]> git.proxmox.com Git - mirror_frr.git/blame - ospfd/ospf_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
*: Rename quagga_timestamp with frr_timestamp
[mirror_frr.git] / ospfd / ospf_packet.c
CommitLineData
718e3744 1/*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
896014f4
DL		 17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
718e3744 20 */
21
22#include <zebra.h>
23
cbf3e3eb 24#include "monotime.h"
718e3744 25#include "thread.h"
26#include "memory.h"
27#include "linklist.h"
28#include "prefix.h"
29#include "if.h"
30#include "table.h"
31#include "sockunion.h"
32#include "stream.h"
33#include "log.h"
2dd8bb4e 34#include "sockopt.h"
484315fd 35#include "checksum.h"
0513a271 36#ifdef CRYPTO_INTERNAL
c1a03d47 37#include "md5.h"
0513a271 38#endif
7e2b7603 39#include "vrf.h"
c9cc11f6 40#include "lib_errors.h"
718e3744 41
42#include "ospfd/ospfd.h"
43#include "ospfd/ospf_network.h"
44#include "ospfd/ospf_interface.h"
45#include "ospfd/ospf_ism.h"
46#include "ospfd/ospf_asbr.h"
47#include "ospfd/ospf_lsa.h"
48#include "ospfd/ospf_lsdb.h"
49#include "ospfd/ospf_neighbor.h"
50#include "ospfd/ospf_nsm.h"
51#include "ospfd/ospf_packet.h"
52#include "ospfd/ospf_spf.h"
53#include "ospfd/ospf_flood.h"
54#include "ospfd/ospf_dump.h"
c9cc11f6 55#include "ospfd/ospf_errors.h"
aa530b62 56#include "ospfd/ospf_zebra.h"
cd52c44c 57#include "ospfd/ospf_gr.h"
718e3744 58
166b75c2
DS		 59/*
60 * OSPF Fragmentation / fragmented writes
61 *
62 * ospfd can support writing fragmented packets, for cases where
63 * kernel will not fragment IP_HDRINCL and/or multicast destined
64 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
65 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
66 * flags fields, hence user-space fragmentation will not work.
67 * Only Linux is known to leave IP header unmolested.
68 * Further, fragmentation really should be done the kernel, which already
69 * supports it, and which avoids nasty IP ID state problems.
70 *
71 * Fragmentation of OSPF packets can be required on networks with router
72 * with many many interfaces active in one area, or on networks with links
73 * with low MTUs.
74 */
75#ifdef GNU_LINUX
76#define WANT_OSPF_WRITE_FRAGMENT
77#endif
78
718e3744 79/* Packet Type String. */
d62a17ae 80const struct message ospf_packet_type_str[] = {
81 {OSPF_MSG_HELLO, "Hello"},
82 {OSPF_MSG_DB_DESC, "Database Description"},
83 {OSPF_MSG_LS_REQ, "Link State Request"},
84 {OSPF_MSG_LS_UPD, "Link State Update"},
85 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
86 {0}};
718e3744 87
75c8eabb
DO		 88/* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
89 particular types, offset is the "type" field of a packet. */
d7c0a89a 90static const uint16_t ospf_packet_minlen[] = {
d62a17ae 91 0,
92 OSPF_HELLO_MIN_SIZE,
93 OSPF_DB_DESC_MIN_SIZE,
94 OSPF_LS_REQ_MIN_SIZE,
95 OSPF_LS_UPD_MIN_SIZE,
96 OSPF_LS_ACK_MIN_SIZE,
75c8eabb
DO		 97};
98
4e31de79
DO		 99/* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
100 types, offset is the "LSA type" field. */
d7c0a89a 101static const uint16_t ospf_lsa_minlen[] = {
07a62e58
DS		 102 0, /* OSPF_UNKNOWN_LSA */
103 OSPF_ROUTER_LSA_MIN_SIZE, /* OSPF_ROUTER_LSA */
104 OSPF_NETWORK_LSA_MIN_SIZE, /* OSPF_NETWORK_LSA */
105 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_SUMMARY_LSA */
106 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_ASBR_SUMMARY_LSA */
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_EXTERNAL_LSA */
108 0, /* Unsupported, OSPF_GROUP_MEMBER_LSA */
109 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_NSSA_LSA */
110 0, /* Unsupported, OSPF_EXTERNAL_ATTRIBURES_LSA */
111 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_LINK_LSA */
112 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AREA_LSA */
113 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AS_LSA */
4e31de79
DO		 114};
115
bd5651f0 116/* for ospf_check_auth() */
d62a17ae 117static int ospf_check_sum(struct ospf_header *);
bd5651f0 118
718e3744 119/* OSPF authentication checking function */
d62a17ae 120static int ospf_auth_type(struct ospf_interface *oi)
718e3744 121{
d62a17ae 122 int auth_type;
718e3744 123
d62a17ae 124 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
125 auth_type = oi->area->auth_type;
126 else
127 auth_type = OSPF_IF_PARAM(oi, auth_type);
718e3744 128
d62a17ae 129 /* Handle case where MD5 key list is not configured aka Cisco */
130 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
131 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
132 return OSPF_AUTH_NULL;
718e3744 133
d62a17ae 134 return auth_type;
718e3744 135}
136
7cec50a5 137static struct ospf_packet *ospf_packet_new(size_t size)
718e3744 138{
d62a17ae 139 struct ospf_packet *new;
718e3744 140
d62a17ae 141 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
142 new->s = stream_new(size);
718e3744 143
d62a17ae 144 return new;
718e3744 145}
146
d62a17ae 147void ospf_packet_free(struct ospf_packet *op)
718e3744 148{
d62a17ae 149 if (op->s)
150 stream_free(op->s);
718e3744 151
d62a17ae 152 XFREE(MTYPE_OSPF_PACKET, op);
718e3744 153}
154
4d762f26 155struct ospf_fifo *ospf_fifo_new(void)
718e3744 156{
d62a17ae 157 struct ospf_fifo *new;
718e3744 158
