]> git.proxmox.com Git - mirror_frr.git/blame - ospfd/ospf_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ospfd: CLI changes to enable/disable OSPFv2 Flood reduction.
[mirror_frr.git] / ospfd / ospf_packet.c
CommitLineData
718e3744 1/*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
896014f4
DL		 17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
718e3744 20 */
21
22#include <zebra.h>
23
cbf3e3eb 24#include "monotime.h"
718e3744 25#include "thread.h"
26#include "memory.h"
27#include "linklist.h"
28#include "prefix.h"
29#include "if.h"
30#include "table.h"
31#include "sockunion.h"
32#include "stream.h"
33#include "log.h"
2dd8bb4e 34#include "sockopt.h"
484315fd 35#include "checksum.h"
0513a271 36#ifdef CRYPTO_INTERNAL
c1a03d47 37#include "md5.h"
0513a271 38#endif
7e2b7603 39#include "vrf.h"
c9cc11f6 40#include "lib_errors.h"
718e3744 41
42#include "ospfd/ospfd.h"
43#include "ospfd/ospf_network.h"
44#include "ospfd/ospf_interface.h"
45#include "ospfd/ospf_ism.h"
46#include "ospfd/ospf_asbr.h"
47#include "ospfd/ospf_lsa.h"
48#include "ospfd/ospf_lsdb.h"
49#include "ospfd/ospf_neighbor.h"
50#include "ospfd/ospf_nsm.h"
51#include "ospfd/ospf_packet.h"
52#include "ospfd/ospf_spf.h"
53#include "ospfd/ospf_flood.h"
54#include "ospfd/ospf_dump.h"
c9cc11f6 55#include "ospfd/ospf_errors.h"
aa530b62 56#include "ospfd/ospf_zebra.h"
cd52c44c 57#include "ospfd/ospf_gr.h"
718e3744 58
166b75c2
DS		 59/*
60 * OSPF Fragmentation / fragmented writes
61 *
62 * ospfd can support writing fragmented packets, for cases where
63 * kernel will not fragment IP_HDRINCL and/or multicast destined
64 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
65 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
66 * flags fields, hence user-space fragmentation will not work.
67 * Only Linux is known to leave IP header unmolested.
68 * Further, fragmentation really should be done the kernel, which already
69 * supports it, and which avoids nasty IP ID state problems.
70 *
71 * Fragmentation of OSPF packets can be required on networks with router
72 * with many many interfaces active in one area, or on networks with links
73 * with low MTUs.
74 */
75#ifdef GNU_LINUX
76#define WANT_OSPF_WRITE_FRAGMENT
77#endif
78
718e3744 79/* Packet Type String. */
d62a17ae 80const struct message ospf_packet_type_str[] = {
81 {OSPF_MSG_HELLO, "Hello"},
82 {OSPF_MSG_DB_DESC, "Database Description"},
83 {OSPF_MSG_LS_REQ, "Link State Request"},
84 {OSPF_MSG_LS_UPD, "Link State Update"},
85 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
86 {0}};
718e3744 87
75c8eabb
DO		 88/* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
89 particular types, offset is the "type" field of a packet. */
d7c0a89a 90static const uint16_t ospf_packet_minlen[] = {
d62a17ae 91 0,
92 OSPF_HELLO_MIN_SIZE,
93 OSPF_DB_DESC_MIN_SIZE,
94 OSPF_LS_REQ_MIN_SIZE,
95 OSPF_LS_UPD_MIN_SIZE,
96 OSPF_LS_ACK_MIN_SIZE,
75c8eabb
DO		 97};
98
4e31de79
DO		 99/* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
100 types, offset is the "LSA type" field. */
d7c0a89a 101static const uint16_t ospf_lsa_minlen[] = {
07a62e58
DS		 102 0, /* OSPF_UNKNOWN_LSA */
103 OSPF_ROUTER_LSA_MIN_SIZE, /* OSPF_ROUTER_LSA */
104 OSPF_NETWORK_LSA_MIN_SIZE, /* OSPF_NETWORK_LSA */
105 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_SUMMARY_LSA */
106 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_ASBR_SUMMARY_LSA */
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_EXTERNAL_LSA */
108 0, /* Unsupported, OSPF_GROUP_MEMBER_LSA */
109 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_NSSA_LSA */
110 0, /* Unsupported, OSPF_EXTERNAL_ATTRIBURES_LSA */
111 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_LINK_LSA */
112 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AREA_LSA */
113 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AS_LSA */
4e31de79
DO		 114};
115
bd5651f0 116/* for ospf_check_auth() */
d62a17ae 117static int ospf_check_sum(struct ospf_header *);
bd5651f0 118
718e3744 119/* OSPF authentication checking function */
d62a17ae 120static int ospf_auth_type(struct ospf_interface *oi)
718e3744 121{
d62a17ae 122 int auth_type;
718e3744 123
d62a17ae 124 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
125 auth_type = oi->area->auth_type;
126 else
127 auth_type = OSPF_IF_PARAM(oi, auth_type);
718e3744 128
d62a17ae 129 /* Handle case where MD5 key list is not configured aka Cisco */
130 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
131 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
132 return OSPF_AUTH_NULL;
718e3744 133
d62a17ae 134 return auth_type;
718e3744 135}
136
7cec50a5 137static struct ospf_packet *ospf_packet_new(size_t size)
718e3744 138{
d62a17ae 139 struct ospf_packet *new;
718e3744 140
d62a17ae 141 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
142 new->s = stream_new(size);
718e3744 143
d62a17ae 144 return new;
718e3744 145}
146
d62a17ae 147void ospf_packet_free(struct ospf_packet *op)
718e3744 148{
d62a17ae 149 if (op->s)
150 stream_free(op->s);
718e3744 151
d62a17ae 152 XFREE(MTYPE_OSPF_PACKET, op);
718e3744 153}
154
4d762f26 155struct ospf_fifo *ospf_fifo_new(void)
718e3744 156{
d62a17ae 157 struct ospf_fifo *new;
718e3744 158
d62a17ae 159 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
160 return new;
718e3744 161}
162
163/* Add new packet to fifo. */
d62a17ae 164void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
718e3744 165{
d62a17ae 166 if (fifo->tail)
167 fifo->tail->next = op;
168 else
169 fifo->head = op;
718e3744 170
d62a17ae 171 fifo->tail = op;
718e3744 172
d62a17ae 173 fifo->count++;
718e3744 174}
175
aa276fd7 176/* Add new packet to head of fifo. */
d62a17ae 177static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
aa276fd7 178{
d62a17ae 179 op->next = fifo->head;
180
181 if (fifo->tail == NULL)
182 fifo->tail = op;
183
184 fifo->head = op;
185
186 fifo->count++;
aa276fd7
PJ		 187}
188
718e3744 189/* Delete first packet from fifo. */
d62a17ae 190struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
718e3744 191{
d62a17ae 192 struct ospf_packet *op;
718e3744 193
d62a17ae 194 op = fifo->head;
718e3744 195
d62a17ae 196 if (op) {
197 fifo->head = op->next;
718e3744 198
d62a17ae 199 if (fifo->head == NULL)
200 fifo->tail = NULL;
718e3744 201
d62a17ae 202 fifo->count--;
203 }
718e3744 204
d62a17ae 205 return op;
718e3744 206}
207
208/* Return first fifo entry. */
d62a17ae 209struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
718e3744 210{
d62a17ae 211 return fifo->head;
718e3744 212}
213
214/* Flush ospf packet fifo. */
d62a17ae 215void ospf_fifo_flush(struct ospf_fifo *fifo)
718e3744 216{
d62a17ae 217 struct ospf_packet *op;
218 struct ospf_packet *next;
718e3744 219
d62a17ae 220 for (op = fifo->head; op; op = next) {
221 next = op->next;
222 ospf_packet_free(op);
223 }
224 fifo->head = fifo->tail = NULL;
225 fifo->count = 0;
718e3744 226}
227
228/* Free ospf packet fifo. */
d62a17ae 229void ospf_fifo_free(struct ospf_fifo *fifo)
718e3744 230{
d62a17ae 231 ospf_fifo_flush(fifo);
718e3744 232
d62a17ae 233 XFREE(MTYPE_OSPF_FIFO, fifo);
718e3744 234}
235
7cec50a5 236static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
718e3744 237{
d62a17ae 238 /* Add packet to end of queue. */
239 ospf_fifo_push(oi->obuf, op);
718e3744 240
d62a17ae 241 /* Debug of packet fifo*/
242 /* ospf_fifo_debug (oi->obuf); */
718e3744 243}
244
d62a17ae 245static void ospf_packet_add_top(struct ospf_interface *oi,
246 struct ospf_packet *op)
aa276fd7 247{
d62a17ae 248 /* Add packet to head of queue. */
249 ospf_fifo_push_head(oi->obuf, op);
aa276fd7 250
d62a17ae 251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
aa276fd7
PJ		 253}
254
7cec50a5 255static void ospf_packet_delete(struct ospf_interface *oi)
718e3744 256{
d62a17ae 257 struct ospf_packet *op;
258
259 op = ospf_fifo_pop(oi->obuf);
718e3744 260
d62a17ae 261 if (op)
262 ospf_packet_free(op);
718e3744 263}
264
7cec50a5 265static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
718e3744 266{
d62a17ae 267 struct ospf_packet *new;
718e3744 268
d62a17ae 269 if (stream_get_endp(op->s) != op->length)
270 /* XXX size_t */
c9cc11f6 271 zlog_debug(
d62a17ae 272 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
d7c0a89a 273 (unsigned long)STREAM_SIZE(op->s), op->length);
30961a15 274
d62a17ae 275 /* Reserve space for MD5 authentication that may be added later. */
276 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
277 stream_copy(new->s, op->s);
718e3744 278
d62a17ae 279 new->dst = op->dst;
280 new->length = op->length;
718e3744 281
d62a17ae 282 return new;
718e3744 283}
284
86f1fd96 285/* XXX inline */
d62a17ae 286static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
86f1fd96 287{
d62a17ae 288 int auth = 0;
86f1fd96 289
d62a17ae 290 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
291 auth = OSPF_AUTH_MD5_SIZE;
86f1fd96 292
d62a17ae 293 return auth;
86f1fd96 294}
295
d62a17ae 296static unsigned int ospf_packet_max(struct ospf_interface *oi)
718e3744 297{
d62a17ae 298 int max;
718e3744 299
d62a17ae 300 max = oi->ifp->mtu - ospf_packet_authspace(oi);
86f1fd96 301
d62a17ae 302 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
718e3744 303
d62a17ae 304 return max;
718e3744 305}
306
6b0655a2 307
d62a17ae 308static int ospf_check_md5_digest(struct ospf_interface *oi,
309 struct ospf_header *ospfh)
718e3744 310{
0513a271
MR		 311#ifdef CRYPTO_OPENSSL
312 EVP_MD_CTX *ctx;
313#elif CRYPTO_INTERNAL
d62a17ae 314 MD5_CTX ctx;
0513a271 315#endif
d62a17ae 316 unsigned char digest[OSPF_AUTH_MD5_SIZE];
317 struct crypt_key *ck;
318 struct ospf_neighbor *nbr;
d7c0a89a 319 uint16_t length = ntohs(ospfh->length);
d62a17ae 320
321 /* Get secret key. */
322 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
323 ospfh->u.crypt.key_id);
324 if (ck == NULL) {
1c50c1c0
QY		 325 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
326 IF_NAME(oi), ospfh->u.crypt.key_id);
d62a17ae 327 return 0;
328 }
718e3744 329
d62a17ae 330 /* check crypto seqnum. */
331 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
718e3744 332
d62a17ae 333 if (nbr
334 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
c9cc11f6 335 flog_warn(
cf444bcf 336 EC_OSPF_MD5,
d62a17ae 337 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
338 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
339 ntohl(nbr->crypt_seqnum));
340 return 0;
341 }
718e3744 342
d62a17ae 343 /* Generate a digest for the ospf packet - their digest + our digest. */
0513a271
MR		 344#ifdef CRYPTO_OPENSSL
345 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
346 ctx = EVP_MD_CTX_new();
347 EVP_DigestInit(ctx, EVP_md5());
348 EVP_DigestUpdate(ctx, ospfh, length);
349 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
350 EVP_DigestFinal(ctx, digest, &md5_size);
351 EVP_MD_CTX_free(ctx);
352#elif CRYPTO_INTERNAL
d62a17ae 353 memset(&ctx, 0, sizeof(ctx));
354 MD5Init(&ctx);
355 MD5Update(&ctx, ospfh, length);
356 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
357 MD5Final(digest, &ctx);
0513a271 358#endif
d62a17ae 359
360 /* compare the two */
361 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
cf444bcf 362 flog_warn(EC_OSPF_MD5,
c9cc11f6 363 "interface %s: ospf_check_md5 checksum mismatch",
d62a17ae 364 IF_NAME(oi));
365 return 0;
366 }
718e3744 367
d62a17ae 368 /* save neighbor's crypt_seqnum */
369 if (nbr)
370 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
371 return 1;
718e3744 372}
373
374/* This function is called from ospf_write(), it will detect the
375 authentication scheme and if it is MD5, it will change the sequence
376 and update the MD5 digest. */
d62a17ae 377static int ospf_make_md5_digest(struct ospf_interface *oi,
378 struct ospf_packet *op)
379{
380 struct ospf_header *ospfh;
381 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
0513a271
MR		 382#ifdef CRYPTO_OPENSSL
383 EVP_MD_CTX *ctx;
384#elif CRYPTO_INTERNAL
d62a17ae 385 MD5_CTX ctx;
0513a271 386#endif
d62a17ae 387 void *ibuf;
d7c0a89a 388 uint32_t t;
d62a17ae 389 struct crypt_key *ck;
d7c0a89a 390 const uint8_t *auth_key;
d62a17ae 391
392 ibuf = STREAM_DATA(op->s);
393 ospfh = (struct ospf_header *)ibuf;
394
395 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
396 return 0;
397
398 /* We do this here so when we dup a packet, we don't have to
399 waste CPU rewriting other headers.
400
b72aae2e 401 Note that frr_time /deliberately/ is not used here */
d62a17ae 402 t = (time(NULL) & 0xFFFFFFFF);
403 if (t > oi->crypt_seqnum)
404 oi->crypt_seqnum = t;
405 else
406 oi->crypt_seqnum++;
407
408 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
409
410 /* Get MD5 Authentication key from auth_key list. */
411 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
d7c0a89a 412 auth_key = (const uint8_t *)digest;
d62a17ae 413 else {
414 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
415 auth_key = ck->auth_key;
416 }
718e3744 417
d62a17ae 418 /* Generate a digest for the entire packet + our secret key. */
0513a271
MR		 419#ifdef CRYPTO_OPENSSL
420 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
421 ctx = EVP_MD_CTX_new();
422 EVP_DigestInit(ctx, EVP_md5());
423 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
424 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 EVP_DigestFinal(ctx, digest, &md5_size);
426 EVP_MD_CTX_free(ctx);
427#elif CRYPTO_INTERNAL
d62a17ae 428 memset(&ctx, 0, sizeof(ctx));
429 MD5Init(&ctx);
430 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
431 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
432 MD5Final(digest, &ctx);
0513a271 433#endif
718e3744 434
d62a17ae 435 /* Append md5 digest to the end of the stream. */
436 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
718e3744 437
d62a17ae 438 /* We do *NOT* increment the OSPF header length. */
439 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
30961a15 440
d62a17ae 441 if (stream_get_endp(op->s) != op->length)
442 /* XXX size_t */
ea892800 443 flog_warn(EC_OSPF_MD5,
444 "%s: length mismatch stream %lu ospf_packet %u",
445 __func__, (unsigned long)stream_get_endp(op->s),
446 op->length);
718e3744 447
d62a17ae 448 return OSPF_AUTH_MD5_SIZE;
718e3744 449}
450
6b0655a2 451
cc9f21da 452static void ospf_ls_req_timer(struct thread *thread)
718e3744 453{
d62a17ae 454 struct ospf_neighbor *nbr;
718e3744 455
d62a17ae 456 nbr = THREAD_ARG(thread);
457 nbr->t_ls_req = NULL;
718e3744 458
d62a17ae 459 /* Send Link State Request. */
460 if (ospf_ls_request_count(nbr))
461 ospf_ls_req_send(nbr);
718e3744 462
d62a17ae 463 /* Set Link State Request retransmission timer. */
464 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 465}
466
d62a17ae 467void ospf_ls_req_event(struct ospf_neighbor *nbr)
718e3744 468{
bc1f09de 469 THREAD_OFF(nbr->t_ls_req);
d62a17ae 470 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
718e3744 471}
472
473/* Cyclic timer function. Fist registered in ospf_nbr_new () in
474 ospf_neighbor.c */
cc9f21da 475void ospf_ls_upd_timer(struct thread *thread)
d62a17ae 476{
477 struct ospf_neighbor *nbr;
478
479 nbr = THREAD_ARG(thread);
480 nbr->t_ls_upd = NULL;
481
482 /* Send Link State Update. */
483 if (ospf_ls_retransmit_count(nbr) > 0) {
484 struct list *update;
485 struct ospf_lsdb *lsdb;
486 int i;
487 int retransmit_interval;
488
489 retransmit_interval =
490 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
491
492 lsdb = &nbr->ls_rxmt;
493 update = list_new();
494
495 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
496 struct route_table *table = lsdb->type[i].db;
497 struct route_node *rn;
498
499 for (rn = route_top(table); rn; rn = route_next(rn)) {
500 struct ospf_lsa *lsa;
501
502 if ((lsa = rn->info) != NULL) {
503 /* Don't retransmit an LSA if we
504 received it within
505 the last RxmtInterval seconds - this
506 is to allow the
507 neighbour a chance to acknowledge the
508 LSA as it may
509 have ben just received before the
510 retransmit timer
511 fired. This is a small tweak to what
512 is in the RFC,
513 but it will cut out out a lot of
514 retransmit traffic
515 - MAG */
516 if (monotime_since(&lsa->tv_recv, NULL)
517 >= retransmit_interval * 1000000LL)
518 listnode_add(update, rn->info);
519 }
520 }
521 }
718e3744 522
d62a17ae 523 if (listcount(update) > 0)
996c9314
LB		 524 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
525 0);
6a154c88 526 list_delete(&update);
718e3744 527 }
528
d62a17ae 529 /* Set LS Update retransmission timer. */
530 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
718e3744 531}
532
cc9f21da 533void ospf_ls_ack_timer(struct thread *thread)
718e3744 534{
d62a17ae 535 struct ospf_interface *oi;
718e3744 536
d62a17ae 537 oi = THREAD_ARG(thread);
538 oi->t_ls_ack = NULL;
718e3744 539
d62a17ae 540 /* Send Link State Acknowledgment. */
541 if (listcount(oi->ls_ack) > 0)
542 ospf_ls_ack_send_delayed(oi);
718e3744 543
d62a17ae 544 /* Set LS Ack timer. */
545 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
718e3744 546}
547
0bfeca3f 548#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 549static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
550 struct msghdr *msg, unsigned int maxdatasize,
d7c0a89a 551 unsigned int mtu, int flags, uint8_t type)
0bfeca3f 552{
553#define OSPF_WRITE_FRAG_SHIFT 3
d7c0a89a 554 uint16_t offset;
d62a17ae 555 struct iovec *iovp;
556 int ret;
557
558 assert(op->length == stream_get_endp(op->s));
559 assert(msg->msg_iovlen == 2);
560
561 /* we can but try.
