s: invalid (%u) protocol version",
2792 __func__, oh->version);
2793 return MSG_NG;
2794 }
2795 bytesdeclared = ntohs(oh->length);
2796 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2797 bytesauth = 0;
2798 else {
2799 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2800 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2801 zlog_debug(
2802 "%s: unsupported crypto auth length (%u B)",
2803 __func__, oh->u.crypt.auth_data_len);
2804 return MSG_NG;
2805 }
2806 bytesauth = OSPF_AUTH_MD5_SIZE;
2807 }
2808 if (bytesdeclared + bytesauth > bytesonwire) {
2809 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2810 zlog_debug(
2811 "%s: packet length error (%u real, %u+%u declared)",
2812 __func__, bytesonwire, bytesdeclared,
2813 bytesauth);
2814 return MSG_NG;
2815 }
2816 /* Length, 2nd approximation. The type-specific constraint is checked
2817 against declared length, not amount of bytes on wire. */
2818 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2819 && bytesdeclared
2820 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2821 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2822 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2823 bytesdeclared,
2824 lookup_msg(ospf_packet_type_str, oh->type,
2825 NULL));
2826 return MSG_NG;
2827 }
2828 switch (oh->type) {
2829 case OSPF_MSG_HELLO:
2830 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2831 followed
2832 by N>=0 router-IDs. */
2833 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2834 % 4
2835 ? MSG_NG
2836 : MSG_OK;
2837 break;
2838 case OSPF_MSG_DB_DESC:
2839 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2840 followed
2841 by N>=0 header-only LSAs. */
2842 ret = ospf_lsaseq_examin(
2843 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2844 + OSPF_DB_DESC_MIN_SIZE),
2845 bytesdeclared - OSPF_HEADER_SIZE
2846 - OSPF_DB_DESC_MIN_SIZE,
2847 1, /* header-only LSAs */
2848 0);
2849 break;
2850 case OSPF_MSG_LS_REQ:
2851 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2852 * request blocks. */
2853 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2854 % OSPF_LSA_KEY_SIZE
2855 ? MSG_NG
2856 : MSG_OK;
2857 break;
2858 case OSPF_MSG_LS_UPD:
2859 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2860 followed
2861 by N>=0 full LSAs (with N declared beforehand). */
2862 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2863 + OSPF_HEADER_SIZE);
2864 ret = ospf_lsaseq_examin(
2865 (struct lsa_header *)((caddr_t)lsupd
2866 + OSPF_LS_UPD_MIN_SIZE),
2867 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2868 0, /* full LSAs */
2869 ntohl(lsupd->num_lsas) /* 32 bits */
9d303b37 2870 );
d62a17ae 2871 break;
2872 case OSPF_MSG_LS_ACK:
2873 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2874 * LSAs. */
2875 ret = ospf_lsaseq_examin(
2876 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2877 + OSPF_LS_ACK_MIN_SIZE),
2878 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2879 1, /* header-only LSAs */
2880 0);
2881 break;
2882 default:
2883 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2884 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2885 oh->type);
2886 return MSG_NG;
2887 }
2888 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2889 zlog_debug("%s: malformed %s packet", __func__,
2890 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2891 return ret;
75c8eabb
DO		 2892}
2893
718e3744 2894/* OSPF Header verification. */
d62a17ae 2895static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2896 struct ip *iph, struct ospf_header *ospfh)
2897{
2898 /* Check Area ID. */
2899 if (!ospf_check_area_id(oi, ospfh)) {
cf444bcf 2900 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2901 "interface %s: ospf_read invalid Area ID %s.",
d62a17ae 2902 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2903 return -1;
2904 }
718e3744 2905
d62a17ae 2906 /* Check network mask, Silently discarded. */
2907 if (!ospf_check_network_mask(oi, iph->ip_src)) {
c9cc11f6 2908 flog_warn(
cf444bcf 2909 EC_OSPF_PACKET,
d62a17ae 2910 "interface %s: ospf_read network address is not same [%s]",
2911 IF_NAME(oi), inet_ntoa(iph->ip_src));
2912 return -1;
2913 }
718e3744 2914
d62a17ae 2915 /* Check authentication. The function handles logging actions, where
2916 * required. */
2917 if (!ospf_check_auth(oi, ospfh))
2918 return -1;
718e3744 2919
d62a17ae 2920 return 0;
718e3744 2921}
2922
2923/* Starting point of packet process function. */
d62a17ae 2924int ospf_read(struct thread *thread)
2925{
2926 int ret;
2927 struct stream *ibuf;
2928 struct ospf *ospf;
2929 struct ospf_interface *oi;
2930 struct ip *iph;
2931 struct ospf_header *ospfh;
d7c0a89a 2932 uint16_t length;
b5a8894d 2933 struct interface *ifp = NULL;
d62a17ae 2934 struct connected *c;
2935
2936 /* first of all get interface pointer. */
2937 ospf = THREAD_ARG(thread);
2938
2939 /* prepare for next packet. */
2940 ospf->t_read = NULL;
2941 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2942
2943 stream_reset(ospf->ibuf);
b5a8894d
CS		 2944 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2945 if (ibuf == NULL)
d62a17ae 2946 return -1;
2947 /* This raw packet is known to be at least as big as its IP header. */
2948
2949 /* Note that there should not be alignment problems with this assignment
2950 because this is at the beginning of the stream data buffer. */
2951 iph = (struct ip *)STREAM_DATA(ibuf);
2952 /* Note that sockopt_iphdrincl_swab_systoh was called in
2953 * ospf_recv_packet. */
2954
2955 if (ifp == NULL) {
2956 /* Handle cases where the platform does not support retrieving
2957 the ifindex,