d62a17ae 159 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
160 return new;
718e3744 161}
162
163/* Add new packet to fifo. */
d62a17ae 164void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
718e3744 165{
d62a17ae 166 if (fifo->tail)
167 fifo->tail->next = op;
168 else
169 fifo->head = op;
718e3744 170
d62a17ae 171 fifo->tail = op;
718e3744 172
d62a17ae 173 fifo->count++;
718e3744 174}
175
aa276fd7 176/* Add new packet to head of fifo. */
d62a17ae 177static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
aa276fd7 178{
d62a17ae 179 op->next = fifo->head;
180
181 if (fifo->tail == NULL)
182 fifo->tail = op;
183
184 fifo->head = op;
185
186 fifo->count++;
aa276fd7
PJ		 187}
188
718e3744 189/* Delete first packet from fifo. */
d62a17ae 190struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
718e3744 191{
d62a17ae 192 struct ospf_packet *op;
718e3744 193
d62a17ae 194 op = fifo->head;
718e3744 195
d62a17ae 196 if (op) {
197 fifo->head = op->next;
718e3744 198
d62a17ae 199 if (fifo->head == NULL)
200 fifo->tail = NULL;
718e3744 201
d62a17ae 202 fifo->count--;
203 }
718e3744 204
d62a17ae 205 return op;
718e3744 206}
207
208/* Return first fifo entry. */
d62a17ae 209struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
718e3744 210{
d62a17ae 211 return fifo->head;
718e3744 212}
213
214/* Flush ospf packet fifo. */
d62a17ae 215void ospf_fifo_flush(struct ospf_fifo *fifo)
718e3744 216{
d62a17ae 217 struct ospf_packet *op;
218 struct ospf_packet *next;
718e3744 219
d62a17ae 220 for (op = fifo->head; op; op = next) {
221 next = op->next;
222 ospf_packet_free(op);
223 }
224 fifo->head = fifo->tail = NULL;
225 fifo->count = 0;
718e3744 226}
227
228/* Free ospf packet fifo. */
d62a17ae 229void ospf_fifo_free(struct ospf_fifo *fifo)
718e3744 230{
d62a17ae 231 ospf_fifo_flush(fifo);
718e3744 232
d62a17ae 233 XFREE(MTYPE_OSPF_FIFO, fifo);
718e3744 234}
235
7cec50a5 236static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
718e3744 237{
d62a17ae 238 /* Add packet to end of queue. */
239 ospf_fifo_push(oi->obuf, op);
718e3744 240
d62a17ae 241 /* Debug of packet fifo*/
242 /* ospf_fifo_debug (oi->obuf); */
718e3744 243}
244
d62a17ae 245static void ospf_packet_add_top(struct ospf_interface *oi,
246 struct ospf_packet *op)
aa276fd7 247{
d62a17ae 248 /* Add packet to head of queue. */
249 ospf_fifo_push_head(oi->obuf, op);
aa276fd7 250
d62a17ae 251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
aa276fd7
PJ		 253}
254
7cec50a5 255static void ospf_packet_delete(struct ospf_interface *oi)
718e3744 256{
d62a17ae 257 struct ospf_packet *op;
258
259 op = ospf_fifo_pop(oi->obuf);
718e3744 260
d62a17ae 261 if (op)
262 ospf_packet_free(op);
718e3744 263}
264
7cec50a5 265static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
718e3744 266{
d62a17ae 267 struct ospf_packet *new;
718e3744 268
d62a17ae 269 if (stream_get_endp(op->s) != op->length)
270 /* XXX size_t */
c9cc11f6 271 zlog_debug(
d62a17ae 272 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
d7c0a89a 273 (unsigned long)STREAM_SIZE(op->s), op->length);
30961a15 274
d62a17ae 275 /* Reserve space for MD5 authentication that may be added later. */
276 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
277 stream_copy(new->s, op->s);
718e3744 278
d62a17ae 279 new->dst = op->dst;
280 new->length = op->length;
718e3744 281
d62a17ae 282 return new;
718e3744 283}
284
86f1fd96 285/* XXX inline */
d62a17ae 286static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
86f1fd96 287{
d62a17ae 288 int auth = 0;
86f1fd96 289
d62a17ae 290 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
291 auth = OSPF_AUTH_MD5_SIZE;
86f1fd96 292
d62a17ae 293 return auth;
86f1fd96 294}
295
d62a17ae 296static unsigned int ospf_packet_max(struct ospf_interface *oi)
718e3744 297{
d62a17ae 298 int max;
718e3744 299
d62a17ae 300 max = oi->ifp->mtu - ospf_packet_authspace(oi);
86f1fd96 301
d62a17ae 302 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
718e3744 303
d62a17ae 304 return max;
718e3744 305}
306
6b0655a2 307
d62a17ae 308static int ospf_check_md5_digest(struct ospf_interface *oi,
309 struct ospf_header *ospfh)
718e3744 310{
0513a271
MR		 311#ifdef CRYPTO_OPENSSL
312 EVP_MD_CTX *ctx;
313#elif CRYPTO_INTERNAL
d62a17ae 314 MD5_CTX ctx;
0513a271 315#endif
d62a17ae 316 unsigned char digest[OSPF_AUTH_MD5_SIZE];
317 struct crypt_key *ck;
318 struct ospf_neighbor *nbr;
d7c0a89a 319 uint16_t length = ntohs(ospfh->length);
d62a17ae 320
321 /* Get secret key. */
322 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
323 ospfh->u.crypt.key_id);
324 if (ck == NULL) {
1c50c1c0
QY		 325 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
326 IF_NAME(oi), ospfh->u.crypt.key_id);
d62a17ae 327 return 0;
328 }
718e3744 329
d62a17ae 330 /* check crypto seqnum. */
331 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
718e3744 332
d62a17ae 333 if (nbr
334 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
c9cc11f6 335 flog_warn(
cf444bcf 336 EC_OSPF_MD5,
d62a17ae 337 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
338 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
339 ntohl(nbr->crypt_seqnum));
340 return 0;
341 }
718e3744 342
d62a17ae 343 /* Generate a digest for the ospf packet - their digest + our digest. */