562 *
563 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
564 * well as the IP_MF flag, making this all quite pointless.
565 *
566 * However, for a system on which IP_MF is left alone, and ip_id left
567 * alone or else which sets same ip_id for each fragment this might
568 * work, eg linux.
569 *
570 * XXX-TODO: It would be much nicer to have the kernel's use their
571 * existing fragmentation support to do this for us. Bugs/RFEs need to
572 * be raised against the various kernels.
573 */
574
575 /* set More Frag */
576 iph->ip_off |= IP_MF;
577
578 /* ip frag offset is expressed in units of 8byte words */
579 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
580
581 iovp = &msg->msg_iov[1];
582
583 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
584 > maxdatasize) {
585 /* data length of this frag is to next offset value */
586 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
587 iph->ip_len = iovp->iov_len + sizeof(struct ip);
588 assert(iph->ip_len <= mtu);
589
590 sockopt_iphdrincl_swab_htosys(iph);
591
592 ret = sendmsg(fd, msg, flags);
593
594 sockopt_iphdrincl_swab_systoh(iph);
595
596 if (ret < 0)
c9cc11f6 597 flog_err(
450971aa 598 EC_LIB_SOCKET,
ea892800 599 "*** %s: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
600 __func__, &iph->ip_dst, iph->ip_id, iph->ip_off,
d62a17ae 601 iph->ip_len, mtu, safe_strerror(errno));
602
603 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
ea892800 604 zlog_debug("%s: sent id %d, off %d, len %d to %pI4",
605 __func__, iph->ip_id, iph->ip_off,
606 iph->ip_len, &iph->ip_dst);
d62a17ae 607 }
608
609 iph->ip_off += offset;
610 stream_forward_getp(op->s, iovp->iov_len);
2d34fb80 611 iovp->iov_base = stream_pnt(op->s);
d62a17ae 612 }
613
614 /* setup for final fragment */
615 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
616 iph->ip_len = iovp->iov_len + sizeof(struct ip);
617 iph->ip_off &= (~IP_MF);
0bfeca3f 618}
619#endif /* WANT_OSPF_WRITE_FRAGMENT */
620
cc9f21da 621static void ospf_write(struct thread *thread)
d62a17ae 622{
623 struct ospf *ospf = THREAD_ARG(thread);
624 struct ospf_interface *oi;
d62a17ae 625 struct ospf_packet *op;
626 struct sockaddr_in sa_dst;
627 struct ip iph;
628 struct msghdr msg;
629 struct iovec iov[2];
d7c0a89a 630 uint8_t type;
d62a17ae 631 int ret;
632 int flags = 0;
633 struct listnode *node;
0bfeca3f 634#ifdef WANT_OSPF_WRITE_FRAGMENT
d7c0a89a
QY		 635 static uint16_t ipid = 0;
636 uint16_t maxdatasize;
9d303b37 637#endif /* WANT_OSPF_WRITE_FRAGMENT */
68b7339a 638#define OSPF_WRITE_IPHL_SHIFT 2
d62a17ae 639 int pkt_count = 0;
e1b18df1
CS		 640
641#ifdef GNU_LINUX
3e300703 642 unsigned char cmsgbuf[64] = {};
e7503eab
CS		 643 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
644 struct in_pktinfo *pi;
e1b18df1 645#endif
d62a17ae 646
c32eba04
CS		 647 if (ospf->fd < 0 || ospf->oi_running == 0) {
648 if (IS_DEBUG_OSPF_EVENT)
ea892800 649 zlog_debug("%s failed to send, fd %d, instance %u",
650 __func__, ospf->fd, ospf->oi_running);
cc9f21da 651 return;
c32eba04
CS		 652 }
653
d62a17ae 654 node = listhead(ospf->oi_write_q);
655 assert(node);
656 oi = listgetdata(node);
0bfeca3f 657
658#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 659 /* seed ipid static with low order bits of time */
660 if (ipid == 0)
661 ipid = (time(NULL) & 0xffff);
0bfeca3f 662#endif /* WANT_OSPF_WRITE_FRAGMENT */
663
812e6c78 664 while ((pkt_count < ospf->write_oi_count) && oi) {
d62a17ae 665 pkt_count++;
233cc0fb 666#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 667 /* convenience - max OSPF data per packet */
668 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
233cc0fb 669#endif /* WANT_OSPF_WRITE_FRAGMENT */
d62a17ae 670 /* Get one packet from queue. */
671 op = ospf_fifo_head(oi->obuf);
672 assert(op);
673 assert(op->length >= OSPF_HEADER_SIZE);
674
675 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
676 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
677 ospf_if_ipmulticast(ospf, oi->address,
678 oi->ifp->ifindex);
679
680 /* Rewrite the md5 signature & update the seq */
681 ospf_make_md5_digest(oi, op);
682
683 /* Retrieve OSPF packet type. */
684 stream_set_getp(op->s, 1);
685 type = stream_getc(op->s);
686
687 /* reset get pointer */
688 stream_set_getp(op->s, 0);
689
6006b807 690 memset(&iph, 0, sizeof(iph));
d62a17ae 691 memset(&sa_dst, 0, sizeof(sa_dst));
692
693 sa_dst.sin_family = AF_INET;
6f0e3f6e 694#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
d62a17ae 695 sa_dst.sin_len = sizeof(sa_dst);
6f0e3f6e 696#endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
d62a17ae 697 sa_dst.sin_addr = op->dst;
698 sa_dst.sin_port = htons(0);
699
700 /* Set DONTROUTE flag if dst is unicast. */
701 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
702 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
703 flags = MSG_DONTROUTE;
704
705 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
706 /* it'd be very strange for header to not be 4byte-word aligned
707 * but.. */
708 if (sizeof(struct ip)
709 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
0d6f7fd6 710 iph.ip_hl++; /* we presume sizeof(struct ip) cant
d62a17ae 711 overflow ip_hl.. */
712
713 iph.ip_v = IPVERSION;
714 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
715 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
68b7339a 716
0150c9c9 717#if defined(__DragonFly__)
d62a17ae 718 /*
719 * DragonFly's raw socket expects ip_len/ip_off in network byte
720 * order.
721 */
722 iph.ip_len = htons(iph.ip_len);
0150c9c9
DB		 723#endif
724
0bfeca3f 725#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 726 /* XXX-MT: not thread-safe at all..
727 * XXX: this presumes this is only programme sending OSPF
728 * packets
729 * otherwise, no guarantee ipid will be unique
730 */
731 iph.ip_id = ++ipid;
0bfeca3f 732#endif /* WANT_OSPF_WRITE_FRAGMENT */
733
d62a17ae 734 iph.ip_off = 0;
735 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
736 iph.ip_ttl = OSPF_VL_IP_TTL;
737 else
738 iph.ip_ttl = OSPF_IP_TTL;
739 iph.ip_p = IPPROTO_OSPFIGP;
740 iph.ip_sum = 0;
741 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
742 iph.ip_dst.s_addr = op->dst.s_addr;
743
744 memset(&msg, 0, sizeof(msg));
745 msg.msg_name = (caddr_t)&sa_dst;
746 msg.msg_namelen = sizeof(sa_dst);
747 msg.msg_iov = iov;
748 msg.msg_iovlen = 2;
e7503eab 749
d62a17ae 750 iov[0].iov_base = (char *)&iph;
751 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
2d34fb80 752 iov[1].iov_base = stream_pnt(op->s);
d62a17ae 753 iov[1].iov_len = op->length;
754
e1b18df1
CS		 755#ifdef GNU_LINUX
756 msg.msg_control = (caddr_t)cm;
e7503eab
CS		 757 cm->cmsg_level = SOL_IP;
758 cm->cmsg_type = IP_PKTINFO;
759 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
760 pi = (struct in_pktinfo *)CMSG_DATA(cm);
761 pi->ipi_ifindex = oi->ifp->ifindex;
762
763 msg.msg_controllen = cm->cmsg_len;
e1b18df1 764#endif
e7503eab 765
996c9314
LB		 766/* Sadly we can not rely on kernels to fragment packets
767 * because of either IP_HDRINCL and/or multicast
768 * destination being set.
769 */
e7503eab 770
0bfeca3f 771#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 772 if (op->length > maxdatasize)
773 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
774 oi->ifp->mtu, flags, type);
0bfeca3f 775#endif /* WANT_OSPF_WRITE_FRAGMENT */
718e3744 776
d62a17ae 777 /* send final fragment (could be first) */
778 sockopt_iphdrincl_swab_htosys(&iph);
779 ret = sendmsg(ospf->fd, &msg, flags);
780 sockopt_iphdrincl_swab_systoh(&iph);
781 if (IS_DEBUG_OSPF_EVENT)
782 zlog_debug(
ea892800 783 "%s to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
784 __func__, &iph.ip_dst, iph.ip_id, iph.ip_off,
d62a17ae 785 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
786
68696746
RD		 787 /* sendmsg will return EPERM if firewall is blocking sending.
788 * This is a normal situation when 'ip nhrp map multicast xxx'
789 * is being used to send multicast packets to DMVPN peers. In
790 * that case the original message is blocked with iptables rule
791 * causing the EPERM result
792 */
793 if (ret < 0 && errno != EPERM)
c9cc11f6 794 flog_err(
450971aa 795 EC_LIB_SOCKET,
ea892800 796 "*** sendmsg in %s failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
797 __func__, &iph.ip_dst, iph.ip_id, iph.ip_off,
d62a17ae 798 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
799 safe_strerror(errno));
800
801 /* Show debug sending packet. */
802 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
803 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
804 zlog_debug(
805 "-----------------------------------------------------");
d62a17ae 806 stream_set_getp(op->s, 0);
807 ospf_packet_dump(op->s);
808 }
809
96b663a3 810 zlog_debug("%s sent to [%pI4] via [%s].",
d62a17ae 811 lookup_msg(ospf_packet_type_str, type, NULL),
96b663a3 812 &op->dst, IF_NAME(oi));
d62a17ae 813
814 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
815 zlog_debug(
816 "-----------------------------------------------------");
817 }
818
c9339663 819 switch (type) {
996c9314
LB		 820 case OSPF_MSG_HELLO:
821 oi->hello_out++;
822 break;
823 case OSPF_MSG_DB_DESC:
824 oi->db_desc_out++;
825 break;
826 case OSPF_MSG_LS_REQ:
827 oi->ls_req_out++;
828 break;
829 case OSPF_MSG_LS_UPD:
830 oi->ls_upd_out++;
831 break;
832 case OSPF_MSG_LS_ACK:
833 oi->ls_ack_out++;
834 break;
835 default:
836 break;
c9339663
CS		 837 }
838
d62a17ae 839 /* Now delete packet from queue. */
840 ospf_packet_delete(oi);
841
842 /* Move this interface to the tail of write_q to
843 serve everyone in a round robin fashion */
844 list_delete_node(ospf->oi_write_q, node);
845 if (ospf_fifo_head(oi->obuf) == NULL) {
846 oi->on_write_q = 0;
d62a17ae 847 oi = NULL;
812e6c78 848 } else
d62a17ae 849 listnode_add(ospf->oi_write_q, oi);
d62a17ae 850
851 /* Setup to service from the head of the queue again */
852 if (!list_isempty(ospf->oi_write_q)) {
853 node = listhead(ospf->oi_write_q);
d62a17ae 854 oi = listgetdata(node);
d62a17ae 855 }
856 }
857
858 /* If packets still remain in queue, call write thread. */
4bb420ab 859 if (!list_isempty(ospf->oi_write_q))
d62a17ae 860 thread_add_write(master, ospf_write, ospf, ospf->fd,
861 &ospf->t_write);
718e3744 862}
863
864/* OSPF Hello message read -- RFC2328 Section 10.5. */
d62a17ae 865static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
866 struct stream *s, struct ospf_interface *oi, int size)
867{
868 struct ospf_hello *hello;
869 struct ospf_neighbor *nbr;
870 int old_state;
871 struct prefix p;
872
873 /* increment statistics. */
874 oi->hello_in++;
875
2d34fb80 876 hello = (struct ospf_hello *)stream_pnt(s);
d62a17ae 877
878 /* If Hello is myself, silently discard. */
879 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
880 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
881 zlog_debug(
96b663a3 882 "ospf_header[%s/%pI4]: selforiginated, dropping.",
d62a17ae 883 lookup_msg(ospf_packet_type_str, ospfh->type,
884 NULL),
96b663a3 885 &iph->ip_src);
d62a17ae 886 }
887 return;
888 }
889
890 /* get neighbor prefix. */
891 p.family = AF_INET;
892 p.prefixlen = ip_masklen(hello->network_mask);
893 p.u.prefix4 = iph->ip_src;
894
895 /* Compare network mask. */
896 /* Checking is ignored for Point-to-Point and Virtual link. */
0c5506a8 897 /* Checking is also ignored for Point-to-Multipoint with /32 prefix */
d62a17ae 898 if (oi->type != OSPF_IFTYPE_POINTOPOINT
0c5506a8
AL		 899 && oi->type != OSPF_IFTYPE_VIRTUALLINK
900 && !(oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
901 && oi->address->prefixlen == IPV4_MAX_BITLEN))
d62a17ae 902 if (oi->address->prefixlen != p.prefixlen) {
c9cc11f6 903 flog_warn(
cf444bcf 904 EC_OSPF_PACKET,
96b663a3
MS		 905 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
906 &ospfh->router_id, IF_NAME(oi),
d62a17ae 907 (int)oi->address->prefixlen, (int)p.prefixlen);
908 return;
909 }
910
911 /* Compare Router Dead Interval. */
912 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
cf444bcf 913 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 914 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
915 &ospfh->router_id,
c9cc11f6
DS		 916 OSPF_IF_PARAM(oi, v_wait),
917 ntohl(hello->dead_interval));
d62a17ae 918 return;
919 }
920
921 /* Compare Hello Interval - ignored if fast-hellos are set. */
922 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
923 if (OSPF_IF_PARAM(oi, v_hello)
924 != ntohs(hello->hello_interval)) {
c9cc11f6 925 flog_warn(
cf444bcf 926 EC_OSPF_PACKET,
96b663a3
MS		 927 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
928 &ospfh->router_id,
d62a17ae 929 OSPF_IF_PARAM(oi, v_hello),
930 ntohs(hello->hello_interval));
931 return;
932 }
933 }
934
935 if (IS_DEBUG_OSPF_EVENT)
96b663a3
MS		 936 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
937 &ospfh->router_id,
b5a8894d
CS		 938 ospf_options_dump(hello->options),
939 ospf_vrf_id_to_name(oi->ospf->vrf_id));
d62a17ae 940
941/* Compare options. */
718e3744 942#define REJECT_IF_TBIT_ON 1 /* XXX */
943#ifdef REJECT_IF_TBIT_ON
d62a17ae 944 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
945 /*
946 * This router does not support non-zero TOS.
947 * Drop this Hello packet not to establish neighbor
948 * relationship.
949 */
cf444bcf 950 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 951 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
952 &ospfh->router_id);
d62a17ae 953 return;
954 }
718e3744 955#endif /* REJECT_IF_TBIT_ON */
956
d62a17ae 957 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
958 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
959 /*
960 * This router does know the correct usage of O-bit
961 * the bit should be set in DD packet only.
962 */
cf444bcf 963 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 964 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
965 &ospfh->router_id);
718e3744 966#ifdef STRICT_OBIT_USAGE_CHECK
d62a17ae 967 return; /* Reject this packet. */
968#else /* STRICT_OBIT_USAGE_CHECK */
969 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
970#endif /* STRICT_OBIT_USAGE_CHECK */
971 }
718e3744 972
d62a17ae 973 /* new for NSSA is to ensure that NP is on and E is off */
974
975 if (oi->area->external_routing == OSPF_AREA_NSSA) {
976 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
977 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
978 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
979 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
c9cc11f6 980 flog_warn(
cf444bcf 981 EC_OSPF_PACKET,
96b663a3
MS		 982 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
983 &ospfh->router_id, OPTIONS(oi),
d62a17ae 984 hello->options);
985 return;
986 }
987 if (IS_DEBUG_OSPF_NSSA)
96b663a3
MS		 988 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
989 &ospfh->router_id);
d62a17ae 990 } else
991 /* The setting of the E-bit found in the Hello Packet's Options
992 field must match this area's ExternalRoutingCapability A
993 mismatch causes processing to stop and the packet to be
994 dropped. The setting of the rest of the bits in the Hello
995 Packet's Options field should be ignored. */
996 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
997 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
c9cc11f6 998 flog_warn(
cf444bcf 999 EC_OSPF_PACKET,
96b663a3
MS		 1000 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
1001 &ospfh->router_id, OPTIONS(oi),
d62a17ae 1002 hello->options);
1003 return;
1004 }
718e3744 1005
d62a17ae 1006 /* get neighbour struct */
1007 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1008
1009 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1010 assert(nbr);
1011
1012 old_state = nbr->state;
1013
1014 /* Add event to thread. */
874a549d 1015 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_HelloReceived);
d62a17ae 1016
1017 /* RFC2328 Section 9.5.1
1018 If the router is not eligible to become Designated Router,
1019 (snip) It must also send an Hello Packet in reply to an
1020 Hello Packet received from any eligible neighbor (other than
1021 the current Designated Router and Backup Designated Router). */
1022 if (oi->type == OSPF_IFTYPE_NBMA)
1023 if (PRIORITY(oi) == 0 && hello->priority > 0
1024 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1025 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1026 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1027 ospf_hello_reply_timer,
1028 OSPF_HELLO_REPLY_DELAY);
1029
1030 /* on NBMA network type, it happens to receive bidirectional Hello
1031 packet
1032 without advance 1-Way Received event.
1033 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1034 if (oi->type == OSPF_IFTYPE_NBMA
1035 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1036 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1037 nbr->priority = hello->priority;
1038 nbr->d_router = hello->d_router;
1039 nbr->bd_router = hello->bd_router;
1040 return;
1041 }
1042
1043 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1044 size - OSPF_HELLO_MIN_SIZE)) {
1045 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1046 nbr->options |= hello->options;
1047 } else {
5a77dd8f 1048 /* If the router is DR_OTHER, RESTARTER will not wait
1049 * until it receives the hello from it if it receives
1050 * from DR and BDR.