2958 and also platforms (such as Solaris 8) that claim to support
2959 ifindex
2960 retrieval but do not. */
2961 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
b5a8894d 2962 ospf->vrf_id);
d62a17ae 2963 if (c)
2964 ifp = c->ifp;
2965 if (ifp == NULL)
2966 return 0;
2967 }
2968
2969 /* IP Header dump. */
2970 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2971 ospf_ip_header_dump(iph);
2972
2973 /* Self-originated packet should be discarded silently. */
2974 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2975 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2976 zlog_debug(
2977 "ospf_read[%s]: Dropping self-originated packet",
2978 inet_ntoa(iph->ip_src));
2979 }
2980 return 0;
2981 }
2982
2983 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2984 by ospf_recv_packet() to be correct). */
2985 stream_forward_getp(ibuf, iph->ip_hl * 4);
2986
2d34fb80 2987 ospfh = (struct ospf_header *)stream_pnt(ibuf);
d62a17ae 2988 if (MSG_OK
9d303b37
DL		 2989 != ospf_packet_examin(
2990 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
d62a17ae 2991 return -1;
2992 /* Now it is safe to access all fields of OSPF packet header. */
2993
2994 /* associate packet with ospf interface */
2995 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2996
2997 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2998 only
2999 after the passive/backbone/other checks below are passed. These
3000 checks
3001 in turn access the fields of unverified "ospfh" structure for their
3002 own
3003 purposes and must remain very accurate in doing this. */
3004
3005 /* If incoming interface is passive one, ignore it. */
3006 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3007 char buf[3][INET_ADDRSTRLEN];
3008
3009 if (IS_DEBUG_OSPF_EVENT)
3010 zlog_debug(
3011 "ignoring packet from router %s sent to %s, "
3012 "received on a passive interface, %s",
3013 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3014 sizeof(buf[0])),
3015 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3016 sizeof(buf[1])),
3017 inet_ntop(AF_INET, &oi->address->u.prefix4,
3018 buf[2], sizeof(buf[2])));
3019
3020 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3021 /* Try to fix multicast membership.
3022 * Some OS:es may have problems in this area,
3023 * make sure it is removed.
3024 */
3025 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3026 ospf_if_set_multicast(oi);
3027 }
3028 return 0;
3029 }
3030
3031
3032 /* if no local ospf_interface,
3033 * or header area is backbone but ospf_interface is not
3034 * check for VLINK interface
3035 */
9d303b37
DL		 3036 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3037 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
d62a17ae 3038 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3039 == NULL) {
3040 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3041 zlog_debug(
3042 "Packet from [%s] received on link %s"
3043 " but no ospf_interface",
3044 inet_ntoa(iph->ip_src), ifp->name);
3045 return 0;
3046 }
3047 }
3048
3049 /* else it must be a local ospf interface, check it was received on
3050 * correct link
3051 */
3052 else if (oi->ifp != ifp) {
3053 if (IS_DEBUG_OSPF_EVENT)
cf444bcf 3054 flog_warn(EC_OSPF_PACKET,
c9cc11f6 3055 "Packet from [%s] received on wrong link %s",
d62a17ae 3056 inet_ntoa(iph->ip_src), ifp->name);
3057 return 0;
3058 } else if (oi->state == ISM_Down) {
3059 char buf[2][INET_ADDRSTRLEN];
c9cc11f6 3060 flog_warn(
cf444bcf 3061 EC_OSPF_PACKET,
d62a17ae 3062 "Ignoring packet from %s to %s received on interface that is "
3063 "down [%s]; interface flags are %s",
3064 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3065 sizeof(buf[0])),
3066 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3067 sizeof(buf[1])),
3068 ifp->name, if_flag_dump(ifp->flags));
3069 /* Fix multicast memberships? */
3070 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3071 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3072 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3073 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3074 if (oi->multicast_memberships)
3075 ospf_if_set_multicast(oi);
3076 return 0;
3077 }
3078
3079 /*
3080 * If the received packet is destined for AllDRouters, the packet
3081 * should be accepted only if the received ospf interface state is
3082 * either DR or Backup -- endo.
3083 */
3084 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3085 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
c9cc11f6 3086 flog_warn(
cf444bcf 3087 EC_OSPF_PACKET,
d62a17ae 3088 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3089 inet_ntoa(iph->ip_src), IF_NAME(oi),
3090 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3091 /* Try to fix multicast membership. */
3092 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3093 ospf_if_set_multicast(oi);
3094 return 0;
3095 }
3096
3097 /* Verify more OSPF header fields. */
3098 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3099 if (ret < 0) {
3100 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3101 zlog_debug(
3102 "ospf_read[%s]: Header check failed, "
3103 "dropping.",
3104 inet_ntoa(iph->ip_src));
3105 return ret;
3106 }
3107
3108 /* Show debug receiving packet. */
3109 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3110 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3111 zlog_debug(
3112 "-----------------------------------------------------");
3113 ospf_packet_dump(ibuf);
3114 }
3115
3116 zlog_debug("%s received from [%s] via [%s]",