0513a271
MR		 344#ifdef CRYPTO_OPENSSL
345 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
346 ctx = EVP_MD_CTX_new();
347 EVP_DigestInit(ctx, EVP_md5());
348 EVP_DigestUpdate(ctx, ospfh, length);
349 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
350 EVP_DigestFinal(ctx, digest, &md5_size);
351 EVP_MD_CTX_free(ctx);
352#elif CRYPTO_INTERNAL
d62a17ae 353 memset(&ctx, 0, sizeof(ctx));
354 MD5Init(&ctx);
355 MD5Update(&ctx, ospfh, length);
356 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
357 MD5Final(digest, &ctx);
0513a271 358#endif
d62a17ae 359
360 /* compare the two */
361 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
cf444bcf 362 flog_warn(EC_OSPF_MD5,
c9cc11f6 363 "interface %s: ospf_check_md5 checksum mismatch",
d62a17ae 364 IF_NAME(oi));
365 return 0;
366 }
718e3744 367
d62a17ae 368 /* save neighbor's crypt_seqnum */
369 if (nbr)
370 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
371 return 1;
718e3744 372}
373
374/* This function is called from ospf_write(), it will detect the
375 authentication scheme and if it is MD5, it will change the sequence
376 and update the MD5 digest. */
d62a17ae 377static int ospf_make_md5_digest(struct ospf_interface *oi,
378 struct ospf_packet *op)
379{
380 struct ospf_header *ospfh;
381 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
0513a271
MR		 382#ifdef CRYPTO_OPENSSL
383 EVP_MD_CTX *ctx;
384#elif CRYPTO_INTERNAL
d62a17ae 385 MD5_CTX ctx;
0513a271 386#endif
d62a17ae 387 void *ibuf;
d7c0a89a 388 uint32_t t;
d62a17ae 389 struct crypt_key *ck;
d7c0a89a 390 const uint8_t *auth_key;
d62a17ae 391
392 ibuf = STREAM_DATA(op->s);
393 ospfh = (struct ospf_header *)ibuf;
394
395 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
396 return 0;
397
398 /* We do this here so when we dup a packet, we don't have to
399 waste CPU rewriting other headers.
400
401 Note that quagga_time /deliberately/ is not used here */
402 t = (time(NULL) & 0xFFFFFFFF);
403 if (t > oi->crypt_seqnum)
404 oi->crypt_seqnum = t;
405 else
406 oi->crypt_seqnum++;
407
408 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
409
410 /* Get MD5 Authentication key from auth_key list. */
411 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
d7c0a89a 412 auth_key = (const uint8_t *)digest;
d62a17ae 413 else {
414 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
415 auth_key = ck->auth_key;
416 }
718e3744 417
d62a17ae 418 /* Generate a digest for the entire packet + our secret key. */
0513a271
MR		 419#ifdef CRYPTO_OPENSSL
420 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
421 ctx = EVP_MD_CTX_new();
422 EVP_DigestInit(ctx, EVP_md5());
423 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
424 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 EVP_DigestFinal(ctx, digest, &md5_size);
426 EVP_MD_CTX_free(ctx);
427#elif CRYPTO_INTERNAL
d62a17ae 428 memset(&ctx, 0, sizeof(ctx));
429 MD5Init(&ctx);
430 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
431 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
432 MD5Final(digest, &ctx);
0513a271 433#endif
718e3744 434
d62a17ae 435 /* Append md5 digest to the end of the stream. */
436 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
718e3744 437
d62a17ae 438 /* We do *NOT* increment the OSPF header length. */
439 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
30961a15 440
d62a17ae 441 if (stream_get_endp(op->s) != op->length)
442 /* XXX size_t */
c9cc11f6 443 flog_warn(
cf444bcf 444 EC_OSPF_MD5,
d62a17ae 445 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
d7c0a89a 446 (unsigned long)stream_get_endp(op->s), op->length);
718e3744 447
d62a17ae 448 return OSPF_AUTH_MD5_SIZE;
718e3744 449}
450
6b0655a2 451
d62a17ae 452static int ospf_ls_req_timer(struct thread *thread)
718e3744 453{
d62a17ae 454 struct ospf_neighbor *nbr;
718e3744 455
d62a17ae 456 nbr = THREAD_ARG(thread);
457 nbr->t_ls_req = NULL;
718e3744 458
d62a17ae 459 /* Send Link State Request. */
460 if (ospf_ls_request_count(nbr))
461 ospf_ls_req_send(nbr);
718e3744 462
d62a17ae 463 /* Set Link State Request retransmission timer. */
464 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 465
d62a17ae 466 return 0;
718e3744 467}
468
d62a17ae 469void ospf_ls_req_event(struct ospf_neighbor *nbr)
718e3744 470{
b3d6bc6e 471 thread_cancel(&nbr->t_ls_req);
d62a17ae 472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
718e3744 473}
474
475/* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
d62a17ae 477int ospf_ls_upd_timer(struct thread *thread)
478{
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
718e3744 524
d62a17ae 525 if (listcount(update) > 0)
996c9314
LB		 526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
6a154c88 528 list_delete(&update);
718e3744 529 }
530
d62a17ae 531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
718e3744 533
d62a17ae 534 return 0;
718e3744 535}
536
d62a17ae 537int ospf_ls_ack_timer(struct thread *thread)
718e3744 538{
d62a17ae 539 struct ospf_interface *oi;
718e3744 540
d62a17ae 541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
718e3744 543
d62a17ae 544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
718e3744 547