1051 * So, helper might receives ONW_WAY hello from
1052 * RESTARTER. So not allowing to change the state if it
1053 * receives one_way hellow when it acts as HELPER for
1054 * that specific neighbor.
1055 */
1056 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1057 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
d62a17ae 1058 /* Set neighbor information. */
1059 nbr->priority = hello->priority;
1060 nbr->d_router = hello->d_router;
1061 nbr->bd_router = hello->bd_router;
1062 return;
1063 }
1064
d51715bb
MR		 1065 if (OSPF_GR_IS_ACTIVE_HELPER(nbr)) {
1066 /* As per the GR Conformance Test Case 7.2. Section 3
1067 * "Also, if X was the Designated Router on network segment S
1068 * when the helping relationship began, Y maintains X as the
1069 * Designated Router until the helping relationship is
1070 * terminated."
1071 * When I am helper for this neighbor, I should not trigger the
1072 * ISM Events. Also Intentionally not setting the priority and
1073 * other fields so that when the neighbor exits the Grace
1074 * period, it can handle if there is any change before GR and
1075 * after GR. */
1076 if (IS_DEBUG_OSPF_GR)
1077 zlog_debug(
1078 "%s, Neighbor is under GR Restart, hence ignoring the ISM Events",
1079 __PRETTY_FUNCTION__);
3ebf9d34
RW		 1080 } else {
1081 /* If neighbor itself declares DR and no BDR exists,
1082 cause event BackupSeen */
1083 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1084 if (hello->bd_router.s_addr == INADDR_ANY
1085 && oi->state == ISM_Waiting)
1086 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1087
1088 /* neighbor itself declares BDR. */
1089 if (oi->state == ISM_Waiting
1090 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1091 &hello->bd_router))
d62a17ae 1092 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1093
3ebf9d34
RW		 1094 /* had not previously. */
1095 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1096 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1097 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1098 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1099 &nbr->d_router)))
1100 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1101
1102 /* had not previously. */
1103 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1104 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1105 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4,
1106 &hello->bd_router)
1107 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1108 &nbr->bd_router)))
1109 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1110
1111 /* Neighbor priority check. */
1112 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1113 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1114 }
d62a17ae 1115
1116 /* Set neighbor information. */
1117 nbr->priority = hello->priority;
1118 nbr->d_router = hello->d_router;
1119 nbr->bd_router = hello->bd_router;
ab6edbfe
RW		 1120
1121 /*
1122 * RFC 3623 - Section 2:
1123 * "If the restarting router determines that it was the Designated
1124 * Router on a given segment prior to the restart, it elects
1125 * itself as the Designated Router again. The restarting router
1126 * knows that it was the Designated Router if, while the
1127 * associated interface is in Waiting state, a Hello packet is
1128 * received from a neighbor listing the router as the Designated
1129 * Router".
1130 */
1131 if (oi->area->ospf->gr_info.restart_in_progress
1132 && oi->state == ISM_Waiting
1133 && IPV4_ADDR_SAME(&hello->d_router, &oi->address->u.prefix4))
1134 DR(oi) = hello->d_router;
718e3744 1135}
1136
1137/* Save DD flags/options/Seqnum received. */
d62a17ae 1138static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1139 struct ospf_db_desc *dd)
718e3744 1140{
d62a17ae 1141 nbr->last_recv.flags = dd->flags;
1142 nbr->last_recv.options = dd->options;
1143 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
718e3744 1144}
1145
1146/* Process rest of DD packet. */
d62a17ae 1147static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1148 struct ospf_neighbor *nbr,
d7c0a89a 1149 struct ospf_db_desc *dd, uint16_t size)
d62a17ae 1150{
1151 struct ospf_lsa *new, *find;
1152 struct lsa_header *lsah;
1153
1154 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1155 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1156 size -= OSPF_LSA_HEADER_SIZE) {
2d34fb80 1157 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1158 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1159
1160 /* Unknown LS type. */
1161 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1162 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1163 "Packet [DD:RECV]: Unknown LS type %d.",
d62a17ae 1164 lsah->type);
1165 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1166 return;
1167 }
1168
1169 if (IS_OPAQUE_LSA(lsah->type)
1170 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
cf444bcf 1171 flog_warn(EC_OSPF_PACKET,
eab19035
JAG		 1172 "LSA[Type%d:%pI4] from %pI4: Opaque capability mismatch?",
1173 lsah->type, &lsah->id, &lsah->adv_router);
d62a17ae 1174 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1175 return;
1176 }
1177
1178 switch (lsah->type) {
1179 case OSPF_AS_EXTERNAL_LSA:
1180 case OSPF_OPAQUE_AS_LSA:
1181 /* Check for stub area. Reject if AS-External from stub
1182 but
1183 allow if from NSSA. */
1184 if (oi->area->external_routing == OSPF_AREA_STUB) {
c9cc11f6 1185 flog_warn(
cf444bcf 1186 EC_OSPF_PACKET,
96b663a3
MS		 1187 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1188 lsah->type, &lsah->id,
d62a17ae 1189 (oi->area->external_routing
1190 == OSPF_AREA_STUB)
1191 ? "STUB"
1192 : "NSSA");
1193 OSPF_NSM_EVENT_SCHEDULE(nbr,
1194 NSM_SeqNumberMismatch);
1195 return;
1196 }
1197 break;
1198 default:
1199 break;
1200 }
1201
1202 /* Create LS-request object. */
1203 new = ospf_ls_request_new(lsah);
1204
1205 /* Lookup received LSA, then add LS request list. */
1206 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1207
1208 /* ospf_lsa_more_recent is fine with NULL pointers */
1209 switch (ospf_lsa_more_recent(find, new)) {
1210 case -1:
1211 /* Neighbour has a more recent LSA, we must request it
1212 */
1213 ospf_ls_request_add(nbr, new);
1214 /* fallthru */
1215 case 0:
1216 /* If we have a copy of this LSA, it's either less
1217 * recent
1218 * and we're requesting it from neighbour (the case
1219 * above), or
1220 * it's as recent and we both have same copy (this
1221 * case).
1222 *
1223 * In neither of these two cases is there any point in
1224 * describing our copy of the LSA to the neighbour in a
1225 * DB-Summary packet, if we're still intending to do so.
1226 *
1227 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1228 * backward compatible optimisation to OSPF DB Exchange
1229 * /
1230 * DB Description process implemented here.
1231 */
1232 if (find)
1233 ospf_lsdb_delete(&nbr->db_sum, find);
1234 ospf_lsa_discard(new);
1235 break;
1236 default:
1237 /* We have the more recent copy, nothing specific to do:
1238 * - no need to request neighbours stale copy
1239 * - must leave DB summary list copy alone
1240 */
1241 if (IS_DEBUG_OSPF_EVENT)
1242 zlog_debug(
96b663a3
MS		 1243 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1244 lsah->type, &lsah->id);
d62a17ae 1245 ospf_lsa_discard(new);
1246 }
1247 }
1248
1249 /* Master */
1250 if (IS_SET_DD_MS(nbr->dd_flags)) {
1251 nbr->dd_seqnum++;
1252
1253 /* Both sides have no More, then we're done with Exchange */
1254 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1255 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1256 else
1257 ospf_db_desc_send(nbr);
1258 }
1259 /* Slave */
1260 else {
1261 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1262
1263 /* Send DD packet in reply.
1264 *
1265 * Must be done to acknowledge the Master's DD, regardless of
1266 * whether we have more LSAs ourselves to describe.
1267 *
1268 * This function will clear the 'More' bit, if after this DD
1269 * we have no more LSAs to describe to the master..
1270 */
1271 ospf_db_desc_send(nbr);
1272
1273 /* Slave can raise ExchangeDone now, if master is also done */
1274 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1275 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1276 }
1277
1278 /* Save received neighbor values from DD. */
1279 ospf_db_desc_save_current(nbr, dd);
1280
1281 if (!nbr->t_ls_req)
1282 ospf_ls_req_send(nbr);
1283}
1284
1285static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1286 struct ospf_neighbor *nbr)
1287{
1288 /* Is DD duplicated? */
1289 if (dd->options == nbr->last_recv.options
1290 && dd->flags == nbr->last_recv.flags
1291 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1292 return 1;
1293
1294 return 0;
718e3744 1295}
1296
1297/* OSPF Database Description message read -- RFC2328 Section 10.6. */
d62a17ae 1298static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1299 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1300 uint16_t size)
d62a17ae 1301{
1302 struct ospf_db_desc *dd;
1303 struct ospf_neighbor *nbr;
d363df2c 1304
d62a17ae 1305 /* Increment statistics. */
1306 oi->db_desc_in++;
718e3744 1307
2d34fb80 1308 dd = (struct ospf_db_desc *)stream_pnt(s);
d62a17ae 1309
1310 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1311 if (nbr == NULL) {
96b663a3
MS		 1312 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1313 &ospfh->router_id);
d62a17ae 1314 return;
718e3744 1315 }
d62a17ae 1316
1317 /* Check MTU. */
1318 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1319 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
c9cc11f6 1320 flog_warn(
cf444bcf 1321 EC_OSPF_PACKET,
96b663a3
MS		 1322 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1323 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
d62a17ae 1324 oi->ifp->mtu);
1325 return;
718e3744 1326 }
1327
d62a17ae 1328 /*
1329 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1330 * not
1331 * required. In fact at least JunOS sends DD packets with P bit clear.
1332 * Until proper solution is developped, this hack should help.
1333 *
1334 * Update: According to the RFCs, N bit is specified /only/ for Hello
1335 * options, unfortunately its use in DD options is not specified. Hence
1336 * some
1337 * implementations follow E-bit semantics and set it in DD options, and
1338 * some
1339 * treat it as unspecified and hence follow the directive "default for
1340 * options is clear", ie unset.
1341 *
1342 * Reset the flag, as ospfd follows E-bit semantics.
1343 */
1344 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1345 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1346 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1347 if (IS_DEBUG_OSPF_EVENT)
1348 zlog_debug(
96b663a3
MS		 1349 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1350 &nbr->router_id);
d62a17ae 1351 SET_FLAG(dd->options, OSPF_OPTION_NP);
718e3744 1352 }
1353
d62a17ae 1354#ifdef REJECT_IF_TBIT_ON
1355 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1356 /*
1357 * In Hello protocol, optional capability must have checked
1358 * to prevent this T-bit enabled router be my neighbor.
1359 */
96b663a3
MS		 1360 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1361 &nbr->router_id);
d62a17ae 1362 return;
1363 }
1364#endif /* REJECT_IF_TBIT_ON */
1365
1366 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1367 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1368 /*
1369 * This node is not configured to handle O-bit, for now.
1370 * Clear it to ignore unsupported capability proposed by
1371 * neighbor.
1372 */
1373 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1374 }
1375
e6a22aeb
SK		 1376 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1377 zlog_info(
96b663a3 1378 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
44076f4d 1379 ospf_get_name(oi->ospf), &nbr->router_id,
e6a22aeb
SK		 1380 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1381 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1382
d62a17ae 1383 /* Process DD packet by neighbor status. */
1384 switch (nbr->state) {
1385 case NSM_Down:
1386 case NSM_Attempt:
1387 case NSM_TwoWay:
96db9cd3
DS		 1388 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1389 zlog_info(
96b663a3
MS		 1390 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1391 &nbr->router_id,
96db9cd3
DS		 1392 lookup_msg(ospf_nsm_state_msg, nbr->state,
1393 NULL));
d62a17ae 1394 break;
1395 case NSM_Init:
1396 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1397 /* If the new state is ExStart, the processing of the current
1398 packet should then continue in this new state by falling
1399 through to case ExStart below. */
1400 if (nbr->state != NSM_ExStart)
1401 break;
1402 /* fallthru */
1403 case NSM_ExStart:
1404 /* Initial DBD */
1405 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1406 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1407 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1408 > 0) {
1409 /* We're Slave---obey */
05ba78e4
CS		 1410 if (CHECK_FLAG(oi->ospf->config,
1411 OSPF_LOG_ADJACENCY_DETAIL))
996c9314 1412 zlog_info(
96b663a3
MS		 1413 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1414 &nbr->router_id);
05ba78e4 1415
d62a17ae 1416 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1417
1418 /* Reset I/MS */
1419 UNSET_FLAG(nbr->dd_flags,
1420 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1421 } else {
1422 /* We're Master, ignore the initial DBD from
1423 * Slave */
05ba78e4
CS		 1424 if (CHECK_FLAG(oi->ospf->config,
1425 OSPF_LOG_ADJACENCY_DETAIL))
1426 zlog_info(
96b663a3
MS		 1427 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1428 &nbr->router_id);
d62a17ae 1429 break;
1430 }
1431 }
1432 /* Ack from the Slave */
1433 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1434 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1435 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1436 < 0) {
1437 zlog_info(
96b663a3
MS		 1438 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1439 &nbr->router_id);
d62a17ae 1440 /* Reset I, leaving MS */
1441 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1442 } else {
cf444bcf 1443 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1444 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1445 &nbr->router_id);
d62a17ae 1446 break;
1447 }
1448
1449 /* This is where the real Options are saved */
1450 nbr->options = dd->options;
1451
1452 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1453 if (IS_DEBUG_OSPF_EVENT)
1454 zlog_debug(
96b663a3
MS		 1455 "Neighbor[%pI4] is %sOpaque-capable.",
1456 &nbr->router_id,
d62a17ae 1457 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1458 ? ""
1459 : "NOT ");
1460
1461 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1462 && IPV4_ADDR_SAME(&DR(oi),
1463 &nbr->address.u.prefix4)) {
c9cc11f6 1464 flog_warn(
cf444bcf 1465 EC_OSPF_PACKET,
96b663a3
MS		 1466 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1467 &nbr->router_id);
d62a17ae 1468 /* This situation is undesirable, but not a real
1469 * error. */
1470 }
1471 }
1472
1473 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1474
1475 /* continue processing rest of packet. */
1476 ospf_db_desc_proc(s, oi, nbr, dd, size);
1477 break;
1478 case NSM_Exchange:
1479 if (ospf_db_desc_is_dup(dd, nbr)) {
1480 if (IS_SET_DD_MS(nbr->dd_flags))
1481 /* Master: discard duplicated DD packet. */
1482 zlog_info(
96b663a3
MS		 1483 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1484 &nbr->router_id);
d62a17ae 1485 else
1486 /* Slave: cause to retransmit the last Database
1487 Description. */
1488 {
1489 zlog_info(
96b663a3
MS		 1490 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1491 &nbr->router_id);
d62a17ae 1492 ospf_db_desc_resend(nbr);
1493 }
1494 break;
1495 }
1496
1497 /* Otherwise DD packet should be checked. */
1498 /* Check Master/Slave bit mismatch */
1499 if (IS_SET_DD_MS(dd->flags)
1500 != IS_SET_DD_MS(nbr->last_recv.flags)) {
cf444bcf 1501 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1502 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1503 &nbr->router_id);
d62a17ae 1504 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1505 if (IS_DEBUG_OSPF_EVENT)
1506 zlog_debug(
1507 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1508 dd->flags, nbr->dd_flags);
1509 break;
1510 }
1511
1512 /* Check initialize bit is set. */
1513 if (IS_SET_DD_I(dd->flags)) {
96b663a3
MS		 1514 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1515 &nbr->router_id);
d62a17ae 1516 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1517 break;
1518 }
1519
1520 /* Check DD Options. */
1521 if (dd->options != nbr->options) {
cf444bcf 1522 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1523 "Packet[DD]: Neighbor %pI4 options mismatch.",
1524 &nbr->router_id);
d62a17ae 1525 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1526 break;
1527 }
718e3744 1528
d62a17ae 1529 /* Check DD sequence number. */
1530 if ((IS_SET_DD_MS(nbr->dd_flags)
1531 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1532 || (!IS_SET_DD_MS(nbr->dd_flags)
1533 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
c9cc11f6 1534 flog_warn(
cf444bcf 1535 EC_OSPF_PACKET,
96b663a3
MS		 1536 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1537 &nbr->router_id);
d62a17ae 1538 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1539 break;
1540 }
1541
1542 /* Continue processing rest of packet. */
1543 ospf_db_desc_proc(s, oi, nbr, dd, size);
1544 break;
1545 case NSM_Loading:
1546 case NSM_Full:
1547 if (ospf_db_desc_is_dup(dd, nbr)) {
1548 if (IS_SET_DD_MS(nbr->dd_flags)) {
1549 /* Master should discard duplicate DD packet. */
1550 zlog_info(
96b663a3
MS		 1551 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1552 &nbr->router_id);
d62a17ae 1553 break;
1554 } else {
1555 if (monotime_since(&nbr->last_send_ts, NULL)
1556 < nbr->v_inactivity * 1000000LL) {
1557 /* In states Loading and Full the slave
1558 must resend
1559 its last Database Description packet
1560 in response to
1561 duplicate Database Description
1562 packets received
1563 from the master. For this reason the
1564 slave must
1565 wait RouterDeadInterval seconds
1566 before freeing the
1567 last Database Description packet.