3117 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3118 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3119 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3120 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3121
3122 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3123 zlog_debug(
3124 "-----------------------------------------------------");
3125 }
3126
3127 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3128
3129 /* Adjust size to message length. */
3130 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3131
3132 /* Read rest of the packet and call each sort of packet routine. */
3133 switch (ospfh->type) {
3134 case OSPF_MSG_HELLO:
3135 ospf_hello(iph, ospfh, ibuf, oi, length);
3136 break;
3137 case OSPF_MSG_DB_DESC:
3138 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3139 break;
3140 case OSPF_MSG_LS_REQ:
3141 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3142 break;
3143 case OSPF_MSG_LS_UPD:
3144 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3145 break;
3146 case OSPF_MSG_LS_ACK:
3147 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3148 break;
3149 default:
cf444bcf 3150 flog_warn(EC_OSPF_PACKET,
c9cc11f6 3151 "interface %s: OSPF packet header type %d is illegal",
d62a17ae 3152 IF_NAME(oi), ospfh->type);
3153 break;
3154 }
3155
b10ce841 3156 return 0;
718e3744 3157}
3158
3159/* Make OSPF header. */
d62a17ae 3160static void ospf_make_header(int type, struct ospf_interface *oi,
3161 struct stream *s)
718e3744 3162{
d62a17ae 3163 struct ospf_header *ospfh;
718e3744 3164
d62a17ae 3165 ospfh = (struct ospf_header *)STREAM_DATA(s);
718e3744 3166
d7c0a89a
QY		 3167 ospfh->version = (uint8_t)OSPF_VERSION;
3168 ospfh->type = (uint8_t)type;
718e3744 3169
d62a17ae 3170 ospfh->router_id = oi->ospf->router_id;
718e3744 3171
d62a17ae 3172 ospfh->checksum = 0;
3173 ospfh->area_id = oi->area->area_id;
3174 ospfh->auth_type = htons(ospf_auth_type(oi));
718e3744 3175
d62a17ae 3176 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
718e3744 3177
d62a17ae 3178 stream_forward_endp(s, OSPF_HEADER_SIZE);
718e3744 3179}
3180
3181/* Make Authentication Data. */
d62a17ae 3182static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3183{
3184 struct crypt_key *ck;
3185
3186 switch (ospf_auth_type(oi)) {
3187 case OSPF_AUTH_NULL:
3188 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3189 */
3190 break;
3191 case OSPF_AUTH_SIMPLE:
3192 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3193 OSPF_AUTH_SIMPLE_SIZE);
3194 break;
3195 case OSPF_AUTH_CRYPTOGRAPHIC:
3196 /* If key is not set, then set 0. */
3197 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3198 ospfh->u.crypt.zero = 0;
3199 ospfh->u.crypt.key_id = 0;
3200 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3201 } else {
3202 ck = listgetdata(
3203 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3204 ospfh->u.crypt.zero = 0;
3205 ospfh->u.crypt.key_id = ck->key_id;
3206 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3207 }
3208 /* note: the seq is done in ospf_make_md5_digest() */
3209 break;
3210 default:
3211 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3212 */
3213 break;
718e3744 3214 }
718e3744 3215
d62a17ae 3216 return 0;
718e3744 3217}
3218
3219/* Fill rest of OSPF header. */
d62a17ae 3220static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
d7c0a89a 3221 uint16_t length)
d62a17ae 3222{
3223 struct ospf_header *ospfh;
3224
3225 ospfh = (struct ospf_header *)STREAM_DATA(s);
3226
3227 /* Fill length. */
3228 ospfh->length = htons(length);
3229
3230 /* Calculate checksum. */
3231 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3232 ospfh->checksum = in_cksum(ospfh, length);
3233 else
3234 ospfh->checksum = 0;
3235
3236 /* Add Authentication Data. */
3237 ospf_make_auth(oi, ospfh);
3238}
3239
3240static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3241{
3242 struct ospf_neighbor *nbr;
3243 struct route_node *rn;
d7c0a89a 3244 uint16_t length = OSPF_HELLO_MIN_SIZE;
d62a17ae 3245 struct in_addr mask;
3246 unsigned long p;
3247 int flag = 0;
3248
3249 /* Set netmask of interface. */
3250 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3251 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3252 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3253 masklen2ip(oi->address->prefixlen, &mask);
3254 else
3255 memset((char *)&mask, 0, sizeof(struct in_addr));
3256 stream_put_ipv4(s, mask.s_addr);
3257
3258 /* Set Hello Interval. */
3259 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3260 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3261 else
3262 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3263
3264 if (IS_DEBUG_OSPF_EVENT)
3265 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3266 IF_NAME(oi));
3267
3268 /* Set Options. */
3269 stream_putc(s, OPTIONS(oi));
3270
3271 /* Set Router Priority. */
3272 stream_putc(s, PRIORITY(oi));
3273
3274 /* Set Router Dead Interval. */
3275 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3276
3277 /* Set Designated Router. */
3278 stream_put_ipv4(s, DR(oi).s_addr);
3279
3280 p = stream_get_endp(s);
3281
3282 /* Set Backup Designated Router. */
3283 stream_put_ipv4(s, BDR(oi).s_addr);
3284
3285 /* Add neighbor seen. */
3286 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3287 if ((nbr = rn->info))
3288 if (nbr->router_id.s_addr
3289 != 0) /* Ignore 0.0.0.0 node. */
3290 if (nbr->state
3291 != NSM_Attempt) /* Ignore Down neighbor. */
3292 if (nbr->state
3293 != NSM_Down) /* This is myself for
3294 DR election. */
3295 if (!IPV4_ADDR_SAME(
3296 &nbr->router_id,
3297 &oi->ospf->router_id)) {
3298 /* Check neighbor is
3299 * sane? */
3300 if (nbr->d_router.s_addr