d62a17ae 548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
718e3744 550
d62a17ae 551 return 0;
718e3744 552}
553
0bfeca3f 554#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 555static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
d7c0a89a 557 unsigned int mtu, int flags, uint8_t type)
0bfeca3f 558{
559#define OSPF_WRITE_FRAG_SHIFT 3
d7c0a89a 560 uint16_t offset;
d62a17ae 561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
c9cc11f6 603 flog_err(
450971aa 604 EC_LIB_SOCKET,
96b663a3
MS		 605 "*** ospf_write_frags: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
606 &iph->ip_dst, iph->ip_id, iph->ip_off,
d62a17ae 607 iph->ip_len, mtu, safe_strerror(errno));
608
609 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
610 zlog_debug(
96b663a3 611 "ospf_write_frags: sent id %d, off %d, len %d to %pI4",
d62a17ae 612 iph->ip_id, iph->ip_off, iph->ip_len,
96b663a3 613 &iph->ip_dst);
d62a17ae 614 }
615
616 iph->ip_off += offset;
617 stream_forward_getp(op->s, iovp->iov_len);
2d34fb80 618 iovp->iov_base = stream_pnt(op->s);
d62a17ae 619 }
620
621 /* setup for final fragment */
622 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
623 iph->ip_len = iovp->iov_len + sizeof(struct ip);
624 iph->ip_off &= (~IP_MF);
0bfeca3f 625}
626#endif /* WANT_OSPF_WRITE_FRAGMENT */
627
d62a17ae 628static int ospf_write(struct thread *thread)
629{
630 struct ospf *ospf = THREAD_ARG(thread);
631 struct ospf_interface *oi;
632 struct ospf_interface *last_serviced_oi = NULL;
633 struct ospf_packet *op;
634 struct sockaddr_in sa_dst;
635 struct ip iph;
636 struct msghdr msg;
637 struct iovec iov[2];
d7c0a89a 638 uint8_t type;
d62a17ae 639 int ret;
640 int flags = 0;
641 struct listnode *node;
0bfeca3f 642#ifdef WANT_OSPF_WRITE_FRAGMENT
d7c0a89a
QY		 643 static uint16_t ipid = 0;
644 uint16_t maxdatasize;
9d303b37 645#endif /* WANT_OSPF_WRITE_FRAGMENT */
68b7339a 646#define OSPF_WRITE_IPHL_SHIFT 2
d62a17ae 647 int pkt_count = 0;
e1b18df1
CS		 648
649#ifdef GNU_LINUX
3e300703 650 unsigned char cmsgbuf[64] = {};
e7503eab
CS		 651 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
652 struct in_pktinfo *pi;
e1b18df1 653#endif
d62a17ae 654
c32eba04
CS		 655 if (ospf->fd < 0 || ospf->oi_running == 0) {
656 if (IS_DEBUG_OSPF_EVENT)
657 zlog_debug(
96b663a3
MS		 658 "ospf_write failed to send, fd %d, instance %u",
659 ospf->fd, ospf->oi_running);
c32eba04
CS		 660 return -1;
661 }
662
d62a17ae 663 node = listhead(ospf->oi_write_q);
664 assert(node);
665 oi = listgetdata(node);
0bfeca3f 666
667#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 668 /* seed ipid static with low order bits of time */
669 if (ipid == 0)
670 ipid = (time(NULL) & 0xffff);
0bfeca3f 671#endif /* WANT_OSPF_WRITE_FRAGMENT */
672
d62a17ae 673 while ((pkt_count < ospf->write_oi_count) && oi
674 && (last_serviced_oi != oi)) {
675 /* If there is only packet in the queue, the oi is removed from
676 write-q, so fix up the last interface that was serviced */
677 if (last_serviced_oi == NULL) {
678 last_serviced_oi = oi;
679 }
680 pkt_count++;
233cc0fb 681#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 682 /* convenience - max OSPF data per packet */
683 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
233cc0fb 684#endif /* WANT_OSPF_WRITE_FRAGMENT */
d62a17ae 685 /* Get one packet from queue. */
686 op = ospf_fifo_head(oi->obuf);
687 assert(op);
688 assert(op->length >= OSPF_HEADER_SIZE);
689
690 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
691 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
692 ospf_if_ipmulticast(ospf, oi->address,
693 oi->ifp->ifindex);
694
695 /* Rewrite the md5 signature & update the seq */
696 ospf_make_md5_digest(oi, op);
697
698 /* Retrieve OSPF packet type. */
699 stream_set_getp(op->s, 1);
700 type = stream_getc(op->s);
701
702 /* reset get pointer */
703 stream_set_getp(op->s, 0);
704
705 memset(&iph, 0, sizeof(struct ip));
706 memset(&sa_dst, 0, sizeof(sa_dst));
707
708 sa_dst.sin_family = AF_INET;
6f0e3f6e 709#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
d62a17ae 710 sa_dst.sin_len = sizeof(sa_dst);
6f0e3f6e 711#endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
d62a17ae 712 sa_dst.sin_addr = op->dst;
713 sa_dst.sin_port = htons(0);
714
715 /* Set DONTROUTE flag if dst is unicast. */
716 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
717 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
718 flags = MSG_DONTROUTE;
719
720 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
721 /* it'd be very strange for header to not be 4byte-word aligned
722 * but.. */
723 if (sizeof(struct ip)
724 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
0d6f7fd6 725 iph.ip_hl++; /* we presume sizeof(struct ip) cant
d62a17ae 726 overflow ip_hl.. */
727
728 iph.ip_v = IPVERSION;
729 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
730 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
68b7339a 731
0150c9c9 732#if defined(__DragonFly__)
d62a17ae 733 /*
734 * DragonFly's raw socket expects ip_len/ip_off in network byte
735 * order.
736 */
737 iph.ip_len = htons(iph.ip_len);
0150c9c9
DB		 738#endif
739
0bfeca3f 740#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 741 /* XXX-MT: not thread-safe at all..