1568 Reception of a
1569 Database Description packet from the
1570 master after
1571 this interval will generate a
1572 SeqNumberMismatch
1573 neighbor event. RFC2328 Section 10.8
1574 */
1575 ospf_db_desc_resend(nbr);
1576 break;
1577 }
1578 }
718e3744 1579 }
718e3744 1580
d62a17ae 1581 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1582 break;
1583 default:
cf444bcf 1584 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1585 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1586 &nbr->router_id, nbr->state);
d62a17ae 1587 break;
1588 }
718e3744 1589}
1590
1591#define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1592
1593/* OSPF Link State Request Read -- RFC2328 Section 10.7. */
d62a17ae 1594static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1595 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1596 uint16_t size)
d62a17ae 1597{
1598 struct ospf_neighbor *nbr;
d7c0a89a 1599 uint32_t ls_type;
d62a17ae 1600 struct in_addr ls_id;
1601 struct in_addr adv_router;
1602 struct ospf_lsa *find;
1603 struct list *ls_upd;
1604 unsigned int length;
1605
1606 /* Increment statistics. */
1607 oi->ls_req_in++;
1608
1609 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1610 if (nbr == NULL) {
cf444bcf 1611 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1612 "Link State Request: Unknown Neighbor %pI4",
1613 &ospfh->router_id);
d62a17ae 1614 return;
718e3744 1615 }
1616
d62a17ae 1617 /* Neighbor State should be Exchange or later. */
1618 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1619 && nbr->state != NSM_Full) {
c9cc11f6 1620 flog_warn(
cf444bcf 1621 EC_OSPF_PACKET,
96b663a3
MS		 1622 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1623 &ospfh->router_id,
d62a17ae 1624 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1625 return;
718e3744 1626 }
1627
d62a17ae 1628 /* Send Link State Update for ALL requested LSAs. */
1629 ls_upd = list_new();
1630 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1631
1632 while (size >= OSPF_LSA_KEY_SIZE) {
1633 /* Get one slice of Link State Request. */
1634 ls_type = stream_getl(s);
1635 ls_id.s_addr = stream_get_ipv4(s);
1636 adv_router.s_addr = stream_get_ipv4(s);
1637
1638 /* Verify LSA type. */
1639 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1640 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1641 list_delete(&ls_upd);
d62a17ae 1642 return;
1643 }
718e3744 1644
d62a17ae 1645 /* Search proper LSA in LSDB. */
b5a8894d
CS		 1646 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1647 adv_router);
d62a17ae 1648 if (find == NULL) {
1649 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1650 list_delete(&ls_upd);
d62a17ae 1651 return;
1652 }
718e3744 1653
d62a17ae 1654 /* Packet overflows MTU size, send immediately. */
1655 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1656 if (oi->type == OSPF_IFTYPE_NBMA)
1657 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1658 OSPF_SEND_PACKET_DIRECT, 0);
d62a17ae 1659 else
1660 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1661 OSPF_SEND_PACKET_INDIRECT, 0);
d62a17ae 1662
1663 /* Only remove list contents. Keep ls_upd. */
1664 list_delete_all_node(ls_upd);
718e3744 1665
d62a17ae 1666 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1667 }
1668
1669 /* Append LSA to update list. */
1670 listnode_add(ls_upd, find);
1671 length += ntohs(find->data->length);
718e3744 1672
d62a17ae 1673 size -= OSPF_LSA_KEY_SIZE;
1674 }
718e3744 1675
d62a17ae 1676 /* Send rest of Link State Update. */
1677 if (listcount(ls_upd) > 0) {
1678 if (oi->type == OSPF_IFTYPE_NBMA)
996c9314
LB		 1679 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1680 0);
d62a17ae 1681 else
996c9314
LB		 1682 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1683 0);
718e3744 1684
6a154c88 1685 list_delete(&ls_upd);
d62a17ae 1686 } else
6a154c88 1687 list_delete(&ls_upd);
718e3744 1688}
1689
1690/* Get the list of LSAs from Link State Update packet.
1691 And process some validation -- RFC2328 Section 13. (1)-(2). */
d62a17ae 1692static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1693 struct stream *s,
1694 struct ospf_interface *oi, size_t size)
1695{
d7c0a89a
QY		 1696 uint16_t count, sum;
1697 uint32_t length;
d62a17ae 1698 struct lsa_header *lsah;
1699 struct ospf_lsa *lsa;
1700 struct list *lsas;
1701
1702 lsas = list_new();
1703
1704 count = stream_getl(s);
1705 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1706
1707 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1708 size -= length, stream_forward_getp(s, length), count--) {
2d34fb80 1709 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1710 length = ntohs(lsah->length);
1711
1712 if (length > size) {
c9cc11f6 1713 flog_warn(
cf444bcf 1714 EC_OSPF_PACKET,
d62a17ae 1715 "Link State Update: LSA length exceeds packet size.");
1716 break;
1717 }
718e3744 1718
53674eab
LB		 1719 if (length < OSPF_LSA_HEADER_SIZE) {
1720 flog_warn(EC_OSPF_PACKET,
1721 "Link State Update: LSA length too small.");
1722 break;
1723 }
1724
d62a17ae 1725 /* Validate the LSA's LS checksum. */
1726 sum = lsah->checksum;
1727 if (!ospf_lsa_checksum_valid(lsah)) {
1728 /* (bug #685) more details in a one-line message make it
1729 * possible
1730 * to identify problem source on the one hand and to
1731 * have a better
1732 * chance to compress repeated messages in syslog on the
1733 * other */
c9cc11f6 1734 flog_warn(
cf444bcf 1735 EC_OSPF_PACKET,
96b663a3
MS		 1736 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1737 sum, lsah->checksum, &lsah->id,
1738 &nbr->src, &nbr->router_id,
1739 &lsah->adv_router);
d62a17ae 1740 continue;
1741 }
718e3744 1742
d62a17ae 1743 /* Examine the LSA's LS type. */
1744 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1745 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1746 "Link State Update: Unknown LS type %d",
d62a17ae 1747 lsah->type);
1748 continue;
1749 }
718e3744 1750
d62a17ae 1751 /*
1752 * What if the received LSA's age is greater than MaxAge?
1753 * Treat it as a MaxAge case -- endo.
1754 */
1755 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1756 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
718e3744 1757
d62a17ae 1758 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1759#ifdef STRICT_OBIT_USAGE_CHECK
1760 if ((IS_OPAQUE_LSA(lsah->type)
1761 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1762 || (!IS_OPAQUE_LSA(lsah->type)
1763 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1764 /*
1765 * This neighbor must know the exact usage of
1766 * O-bit;
1767 * the bit will be set in Type-9,10,11 LSAs
1768 * only.
1769 */
cf444bcf 1770 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1771 "LSA[Type%d:%pI4]: O-bit abuse?",
1772 lsah->type, &lsah->id);
d62a17ae 1773 continue;
1774 }
1775#endif /* STRICT_OBIT_USAGE_CHECK */
718e3744 1776
d62a17ae 1777 /* Do not take in AS External Opaque-LSAs if we are a
1778 * stub. */
1779 if (lsah->type == OSPF_OPAQUE_AS_LSA
1780 && nbr->oi->area->external_routing
1781 != OSPF_AREA_DEFAULT) {
1782 if (IS_DEBUG_OSPF_EVENT)
1783 zlog_debug(
96b663a3 1784 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
d62a17ae 1785 lsah->type,
96b663a3 1786 &lsah->id);
d62a17ae 1787 continue;
1788 }
1789 } else if (IS_OPAQUE_LSA(lsah->type)) {
8935b0fa
JAG		 1790 flog_warn(
1791 EC_OSPF_PACKET,
1792 "LSA[Type%d:%pI4] from %pI4: Opaque capability mismatch?",
1793 lsah->type, &lsah->id, &lsah->adv_router);
d62a17ae 1794 continue;
1795 }
718e3744 1796
d62a17ae 1797 /* Create OSPF LSA instance. */
5b3d4186 1798 lsa = ospf_lsa_new_and_data(length);
d62a17ae 1799
b5a8894d 1800 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 1801 /* We may wish to put some error checking if type NSSA comes in
1802 and area not in NSSA mode */
1803 switch (lsah->type) {
1804 case OSPF_AS_EXTERNAL_LSA:
1805 case OSPF_OPAQUE_AS_LSA:
1806 lsa->area = NULL;
1807 break;
1808 case OSPF_OPAQUE_LINK_LSA:
1809 lsa->oi = oi; /* Remember incoming interface for
1810 flooding control. */
1811 /* Fallthrough */
1812 default:
1813 lsa->area = oi->area;
1814 break;
1815 }
718e3744 1816
d62a17ae 1817 memcpy(lsa->data, lsah, length);
1818
1819 if (IS_DEBUG_OSPF_EVENT)
1820 zlog_debug(
96b663a3
MS		 1821 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1822 lsa->data->type, &lsa->data->id,
d62a17ae 1823 (void *)lsa);
1824 listnode_add(lsas, lsa);
1825 }
718e3744 1826
d62a17ae 1827 return lsas;
718e3744 1828}
1829
1830/* Cleanup Update list. */
d62a17ae 1831static void ospf_upd_list_clean(struct list *lsas)
718e3744 1832{
d62a17ae 1833 struct listnode *node, *nnode;
1834 struct ospf_lsa *lsa;
718e3744 1835
d62a17ae 1836 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1837 ospf_lsa_discard(lsa);
718e3744 1838
6a154c88 1839 list_delete(&lsas);
718e3744 1840}
1841
1842/* OSPF Link State Update message read -- RFC2328 Section 13. */
d62a17ae 1843static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1844 struct ospf_header *ospfh, struct stream *s,
d7c0a89a 1845 struct ospf_interface *oi, uint16_t size)
d62a17ae 1846{
1847 struct ospf_neighbor *nbr;
1848 struct list *lsas;
1849 struct listnode *node, *nnode;
1850 struct ospf_lsa *lsa = NULL;
1851 /* unsigned long ls_req_found = 0; */
1852
1853 /* Dis-assemble the stream, update each entry, re-encapsulate for
1854 * flooding */
1855
1856 /* Increment statistics. */
1857 oi->ls_upd_in++;
1858
1859 /* Check neighbor. */
1860 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1861 if (nbr == NULL) {
cf444bcf 1862 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1863 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1864 &ospfh->router_id, IF_NAME(oi));
d62a17ae 1865 return;
718e3744 1866 }
1867
d62a17ae 1868 /* Check neighbor state. */
1869 if (nbr->state < NSM_Exchange) {
1870 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1871 zlog_debug(
96b663a3
MS		 1872 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1873 &ospfh->router_id,
d62a17ae 1874 lookup_msg(ospf_nsm_state_msg, nbr->state,
1875 NULL));
1876 return;
1877 }
718e3744 1878
98cb53f9
RW		 1879 /* Get list of LSAs from Link State Update packet. - Also performs
1880 * Stages 1 (validate LSA checksum) and 2 (check for LSA consistent
1881 * type) of section 13.
d62a17ae 1882 */
1883 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1884
35955c14
CS		 1885 if (lsas == NULL)
1886 return;
d62a17ae 1887#define DISCARD_LSA(L, N) \
1888 { \
1889 if (IS_DEBUG_OSPF_EVENT) \
1890 zlog_debug( \
1891 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1892 " Type-%d", \
1893 N, (void *)lsa, (int)lsa->data->type); \
1894 ospf_lsa_discard(L); \
1895 continue; \
718e3744 1896 }
1897
d62a17ae 1898 /* Process each LSA received in the one packet.
1899 *
1900 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1901 * text below are from the steps in RFC 2328, Section 13.
1902 */
1903 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1904 struct ospf_lsa *ls_ret, *current;
1905 int ret = 1;
1906
231af0a5 1907 if (IS_DEBUG_OSPF(lsa, LSA))
c067e23e
DS		 1908 zlog_debug("LSA Type-%d from %pI4, ID: %pI4, ADV: %pI4",
1909 lsa->data->type, &ospfh->router_id,
1910 &lsa->data->id, &lsa->data->adv_router);
718e3744 1911
d62a17ae 1912 listnode_delete(lsas,
1913 lsa); /* We don't need it in list anymore */
1914
1915 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1916 */
1917
1918 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1919
1920 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1921 */
1922
1923 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1924 */
1925
1926 /* Do take in Type-7's if we are an NSSA */
1927
1928 /* If we are also an ABR, later translate them to a Type-5
1929 * packet */
1930
1931 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1932 translate them to a separate Type-5 packet. */
1933
1934 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1935 /* Reject from STUB or NSSA */
1936 if (nbr->oi->area->external_routing
1937 != OSPF_AREA_DEFAULT) {
1938 if (IS_DEBUG_OSPF_NSSA)
1939 zlog_debug(
1940 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1941 DISCARD_LSA(lsa, 1);
1942 }
1943
1944 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1945 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1946 if (IS_DEBUG_OSPF_NSSA)
1947 zlog_debug(
1948 "Incoming NSSA LSA Discarded: Not NSSA Area");
1949 DISCARD_LSA(lsa, 2);
1950 }
1951
1952 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1953 if (lsa->data->type == OSPF_ROUTER_LSA)
1954 if (!IPV4_ADDR_SAME(&lsa->data->id,
1955 &lsa->data->adv_router)) {
c067e23e
DS		 1956 flog_err(
1957 EC_OSPF_ROUTER_LSA_MISMATCH,
1958 "Incoming Router-LSA from %pI4 with Adv-ID[%pI4] != LS-ID[%pI4]",
1959 &ospfh->router_id, &lsa->data->id,
1960 &lsa->data->adv_router);
af4c2728 1961 flog_err(
cf444bcf 1962 EC_OSPF_DOMAIN_CORRUPT,
3efd0893 1963 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
d62a17ae 1964 DISCARD_LSA(lsa, 0);
1965 }
1966
1967 /* Find the LSA in the current database. */
1968
1969 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1970
1971 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1972 currently
1973 no instance of the LSA in the router's link state database,
1974 and none of router's neighbors are in states Exchange or
1975 Loading,
1976 then take the following actions: */
1977
1978 if (IS_LSA_MAXAGE(lsa) && !current
1979 && ospf_check_nbr_status(oi->ospf)) {
1980 /* (4a) Response Link State Acknowledgment. */
1981 ospf_ls_ack_send(nbr, lsa);
1982
1983 /* (4b) Discard LSA. */
1984 if (IS_DEBUG_OSPF(lsa, LSA)) {
1985 zlog_debug(
1986 "Link State Update[%s]: LS age is equal to MaxAge.",
1987 dump_lsa_key(lsa));
1988 }
1989 DISCARD_LSA(lsa, 3);
1990 }
1991
1992 if (IS_OPAQUE_LSA(lsa->data->type)
1993 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1994 &oi->ospf->router_id)) {
1995 /*
1996 * Even if initial flushing seems to be completed, there
1997 * might
1998 * be a case that self-originated LSA with MaxAge still
1999 * remain
2000 * in the routing domain.
2001 * Just send an LSAck message to cease retransmission.
2002 */
2003 if (IS_LSA_MAXAGE(lsa)) {
c9cc11f6 2004 zlog_info("LSA[%s]: Boomerang effect?",
d62a17ae 2005 dump_lsa_key(lsa));
2006 ospf_ls_ack_send(nbr, lsa);
2007 ospf_lsa_discard(lsa);
2008
2009 if (current != NULL && !IS_LSA_MAXAGE(current))
2010 ospf_opaque_lsa_refresh_schedule(
2011 current);
2012 continue;
2013 }
2014
2015 /*
2016 * If an instance of self-originated Opaque-LSA is not
2017 * found
2018 * in the LSDB, there are some possible cases here.
2019 *
2020 * 1) This node lost opaque-capability after restart.
2021 * 2) Else, a part of opaque-type is no more supported.
2022 * 3) Else, a part of opaque-id is no more supported.
2023 *
2024 * Anyway, it is still this node's responsibility to
2025 * flush it.
2026 * Otherwise, the LSA instance remains in the routing
2027 * domain
2028 * until its age reaches to MaxAge.
2029 */
2030 /* XXX: We should deal with this for *ALL* LSAs, not
2031 * just opaque */
2032 if (current == NULL) {
2033 if (IS_DEBUG_OSPF_EVENT)
2034 zlog_debug(
3efd0893 2035 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
d62a17ae 2036 dump_lsa_key(lsa));
2037
2038 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2039
d62a17ae 2040 ospf_ls_ack_send(nbr, lsa);
2041
10514170
RW		 2042 if (!ospf->gr_info.restart_in_progress) {
2043 ospf_opaque_self_originated_lsa_received(
2044 nbr, lsa);
2045 continue;
2046 }
d62a17ae 2047 }
2048 }
2049
2050 /* It might be happen that received LSA is self-originated
2051 * network LSA, but
2052 * router ID is changed. So, we should check if LSA is a
2053 * network-LSA whose
2054 * Link State ID is one of the router's own IP interface
2055 * addresses but whose
2056 * Advertising Router is not equal to the router's own Router ID
2057 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2058 * flushed.
2059 */
2060
2061 if (lsa->data->type == OSPF_NETWORK_LSA) {
2062 struct listnode *oinode, *oinnode;
2063 struct ospf_interface *out_if;
2064 int Flag = 0;
2065
2066 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2067 oinnode, out_if)) {
2068 if (out_if == NULL)
2069 break;
2070
2071 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2072 &lsa->data->id))
2073 && (!(IPV4_ADDR_SAME(
2074 &oi->ospf->router_id,
2075 &lsa->data->adv_router)))) {
2076 if (out_if->network_lsa_self) {
2077 ospf_lsa_flush_area(
2078 lsa, out_if->area);
2079 if (IS_DEBUG_OSPF_EVENT)
2080 zlog_debug(
2081 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2082 (void *)lsa,
2083 (int)lsa->data
2084 ->type);
2085 ospf_lsa_discard(lsa);
2086 Flag = 1;
2087 }
2088 break;
2089 }
2090 }
2091 if (Flag)
2092 continue;
2093 }
2094
2095 /* (5) Find the instance of this LSA that is currently contained
2096 in the router's link state database. If there is no
2097 database copy, or the received LSA is more recent than
2098 the database copy the following steps must be performed.
2099 (The sub steps from RFC 2328 section 13 step (5) will be
2100 performed in
2101 ospf_flood() ) */
2102
2103 if (current == NULL
2104 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
76c1efd7 2105 /* CVE-2017-3224 */
44d1115a 2106 if (current && (IS_LSA_MAX_SEQ(current))
3cb62bb3 2107 && (IS_LSA_MAX_SEQ(lsa)) && !IS_LSA_MAXAGE(lsa)) {
76c1efd7 2108 zlog_debug(
44d1115a 2109 "Link State Update[%s]: has Max Seq and higher checksum but not MaxAge. Dropping it",
76c1efd7
CS		 2110 dump_lsa_key(lsa));
2111
2112 DISCARD_LSA(lsa, 4);
76c1efd7
CS		 2113 }
2114
d62a17ae 2115 /* Actual flooding procedure. */
2116 if (ospf_flood(oi->ospf, nbr, current, lsa)
2117 < 0) /* Trap NSSA later. */
76c1efd7 2118 DISCARD_LSA(lsa, 5);
d62a17ae 2119 continue;
2120 }
2121
2122 /* (6) Else, If there is an instance of the LSA on the sending
2123 neighbor's Link state request list, an error has occurred in
2124 the Database Exchange process. In this case, restart the
2125 Database Exchange process by generating the neighbor event
2126 BadLSReq for the sending neighbor and stop processing the
2127 Link State Update packet. */
2128
2129 if (ospf_ls_request_lookup(nbr, lsa)) {
2130 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
c9cc11f6 2131 flog_warn(
cf444bcf 2132 EC_OSPF_PACKET,
d62a17ae 2133 "LSA[%s] instance exists on Link state request list",
2134 dump_lsa_key(lsa));
2135
2136 /* Clean list of LSAs. */
2137 ospf_upd_list_clean(lsas);
2138 /* this lsa is not on lsas list already. */
2139 ospf_lsa_discard(lsa);
2140 return;
2141 }
2142
2143 /* If the received LSA is the same instance as the database copy
2144 (i.e., neither one is more recent) the following two steps
2145 should be performed: */
2146
2147 if (ret == 0) {
2148 /* If the LSA is listed in the Link state retransmission
2149 list
2150 for the receiving adjacency, the router itself is
2151 expecting
2152 an acknowledgment for this LSA. The router should
2153 treat the
2154 received LSA as an acknowledgment by removing the LSA
2155 from
2156 the Link state retransmission list. This is termed
2157 an
2158 "implied acknowledgment". */
2159
2160 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2161
2162 if (ls_ret != NULL) {
2163 ospf_ls_retransmit_delete(nbr, ls_ret);
2164
2165 /* Delayed acknowledgment sent if advertisement
2166 received
2167 from Designated Router, otherwise do nothing.