3301 != 0
3302 && IPV4_ADDR_SAME(
3303 &nbr->d_router,
3304 &oi->address
3305 ->u
3306 .prefix4)
3307 && IPV4_ADDR_SAME(
3308 &nbr->bd_router,
3309 &oi->address
3310 ->u
3311 .prefix4))
3312 flag = 1;
3313
3314 stream_put_ipv4(
3315 s,
3316 nbr->router_id
3317 .s_addr);
3318 length += 4;
3319 }
3320
3321 /* Let neighbor generate BackupSeen. */
3322 if (flag == 1)
3323 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3324
3325 return length;
3326}
3327
3328static int ospf_make_db_desc(struct ospf_interface *oi,
3329 struct ospf_neighbor *nbr, struct stream *s)
3330{
3331 struct ospf_lsa *lsa;
d7c0a89a
QY		 3332 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3333 uint8_t options;
d62a17ae 3334 unsigned long pp;
3335 int i;
3336 struct ospf_lsdb *lsdb;
3337
3338 /* Set Interface MTU. */
3339 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3340 stream_putw(s, 0);
3341 else
3342 stream_putw(s, oi->ifp->mtu);
3343
3344 /* Set Options. */
3345 options = OPTIONS(oi);
3346 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3347 SET_FLAG(options, OSPF_OPTION_O);
3348 stream_putc(s, options);
3349
3350 /* DD flags */
3351 pp = stream_get_endp(s);
3352 stream_putc(s, nbr->dd_flags);
3353
3354 /* Set DD Sequence Number. */
3355 stream_putl(s, nbr->dd_seqnum);
3356
3357 /* shortcut unneeded walk of (empty) summary LSDBs */
3358 if (ospf_db_summary_isempty(nbr))
3359 goto empty;
3360
3361 /* Describe LSA Header from Database Summary List. */
3362 lsdb = &nbr->db_sum;
3363
3364 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3365 struct route_table *table = lsdb->type[i].db;
3366 struct route_node *rn;
3367
3368 for (rn = route_top(table); rn; rn = route_next(rn))
3369 if ((lsa = rn->info) != NULL) {
3370 if (IS_OPAQUE_LSA(lsa->data->type)
3371 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3372 /* Suppress advertising
3373 * opaque-informations. */
3374 /* Remove LSA from DB summary list. */
3375 ospf_lsdb_delete(lsdb, lsa);
3376 continue;
3377 }
3378
3379 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3380 struct lsa_header *lsah;
d7c0a89a 3381 uint16_t ls_age;
d62a17ae 3382
3383 /* DD packet overflows interface MTU. */
3384 if (length + OSPF_LSA_HEADER_SIZE
3385 > ospf_packet_max(oi))
3386 break;
3387
3388 /* Keep pointer to LS age. */
3389 lsah = (struct lsa_header
3390 *)(STREAM_DATA(s)
3391 + stream_get_endp(
3392 s));
3393
3394 /* Proceed stream pointer. */
3395 stream_put(s, lsa->data,
3396 OSPF_LSA_HEADER_SIZE);
3397 length += OSPF_LSA_HEADER_SIZE;
3398
3399 /* Set LS age. */
3400 ls_age = LS_AGE(lsa);
3401 lsah->ls_age = htons(ls_age);
3402 }
3403
3404 /* Remove LSA from DB summary list. */
3405 ospf_lsdb_delete(lsdb, lsa);
3406 }
3407 }
718e3744 3408
d62a17ae 3409 /* Update 'More' bit */
3410 if (ospf_db_summary_isempty(nbr)) {
3411 empty:
3412 if (nbr->state >= NSM_Exchange) {
3413 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3414 /* Rewrite DD flags */
3415 stream_putc_at(s, pp, nbr->dd_flags);
3416 } else {
3417 assert(IS_SET_DD_M(nbr->dd_flags));
3418 }
3419 }
3420 return length;
3421}
86f1fd96 3422
d7c0a89a 3423static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
d62a17ae 3424 unsigned long delta, struct ospf_neighbor *nbr,
3425 struct ospf_lsa *lsa)
3426{
3427 struct ospf_interface *oi;
718e3744 3428
d62a17ae 3429 oi = nbr->oi;
718e3744 3430
d62a17ae 3431 /* LS Request packet overflows interface MTU. */
3432 if (*length + delta > ospf_packet_max(oi))
3433 return 0;
1eb8ef25 3434
d62a17ae 3435 stream_putl(s, lsa->data->type);
3436 stream_put_ipv4(s, lsa->data->id.s_addr);
3437 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
718e3744 3438
d62a17ae 3439 ospf_lsa_unlock(&nbr->ls_req_last);
3440 nbr->ls_req_last = ospf_lsa_lock(lsa);
59ea14c6 3441
d62a17ae 3442 *length += 12;
3443 return 1;
3444}
718e3744 3445
d62a17ae 3446static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3447{
3448 struct ospf_lsa *lsa;
d7c0a89a 3449 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
d62a17ae 3450 unsigned long delta = stream_get_endp(s) + 12;
3451 struct route_table *table;
3452 struct route_node *rn;
3453 int i;
3454 struct ospf_lsdb *lsdb;
718e3744 3455
d62a17ae 3456 lsdb = &nbr->ls_req;
718e3744 3457
d62a17ae 3458 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3459 table = lsdb->type[i].db;
3460 for (rn = route_top(table); rn; rn = route_next(rn))
3461 if ((lsa = (rn->info)) != NULL)
3462 if (ospf_make_ls_req_func(s, &length, delta,
3463 nbr, lsa)
3464 == 0) {
3465 route_unlock_node(rn);
3466 break;
3467 }
3468 }
3469 return length;
3470}
718e3744 3471
d62a17ae 3472static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3473{
3474 int age;
718e3744 3475
d62a17ae 3476 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
718e3744 3477
d62a17ae 3478 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
718e3744 3479}
3480
d62a17ae 3481static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3482 struct stream *s)
718e3744 3483{
d62a17ae 3484 struct ospf_lsa *lsa;
3485 struct listnode *node;
d7c0a89a 3486 uint16_t length = 0;
d62a17ae 3487 unsigned int size_noauth;
3488 unsigned long delta = stream_get_endp(s);
3489 unsigned long pp;
3490 int count = 0;
3491
3492 if (IS_DEBUG_OSPF_EVENT)
3493 zlog_debug("ospf_make_ls_upd: Start");
3494
3495 pp = stream_get_endp(s);
3496 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3497 length += OSPF_LS_UPD_MIN_SIZE;
3498
3499 /* Calculate amount of packet usable for data. */
3500 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3501
3502 while ((node = listhead(update)) != NULL) {