742 * XXX: this presumes this is only programme sending OSPF
743 * packets
744 * otherwise, no guarantee ipid will be unique
745 */
746 iph.ip_id = ++ipid;
0bfeca3f 747#endif /* WANT_OSPF_WRITE_FRAGMENT */
748
d62a17ae 749 iph.ip_off = 0;
750 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
751 iph.ip_ttl = OSPF_VL_IP_TTL;
752 else
753 iph.ip_ttl = OSPF_IP_TTL;
754 iph.ip_p = IPPROTO_OSPFIGP;
755 iph.ip_sum = 0;
756 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
757 iph.ip_dst.s_addr = op->dst.s_addr;
758
759 memset(&msg, 0, sizeof(msg));
760 msg.msg_name = (caddr_t)&sa_dst;
761 msg.msg_namelen = sizeof(sa_dst);
762 msg.msg_iov = iov;
763 msg.msg_iovlen = 2;
e7503eab 764
d62a17ae 765 iov[0].iov_base = (char *)&iph;
766 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
2d34fb80 767 iov[1].iov_base = stream_pnt(op->s);
d62a17ae 768 iov[1].iov_len = op->length;
769
e1b18df1
CS		 770#ifdef GNU_LINUX
771 msg.msg_control = (caddr_t)cm;
e7503eab
CS		 772 cm->cmsg_level = SOL_IP;
773 cm->cmsg_type = IP_PKTINFO;
774 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
775 pi = (struct in_pktinfo *)CMSG_DATA(cm);
776 pi->ipi_ifindex = oi->ifp->ifindex;
777
778 msg.msg_controllen = cm->cmsg_len;
e1b18df1 779#endif
e7503eab 780
996c9314
LB		 781/* Sadly we can not rely on kernels to fragment packets
782 * because of either IP_HDRINCL and/or multicast
783 * destination being set.
784 */
e7503eab 785
0bfeca3f 786#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 787 if (op->length > maxdatasize)
788 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
789 oi->ifp->mtu, flags, type);
0bfeca3f 790#endif /* WANT_OSPF_WRITE_FRAGMENT */
718e3744 791
d62a17ae 792 /* send final fragment (could be first) */
793 sockopt_iphdrincl_swab_htosys(&iph);
794 ret = sendmsg(ospf->fd, &msg, flags);
795 sockopt_iphdrincl_swab_systoh(&iph);
796 if (IS_DEBUG_OSPF_EVENT)
797 zlog_debug(
96b663a3
MS		 798 "ospf_write to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
799 &iph.ip_dst, iph.ip_id, iph.ip_off,
d62a17ae 800 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
801
68696746
RD		 802 /* sendmsg will return EPERM if firewall is blocking sending.
803 * This is a normal situation when 'ip nhrp map multicast xxx'
804 * is being used to send multicast packets to DMVPN peers. In
805 * that case the original message is blocked with iptables rule
806 * causing the EPERM result
807 */
808 if (ret < 0 && errno != EPERM)
c9cc11f6 809 flog_err(
450971aa 810 EC_LIB_SOCKET,
96b663a3
MS		 811 "*** sendmsg in ospf_write failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
812 &iph.ip_dst, iph.ip_id, iph.ip_off,
d62a17ae 813 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
814 safe_strerror(errno));
815
816 /* Show debug sending packet. */
817 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
818 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
819 zlog_debug(
820 "-----------------------------------------------------");
d62a17ae 821 stream_set_getp(op->s, 0);
822 ospf_packet_dump(op->s);
823 }
824
96b663a3 825 zlog_debug("%s sent to [%pI4] via [%s].",
d62a17ae 826 lookup_msg(ospf_packet_type_str, type, NULL),
96b663a3 827 &op->dst, IF_NAME(oi));
d62a17ae 828
829 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
830 zlog_debug(
831 "-----------------------------------------------------");
832 }
833
c9339663 834 switch (type) {
996c9314
LB		 835 case OSPF_MSG_HELLO:
836 oi->hello_out++;
837 break;
838 case OSPF_MSG_DB_DESC:
839 oi->db_desc_out++;
840 break;
841 case OSPF_MSG_LS_REQ:
842 oi->ls_req_out++;
843 break;
844 case OSPF_MSG_LS_UPD:
845 oi->ls_upd_out++;
846 break;
847 case OSPF_MSG_LS_ACK:
848 oi->ls_ack_out++;
849 break;
850 default:
851 break;
c9339663
CS		 852 }
853
d62a17ae 854 /* Now delete packet from queue. */
855 ospf_packet_delete(oi);
856
857 /* Move this interface to the tail of write_q to
858 serve everyone in a round robin fashion */
859 list_delete_node(ospf->oi_write_q, node);
860 if (ospf_fifo_head(oi->obuf) == NULL) {
861 oi->on_write_q = 0;
862 last_serviced_oi = NULL;
863 oi = NULL;
864 } else {
865 listnode_add(ospf->oi_write_q, oi);
e8f45e82 866 }
d62a17ae 867
868 /* Setup to service from the head of the queue again */
869 if (!list_isempty(ospf->oi_write_q)) {
870 node = listhead(ospf->oi_write_q);
d62a17ae 871 oi = listgetdata(node);
d62a17ae 872 }
873 }
874
875 /* If packets still remain in queue, call write thread. */
4bb420ab 876 if (!list_isempty(ospf->oi_write_q))
d62a17ae 877 thread_add_write(master, ospf_write, ospf, ospf->fd,
878 &ospf->t_write);
718e3744 879
d62a17ae 880 return 0;
718e3744 881}
882
883/* OSPF Hello message read -- RFC2328 Section 10.5. */
d62a17ae 884static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
885 struct stream *s, struct ospf_interface *oi, int size)
886{
887 struct ospf_hello *hello;
888 struct ospf_neighbor *nbr;
889 int old_state;
890 struct prefix p;
891
892 /* increment statistics. */
893 oi->hello_in++;
894
2d34fb80 895 hello = (struct ospf_hello *)stream_pnt(s);
d62a17ae 896
897 /* If Hello is myself, silently discard. */
898 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
899 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
900 zlog_debug(
96b663a3 901 "ospf_header[%s/%pI4]: selforiginated, dropping.",
d62a17ae 902 lookup_msg(ospf_packet_type_str, ospfh->type,
903 NULL),
96b663a3 904 &iph->ip_src);
d62a17ae 905 }
906 return;
907 }
908
909 /* get neighbor prefix. */
910 p.family = AF_INET;
911 p.prefixlen = ip_masklen(hello->network_mask);
912 p.u.prefix4 = iph->ip_src;
913
914 /* Compare network mask. */
915 /* Checking is ignored for Point-to-Point and Virtual link. */
0c5506a8 916 /* Checking is also ignored for Point-to-Multipoint with /32 prefix */
d62a17ae 917 if (oi->type != OSPF_IFTYPE_POINTOPOINT
0c5506a8