2168 */
2169 if (oi->state == ISM_Backup)
2170 if (NBR_IS_DR(nbr))
2171 listnode_add(
2172 oi->ls_ack,
2173 ospf_lsa_lock(lsa));
2174
76c1efd7 2175 DISCARD_LSA(lsa, 6);
d62a17ae 2176 } else
2177 /* Acknowledge the receipt of the LSA by sending a
2178 Link State Acknowledgment packet back out the
2179 receiving
2180 interface. */
2181 {
2182 ospf_ls_ack_send(nbr, lsa);
76c1efd7 2183 DISCARD_LSA(lsa, 7);
d62a17ae 2184 }
2185 }
2186
2187 /* The database copy is more recent. If the database copy
2188 has LS age equal to MaxAge and LS sequence number equal to
2189 MaxSequenceNumber, simply discard the received LSA without
2190 acknowledging it. (In this case, the LSA's LS sequence number
2191 is
2192 wrapping, and the MaxSequenceNumber LSA must be completely
2193 flushed before any new LSA instance can be introduced). */
2194
2195 else if (ret > 0) /* Database copy is more recent */
2196 {
2197 if (IS_LSA_MAXAGE(current)
2198 && current->data->ls_seqnum
2199 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
76c1efd7 2200 DISCARD_LSA(lsa, 8);
d62a17ae 2201 }
2202 /* Otherwise, as long as the database copy has not been
2203 sent in a
2204 Link State Update within the last MinLSArrival
2205 seconds, send the
2206 database copy back to the sending neighbor,
2207 encapsulated within
2208 a Link State Update Packet. The Link State Update
2209 Packet should
2210 be sent directly to the neighbor. In so doing, do not
2211 put the
2212 database copy of the LSA on the neighbor's link state
2213 retransmission list, and do not acknowledge the
2214 received (less
2215 recent) LSA instance. */
2216 else {
2217 if (monotime_since(&current->tv_orig, NULL)
2218 >= ospf->min_ls_arrival * 1000LL)
2219 /* Trap NSSA type later.*/
2220 ospf_ls_upd_send_lsa(
2221 nbr, current,
2222 OSPF_SEND_PACKET_DIRECT);
76c1efd7 2223 DISCARD_LSA(lsa, 9);
d62a17ae 2224 }
2225 }
2226 }
2cd754de
PJ		 2227#undef DISCARD_LSA
2228
d62a17ae 2229 assert(listcount(lsas) == 0);
6a154c88 2230 list_delete(&lsas);
10514170
RW		 2231
2232 if (ospf->gr_info.restart_in_progress)
2233 ospf_gr_check_lsdb_consistency(oi->ospf, oi->area);
718e3744 2234}
2235
2236/* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
d62a17ae 2237static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2238 struct stream *s, struct ospf_interface *oi,
d7c0a89a 2239 uint16_t size)
d62a17ae 2240{
2241 struct ospf_neighbor *nbr;
2242
2243 /* increment statistics. */
2244 oi->ls_ack_in++;
2245
2246 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2247 if (nbr == NULL) {
cf444bcf 2248 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 2249 "Link State Acknowledgment: Unknown Neighbor %pI4",
2250 &ospfh->router_id);
d62a17ae 2251 return;
2252 }
2253
d62a17ae 2254 if (nbr->state < NSM_Exchange) {
2255 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2256 zlog_debug(
96b663a3
MS		 2257 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2258 &ospfh->router_id,
d62a17ae 2259 lookup_msg(ospf_nsm_state_msg, nbr->state,
2260 NULL));
2261 return;
2262 }
2263
2264 while (size >= OSPF_LSA_HEADER_SIZE) {
2265 struct ospf_lsa *lsa, *lsr;
2266
2267 lsa = ospf_lsa_new();
2d34fb80 2268 lsa->data = (struct lsa_header *)stream_pnt(s);
b5a8894d 2269 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 2270
2d34fb80 2271 /* lsah = (struct lsa_header *) stream_pnt (s); */
d62a17ae 2272 size -= OSPF_LSA_HEADER_SIZE;
2273 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2274
2275 if (lsa->data->type < OSPF_MIN_LSA
2276 || lsa->data->type >= OSPF_MAX_LSA) {
2277 lsa->data = NULL;
2278 ospf_lsa_discard(lsa);
2279 continue;
2280 }
2281
2282 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2283
3cb62bb3 2284 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0) {
d62a17ae 2285 ospf_ls_retransmit_delete(nbr, lsr);
3cb62bb3
MR		 2286 ospf_check_and_gen_init_seq_lsa(oi, lsa);
2287 }
d62a17ae 2288
2289 lsa->data = NULL;
2290 ospf_lsa_discard(lsa);
2291 }
2292
2293 return;
2294}
2295
b5a8894d
CS		 2296static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2297 struct interface **ifp,
d62a17ae 2298 struct stream *ibuf)
2299{
2300 int ret;
2301 struct ip *iph;
d7c0a89a 2302 uint16_t ip_len;
d62a17ae 2303 ifindex_t ifindex = 0;
2304 struct iovec iov;
2305 /* Header and data both require alignment. */
2306 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2307 struct msghdr msgh;
2308
6006b807 2309 memset(&msgh, 0, sizeof(msgh));
d62a17ae 2310 msgh.msg_iov = &iov;
2311 msgh.msg_iovlen = 1;
2312 msgh.msg_control = (caddr_t)buff;
2313 msgh.msg_controllen = sizeof(buff);
2314
4392cc43
DS		 2315 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2316 OSPF_MAX_PACKET_SIZE + 1);
d62a17ae 2317 if (ret < 0) {
4392cc43
DS		 2318 if (errno != EAGAIN && errno != EWOULDBLOCK)
2319 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2320 safe_strerror(errno));
d62a17ae 2321 return NULL;
2322 }
e947b307 2323 if ((unsigned int)ret < sizeof(struct ip)) {
c9cc11f6 2324 flog_warn(
cf444bcf 2325 EC_OSPF_PACKET,
ea892800 2326 "%s: discarding runt packet of length %d (ip header size is %u)",
2327 __func__, ret, (unsigned int)sizeof(iph));
d62a17ae 2328 return NULL;
2329 }
2330
2331 /* Note that there should not be alignment problems with this assignment
2332 because this is at the beginning of the stream data buffer. */
2333 iph = (struct ip *)STREAM_DATA(ibuf);
2334 sockopt_iphdrincl_swab_systoh(iph);
2335
2336 ip_len = iph->ip_len;
2337
bdee8083 2338#if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
d62a17ae 2339 /*
2340 * Kernel network code touches incoming IP header parameters,
2341 * before protocol specific processing.
2342 *
2343 * 1) Convert byteorder to host representation.
2344 * --> ip_len, ip_id, ip_off
2345 *
2346 * 2) Adjust ip_len to strip IP header size!
2347 * --> If user process receives entire IP packet via RAW
2348 * socket, it must consider adding IP header size to
2349 * the "ip_len" field of "ip" structure.
2350 *
2351 * For more details, see <netinet/ip_input.c>.
2352 */
2353 ip_len = ip_len + (iph->ip_hl << 2);
718e3744 2354#endif
d62a17ae 2355
0150c9c9 2356#if defined(__DragonFly__)
d62a17ae 2357 /*
2358 * in DragonFly's raw socket, ip_len/ip_off are read
2359 * in network byte order.
2360 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2361 */
2362 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
0150c9c9
DB		 2363#endif
2364
d62a17ae 2365 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2366
b5a8894d 2367 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
d62a17ae 2368
2369 if (ret != ip_len) {
c9cc11f6 2370 flog_warn(
cf444bcf 2371 EC_OSPF_PACKET,
ea892800 2372 "%s read length mismatch: ip_len is %d, but recvmsg returned %d",
2373 __func__, ip_len, ret);
d62a17ae 2374 return NULL;
2375 }
718e3744 2376
868a0861 2377 if (IS_DEBUG_OSPF_PACKET(0, RECV))
15569c58
DA		 2378 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2379 ospf_get_name(ospf), ifindex,
2380 *ifp ? (*ifp)->name : "Unknown");
d62a17ae 2381 return ibuf;
718e3744 2382}
2383
4dadc291 2384static struct ospf_interface *
d62a17ae 2385ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2386 struct ip *iph, struct ospf_header *ospfh)
2387{
2388 struct ospf_interface *rcv_oi;
2389 struct ospf_vl_data *vl_data;
2390 struct ospf_area *vl_area;
2391 struct listnode *node;
2392
2393 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2394 || !OSPF_IS_AREA_BACKBONE(ospfh))
2395 return NULL;
2396
2397 /* look for local OSPF interface matching the destination
2398 * to determine Area ID. We presume therefore the destination address
2399 * is unique, or at least (for "unnumbered" links), not used in other
2400 * areas
2401 */
2402 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2403 == NULL)
2404 return NULL;
2405
2406 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2407 vl_area =
2408 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2409 if (!vl_area)
2410 continue;
2411
2412 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2413 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2414 if (IS_DEBUG_OSPF_EVENT)
2415 zlog_debug("associating packet with %s",
2416 IF_NAME(vl_data->vl_oi));
2417 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2418 if (IS_DEBUG_OSPF_EVENT)
2419 zlog_debug(
2420 "This VL is not up yet, sorry");
2421 return NULL;
2422 }
2423
2424 return vl_data->vl_oi;
2425 }
718e3744 2426 }
718e3744 2427
d62a17ae 2428 if (IS_DEBUG_OSPF_EVENT)
2429 zlog_debug("couldn't find any VL to associate the packet with");
2430
2431 return NULL;
718e3744 2432}
2433
d62a17ae 2434static int ospf_check_area_id(struct ospf_interface *oi,
2435 struct ospf_header *ospfh)
718e3744 2436{
d62a17ae 2437 /* Check match the Area ID of the receiving interface. */
2438 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2439 return 1;
718e3744 2440
d62a17ae 2441 return 0;
718e3744 2442}
2443
2444/* Unbound socket will accept any Raw IP packets if proto is matched.
2445 To prevent it, compare src IP address and i/f address with masking
2446 i/f network mask. */
d62a17ae 2447static int ospf_check_network_mask(struct ospf_interface *oi,
2448 struct in_addr ip_src)
718e3744 2449{
d62a17ae 2450 struct in_addr mask, me, him;
718e3744 2451
d62a17ae 2452 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2453 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2454 return 1;
718e3744 2455
0c5506a8
AL		 2456 /* Ignore mask check for max prefix length (32) */
2457 if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
2458 && oi->address->prefixlen == IPV4_MAX_BITLEN)
2459 return 1;
2460
d62a17ae 2461 masklen2ip(oi->address->prefixlen, &mask);
718e3744 2462
d62a17ae 2463 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2464 him.s_addr = ip_src.s_addr & mask.s_addr;
718e3744 2465
d62a17ae 2466 if (IPV4_ADDR_SAME(&me, &him))
2467 return 1;
718e3744 2468
d62a17ae 2469 return 0;
718e3744 2470}
2471
bd5651f0
DO		 2472/* Return 1, if the packet is properly authenticated and checksummed,
2473 0 otherwise. In particular, check that AuType header field is valid and
2474 matches the locally configured AuType, and that D.5 requirements are met. */
d62a17ae 2475static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2476{
2477 struct crypt_key *ck;
d7c0a89a
QY		 2478 uint16_t iface_auth_type;
2479 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
d62a17ae 2480
2481 switch (pkt_auth_type) {
2482 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2483 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2484 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2485 flog_warn(
cf444bcf 2486 EC_OSPF_PACKET,
d62a17ae 2487 "interface %s: auth-type mismatch, local %s, rcvd Null",
2488 IF_NAME(oi),
2489 lookup_msg(ospf_auth_type_str,
2490 iface_auth_type, NULL));
2491 return 0;
2492 }
2493 if (!ospf_check_sum(ospfh)) {
2494 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2495 flog_warn(
cf444bcf 2496 EC_OSPF_PACKET,
96b663a3 2497 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
d62a17ae 2498 IF_NAME(oi),
96b663a3 2499 &ospfh->router_id);
d62a17ae 2500 return 0;
2501 }
2502 return 1;
2503 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2504 if (OSPF_AUTH_SIMPLE
2505 != (iface_auth_type = ospf_auth_type(oi))) {
2506 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2507 flog_warn(
cf444bcf 2508 EC_OSPF_PACKET,
d62a17ae 2509 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2510 IF_NAME(oi),
2511 lookup_msg(ospf_auth_type_str,
2512 iface_auth_type, NULL));
2513 return 0;
2514 }
2515 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2516 OSPF_AUTH_SIMPLE_SIZE)) {
2517 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2518 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2519 "interface %s: Simple auth failed",
d62a17ae 2520 IF_NAME(oi));
2521 return 0;
2522 }
2523 if (!ospf_check_sum(ospfh)) {
2524 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2525 flog_warn(
cf444bcf 2526 EC_OSPF_PACKET,
96b663a3 2527 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
d62a17ae 2528 IF_NAME(oi),
96b663a3 2529 &ospfh->router_id);
d62a17ae 2530 return 0;
2531 }
2532 return 1;
2533 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2534 if (OSPF_AUTH_CRYPTOGRAPHIC
2535 != (iface_auth_type = ospf_auth_type(oi))) {
2536 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2537 flog_warn(
cf444bcf 2538 EC_OSPF_PACKET,
d62a17ae 2539 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2540 IF_NAME(oi),
2541 lookup_msg(ospf_auth_type_str,
2542 iface_auth_type, NULL));
2543 return 0;
2544 }
2545 if (ospfh->checksum) {
2546 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2547 flog_warn(
cf444bcf 2548 EC_OSPF_PACKET,
d62a17ae 2549 "interface %s: OSPF header checksum is not 0",
2550 IF_NAME(oi));
2551 return 0;
2552 }
2553 /* only MD5 crypto method can pass ospf_packet_examin() */
996c9314
LB		 2554 if (NULL == (ck = listgetdata(
2555 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2556 || ospfh->u.crypt.key_id != ck->key_id ||
2557 /* Condition above uses the last key ID on the list,
2558 which is
2559 different from what ospf_crypt_key_lookup() does. A
2560 bug? */
2561 !ospf_check_md5_digest(oi, ospfh)) {
d62a17ae 2562 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2563 flog_warn(EC_OSPF_MD5,
c9cc11f6 2564 "interface %s: MD5 auth failed",
d62a17ae 2565 IF_NAME(oi));
2566 return 0;
2567 }
2568 return 1;
2569 default:
2570 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2571 flog_warn(
cf444bcf 2572 EC_OSPF_PACKET,
d62a17ae 2573 "interface %s: invalid packet auth-type (%02x)",
2574 IF_NAME(oi), pkt_auth_type);
2575 return 0;
2576 }
2577}
2578
2579static int ospf_check_sum(struct ospf_header *ospfh)
2580{
d7c0a89a
QY		 2581 uint32_t ret;
2582 uint16_t sum;
d62a17ae 2583
2584 /* clear auth_data for checksum. */
2585 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2586
2587 /* keep checksum and clear. */
2588 sum = ospfh->checksum;
d7c0a89a 2589 memset(&ospfh->checksum, 0, sizeof(uint16_t));
d62a17ae 2590
2591 /* calculate checksum. */
2592 ret = in_cksum(ospfh, ntohs(ospfh->length));
2593
2594 if (ret != sum) {
ea892800 2595 zlog_info("%s: checksum mismatch, my %X, his %X", __func__, ret,
2596 sum);
d62a17ae 2597 return 0;
2598 }
2599
2600 return 1;
718e3744 2601}
2602
4e31de79
DO		 2603/* Verify, that given link/TOS records are properly sized/aligned and match
2604 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
d62a17ae 2605static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
d7c0a89a
QY		 2606 uint16_t linkbytes,
2607 const uint16_t num_links)
d62a17ae 2608{
2609 unsigned counted_links = 0, thislinklen;
2610
04d6a0f8 2611 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
d62a17ae 2612 thislinklen =
2613 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2614 if (thislinklen > linkbytes) {
2615 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2616 zlog_debug("%s: length error in link block #%u",
2617 __func__, counted_links);
2618 return MSG_NG;
2619 }
2620 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2621 linkbytes -= thislinklen;
2622 counted_links++;
2623 }
2624 if (counted_links != num_links) {
2625 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2626 zlog_debug("%s: %u link blocks declared, %u present",
2627 __func__, num_links, counted_links);
2628 return MSG_NG;
2629 }
2630 return MSG_OK;
4e31de79
DO		 2631}
2632
2633/* Verify, that the given LSA is properly sized/aligned (including type-specific
2634 minimum length constraint). */
d7c0a89a
QY		 2635static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2636 const uint8_t headeronly)
d62a17ae 2637{
2638 unsigned ret;
2639 struct router_lsa *rlsa;
2640 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2641 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2642 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2643 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2644 lookup_msg(ospf_lsa_type_msg, lsah->type,
2645 NULL));
2646 return MSG_NG;
2647 }
2648 switch (lsah->type) {
04d6a0f8
QY		 2649 case OSPF_ROUTER_LSA: {
2650 /*
2651 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2652 * (12+)-byte link blocks
2653 */
2654 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2655 - OSPF_ROUTER_LSA_MIN_SIZE;
2656
2657 /*
2658 * LSA link blocks are variable length but always multiples of
2659 * 4; basic sanity check
2660 */
2661 if (linkbytes_len % 4 != 0)
2662 return MSG_NG;
2663
2664 if (headeronly)
2665 return MSG_OK;
2666
d62a17ae 2667 rlsa = (struct router_lsa *)lsah;
04d6a0f8 2668
d62a17ae 2669 ret = ospf_router_lsa_links_examin(
2670 (struct router_lsa_link *)rlsa->link,
04d6a0f8
QY		 2671 linkbytes_len,
2672 ntohs(rlsa->links));
d62a17ae 2673 break;
04d6a0f8 2674 }
d62a17ae 2675 case OSPF_AS_EXTERNAL_LSA:
2676 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2677 * blocks */
2678 case OSPF_AS_NSSA_LSA:
2679 /* RFC3101 C, idem */
2680 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2681 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2682 % 12
2683 ? MSG_NG
2684 : MSG_OK;
2685 break;
2686 /* Following LSA types are considered OK length-wise as soon as their
2687 * minimum
2688 * length constraint is met and length of the whole LSA is a multiple of
2689 * 4
2690 * (basic LSA header size is already a multiple of 4). */
2691 case OSPF_NETWORK_LSA:
2692 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2693 case OSPF_SUMMARY_LSA:
2694 case OSPF_ASBR_SUMMARY_LSA:
2695 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2696 * blocks */
2697 case OSPF_OPAQUE_LINK_LSA:
2698 case OSPF_OPAQUE_AREA_LSA:
2699 case OSPF_OPAQUE_AS_LSA:
2700 /* RFC5250 A.2, "some number of octets (of application-specific
2701 * data) padded to 32-bit alignment." This is considered
2702 * equivalent
2703 * to 4-byte alignment of all other LSA types, see
2704 * OSPF-ALIGNMENT.txt
2705 * file for the detailed analysis of this passage. */
2706 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2707 break;
2708 default:
2709 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2710 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2711 lsah->type);
2712 return MSG_NG;
2713 }
2714 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2715 zlog_debug("%s: alignment error in %s", __func__,
2716 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2717 return ret;
4e31de79
DO		 2718}
2719
2720/* Verify if the provided input buffer is a valid sequence of LSAs. This
2721 includes verification of LSA blocks length/alignment and dispatching
2722 of deeper-level checks. */
2723static unsigned
d62a17ae 2724ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
d7c0a89a 2725 size_t length, const uint8_t headeronly,
d62a17ae 2726 /* When declared_num_lsas is not 0, compare it to the real
2727 number of LSAs
2728 and treat the difference as an error. */
d7c0a89a 2729 const uint32_t declared_num_lsas)
d62a17ae 2730{
d7c0a89a 2731 uint32_t counted_lsas = 0;
d62a17ae 2732
2733 while (length) {
d7c0a89a 2734 uint16_t lsalen;
d62a17ae 2735 if (length < OSPF_LSA_HEADER_SIZE) {
2736 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2737 zlog_debug(
2738 "%s: undersized (%zu B) trailing (#%u) LSA header",
2739 __func__, length, counted_lsas);
2740 return MSG_NG;
2741 }
2742 /* save on ntohs() calls here and in the LSA validator */
2743 lsalen = ntohs(lsah->length);
2744 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2745 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2746 zlog_debug(
2747 "%s: malformed LSA header #%u, declared length is %u B",
2748 __func__, counted_lsas, lsalen);
2749 return MSG_NG;
2750 }
2751 if (headeronly) {
2752 /* less checks here and in ospf_lsa_examin() */
2753 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2754 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2755 zlog_debug(
2756 "%s: malformed header-only LSA #%u",
2757 __func__, counted_lsas);
2758 return MSG_NG;
2759 }
2760 lsah = (struct lsa_header *)((caddr_t)lsah
2761 + OSPF_LSA_HEADER_SIZE);
2762 length -= OSPF_LSA_HEADER_SIZE;
2763 } else {
2764 /* make sure the input buffer is deep enough before
2765 * further checks */
2766 if (lsalen > length) {
2767 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2768 zlog_debug(
2769 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2770 __func__, counted_lsas, lsalen,
2771 length);
2772 return MSG_NG;
2773 }
2774 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2775 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2776 zlog_debug("%s: malformed LSA #%u",
2777 __func__, counted_lsas);
2778 return MSG_NG;
2779 }
2780 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2781 length -= lsalen;
2782 }
2783 counted_lsas++;
2784 }
2785
2786 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2787 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2788 zlog_debug(
2789 "%s: #LSAs declared (%u) does not match actual (%u)",
2790 __func__, declared_num_lsas, counted_lsas);
2791 return MSG_NG;
2792 }
2793 return MSG_OK;
4e31de79
DO		 2794}
2795
75c8eabb 2796/* Verify a complete OSPF packet for proper sizing/alignment. */
d62a17ae 2797static unsigned ospf_packet_examin(struct ospf_header *oh,
2798 const unsigned bytesonwire)
2799{
d7c0a89a 2800 uint16_t bytesdeclared, bytesauth;
d62a17ae 2801 unsigned ret;
2802 struct ospf_ls_update *lsupd;
2803
2804 /* Length, 1st approximation. */
2805 if (bytesonwire < OSPF_HEADER_SIZE) {
2806 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2807 zlog_debug("%s: undersized (%u B) packet", __func__,
2808 bytesonwire);
2809 return MSG_NG;
2810 }
2811 /* Now it is safe to access header fields. Performing length check,
2812 * allow
2813 * for possible extra bytes of crypto auth/padding, which are not
2814 * counted
2815 * in the OSPF header "length" field. */
2816 if (oh->version != OSPF_VERSION) {
2817 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2818 zlog_debug("%s: invalid (%u) protocol version",
2819 __func__, oh->version);
2820 return MSG_NG;
2821 }
2822 bytesdeclared = ntohs(oh->length);
2823 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2824 bytesauth = 0;
2825 else {
2826 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2827 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2828 zlog_debug(
2829 "%s: unsupported crypto auth length (%u B)",
2830 __func__, oh->u.crypt.auth_data_len);
2831 return MSG_NG;
2832 }
2833 bytesauth = OSPF_AUTH_MD5_SIZE;
2834 }
2835 if (bytesdeclared + bytesauth > bytesonwire) {
2836 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2837 zlog_debug(
2838 "%s: packet length error (%u real, %u+%u declared)",
2839 __func__, bytesonwire, bytesdeclared,
2840 bytesauth);
2841 return MSG_NG;
2842 }
2843 /* Length, 2nd approximation. The type-specific constraint is checked
2844 against declared length, not amount of bytes on wire. */
2845 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2846 && bytesdeclared
2847 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2848 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2849 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2850 bytesdeclared,
2851 lookup_msg(ospf_packet_type_str, oh->type,
2852 NULL));
2853 return MSG_NG;
2854 }
2855 switch (oh->type) {
2856 case OSPF_MSG_HELLO:
2857 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2858 followed
2859 by N>=0 router-IDs. */
2860 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2861 % 4
2862 ? MSG_NG
2863 : MSG_OK;
2864 break;
2865 case OSPF_MSG_DB_DESC:
2866 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2867 followed
2868 by N>=0 header-only LSAs. */
2869 ret = ospf_lsaseq_examin(
2870 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2871 + OSPF_DB_DESC_MIN_SIZE),
2872 bytesdeclared - OSPF_HEADER_SIZE
2873 - OSPF_DB_DESC_MIN_SIZE,
2874 1, /* header-only LSAs */
2875 0);
2876 break;
2877 case OSPF_MSG_LS_REQ:
2878 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2879 * request blocks. */
2880 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2881 % OSPF_LSA_KEY_SIZE
2882 ? MSG_NG
2883 : MSG_OK;
2884 break;
2885 case OSPF_MSG_LS_UPD:
2886 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2887 followed
2888 by N>=0 full LSAs (with N declared beforehand). */
2889 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2890 + OSPF_HEADER_SIZE);
2891 ret = ospf_lsaseq_examin(
2892 (struct lsa_header *)((caddr_t)lsupd
2893 + OSPF_LS_UPD_MIN_SIZE),
2894 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2895 0, /* full LSAs */
2896 ntohl(lsupd->num_lsas) /* 32 bits */
9d303b37 2897 );
d62a17ae 2898 break;
2899 case OSPF_MSG_LS_ACK:
2900 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2901 * LSAs. */
2902 ret = ospf_lsaseq_examin(
2903 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2904 + OSPF_LS_ACK_MIN_SIZE),
2905 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2906 1, /* header-only LSAs */
2907 0);
2908 break;
2909 default:
2910 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2911 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2912 oh->type);
2913 return MSG_NG;
2914 }
2915 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2916 zlog_debug("%s: malformed %s packet", __func__,
2917 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2918 return ret;
75c8eabb
DO		 2919}
2920
718e3744 2921/* OSPF Header verification. */
d62a17ae 2922static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2923 struct ip *iph, struct ospf_header *ospfh)
2924{
2925 /* Check Area ID. */
2926 if (!ospf_check_area_id(oi, ospfh)) {
cf444bcf 2927 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 2928 "interface %s: ospf_read invalid Area ID %pI4",
2929 IF_NAME(oi), &ospfh->area_id);
d62a17ae 2930 return -1;
2931 }
718e3744 2932
d62a17ae 2933 /* Check network mask, Silently discarded. */
2934 if (!ospf_check_network_mask(oi, iph->ip_src)) {
c9cc11f6 2935 flog_warn(
cf444bcf 2936 EC_OSPF_PACKET,
96b663a3
MS		 2937 "interface %s: ospf_read network address is not same [%pI4]",
2938 IF_NAME(oi), &iph->ip_src);
d62a17ae 2939 return -1;
2940 }
718e3744 2941
d62a17ae 2942 /* Check authentication. The function handles logging actions, where
2943 * required. */
2944 if (!ospf_check_auth(oi, ospfh))
2945 return -1;
718e3744 2946
d62a17ae 2947 return 0;
718e3744 2948}
2949
02637513
DS		 2950enum ospf_read_return_enum {
2951 OSPF_READ_ERROR,
2952 OSPF_READ_CONTINUE,
2953};
2954
2955static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
d62a17ae 2956{
2957 int ret;
2958 struct stream *ibuf;
d62a17ae 2959 struct ospf_interface *oi;
2960 struct ip *iph;
2961 struct ospf_header *ospfh;
d7c0a89a 2962 uint16_t length;
d62a17ae 2963 struct connected *c;
02637513 2964 struct interface *ifp = NULL;
d62a17ae 2965
02637513
DS		 2966 stream_reset(ospf->ibuf);
2967 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2968 if (ibuf == NULL)
2969 return OSPF_READ_ERROR;
d62a17ae 2970
02637513
DS		 2971 /*
2972 * This raw packet is known to be at least as big as its
2973 * IP header. Note that there should not be alignment problems with
2974 * this assignment because this is at the beginning of the
2975 * stream data buffer.
2976 */
2977 iph = (struct ip *)STREAM_DATA(ibuf);
2978 /*
2979 * Note that sockopt_iphdrincl_swab_systoh was called in
2980 * ospf_recv_packet.
2981 */
2982 if (ifp == NULL) {
4392cc43 2983 /*
02637513
DS		 2984 * Handle cases where the platform does not support
2985 * retrieving the ifindex, and also platforms (such as
2986 * Solaris 8) that claim to support ifindex retrieval but do
2987 * not.
4392cc43 2988 */
02637513
DS		 2989 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2990 ospf->vrf_id);
2991 if (c)
2992 ifp = c->ifp;
868a0861 2993 if (ifp == NULL) {
02637513 2994 if (IS_DEBUG_OSPF_PACKET(0, RECV))
4392cc43 2995 zlog_debug(
96b663a3
MS		 2996 "%s: Unable to determine incoming interface from: %pI4(%s)",
2997 __func__, &iph->ip_src,
02637513
DS		 2998 ospf_get_name(ospf));
2999 return OSPF_READ_CONTINUE;
d62a17ae 3000 }
02637513 3001 }
d62a17ae 3002
096f7609 3003 if (ospf->vrf_id == VRF_DEFAULT && ospf->vrf_id != ifp->vrf->vrf_id) {
555691e9
DS		 3004 /*
3005 * We may have a situation where l3mdev_accept == 1
3006 * let's just kindly drop the packet and move on.
3007 * ospf really really really does not like when
3008 * we receive the same packet multiple times.
3009 */
3010 return OSPF_READ_CONTINUE;
3011 }
3012
02637513
DS		 3013 /* Self-originated packet should be discarded silently. */
3014 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3015 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3016 zlog_debug(
96b663a3
MS		 3017 "ospf_read[%pI4]: Dropping self-originated packet",
3018 &iph->ip_src);
02637513
DS		 3019 }
3020 return OSPF_READ_CONTINUE;
3021 }
d62a17ae 3022
01e3c376
QY		 3023 /* Check that we have enough for an IP header */
3024 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3025 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3026 flog_warn(
3027 EC_OSPF_PACKET,
3028 "Rx'd IP packet with OSPF protocol number but no payload");
3029 } else {
3030 flog_warn(
3031 EC_OSPF_PACKET,
3032 "IP header length field claims header is %u bytes, but we only have %zu",
3033 (unsigned int)(iph->ip_hl << 2),
3034 STREAM_READABLE(ibuf));
3035 }
3036
3037 return OSPF_READ_ERROR;
3038 }
3039 stream_forward_getp(ibuf, iph->ip_hl << 2);
d62a17ae 3040
02637513
DS		 3041 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3042 if (MSG_OK
3043 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3044 - stream_get_getp(ibuf)))
3045 return OSPF_READ_CONTINUE;
3046 /* Now it is safe to access all fields of OSPF packet header. */
4392cc43 3047
02637513
DS		 3048 /* associate packet with ospf interface */
3049 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
4392cc43 3050
02637513
DS		 3051 /*
3052 * ospf_verify_header() relies on a valid "oi" and thus can be called
3053 * only after the passive/backbone/other checks below are passed.
3054 * These checks in turn access the fields of unverified "ospfh"
3055 * structure for their own purposes and must remain very accurate
3056 * in doing this.
3057 */
4392cc43 3058
02637513
DS		 3059 /* If incoming interface is passive one, ignore it. */
3060 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
02637513
DS		 3061 if (IS_DEBUG_OSPF_EVENT)
3062 zlog_debug(
c067e23e
DS		 3063 "ignoring packet from router %pI4 sent to %pI4, received on a passive interface, %pI4",
3064 &ospfh->router_id, &iph->ip_dst,
3065 &oi->address->u.prefix4);
d62a17ae 3066
02637513
DS		 3067 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3068 /* Try to fix multicast membership.
3069 * Some OS:es may have problems in this area,
3070 * make sure it is removed.
3071 */
3072 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
d62a17ae 3073 ospf_if_set_multicast(oi);
3074 }
02637513
DS		 3075 return OSPF_READ_CONTINUE;
3076 }
d62a17ae 3077
02637513
DS		 3078
3079 /* if no local ospf_interface,
3080 * or header area is backbone but ospf_interface is not
3081 * check for VLINK interface
3082 */
3083 if ((oi == NULL)
3084 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3085 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3086 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3087 == NULL) {
3088 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
d62a17ae 3089 zlog_debug(
96b663a3
MS		 3090 "Packet from [%pI4] received on link %s but no ospf_interface",
3091 &iph->ip_src, ifp->name);
02637513 3092 return OSPF_READ_CONTINUE;
d62a17ae 3093 }
02637513 3094 }
d62a17ae 3095
02637513
DS		 3096 /*
3097 * else it must be a local ospf interface, check it was
3098 * received on correct link
3099 */
3100 else if (oi->ifp != ifp) {
3101 if (IS_DEBUG_OSPF_EVENT)
3102 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 3103 "Packet from [%pI4] received on wrong link %s",
3104 &iph->ip_src, ifp->name);
02637513
DS		 3105 return OSPF_READ_CONTINUE;
3106 } else if (oi->state == ISM_Down) {
02637513
DS		 3107 flog_warn(
3108 EC_OSPF_PACKET,
c067e23e
DS		 3109 "Ignoring packet from %pI4 to %pI4 received on interface that is down [%s]; interface flags are %s",
3110 &iph->ip_src, &iph->ip_dst, ifp->name,
3111 if_flag_dump(ifp->flags));
02637513
DS		 3112 /* Fix multicast memberships? */
3113 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3114 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3115 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3116 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3117 if (oi->multicast_memberships)
3118 ospf_if_set_multicast(oi);
3119 return OSPF_READ_CONTINUE;
3120 }
d62a17ae 3121
02637513
DS		 3122 /*
3123 * If the received packet is destined for AllDRouters, the
3124 * packet should be accepted only if the received ospf
3125 * interface state is either DR or Backup -- endo.
3126 *
3127 * I wonder who endo is?
3128 */
3129 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3130 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3131 flog_warn(
3132 EC_OSPF_PACKET,
96b663a3
MS		 3133 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3134 &iph->ip_src, IF_NAME(oi),
02637513
DS		 3135 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3136 /* Try to fix multicast membership. */
3137 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3138 ospf_if_set_multicast(oi);
3139 return OSPF_READ_CONTINUE;
3140 }
3141
3142 /* Verify more OSPF header fields. */
3143 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3144 if (ret < 0) {
3145 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3146 zlog_debug(
96b663a3
MS		 3147 "ospf_read[%pI4]: Header check failed, dropping.",
3148 &iph->ip_src);
02637513
DS		 3149 return OSPF_READ_CONTINUE;
3150 }
3151
3152 /* Show debug receiving packet. */
3153 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3154 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3155 zlog_debug(
3156 "-----------------------------------------------------");
3157 ospf_packet_dump(ibuf);
d62a17ae 3158 }
3159
96b663a3 3160 zlog_debug("%s received from [%pI4] via [%s]",
02637513 3161 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
96b663a3
MS		 3162 &ospfh->router_id, IF_NAME(oi));
3163 zlog_debug(" src [%pI4],", &iph->ip_src);
3164 zlog_debug(" dst [%pI4]", &iph->ip_dst);
d62a17ae 3165
02637513
DS		 3166 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3167 zlog_debug(
3168 "-----------------------------------------------------");
3169 }
d62a17ae 3170
02637513
DS		 3171 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3172
3173 /* Adjust size to message length. */
3174 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3175
3176 /* Read rest of the packet and call each sort of packet routine.