3503 struct lsa_header *lsah;
d7c0a89a 3504 uint16_t ls_age;
d62a17ae 3505
3506 if (IS_DEBUG_OSPF_EVENT)
3507 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3508 count);
3509
3510 lsa = listgetdata(node);
3511
3512 assert(lsa->data);
3513
3514 /* Will it fit? */
3515 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3516 break;
3517
3518 /* Keep pointer to LS age. */
3519 lsah = (struct lsa_header *)(STREAM_DATA(s)
3520 + stream_get_endp(s));
3521
3522 /* Put LSA to Link State Request. */
3523 stream_put(s, lsa->data, ntohs(lsa->data->length));
718e3744 3524
d62a17ae 3525 /* Set LS age. */
3526 /* each hop must increment an lsa_age by transmit_delay
3527 of OSPF interface */
3528 ls_age = ls_age_increment(lsa,
3529 OSPF_IF_PARAM(oi, transmit_delay));
3530 lsah->ls_age = htons(ls_age);
3531
3532 length += ntohs(lsa->data->length);
3533 count++;
3534
3535 list_delete_node(update, node);
3536 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3537 }
3538
3539 /* Now set #LSAs. */
3540 stream_putl_at(s, pp, count);
3541
3542 if (IS_DEBUG_OSPF_EVENT)
3543 zlog_debug("ospf_make_ls_upd: Stop");
3544 return length;
718e3744 3545}
3546
d62a17ae 3547static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3548 struct stream *s)
718e3744 3549{
d62a17ae 3550 struct listnode *node, *nnode;
d7c0a89a 3551 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
d62a17ae 3552 unsigned long delta = stream_get_endp(s) + 24;
3553 struct ospf_lsa *lsa;
718e3744 3554
d62a17ae 3555 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3556 assert(lsa);
718e3744 3557
d62a17ae 3558 if (length + delta > ospf_packet_max(oi))
3559 break;
718e3744 3560
d62a17ae 3561 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3562 length += OSPF_LSA_HEADER_SIZE;
3563
3564 listnode_delete(ack, lsa);
3565 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3566 }
3567
3568 return length;
3569}
3570
3571static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3572{
3573 struct ospf_packet *op;
d7c0a89a 3574 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3575
d62a17ae 3576 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3577
d62a17ae 3578 /* Prepare OSPF common header. */
3579 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
718e3744 3580
d62a17ae 3581 /* Prepare OSPF Hello body. */
3582 length += ospf_make_hello(oi, op->s);
718e3744 3583
d62a17ae 3584 /* Fill OSPF header. */
3585 ospf_fill_header(oi, op->s, length);
718e3744 3586
d62a17ae 3587 /* Set packet length. */
3588 op->length = length;
3589
3590 op->dst.s_addr = addr;
3591
b5a8894d
CS		 3592 if (IS_DEBUG_OSPF_EVENT) {
3593 if (oi->ospf->vrf_id)
996c9314
LB		 3594 zlog_debug(
3595 "%s: Hello Tx interface %s ospf vrf %s id %u",
3596 __PRETTY_FUNCTION__, oi->ifp->name,
3597 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3598 oi->ospf->vrf_id);
b5a8894d 3599 }
d62a17ae 3600 /* Add packet to the top of the interface output queue, so that they
3601 * can't get delayed by things like long queues of LS Update packets
3602 */
3603 ospf_packet_add_top(oi, op);
3604
3605 /* Hook thread to write packet. */
3606 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3607}
3608
d62a17ae 3609static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
718e3744 3610{
d62a17ae 3611 struct ospf_interface *oi;
718e3744 3612
d62a17ae 3613 oi = nbr_nbma->oi;
3614 assert(oi);
718e3744 3615
d62a17ae 3616 /* If this is passive interface, do not send OSPF Hello. */
3617 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3618 return;
718e3744 3619
d62a17ae 3620 if (oi->type != OSPF_IFTYPE_NBMA)
3621 return;
718e3744 3622
d62a17ae 3623 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3624 return;
718e3744 3625
d62a17ae 3626 if (PRIORITY(oi) == 0)
3627 return;
718e3744 3628
d62a17ae 3629 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3630 && oi->state != ISM_Backup)
3631 return;
718e3744 3632
d62a17ae 3633 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
718e3744 3634}
3635
d62a17ae 3636int ospf_poll_timer(struct thread *thread)
718e3744 3637{
d62a17ae 3638 struct ospf_nbr_nbma *nbr_nbma;
718e3744 3639
d62a17ae 3640 nbr_nbma = THREAD_ARG(thread);
3641 nbr_nbma->t_poll = NULL;
718e3744 3642
d62a17ae 3643 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3644 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3645 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
718e3744 3646
d62a17ae 3647 ospf_poll_send(nbr_nbma);
718e3744 3648
d62a17ae 3649 if (nbr_nbma->v_poll > 0)
3650 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3651 nbr_nbma->v_poll);
718e3744 3652
d62a17ae 3653 return 0;
718e3744 3654}
3655
3656
d62a17ae 3657int ospf_hello_reply_timer(struct thread *thread)
718e3744 3658{
d62a17ae 3659 struct ospf_neighbor *nbr;
718e3744 3660
d62a17ae 3661 nbr = THREAD_ARG(thread);
3662 nbr->t_hello_reply = NULL;
718e3744 3663
d62a17ae 3664 assert(nbr->oi);
718e3744 3665
d62a17ae 3666 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3667 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3668 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
718e3744 3669
d62a17ae 3670 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
718e3744 3671
d62a17ae 3672 return 0;
718e3744 3673}
3674
3675/* Send OSPF Hello. */
d62a17ae 3676void ospf_hello_send(struct ospf_interface *oi)
3677{
3678 /* If this is passive interface, do not send OSPF Hello. */
3679 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3680 return;
3681
3682 if (oi->type == OSPF_IFTYPE_NBMA) {
3683 struct ospf_neighbor *nbr;
3684 struct route_node *rn;
3685