AL		 918 && oi->type != OSPF_IFTYPE_VIRTUALLINK
919 && !(oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
920 && oi->address->prefixlen == IPV4_MAX_BITLEN))
d62a17ae 921 if (oi->address->prefixlen != p.prefixlen) {
c9cc11f6 922 flog_warn(
cf444bcf 923 EC_OSPF_PACKET,
96b663a3
MS		 924 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
925 &ospfh->router_id, IF_NAME(oi),
d62a17ae 926 (int)oi->address->prefixlen, (int)p.prefixlen);
927 return;
928 }
929
930 /* Compare Router Dead Interval. */
931 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
cf444bcf 932 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 933 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
934 &ospfh->router_id,
c9cc11f6
DS		 935 OSPF_IF_PARAM(oi, v_wait),
936 ntohl(hello->dead_interval));
d62a17ae 937 return;
938 }
939
940 /* Compare Hello Interval - ignored if fast-hellos are set. */
941 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
942 if (OSPF_IF_PARAM(oi, v_hello)
943 != ntohs(hello->hello_interval)) {
c9cc11f6 944 flog_warn(
cf444bcf 945 EC_OSPF_PACKET,
96b663a3
MS		 946 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
947 &ospfh->router_id,
d62a17ae 948 OSPF_IF_PARAM(oi, v_hello),
949 ntohs(hello->hello_interval));
950 return;
951 }
952 }
953
954 if (IS_DEBUG_OSPF_EVENT)
96b663a3
MS		 955 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
956 &ospfh->router_id,
b5a8894d
CS		 957 ospf_options_dump(hello->options),
958 ospf_vrf_id_to_name(oi->ospf->vrf_id));
d62a17ae 959
960/* Compare options. */
718e3744 961#define REJECT_IF_TBIT_ON 1 /* XXX */
962#ifdef REJECT_IF_TBIT_ON
d62a17ae 963 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
964 /*
965 * This router does not support non-zero TOS.
966 * Drop this Hello packet not to establish neighbor
967 * relationship.
968 */
cf444bcf 969 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 970 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
971 &ospfh->router_id);
d62a17ae 972 return;
973 }
718e3744 974#endif /* REJECT_IF_TBIT_ON */
975
d62a17ae 976 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
977 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
978 /*
979 * This router does know the correct usage of O-bit
980 * the bit should be set in DD packet only.
981 */
cf444bcf 982 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 983 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
984 &ospfh->router_id);
718e3744 985#ifdef STRICT_OBIT_USAGE_CHECK
d62a17ae 986 return; /* Reject this packet. */
987#else /* STRICT_OBIT_USAGE_CHECK */
988 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
989#endif /* STRICT_OBIT_USAGE_CHECK */
990 }
718e3744 991
d62a17ae 992 /* new for NSSA is to ensure that NP is on and E is off */
993
994 if (oi->area->external_routing == OSPF_AREA_NSSA) {
995 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
996 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
997 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
998 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
c9cc11f6 999 flog_warn(
cf444bcf 1000 EC_OSPF_PACKET,
96b663a3
MS		 1001 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
1002 &ospfh->router_id, OPTIONS(oi),
d62a17ae 1003 hello->options);
1004 return;
1005 }
1006 if (IS_DEBUG_OSPF_NSSA)
96b663a3
MS		 1007 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
1008 &ospfh->router_id);
d62a17ae 1009 } else
1010 /* The setting of the E-bit found in the Hello Packet's Options
1011 field must match this area's ExternalRoutingCapability A
1012 mismatch causes processing to stop and the packet to be
1013 dropped. The setting of the rest of the bits in the Hello
1014 Packet's Options field should be ignored. */
1015 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1016 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
c9cc11f6 1017 flog_warn(
cf444bcf 1018 EC_OSPF_PACKET,
96b663a3
MS		 1019 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
1020 &ospfh->router_id, OPTIONS(oi),
d62a17ae 1021 hello->options);
1022 return;
1023 }
718e3744 1024
d62a17ae 1025 /* get neighbour struct */
1026 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1027
1028 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1029 assert(nbr);
1030
1031 old_state = nbr->state;
1032
1033 /* Add event to thread. */
874a549d 1034 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_HelloReceived);
d62a17ae 1035
1036 /* RFC2328 Section 9.5.1
1037 If the router is not eligible to become Designated Router,
1038 (snip) It must also send an Hello Packet in reply to an
1039 Hello Packet received from any eligible neighbor (other than
1040 the current Designated Router and Backup Designated Router). */
1041 if (oi->type == OSPF_IFTYPE_NBMA)
1042 if (PRIORITY(oi) == 0 && hello->priority > 0
1043 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1044 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1045 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1046 ospf_hello_reply_timer,
1047 OSPF_HELLO_REPLY_DELAY);
1048
1049 /* on NBMA network type, it happens to receive bidirectional Hello
1050 packet
1051 without advance 1-Way Received event.
1052 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1053 if (oi->type == OSPF_IFTYPE_NBMA
1054 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1055 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1056 nbr->priority = hello->priority;
1057 nbr->d_router = hello->d_router;
1058 nbr->bd_router = hello->bd_router;
1059 return;
1060 }
1061
1062 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1063 size - OSPF_HELLO_MIN_SIZE)) {
1064 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1065 nbr->options |= hello->options;
1066 } else {
5a77dd8f 1067 /* If the router is DR_OTHER, RESTARTER will not wait
1068 * until it receives the hello from it if it receives
1069 * from DR and BDR.