3177 */
3178 switch (ospfh->type) {
3179 case OSPF_MSG_HELLO:
3180 ospf_hello(iph, ospfh, ibuf, oi, length);
3181 break;
3182 case OSPF_MSG_DB_DESC:
3183 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3184 break;
3185 case OSPF_MSG_LS_REQ:
3186 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3187 break;
3188 case OSPF_MSG_LS_UPD:
3189 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3190 break;
3191 case OSPF_MSG_LS_ACK:
3192 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3193 break;
3194 default:
3195 flog_warn(
3196 EC_OSPF_PACKET,
3197 "interface %s(%s): OSPF packet header type %d is illegal",
3198 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3199 break;
3200 }
3201
3202 return OSPF_READ_CONTINUE;
3203}
3204
3205/* Starting point of packet process function. */
cc9f21da 3206void ospf_read(struct thread *thread)
02637513
DS		 3207{
3208 struct ospf *ospf;
3209 int32_t count = 0;
3210 enum ospf_read_return_enum ret;
3211
3212 /* first of all get interface pointer. */
3213 ospf = THREAD_ARG(thread);
3214
3215 /* prepare for next packet. */
3216 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3217
3218 while (count < ospf->write_oi_count) {
3219 count++;
3220 ret = ospf_read_helper(ospf);
3221 switch (ret) {
3222 case OSPF_READ_ERROR:
cc9f21da 3223 return;
02637513 3224 case OSPF_READ_CONTINUE:
4392cc43
DS		 3225 break;
3226 }
d62a17ae 3227 }
718e3744 3228}
3229
3230/* Make OSPF header. */
d62a17ae 3231static void ospf_make_header(int type, struct ospf_interface *oi,
3232 struct stream *s)
718e3744 3233{
d62a17ae 3234 struct ospf_header *ospfh;
718e3744 3235
d62a17ae 3236 ospfh = (struct ospf_header *)STREAM_DATA(s);
718e3744 3237
d7c0a89a
QY		 3238 ospfh->version = (uint8_t)OSPF_VERSION;
3239 ospfh->type = (uint8_t)type;
718e3744 3240
d62a17ae 3241 ospfh->router_id = oi->ospf->router_id;
718e3744 3242
d62a17ae 3243 ospfh->checksum = 0;
3244 ospfh->area_id = oi->area->area_id;
3245 ospfh->auth_type = htons(ospf_auth_type(oi));
718e3744 3246
d62a17ae 3247 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
718e3744 3248
d62a17ae 3249 stream_forward_endp(s, OSPF_HEADER_SIZE);
718e3744 3250}
3251
3252/* Make Authentication Data. */
d62a17ae 3253static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3254{
3255 struct crypt_key *ck;
3256
3257 switch (ospf_auth_type(oi)) {
3258 case OSPF_AUTH_NULL:
0d6f7fd6 3259 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
d62a17ae 3260 */
3261 break;
3262 case OSPF_AUTH_SIMPLE:
3263 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3264 OSPF_AUTH_SIMPLE_SIZE);
3265 break;
3266 case OSPF_AUTH_CRYPTOGRAPHIC:
3267 /* If key is not set, then set 0. */
3268 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3269 ospfh->u.crypt.zero = 0;
3270 ospfh->u.crypt.key_id = 0;
3271 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3272 } else {
3273 ck = listgetdata(
3274 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3275 ospfh->u.crypt.zero = 0;
3276 ospfh->u.crypt.key_id = ck->key_id;
3277 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3278 }
3279 /* note: the seq is done in ospf_make_md5_digest() */
3280 break;
3281 default:
0d6f7fd6 3282 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
d62a17ae 3283 */
3284 break;
718e3744 3285 }
718e3744 3286
d62a17ae 3287 return 0;
718e3744 3288}
3289
3290/* Fill rest of OSPF header. */
d62a17ae 3291static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
d7c0a89a 3292 uint16_t length)
d62a17ae 3293{
3294 struct ospf_header *ospfh;
3295
3296 ospfh = (struct ospf_header *)STREAM_DATA(s);
3297
3298 /* Fill length. */
3299 ospfh->length = htons(length);
3300
3301 /* Calculate checksum. */
3302 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3303 ospfh->checksum = in_cksum(ospfh, length);
3304 else
3305 ospfh->checksum = 0;
3306
3307 /* Add Authentication Data. */
3308 ospf_make_auth(oi, ospfh);
3309}
3310
3311static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3312{
3313 struct ospf_neighbor *nbr;
3314 struct route_node *rn;
d7c0a89a 3315 uint16_t length = OSPF_HELLO_MIN_SIZE;
d62a17ae 3316 struct in_addr mask;
3317 unsigned long p;
3318 int flag = 0;
3319
3320 /* Set netmask of interface. */
3321 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3322 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3323 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3324 masklen2ip(oi->address->prefixlen, &mask);
3325 else
3326 memset((char *)&mask, 0, sizeof(struct in_addr));
3327 stream_put_ipv4(s, mask.s_addr);
3328
3329 /* Set Hello Interval. */
3330 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3331 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3332 else
3333 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3334
3335 if (IS_DEBUG_OSPF_EVENT)
ea892800 3336 zlog_debug("%s: options: %x, int: %s", __func__, OPTIONS(oi),
d62a17ae 3337 IF_NAME(oi));
3338
3339 /* Set Options. */
3340 stream_putc(s, OPTIONS(oi));
3341
3342 /* Set Router Priority. */
3343 stream_putc(s, PRIORITY(oi));
3344
3345 /* Set Router Dead Interval. */
3346 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3347
3348 /* Set Designated Router. */
3349 stream_put_ipv4(s, DR(oi).s_addr);
3350
3351 p = stream_get_endp(s);
3352
3353 /* Set Backup Designated Router. */
3354 stream_put_ipv4(s, BDR(oi).s_addr);
3355
3356 /* Add neighbor seen. */
fe61ceae
DS		 3357 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn)) {
3358 nbr = rn->info;
3359
3360 if (!nbr)
3361 continue;
3362
3363 /* Ignore the 0.0.0.0 node */
3364 if (nbr->router_id.s_addr == INADDR_ANY)
3365 continue;
3366
3367 /* Ignore Down neighbor */
3368 if (nbr->state == NSM_Attempt)
3369 continue;
3370
3371 /* This is myself for DR election */
3372 if (nbr->state == NSM_Down)
3373 continue;
3374
3375 if (IPV4_ADDR_SAME(&nbr->router_id, &oi->ospf->router_id))
3376 continue;
3377 /* Check neighbor is sane? */
3378 if (nbr->d_router.s_addr != INADDR_ANY &&
3379 IPV4_ADDR_SAME(&nbr->d_router, &oi->address->u.prefix4) &&
3380 IPV4_ADDR_SAME(&nbr->bd_router, &oi->address->u.prefix4))
3381 flag = 1;
3382
3383 /* Hello packet overflows interface MTU.
3384 */
3385 if (length + sizeof(uint32_t) > ospf_packet_max(oi)) {
3386 flog_err(
3387 EC_OSPF_LARGE_HELLO,
3388 "Oversized Hello packet! Larger than MTU. Not sending it out");
3389 return 0;
3390 }
3391
3392 stream_put_ipv4(s, nbr->router_id.s_addr);
3393 length += 4;
3394 }
d62a17ae 3395
3396 /* Let neighbor generate BackupSeen. */
3397 if (flag == 1)
3398 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3399
3400 return length;
3401}
3402
3403static int ospf_make_db_desc(struct ospf_interface *oi,
3404 struct ospf_neighbor *nbr, struct stream *s)
3405{
3406 struct ospf_lsa *lsa;
d7c0a89a
QY		 3407 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3408 uint8_t options;
d62a17ae 3409 unsigned long pp;
3410 int i;
3411 struct ospf_lsdb *lsdb;
3412
3413 /* Set Interface MTU. */
3414 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3415 stream_putw(s, 0);
3416 else
3417 stream_putw(s, oi->ifp->mtu);
3418
3419 /* Set Options. */
3420 options = OPTIONS(oi);
3421 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3422 SET_FLAG(options, OSPF_OPTION_O);
3423 stream_putc(s, options);
3424
3425 /* DD flags */
3426 pp = stream_get_endp(s);
3427 stream_putc(s, nbr->dd_flags);
3428
3429 /* Set DD Sequence Number. */
3430 stream_putl(s, nbr->dd_seqnum);
3431
3432 /* shortcut unneeded walk of (empty) summary LSDBs */
3433 if (ospf_db_summary_isempty(nbr))
3434 goto empty;
3435
3436 /* Describe LSA Header from Database Summary List. */
3437 lsdb = &nbr->db_sum;
3438
3439 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3440 struct route_table *table = lsdb->type[i].db;
3441 struct route_node *rn;
3442
3443 for (rn = route_top(table); rn; rn = route_next(rn))
3444 if ((lsa = rn->info) != NULL) {
3445 if (IS_OPAQUE_LSA(lsa->data->type)
3446 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3447 /* Suppress advertising
0437e105 3448 * opaque-information. */
d62a17ae 3449 /* Remove LSA from DB summary list. */
3450 ospf_lsdb_delete(lsdb, lsa);
3451 continue;
3452 }
3453
3454 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3455 struct lsa_header *lsah;
d7c0a89a 3456 uint16_t ls_age;
d62a17ae 3457
3458 /* DD packet overflows interface MTU. */
3459 if (length + OSPF_LSA_HEADER_SIZE
3460 > ospf_packet_max(oi))
3461 break;
3462
3463 /* Keep pointer to LS age. */
3464 lsah = (struct lsa_header
3465 *)(STREAM_DATA(s)
3466 + stream_get_endp(
3467 s));
3468
3469 /* Proceed stream pointer. */
3470 stream_put(s, lsa->data,
3471 OSPF_LSA_HEADER_SIZE);
3472 length += OSPF_LSA_HEADER_SIZE;
3473
3474 /* Set LS age. */
3475 ls_age = LS_AGE(lsa);
3476 lsah->ls_age = htons(ls_age);
3477 }
3478
3479 /* Remove LSA from DB summary list. */
3480 ospf_lsdb_delete(lsdb, lsa);
3481 }
3482 }
718e3744 3483
d62a17ae 3484 /* Update 'More' bit */
3485 if (ospf_db_summary_isempty(nbr)) {
3486 empty:
3487 if (nbr->state >= NSM_Exchange) {
3488 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3489 /* Rewrite DD flags */
3490 stream_putc_at(s, pp, nbr->dd_flags);
3491 } else {
3492 assert(IS_SET_DD_M(nbr->dd_flags));
3493 }
3494 }
3495 return length;
3496}
86f1fd96 3497
d7c0a89a 3498static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
d62a17ae 3499 unsigned long delta, struct ospf_neighbor *nbr,
3500 struct ospf_lsa *lsa)
3501{
3502 struct ospf_interface *oi;
718e3744 3503
d62a17ae 3504 oi = nbr->oi;
718e3744 3505
9570f737
S		 3506 /* LS Request packet overflows interface MTU
3507 * delta is just number of bytes required for 1 LS Req
3508 * ospf_packet_max will return the number of bytes can
f5267398 3509 * be accommodated without ospf header. So length+delta
9570f737
S		 3510 * can be compared to ospf_packet_max
3511 * to check if it can fit another lsreq in the same packet.
3512 */
3513
d62a17ae 3514 if (*length + delta > ospf_packet_max(oi))
3515 return 0;
1eb8ef25 3516
d62a17ae 3517 stream_putl(s, lsa->data->type);
3518 stream_put_ipv4(s, lsa->data->id.s_addr);
3519 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
718e3744 3520
d62a17ae 3521 ospf_lsa_unlock(&nbr->ls_req_last);
3522 nbr->ls_req_last = ospf_lsa_lock(lsa);
59ea14c6 3523
d62a17ae 3524 *length += 12;
3525 return 1;
3526}
718e3744 3527
d62a17ae 3528static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3529{
3530 struct ospf_lsa *lsa;
d7c0a89a 3531 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
9570f737 3532 unsigned long delta = 12;
d62a17ae 3533 struct route_table *table;
3534 struct route_node *rn;
3535 int i;
3536 struct ospf_lsdb *lsdb;
718e3744 3537
d62a17ae 3538 lsdb = &nbr->ls_req;
718e3744 3539
d62a17ae 3540 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3541 table = lsdb->type[i].db;
3542 for (rn = route_top(table); rn; rn = route_next(rn))
3543 if ((lsa = (rn->info)) != NULL)
3544 if (ospf_make_ls_req_func(s, &length, delta,
3545 nbr, lsa)
3546 == 0) {
3547 route_unlock_node(rn);
3548 break;
3549 }
3550 }
3551 return length;
3552}
718e3744 3553
d62a17ae 3554static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3555{
3556 int age;
718e3744 3557
d62a17ae 3558 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
718e3744 3559
d62a17ae 3560 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
718e3744 3561}
3562
d62a17ae 3563static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3564 struct stream *s)
718e3744 3565{
d62a17ae 3566 struct ospf_lsa *lsa;
3567 struct listnode *node;
d7c0a89a 3568 uint16_t length = 0;
d62a17ae 3569 unsigned int size_noauth;
3570 unsigned long delta = stream_get_endp(s);
3571 unsigned long pp;
3572 int count = 0;
3573
3574 if (IS_DEBUG_OSPF_EVENT)
ea892800 3575 zlog_debug("%s: Start", __func__);
d62a17ae 3576
3577 pp = stream_get_endp(s);
3578 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3579 length += OSPF_LS_UPD_MIN_SIZE;
3580
3581 /* Calculate amount of packet usable for data. */
3582 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3583
3584 while ((node = listhead(update)) != NULL) {
3585 struct lsa_header *lsah;
d7c0a89a 3586 uint16_t ls_age;
d62a17ae 3587
d62a17ae 3588 lsa = listgetdata(node);
d62a17ae 3589 assert(lsa->data);
3590
e9505bc6
RW		 3591 if (IS_DEBUG_OSPF_EVENT)
3592 zlog_debug("%s: List Iteration %d LSA[%s]", __func__,
3593 count, dump_lsa_key(lsa));
3594
2ef62909 3595 /* Will it fit? Minimum it has to fit at least one */
9570f737
S		 3596 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3597 (count > 0))
d62a17ae 3598 break;
3599
3600 /* Keep pointer to LS age. */
3601 lsah = (struct lsa_header *)(STREAM_DATA(s)
3602 + stream_get_endp(s));
3603
3604 /* Put LSA to Link State Request. */
3605 stream_put(s, lsa->data, ntohs(lsa->data->length));
718e3744 3606
d62a17ae 3607 /* Set LS age. */
3608 /* each hop must increment an lsa_age by transmit_delay
3609 of OSPF interface */
3610 ls_age = ls_age_increment(lsa,
3611 OSPF_IF_PARAM(oi, transmit_delay));
3612 lsah->ls_age = htons(ls_age);
3613
3614 length += ntohs(lsa->data->length);
3615 count++;
3616
3617 list_delete_node(update, node);
3618 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3619 }
3620
3621 /* Now set #LSAs. */
3622 stream_putl_at(s, pp, count);
3623
3624 if (IS_DEBUG_OSPF_EVENT)
ea892800 3625 zlog_debug("%s: Stop", __func__);
d62a17ae 3626 return length;
718e3744 3627}
3628
d62a17ae 3629static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3630 struct stream *s)
718e3744 3631{
d62a17ae 3632 struct listnode *node, *nnode;
d7c0a89a 3633 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
9570f737 3634 unsigned long delta = OSPF_LSA_HEADER_SIZE;
d62a17ae 3635 struct ospf_lsa *lsa;
718e3744 3636
d62a17ae 3637 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3638 assert(lsa);
718e3744 3639
9570f737
S		 3640 /* LS Ack packet overflows interface MTU
3641 * delta is just number of bytes required for
3642 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
f5267398 3643 * the number of bytes can be accommodated without
9570f737
S		 3644 * ospf header. So length+delta can be compared
3645 * against ospf_packet_max to check if it can fit
3646 * another ls header in the same packet.
3647 */
3648 if ((length + delta) > ospf_packet_max(oi))
d62a17ae 3649 break;
718e3744 3650
d62a17ae 3651 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3652 length += OSPF_LSA_HEADER_SIZE;
3653
3654 listnode_delete(ack, lsa);
3655 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3656 }
3657
3658 return length;
3659}
3660
3661static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3662{
3663 struct ospf_packet *op;
d7c0a89a 3664 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3665
d62a17ae 3666 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3667
d62a17ae 3668 /* Prepare OSPF common header. */
3669 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
718e3744 3670
d62a17ae 3671 /* Prepare OSPF Hello body. */
3672 length += ospf_make_hello(oi, op->s);
9b18d58e
NS		 3673 if (length == OSPF_HEADER_SIZE) {
3674 /* Hello overshooting MTU */
3675 ospf_packet_free(op);
3676 return;
3677 }
718e3744 3678
d62a17ae 3679 /* Fill OSPF header. */
3680 ospf_fill_header(oi, op->s, length);
718e3744 3681
d62a17ae 3682 /* Set packet length. */
3683 op->length = length;
3684
3685 op->dst.s_addr = addr;
3686
b5a8894d
CS		 3687 if (IS_DEBUG_OSPF_EVENT) {
3688 if (oi->ospf->vrf_id)
996c9314
LB		 3689 zlog_debug(
3690 "%s: Hello Tx interface %s ospf vrf %s id %u",
15569c58 3691 __func__, oi->ifp->name,
996c9314
LB		 3692 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3693 oi->ospf->vrf_id);
b5a8894d 3694 }
d62a17ae 3695 /* Add packet to the top of the interface output queue, so that they
3696 * can't get delayed by things like long queues of LS Update packets
3697 */
3698 ospf_packet_add_top(oi, op);
3699
3700 /* Hook thread to write packet. */
3701 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3702}
3703
d62a17ae 3704static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
718e3744 3705{
d62a17ae 3706 struct ospf_interface *oi;
718e3744 3707
d62a17ae 3708 oi = nbr_nbma->oi;
3709 assert(oi);
718e3744 3710
d62a17ae 3711 /* If this is passive interface, do not send OSPF Hello. */
3712 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3713 return;
718e3744 3714
d62a17ae 3715 if (oi->type != OSPF_IFTYPE_NBMA)
3716 return;
718e3744 3717
d62a17ae 3718 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3719 return;
718e3744 3720
d62a17ae 3721 if (PRIORITY(oi) == 0)
3722 return;
718e3744 3723
d62a17ae 3724 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3725 && oi->state != ISM_Backup)
3726 return;
718e3744 3727
d62a17ae 3728 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
718e3744 3729}
3730
cc9f21da 3731void ospf_poll_timer(struct thread *thread)
718e3744 3732{
d62a17ae 3733 struct ospf_nbr_nbma *nbr_nbma;
718e3744 3734
d62a17ae 3735 nbr_nbma = THREAD_ARG(thread);
3736 nbr_nbma->t_poll = NULL;
718e3744 3737
d62a17ae 3738 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
96b663a3
MS		 3739 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3740 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
718e3744 3741
d62a17ae 3742 ospf_poll_send(nbr_nbma);
718e3744 3743
d62a17ae 3744 if (nbr_nbma->v_poll > 0)
3745 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3746 nbr_nbma->v_poll);
718e3744 3747}
3748
3749
cc9f21da 3750void ospf_hello_reply_timer(struct thread *thread)
718e3744 3751{
d62a17ae 3752 struct ospf_neighbor *nbr;
718e3744 3753
d62a17ae 3754 nbr = THREAD_ARG(thread);
3755 nbr->t_hello_reply = NULL;
718e3744 3756
d62a17ae 3757 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
96b663a3
MS		 3758 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3759 IF_NAME(nbr->oi), &nbr->router_id);
718e3744 3760
d62a17ae 3761 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
718e3744 3762}
3763
3764/* Send OSPF Hello. */
d62a17ae 3765void ospf_hello_send(struct ospf_interface *oi)
3766{
3767 /* If this is passive interface, do not send OSPF Hello. */
3768 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3769 return;
3770
3771 if (oi->type == OSPF_IFTYPE_NBMA) {
3772 struct ospf_neighbor *nbr;
3773 struct route_node *rn;
3774
fe61ceae
DS		 3775 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn)) {
3776 nbr = rn->info;
3777 if (!nbr)
3778 continue;
3779
3780 if (nbr == oi->nbr_self)
3781 continue;
3782
3783 if (nbr->state == NSM_Down)
3784 continue;
3785
3786 /*
3787 * RFC 2328 Section 9.5.1
3788 * If the router is not eligible to become Designated
3789 * Router, it must periodically send Hello Packets to
3790 * both the Designated Router and the Backup
3791 * Designated Router (if they exist).