3686 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3687 if ((nbr = rn->info))
3688 if (nbr != oi->nbr_self)
3689 if (nbr->state != NSM_Down) {
3690 /* RFC 2328 Section 9.5.1
3691 If the router is not
3692 eligible to become Designated
3693 Router,
3694 it must periodically send
3695 Hello Packets to both the
3696 Designated Router and the
3697 Backup Designated Router (if
3698 they
3699 exist). */
3700 if (PRIORITY(oi) == 0
3701 && IPV4_ADDR_CMP(
3702 &DR(oi),
3703 &nbr->address.u
3704 .prefix4)
3705 && IPV4_ADDR_CMP(
3706 &BDR(oi),
3707 &nbr->address.u
3708 .prefix4))
3709 continue;
3710
3711 /* If the router is eligible to
3712 become Designated Router, it
3713 must periodically send Hello
3714 Packets to all neighbors that
3715 are also eligible. In
3716 addition, if the router is
3717 itself the
3718 Designated Router or Backup
3719 Designated Router, it must
3720 also
3721 send periodic Hello Packets
3722 to all other neighbors. */
3723
3724 if (nbr->priority == 0
3725 && oi->state == ISM_DROther)
3726 continue;
3727 /* if oi->state == Waiting, send
3728 * hello to all neighbors */
3729 ospf_hello_send_sub(
3730 oi,
3731 nbr->address.u.prefix4
3732 .s_addr);
3733 }
3734 } else {
3735 /* Decide destination address. */
3736 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3737 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3738 else
3739 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3740 }
718e3744 3741}
3742
3743/* Send OSPF Database Description. */
d62a17ae 3744void ospf_db_desc_send(struct ospf_neighbor *nbr)
718e3744 3745{
d62a17ae 3746 struct ospf_interface *oi;
3747 struct ospf_packet *op;
d7c0a89a 3748 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3749
d62a17ae 3750 oi = nbr->oi;
3751 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3752
d62a17ae 3753 /* Prepare OSPF common header. */
3754 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
718e3744 3755
d62a17ae 3756 /* Prepare OSPF Database Description body. */
3757 length += ospf_make_db_desc(oi, nbr, op->s);
718e3744 3758
d62a17ae 3759 /* Fill OSPF header. */
3760 ospf_fill_header(oi, op->s, length);
718e3744 3761
d62a17ae 3762 /* Set packet length. */
3763 op->length = length;
718e3744 3764
d62a17ae 3765 /* Decide destination address. */
3766 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3767 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3768 else
3769 op->dst = nbr->address.u.prefix4;
718e3744 3770
d62a17ae 3771 /* Add packet to the interface output queue. */
3772 ospf_packet_add(oi, op);
718e3744 3773
d62a17ae 3774 /* Hook thread to write packet. */
3775 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3776
d62a17ae 3777 /* Remove old DD packet, then copy new one and keep in neighbor
3778 * structure. */
3779 if (nbr->last_send)
3780 ospf_packet_free(nbr->last_send);
3781 nbr->last_send = ospf_packet_dup(op);
3782 monotime(&nbr->last_send_ts);
718e3744 3783}
3784
3785/* Re-send Database Description. */
d62a17ae 3786void ospf_db_desc_resend(struct ospf_neighbor *nbr)
718e3744 3787{
d62a17ae 3788 struct ospf_interface *oi;
718e3744 3789
d62a17ae 3790 oi = nbr->oi;
718e3744 3791
d62a17ae 3792 /* Add packet to the interface output queue. */
3793 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
718e3744 3794
d62a17ae 3795 /* Hook thread to write packet. */
3796 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3797}
3798
3799/* Send Link State Request. */
d62a17ae 3800void ospf_ls_req_send(struct ospf_neighbor *nbr)
718e3744 3801{
d62a17ae 3802 struct ospf_interface *oi;
3803 struct ospf_packet *op;
d7c0a89a 3804 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3805
d62a17ae 3806 oi = nbr->oi;
3807 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3808
d62a17ae 3809 /* Prepare OSPF common header. */
3810 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
718e3744 3811
d62a17ae 3812 /* Prepare OSPF Link State Request body. */
3813 length += ospf_make_ls_req(nbr, op->s);
3814 if (length == OSPF_HEADER_SIZE) {
3815 ospf_packet_free(op);
3816 return;
3817 }
718e3744 3818
d62a17ae 3819 /* Fill OSPF header. */
3820 ospf_fill_header(oi, op->s, length);
718e3744 3821
d62a17ae 3822 /* Set packet length. */
3823 op->length = length;
718e3744 3824
d62a17ae 3825 /* Decide destination address. */
3826 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3827 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3828 else
3829 op->dst = nbr->address.u.prefix4;
718e3744 3830
d62a17ae 3831 /* Add packet to the interface output queue. */
3832 ospf_packet_add(oi, op);
718e3744 3833
d62a17ae 3834 /* Hook thread to write packet. */
3835 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3836
d62a17ae 3837 /* Add Link State Request Retransmission Timer. */
3838 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 3839}
3840
3841/* Send Link State Update with an LSA. */
d62a17ae 3842void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3843 int flag)
718e3744 3844{
d62a17ae 3845 struct list *update;
718e3744 3846
d62a17ae 3847 update = list_new();
718e3744 3848
d62a17ae 3849 listnode_add(update, lsa);
046460a1
CS		 3850
3851 /*ospf instance is going down, send self originated
3852 * MAXAGE LSA update to neighbors to remove from LSDB */
3853 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3854 ospf_ls_upd_send(nbr, update, flag, 1);
3855 else
3856 ospf_ls_upd_send(nbr, update, flag, 0);
718e3744 3857
6a154c88 3858 list_delete(&update);
718e3744 3859}
3860
68b7339a 3861/* Determine size for packet. Must be at least big enough to accomodate next
3862 * LSA on list, which may be bigger than MTU size.