1070 * So, helper might receives ONW_WAY hello from
1071 * RESTARTER. So not allowing to change the state if it
1072 * receives one_way hellow when it acts as HELPER for
1073 * that specific neighbor.
1074 */
1075 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1076 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
d62a17ae 1077 /* Set neighbor information. */
1078 nbr->priority = hello->priority;
1079 nbr->d_router = hello->d_router;
1080 nbr->bd_router = hello->bd_router;
1081 return;
1082 }
1083
d51715bb
MR		 1084 if (OSPF_GR_IS_ACTIVE_HELPER(nbr)) {
1085 /* As per the GR Conformance Test Case 7.2. Section 3
1086 * "Also, if X was the Designated Router on network segment S
1087 * when the helping relationship began, Y maintains X as the
1088 * Designated Router until the helping relationship is
1089 * terminated."
1090 * When I am helper for this neighbor, I should not trigger the
1091 * ISM Events. Also Intentionally not setting the priority and
1092 * other fields so that when the neighbor exits the Grace
1093 * period, it can handle if there is any change before GR and
1094 * after GR. */
1095 if (IS_DEBUG_OSPF_GR)
1096 zlog_debug(
1097 "%s, Neighbor is under GR Restart, hence ignoring the ISM Events",
1098 __PRETTY_FUNCTION__);
3ebf9d34
RW		 1099 } else {
1100 /* If neighbor itself declares DR and no BDR exists,
1101 cause event BackupSeen */
1102 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1103 if (hello->bd_router.s_addr == INADDR_ANY
1104 && oi->state == ISM_Waiting)
1105 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1106
1107 /* neighbor itself declares BDR. */
1108 if (oi->state == ISM_Waiting
1109 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1110 &hello->bd_router))
d62a17ae 1111 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1112
3ebf9d34
RW		 1113 /* had not previously. */
1114 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1115 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1116 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1117 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1118 &nbr->d_router)))
1119 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1120
1121 /* had not previously. */
1122 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1123 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1124 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4,
1125 &hello->bd_router)
1126 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1127 &nbr->bd_router)))
1128 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1129
1130 /* Neighbor priority check. */
1131 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1132 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1133 }
d62a17ae 1134
1135 /* Set neighbor information. */
1136 nbr->priority = hello->priority;
1137 nbr->d_router = hello->d_router;
1138 nbr->bd_router = hello->bd_router;
ab6edbfe
RW		 1139
1140 /*
1141 * RFC 3623 - Section 2:
1142 * "If the restarting router determines that it was the Designated
1143 * Router on a given segment prior to the restart, it elects
1144 * itself as the Designated Router again. The restarting router
1145 * knows that it was the Designated Router if, while the
1146 * associated interface is in Waiting state, a Hello packet is
1147 * received from a neighbor listing the router as the Designated
1148 * Router".
1149 */
1150 if (oi->area->ospf->gr_info.restart_in_progress
1151 && oi->state == ISM_Waiting
1152 && IPV4_ADDR_SAME(&hello->d_router, &oi->address->u.prefix4))
1153 DR(oi) = hello->d_router;
718e3744 1154}
1155
1156/* Save DD flags/options/Seqnum received. */
d62a17ae 1157static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1158 struct ospf_db_desc *dd)
718e3744 1159{
d62a17ae 1160 nbr->last_recv.flags = dd->flags;
1161 nbr->last_recv.options = dd->options;
1162 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
718e3744 1163}
1164
1165/* Process rest of DD packet. */
d62a17ae 1166static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1167 struct ospf_neighbor *nbr,
d7c0a89a 1168 struct ospf_db_desc *dd, uint16_t size)
d62a17ae 1169{
1170 struct ospf_lsa *new, *find;
1171 struct lsa_header *lsah;
1172
1173 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1174 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1175 size -= OSPF_LSA_HEADER_SIZE) {
2d34fb80 1176 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1177 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1178
1179 /* Unknown LS type. */
1180 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1181 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1182 "Packet [DD:RECV]: Unknown LS type %d.",
d62a17ae 1183 lsah->type);
1184 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1185 return;
1186 }
1187
1188 if (IS_OPAQUE_LSA(lsah->type)
1189 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
cf444bcf 1190 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1191 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1192 lsah->type, &lsah->id);
d62a17ae 1193 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1194 return;
1195 }
1196
1197 switch (lsah->type) {
1198 case OSPF_AS_EXTERNAL_LSA:
1199 case OSPF_OPAQUE_AS_LSA:
1200 /* Check for stub area. Reject if AS-External from stub
1201 but
1202 allow if from NSSA. */
1203 if (oi->area->external_routing == OSPF_AREA_STUB) {
c9cc11f6 1204 flog_warn(
cf444bcf 1205 EC_OSPF_PACKET,
96b663a3
MS		 1206 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1207 lsah->type, &lsah->id,
d62a17ae 1208 (oi->area->external_routing
1209 == OSPF_AREA_STUB)
1210 ? "STUB"
1211 : "NSSA");
1212 OSPF_NSM_EVENT_SCHEDULE(nbr,
1213 NSM_SeqNumberMismatch);
1214 return;
1215 }
1216 break;
1217 default:
1218 break;
1219 }
1220
1221 /* Create LS-request object. */
1222 new = ospf_ls_request_new(lsah);
1223
1224 /* Lookup received LSA, then add LS request list. */
1225 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1226
1227 /* ospf_lsa_more_recent is fine with NULL pointers */
1228 switch (ospf_lsa_more_recent(find, new)) {
1229 case -1:
1230 /* Neighbour has a more recent LSA, we must request it
1231 */
1232 ospf_ls_request_add(nbr, new);
1233 /* fallthru */
1234 case 0:
1235 /* If we have a copy of this LSA, it's either less
1236 * recent
1237 * and we're requesting it from neighbour (the case
1238 * above), or
1239 * it's as recent and we both have same copy (this
1240 * case).
1241 *
1242 * In neither of these two cases is there any point in
1243 * describing our copy of the LSA to the neighbour in a
1244 * DB-Summary packet, if we're still intending to do so.