3792 */
3793 if (PRIORITY(oi) == 0 &&
3794 IPV4_ADDR_CMP(&DR(oi), &nbr->address.u.prefix4) &&
3795 IPV4_ADDR_CMP(&BDR(oi), &nbr->address.u.prefix4))
3796 continue;
3797
3798 /*
3799 * If the router is eligible to become Designated
3800 * Router, it must periodically send Hello Packets to
3801 * all neighbors that are also eligible. In addition,
3802 * if the router is itself the Designated Router or
3803 * Backup Designated Router, it must also send periodic
3804 * Hello Packets to all other neighbors.
3805 */
3806 if (nbr->priority == 0 && oi->state == ISM_DROther)
3807 continue;
3808
3809 /* if oi->state == Waiting, send
3810 * hello to all neighbors */
3811 ospf_hello_send_sub(oi, nbr->address.u.prefix4.s_addr);
3812 }
d62a17ae 3813 } else {
3814 /* Decide destination address. */
3815 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3816 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3817 else
3818 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3819 }
718e3744 3820}
3821
3822/* Send OSPF Database Description. */
d62a17ae 3823void ospf_db_desc_send(struct ospf_neighbor *nbr)
718e3744 3824{
d62a17ae 3825 struct ospf_interface *oi;
3826 struct ospf_packet *op;
d7c0a89a 3827 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3828
d62a17ae 3829 oi = nbr->oi;
3830 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3831
d62a17ae 3832 /* Prepare OSPF common header. */
3833 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
718e3744 3834
d62a17ae 3835 /* Prepare OSPF Database Description body. */
3836 length += ospf_make_db_desc(oi, nbr, op->s);
718e3744 3837
d62a17ae 3838 /* Fill OSPF header. */
3839 ospf_fill_header(oi, op->s, length);
718e3744 3840
d62a17ae 3841 /* Set packet length. */
3842 op->length = length;
718e3744 3843
d62a17ae 3844 /* Decide destination address. */
3845 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3846 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3847 else
3848 op->dst = nbr->address.u.prefix4;
718e3744 3849
d62a17ae 3850 /* Add packet to the interface output queue. */
3851 ospf_packet_add(oi, op);
718e3744 3852
d62a17ae 3853 /* Hook thread to write packet. */
3854 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3855
d62a17ae 3856 /* Remove old DD packet, then copy new one and keep in neighbor
3857 * structure. */
3858 if (nbr->last_send)
3859 ospf_packet_free(nbr->last_send);
3860 nbr->last_send = ospf_packet_dup(op);
3861 monotime(&nbr->last_send_ts);
e6a22aeb
SK		 3862 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3863 zlog_info(
96b663a3 3864 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
44076f4d
RW		 3865 ospf_get_name(oi->ospf), &nbr->router_id,
3866 nbr->dd_seqnum, nbr->dd_flags);
718e3744 3867}
3868
3869/* Re-send Database Description. */
d62a17ae 3870void ospf_db_desc_resend(struct ospf_neighbor *nbr)
718e3744 3871{
d62a17ae 3872 struct ospf_interface *oi;
718e3744 3873
d62a17ae 3874 oi = nbr->oi;
718e3744 3875
d62a17ae 3876 /* Add packet to the interface output queue. */
3877 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
718e3744 3878
d62a17ae 3879 /* Hook thread to write packet. */
3880 OSPF_ISM_WRITE_ON(oi->ospf);
e6a22aeb
SK		 3881 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3882 zlog_info(
96b663a3 3883 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
44076f4d
RW		 3884 ospf_get_name(oi->ospf), &nbr->router_id,
3885 nbr->dd_seqnum, nbr->dd_flags);
718e3744 3886}
3887
3888/* Send Link State Request. */
d62a17ae 3889void ospf_ls_req_send(struct ospf_neighbor *nbr)
718e3744 3890{
d62a17ae 3891 struct ospf_interface *oi;
3892 struct ospf_packet *op;
d7c0a89a 3893 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3894
d62a17ae 3895 oi = nbr->oi;
3896 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3897
d62a17ae 3898 /* Prepare OSPF common header. */
3899 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
718e3744 3900
d62a17ae 3901 /* Prepare OSPF Link State Request body. */
3902 length += ospf_make_ls_req(nbr, op->s);
3903 if (length == OSPF_HEADER_SIZE) {
3904 ospf_packet_free(op);
3905 return;
3906 }
718e3744 3907
d62a17ae 3908 /* Fill OSPF header. */
3909 ospf_fill_header(oi, op->s, length);
718e3744 3910
d62a17ae 3911 /* Set packet length. */
3912 op->length = length;
718e3744 3913
d62a17ae 3914 /* Decide destination address. */
3915 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3916 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3917 else
3918 op->dst = nbr->address.u.prefix4;
718e3744 3919
d62a17ae 3920 /* Add packet to the interface output queue. */
3921 ospf_packet_add(oi, op);
718e3744 3922
d62a17ae 3923 /* Hook thread to write packet. */
3924 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3925
d62a17ae 3926 /* Add Link State Request Retransmission Timer. */
3927 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 3928}
3929
3930/* Send Link State Update with an LSA. */
d62a17ae 3931void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3932 int flag)
718e3744 3933{
d62a17ae 3934 struct list *update;
718e3744 3935
d62a17ae 3936 update = list_new();
718e3744 3937
d62a17ae 3938 listnode_add(update, lsa);
046460a1
CS		 3939
3940 /*ospf instance is going down, send self originated
3941 * MAXAGE LSA update to neighbors to remove from LSDB */
3942 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3943 ospf_ls_upd_send(nbr, update, flag, 1);
3944 else
3945 ospf_ls_upd_send(nbr, update, flag, 0);
718e3744 3946
6a154c88 3947 list_delete(&update);
718e3744 3948}
3949
f5267398 3950/* Determine size for packet. Must be at least big enough to accommodate next
68b7339a 3951 * LSA on list, which may be bigger than MTU size.
3952 *
3953 * Return pointer to new ospf_packet
3954 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3955 * on packet sizes (in which case offending LSA is deleted from update list)
3956 */
d62a17ae 3957static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3958 struct ospf_interface *oi)
3959{
3960 struct ospf_lsa *lsa;
3961 struct listnode *ln;
3962 size_t size;
3963 static char warned = 0;
3964
3965 lsa = listgetdata((ln = listhead(update)));
3966 assert(lsa->data);
3967
3968 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3969 > ospf_packet_max(oi)) {
3970 if (!warned) {
c9cc11f6 3971 flog_warn(
cf444bcf 3972 EC_OSPF_LARGE_LSA,
ea892800 3973 "%s: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'",
3974 __func__);
d62a17ae 3975 warned = 1;
3976 }
3977
3978 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3979 zlog_debug(
ea892800 3980 "%s: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
3981 __func__, &lsa->data->id,
d62a17ae 3982 ntohs(lsa->data->length),
96b663a3 3983 &lsa->data->adv_router);
d62a17ae 3984
3985 /*
3986 * Allocate just enough to fit this LSA only, to avoid including
3987 * other
3988 * LSAs in fragmented LSA Updates.
3989 */
3990 size = ntohs(lsa->data->length)
3991 + (oi->ifp->mtu - ospf_packet_max(oi))
3992 + OSPF_LS_UPD_MIN_SIZE;
3993 } else
3994 size = oi->ifp->mtu;
3995
3996 if (size > OSPF_MAX_PACKET_SIZE) {
ea892800 3997 flog_warn(
3998 EC_OSPF_LARGE_LSA,
3999 "%s: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
4000 __func__, &lsa->data->id, ntohs(lsa->data->length),
4001 (long int)size);
d62a17ae 4002 list_delete_node(update, ln);
4003 return NULL;
4004 }
718e3744 4005
d62a17ae 4006 /* IP header is built up separately by ospf_write(). This means, that we
4007 * must
4008 * reduce the "affordable" size just calculated by length of an IP
4009 * header.
4010 * This makes sure, that even if we manage to fill the payload with LSA
4011 * data
4012 * completely, the final packet (our data plus IP header) still fits
4013 * into
4014 * outgoing interface MTU. This correction isn't really meaningful for
4015 * an
4016 * oversized LSA, but for consistency the correction is done for both
4017 * cases.
4018 *
4019 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4020 */
4021 return ospf_packet_new(size - sizeof(struct ip));
718e3744 4022}
4023
d62a17ae 4024static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
046460a1
CS		 4025 struct list *update, struct in_addr addr,
4026 int send_lsupd_now)
718e3744 4027{
d62a17ae 4028 struct ospf_packet *op;
d7c0a89a 4029 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4030
4031 if (IS_DEBUG_OSPF_EVENT)
96b663a3
MS		 4032 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4033 IF_NAME(oi), &addr);
d62a17ae 4034
19274fe8
OD		 4035 /* Check that we have really something to process */
4036 if (listcount(update) == 0)
4037 return;
4038
d62a17ae 4039 op = ospf_ls_upd_packet_new(update, oi);
718e3744 4040
d62a17ae 4041 /* Prepare OSPF common header. */
4042 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
718e3744 4043
d62a17ae 4044 /* Prepare OSPF Link State Update body.
4045 * Includes Type-7 translation.
4046 */
4047 length += ospf_make_ls_upd(oi, update, op->s);
4048
4049 /* Fill OSPF header. */
4050 ospf_fill_header(oi, op->s, length);
4051
4052 /* Set packet length. */
4053 op->length = length;
4054
4055 /* Decide destination address. */
4056 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4057 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4058 else
4059 op->dst.s_addr = addr.s_addr;
4060
4061 /* Add packet to the interface output queue. */
4062 ospf_packet_add(oi, op);
046460a1
CS		 4063 /* Call ospf_write() right away to send ospf packets to neighbors */
4064 if (send_lsupd_now) {
4065 struct thread os_packet_thd;
4066
4067 os_packet_thd.arg = (void *)oi->ospf;
4068 if (oi->on_write_q == 0) {
4069 listnode_add(oi->ospf->oi_write_q, oi);
4070 oi->on_write_q = 1;
4071 }
4072 ospf_write(&os_packet_thd);
4173cc8e
DS		 4073 /*
4074 * We are fake calling ospf_write with a fake
4075 * thread. Imagine that we have oi_a already
4076 * enqueued and we have turned on the write
4077 * thread(t_write).
4078 * Now this function calls this for oi_b
4079 * so the on_write_q has oi_a and oi_b on
4080 * it, ospf_write runs and clears the packets
4081 * for both oi_a and oi_b. Removing them from
4082 * the on_write_q. After this thread of execution
4083 * finishes we will execute the t_write thread
4084 * with nothing in the on_write_q causing an
4085 * assert. So just make sure that the t_write
4086 * is actually turned off.
4087 */
4088 if (list_isempty(oi->ospf->oi_write_q))
cccd44f3 4089 THREAD_OFF(oi->ospf->t_write);
046460a1
CS		 4090 } else {
4091 /* Hook thread to write packet. */
4092 OSPF_ISM_WRITE_ON(oi->ospf);
4093 }
d62a17ae 4094}
4095
cc9f21da 4096static void ospf_ls_upd_send_queue_event(struct thread *thread)
d62a17ae 4097{
4098 struct ospf_interface *oi = THREAD_ARG(thread);
4099 struct route_node *rn;
4100 struct route_node *rnext;
4101 struct list *update;
4102 char again = 0;
4103
4104 oi->t_ls_upd_event = NULL;
4105
4106 if (IS_DEBUG_OSPF_EVENT)
ea892800 4107 zlog_debug("%s start", __func__);
d62a17ae 4108
4109 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4110 rnext = route_next(rn);
4111
4112 if (rn->info == NULL)
4113 continue;
4114
4115 update = (struct list *)rn->info;
4116
046460a1 4117 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
d62a17ae 4118
4119 /* list might not be empty. */
4120 if (listcount(update) == 0) {
6a154c88 4121 list_delete((struct list **)&rn->info);
d62a17ae 4122 route_unlock_node(rn);
4123 } else
4124 again = 1;
4125 }
4126
4127 if (again != 0) {
4128 if (IS_DEBUG_OSPF_EVENT)
4129 zlog_debug(
ea892800 4130 "%s: update lists not cleared, %d nodes to try again, raising new event",
4131 __func__, again);
d62a17ae 4132 oi->t_ls_upd_event = NULL;
4133 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4134 &oi->t_ls_upd_event);
4135 }
4136
4137 if (IS_DEBUG_OSPF_EVENT)
ea892800 4138 zlog_debug("%s stop", __func__);
d62a17ae 4139}
4140
046460a1
CS		 4141void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4142 int send_lsupd_now)
d62a17ae 4143{
4144 struct ospf_interface *oi;
4145 struct ospf_lsa *lsa;
4146 struct prefix_ipv4 p;
4147 struct route_node *rn;
4148 struct listnode *node;
4149
4150 oi = nbr->oi;
4151
4152 p.family = AF_INET;
4153 p.prefixlen = IPV4_MAX_BITLEN;
4154
4155 /* Decide destination address. */
4156 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4157 p.prefix = oi->vl_data->peer_addr;
4158 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4159 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4160 else if (flag == OSPF_SEND_PACKET_DIRECT)
4161 p.prefix = nbr->address.u.prefix4;
4162 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4163 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4164 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4165 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4166 else
4167 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4168
4169 if (oi->type == OSPF_IFTYPE_NBMA) {
4170 if (flag == OSPF_SEND_PACKET_INDIRECT)
c9cc11f6 4171 flog_warn(
cf444bcf 4172 EC_OSPF_PACKET,
d62a17ae 4173 "* LS-Update is directly sent on NBMA network.");
19aad877 4174 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
cf444bcf 4175 flog_warn(EC_OSPF_PACKET,
c9cc11f6 4176 "* LS-Update is sent to myself.");
d62a17ae 4177 }
4178
4179 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4180
4181 if (rn->info == NULL)
4182 rn->info = list_new();
4183 else
4184 route_unlock_node(rn);
4185
4186 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4187 listnode_add(rn->info,
4188 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
046460a1
CS		 4189 if (send_lsupd_now) {
4190 struct list *send_update_list;
f7813c7c 4191 struct route_node *rnext;
d62a17ae 4192
046460a1
CS		 4193 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4194 rnext = route_next(rn);
4195
4196 if (rn->info == NULL)
4197 continue;
4198
4199 send_update_list = (struct list *)rn->info;
4200
4201 ospf_ls_upd_queue_send(oi, send_update_list,
4202 rn->p.u.prefix4, 1);
046460a1
CS		 4203 }
4204 } else
4205 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
996c9314 4206 &oi->t_ls_upd_event);
718e3744 4207}
4208
d62a17ae 4209static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4210 struct in_addr dst)
718e3744 4211{
d62a17ae 4212 struct ospf_packet *op;
d7c0a89a 4213 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4214
4215 op = ospf_packet_new(oi->ifp->mtu);
4216
4217 /* Prepare OSPF common header. */
4218 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4219
4220 /* Prepare OSPF Link State Acknowledgment body. */
4221 length += ospf_make_ls_ack(oi, ack, op->s);
4222
4223 /* Fill OSPF header. */
4224 ospf_fill_header(oi, op->s, length);
718e3744 4225
d62a17ae 4226 /* Set packet length. */
4227 op->length = length;
4228
4229 /* Decide destination address. */
c706f0e3
LB		 4230 if (oi->type == OSPF_IFTYPE_POINTOPOINT ||
4231 oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
d62a17ae 4232 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4233 else
4234 op->dst.s_addr = dst.s_addr;
4235
4236 /* Add packet to the interface output queue. */
4237 ospf_packet_add(oi, op);
4238
4239 /* Hook thread to write packet. */
4240 OSPF_ISM_WRITE_ON(oi->ospf);
4241}
4242
cc9f21da 4243static void ospf_ls_ack_send_event(struct thread *thread)
d62a17ae 4244{
4245 struct ospf_interface *oi = THREAD_ARG(thread);
4246
4247 oi->t_ls_ack_direct = NULL;
4248
4249 while (listcount(oi->ls_ack_direct.ls_ack))
4250 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4251 oi->ls_ack_direct.dst);
d62a17ae 4252}
4253
4254void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4255{
4256 struct ospf_interface *oi = nbr->oi;
4257
5a77dd8f 4258 if (IS_GRACE_LSA(lsa)) {
3f87e1d8 4259 if (IS_DEBUG_OSPF_GR)
5a77dd8f 4260 zlog_debug("%s, Sending GRACE ACK to Restarter.",
a4544597 4261 __func__);
5a77dd8f 4262 }
4263
d62a17ae 4264 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4265 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4266
4267 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4268
4269 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4270 &oi->t_ls_ack_direct);
718e3744 4271}
4272
4273/* Send Link State Acknowledgment delayed. */
d62a17ae 4274void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4275{
4276 struct in_addr dst;
4277
4278 /* Decide destination address. */
4279 /* RFC2328 Section 13.5 On non-broadcast
4280 networks, delayed Link State Acknowledgment packets must be
4281 unicast separately over each adjacency (i.e., neighbor whose
4282 state is >= Exchange). */
4283 if (oi->type == OSPF_IFTYPE_NBMA) {
4284 struct ospf_neighbor *nbr;
4285 struct route_node *rn;
4286
fe61ceae
DS		 4287 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn)) {
4288 nbr = rn->info;
4289
4290 if (!nbr)
4291 continue;
4292
4293 if (nbr != oi->nbr_self && nbr->state >= NSM_Exchange)
4294 while (listcount(oi->ls_ack))
4295 ospf_ls_ack_send_list(
4296 oi, oi->ls_ack,
4297 nbr->address.u.prefix4);
4298 }
d62a17ae 4299 return;
4300 }
4301 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4302 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4303 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4304 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4305 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4306 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4307 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4308 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4309 else
4310 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4311
4312 while (listcount(oi->ls_ack))
4313 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
718e3744 4314}
8b6912c2
DS		 4315
4316/*
4317 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4318 * address. As a result, the kernel does not need to learn the interface
4319 * MAC of the OSPF neighbor. However, in our world, this will delay
4320 * convergence. Take the case when due to a link flap, all routes now
4321 * want to use an interface which was deemed to be costlier prior to this
4322 * event. For routes that will be installed, the missing MAC will have
4323 * punt-to-CPU set on them. This may overload the CPU control path that
4324 * can be avoided if the MAC was known apriori.
4325 */
d62a17ae 4326void ospf_proactively_arp(struct ospf_neighbor *nbr)
4327{
a92706bb 4328 if (!nbr || !nbr->oi->ospf->proactive_arp)
d62a17ae 4329 return;
4330
aa530b62 4331 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
8b6912c2 4332}
FRRouting mirror