3863 *
3864 * Return pointer to new ospf_packet
3865 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3866 * on packet sizes (in which case offending LSA is deleted from update list)
3867 */
d62a17ae 3868static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3869 struct ospf_interface *oi)
3870{
3871 struct ospf_lsa *lsa;
3872 struct listnode *ln;
3873 size_t size;
3874 static char warned = 0;
3875
3876 lsa = listgetdata((ln = listhead(update)));
3877 assert(lsa->data);
3878
3879 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3880 > ospf_packet_max(oi)) {
3881 if (!warned) {
c9cc11f6 3882 flog_warn(
cf444bcf 3883 EC_OSPF_LARGE_LSA,
d62a17ae 3884 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3885 "will need to fragment. Not optimal. Try divide up"
3886 " your network with areas. Use 'debug ospf packet send'"
3887 " to see details, or look at 'show ip ospf database ..'");
3888 warned = 1;
3889 }
3890
3891 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3892 zlog_debug(
3893 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3894 " %d bytes originated by %s, will be fragmented!",
3895 inet_ntoa(lsa->data->id),
3896 ntohs(lsa->data->length),
3897 inet_ntoa(lsa->data->adv_router));
3898
3899 /*
3900 * Allocate just enough to fit this LSA only, to avoid including
3901 * other
3902 * LSAs in fragmented LSA Updates.
3903 */
3904 size = ntohs(lsa->data->length)
3905 + (oi->ifp->mtu - ospf_packet_max(oi))
3906 + OSPF_LS_UPD_MIN_SIZE;
3907 } else
3908 size = oi->ifp->mtu;
3909
3910 if (size > OSPF_MAX_PACKET_SIZE) {
cf444bcf 3911 flog_warn(EC_OSPF_LARGE_LSA,
c9cc11f6
DS		 3912 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3913 " %d bytes, packet size %ld, dropping it completely."
3914 " OSPF routing is broken!",
3915 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3916 (long int)size);
d62a17ae 3917 list_delete_node(update, ln);
3918 return NULL;
3919 }
718e3744 3920
d62a17ae 3921 /* IP header is built up separately by ospf_write(). This means, that we
3922 * must
3923 * reduce the "affordable" size just calculated by length of an IP
3924 * header.
3925 * This makes sure, that even if we manage to fill the payload with LSA
3926 * data
3927 * completely, the final packet (our data plus IP header) still fits
3928 * into
3929 * outgoing interface MTU. This correction isn't really meaningful for
3930 * an
3931 * oversized LSA, but for consistency the correction is done for both
3932 * cases.
3933 *
3934 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3935 */
3936 return ospf_packet_new(size - sizeof(struct ip));
718e3744 3937}
3938
d62a17ae 3939static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
046460a1
CS		 3940 struct list *update, struct in_addr addr,
3941 int send_lsupd_now)
718e3744 3942{
d62a17ae 3943 struct ospf_packet *op;
d7c0a89a 3944 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 3945
3946 if (IS_DEBUG_OSPF_EVENT)
3947 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3948 IF_NAME(oi), inet_ntoa(addr));
3949
19274fe8
OD		 3950 /* Check that we have really something to process */
3951 if (listcount(update) == 0)
3952 return;
3953
d62a17ae 3954 op = ospf_ls_upd_packet_new(update, oi);
718e3744 3955
d62a17ae 3956 /* Prepare OSPF common header. */
3957 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
718e3744 3958
d62a17ae 3959 /* Prepare OSPF Link State Update body.
3960 * Includes Type-7 translation.
3961 */
3962 length += ospf_make_ls_upd(oi, update, op->s);
3963
3964 /* Fill OSPF header. */
3965 ospf_fill_header(oi, op->s, length);
3966
3967 /* Set packet length. */
3968 op->length = length;
3969
3970 /* Decide destination address. */
3971 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3972 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3973 else
3974 op->dst.s_addr = addr.s_addr;
3975
3976 /* Add packet to the interface output queue. */
3977 ospf_packet_add(oi, op);
046460a1
CS		 3978 /* Call ospf_write() right away to send ospf packets to neighbors */
3979 if (send_lsupd_now) {
3980 struct thread os_packet_thd;
3981
3982 os_packet_thd.arg = (void *)oi->ospf;
3983 if (oi->on_write_q == 0) {
3984 listnode_add(oi->ospf->oi_write_q, oi);
3985 oi->on_write_q = 1;
3986 }
3987 ospf_write(&os_packet_thd);
3988 } else {
3989 /* Hook thread to write packet. */
3990 OSPF_ISM_WRITE_ON(oi->ospf);
3991 }
d62a17ae 3992}
3993
3994static int ospf_ls_upd_send_queue_event(struct thread *thread)
3995{
3996 struct ospf_interface *oi = THREAD_ARG(thread);
3997 struct route_node *rn;
3998 struct route_node *rnext;
3999 struct list *update;
4000 char again = 0;
4001
4002 oi->t_ls_upd_event = NULL;
4003
4004 if (IS_DEBUG_OSPF_EVENT)
4005 zlog_debug("ospf_ls_upd_send_queue start");
4006
4007 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4008 rnext = route_next(rn);
4009
4010 if (rn->info == NULL)
4011 continue;
4012
4013 update = (struct list *)rn->info;
4014
046460a1 4015 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
d62a17ae 4016
4017 /* list might not be empty. */
4018 if (listcount(update) == 0) {
6a154c88 4019 list_delete((struct list **)&rn->info);
d62a17ae 4020 route_unlock_node(rn);
4021 } else
4022 again = 1;
4023 }
4024
4025 if (again != 0) {
4026 if (IS_DEBUG_OSPF_EVENT)
4027 zlog_debug(
4028 "ospf_ls_upd_send_queue: update lists not cleared,"
4029 " %d nodes to try again, raising new event",
4030 again);
4031 oi->t_ls_upd_event = NULL;
4032 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4033 &oi->t_ls_upd_event);
4034 }
4035
4036 if (IS_DEBUG_OSPF_EVENT)
4037 zlog_debug("ospf_ls_upd_send_queue stop");
4038
4039 return 0;
4040}
4041
046460a1
CS		 4042void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4043 int send_lsupd_now)
d62a17ae 4044{
4045 struct ospf_interface *oi;
4046 struct ospf_lsa *lsa;
4047 struct prefix_ipv4 p;
4048 struct route_node *rn;
4049 struct listnode *node;
4050
4051 oi = nbr->oi;
4052
4053 p.family = AF_INET;
4054 p.prefixlen = IPV4_MAX_BITLEN;
4055
4056 /* Decide destination address. */
4057 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4058 p.prefix = oi->vl_data->peer_addr;
4059 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4060 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4061 else if (flag == OSPF_SEND_PACKET_DIRECT)
4062 p.prefix = nbr->address.u.prefix4;
4063 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4064 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4065 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4066 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4067 else
4068 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4069
4070 if (oi->type == OSPF_IFTYPE_NBMA) {
4071 if (flag == OSPF_SEND_PACKET_INDIRECT)
c9cc11f6 4072 flog_warn(
cf444bcf 4073 EC_OSPF_PACKET,
d62a17ae 4074 "* LS-Update is directly sent on NBMA network.");
19aad877 4075 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
cf444bcf 4076 flog_warn(EC_OSPF_PACKET,
c9cc11f6 4077 "* LS-Update is sent to myself.");
d62a17ae 4078 }
4079
4080 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4081
4082 if (rn->info == NULL)
4083 rn->info = list_new();
4084 else
4085 route_unlock_node(rn);
4086
4087 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4088 listnode_add(rn->info,
4089 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
046460a1
CS		 4090 if (send_lsupd_now) {
4091 struct list *send_update_list;
f7813c7c 4092 struct route_node *rnext;
d62a17ae 4093
046460a1
CS		 4094 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4095 rnext = route_next(rn);
4096
4097 if (rn->info == NULL)
4098 continue;
4099
4100 send_update_list = (struct list *)rn->info;
4101
4102 ospf_ls_upd_queue_send(oi, send_update_list,
4103 rn->p.u.prefix4, 1);
046460a1
CS		 4104 }
4105 } else
4106 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
996c9314 4107 &oi->t_ls_upd_event);
718e3744 4108}
4109
d62a17ae 4110static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4111 struct in_addr dst)
718e3744 4112{
d62a17ae 4113 struct ospf_packet *op;
d7c0a89a 4114 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4115
4116 op = ospf_packet_new(oi->ifp->mtu);
4117
4118 /* Prepare OSPF common header. */
4119 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4120
4121 /* Prepare OSPF Link State Acknowledgment body. */
4122 length += ospf_make_ls_ack(oi, ack, op->s);
4123
4124 /* Fill OSPF header. */
4125 ospf_fill_header(oi, op->s, length);
718e3744 4126
d62a17ae 4127 /* Set packet length. */
4128 op->length = length;
4129
4130 /* Decide destination address. */
4131 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4132 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4133 else
4134 op->dst.s_addr = dst.s_addr;
4135
4136 /* Add packet to the interface output queue. */
4137 ospf_packet_add(oi, op);
4138
4139 /* Hook thread to write packet. */
4140 OSPF_ISM_WRITE_ON(oi->ospf);
4141}
4142
4143static int ospf_ls_ack_send_event(struct thread *thread)
4144{
4145 struct ospf_interface *oi = THREAD_ARG(thread);
4146
4147 oi->t_ls_ack_direct = NULL;
4148
4149 while (listcount(oi->ls_ack_direct.ls_ack))
4150 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4151 oi->ls_ack_direct.dst);
4152
4153 return 0;
4154}
4155
4156void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4157{
4158 struct ospf_interface *oi = nbr->oi;
4159
4160 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4161 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4162
4163 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4164
4165 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4166 &oi->t_ls_ack_direct);
718e3744 4167}
4168
4169/* Send Link State Acknowledgment delayed. */
d62a17ae 4170void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4171{
4172 struct in_addr dst;
4173
4174 /* Decide destination address. */
4175 /* RFC2328 Section 13.5 On non-broadcast
4176 networks, delayed Link State Acknowledgment packets must be
4177 unicast separately over each adjacency (i.e., neighbor whose
4178 state is >= Exchange). */
4179 if (oi->type == OSPF_IFTYPE_NBMA) {
4180 struct ospf_neighbor *nbr;
4181 struct route_node *rn;
4182
4183 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4184 if ((nbr = rn->info) != NULL)
4185 if (nbr != oi->nbr_self
4186 && nbr->state >= NSM_Exchange)
4187 while (listcount(oi->ls_ack))
4188 ospf_ls_ack_send_list(
4189 oi, oi->ls_ack,
4190 nbr->address.u.prefix4);
4191 return;
4192 }
4193 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4194 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4195 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4196 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4197 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4198 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4199 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4200 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4201 else
4202 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4203
4204 while (listcount(oi->ls_ack))
4205 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
718e3744 4206}
8b6912c2
DS		 4207
4208/*
4209 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4210 * address. As a result, the kernel does not need to learn the interface
4211 * MAC of the OSPF neighbor. However, in our world, this will delay
4212 * convergence. Take the case when due to a link flap, all routes now
4213 * want to use an interface which was deemed to be costlier prior to this
4214 * event. For routes that will be installed, the missing MAC will have
4215 * punt-to-CPU set on them. This may overload the CPU control path that
4216 * can be avoided if the MAC was known apriori.
4217 */
89a48046 4218#define OSPF_PING_NBR_STR_MAX (BUFSIZ)
d62a17ae 4219void ospf_proactively_arp(struct ospf_neighbor *nbr)
4220{
4221 char ping_nbr[OSPF_PING_NBR_STR_MAX];
d62a17ae 4222 int ret;
4223
4224 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4225 return;
4226
89a48046 4227 snprintf(ping_nbr, sizeof(ping_nbr),
996c9314
LB		 4228 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4229 inet_ntoa(nbr->address.u.prefix4));
89a48046 4230
d62a17ae 4231 ret = system(ping_nbr);
4232 if (IS_DEBUG_OSPF_EVENT)
4233 zlog_debug("Executed %s %s", ping_nbr,
4234 ((ret == 0) ? "successfully" : "but failed"));
8b6912c2 4235}
FRRouting mirror