1245 *
1246 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1247 * backward compatible optimisation to OSPF DB Exchange
1248 * /
1249 * DB Description process implemented here.
1250 */
1251 if (find)
1252 ospf_lsdb_delete(&nbr->db_sum, find);
1253 ospf_lsa_discard(new);
1254 break;
1255 default:
1256 /* We have the more recent copy, nothing specific to do:
1257 * - no need to request neighbours stale copy
1258 * - must leave DB summary list copy alone
1259 */
1260 if (IS_DEBUG_OSPF_EVENT)
1261 zlog_debug(
96b663a3
MS		 1262 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1263 lsah->type, &lsah->id);
d62a17ae 1264 ospf_lsa_discard(new);
1265 }
1266 }
1267
1268 /* Master */
1269 if (IS_SET_DD_MS(nbr->dd_flags)) {
1270 nbr->dd_seqnum++;
1271
1272 /* Both sides have no More, then we're done with Exchange */
1273 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1274 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1275 else
1276 ospf_db_desc_send(nbr);
1277 }
1278 /* Slave */
1279 else {
1280 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1281
1282 /* Send DD packet in reply.
1283 *
1284 * Must be done to acknowledge the Master's DD, regardless of
1285 * whether we have more LSAs ourselves to describe.
1286 *
1287 * This function will clear the 'More' bit, if after this DD
1288 * we have no more LSAs to describe to the master..
1289 */
1290 ospf_db_desc_send(nbr);
1291
1292 /* Slave can raise ExchangeDone now, if master is also done */
1293 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1294 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1295 }
1296
1297 /* Save received neighbor values from DD. */
1298 ospf_db_desc_save_current(nbr, dd);
1299
1300 if (!nbr->t_ls_req)
1301 ospf_ls_req_send(nbr);
1302}
1303
1304static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1305 struct ospf_neighbor *nbr)
1306{
1307 /* Is DD duplicated? */
1308 if (dd->options == nbr->last_recv.options
1309 && dd->flags == nbr->last_recv.flags
1310 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1311 return 1;
1312
1313 return 0;
718e3744 1314}
1315
1316/* OSPF Database Description message read -- RFC2328 Section 10.6. */
d62a17ae 1317static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1318 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1319 uint16_t size)
d62a17ae 1320{
1321 struct ospf_db_desc *dd;
1322 struct ospf_neighbor *nbr;
d363df2c 1323
d62a17ae 1324 /* Increment statistics. */
1325 oi->db_desc_in++;
718e3744 1326
2d34fb80 1327 dd = (struct ospf_db_desc *)stream_pnt(s);
d62a17ae 1328
1329 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1330 if (nbr == NULL) {
96b663a3
MS		 1331 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1332 &ospfh->router_id);
d62a17ae 1333 return;
718e3744 1334 }
d62a17ae 1335
1336 /* Check MTU. */
1337 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1338 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
c9cc11f6 1339 flog_warn(
cf444bcf 1340 EC_OSPF_PACKET,
96b663a3
MS		 1341 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1342 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
d62a17ae 1343 oi->ifp->mtu);
1344 return;
718e3744 1345 }
1346
d62a17ae 1347 /*
1348 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1349 * not
1350 * required. In fact at least JunOS sends DD packets with P bit clear.
1351 * Until proper solution is developped, this hack should help.
1352 *
1353 * Update: According to the RFCs, N bit is specified /only/ for Hello
1354 * options, unfortunately its use in DD options is not specified. Hence
1355 * some
1356 * implementations follow E-bit semantics and set it in DD options, and
1357 * some
1358 * treat it as unspecified and hence follow the directive "default for
1359 * options is clear", ie unset.
1360 *
1361 * Reset the flag, as ospfd follows E-bit semantics.
1362 */
1363 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1364 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1365 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1366 if (IS_DEBUG_OSPF_EVENT)
1367 zlog_debug(
96b663a3
MS		 1368 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1369 &nbr->router_id);
d62a17ae 1370 SET_FLAG(dd->options, OSPF_OPTION_NP);
718e3744 1371 }
1372
d62a17ae 1373#ifdef REJECT_IF_TBIT_ON
1374 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1375 /*
1376 * In Hello protocol, optional capability must have checked
1377 * to prevent this T-bit enabled router be my neighbor.
1378 */
96b663a3
MS		 1379 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1380 &nbr->router_id);
d62a17ae 1381 return;
1382 }
1383#endif /* REJECT_IF_TBIT_ON */
1384
1385 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1386 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1387 /*
1388 * This node is not configured to handle O-bit, for now.
1389 * Clear it to ignore unsupported capability proposed by
1390 * neighbor.
1391 */
1392 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1393 }
1394
e6a22aeb
SK		 1395 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1396 zlog_info(
96b663a3 1397 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
44076f4d 1398 ospf_get_name(oi->ospf), &nbr->router_id,
e6a22aeb
SK		 1399 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1400 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1401
d62a17ae 1402 /* Process DD packet by neighbor status. */
1403 switch (nbr->state) {
1404 case NSM_Down:
1405 case NSM_Attempt:
1406 case NSM_TwoWay:
96db9cd3
DS		 1407 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1408 zlog_info(
96b663a3
MS		 1409 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1410 &nbr->router_id,
96db9cd3
DS		 1411 lookup_msg(ospf_nsm_state_msg, nbr->state,
1412 NULL));
d62a17ae 1413 break;
1414 case NSM_Init:
1415 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1416 /* If the new state is ExStart, the processing of the current
1417 packet should then continue in this new state by falling
1418 through to case ExStart below. */
1419 if (nbr->state != NSM_ExStart)
1420 break;
1421 /* fallthru */
1422 case NSM_ExStart:
1423 /* Initial DBD */
1424 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1425 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1426 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1427 > 0) {
1428 /* We're Slave---obey */
05ba78e4
CS		 1429 if (CHECK_FLAG(oi->ospf->config,
1430 OSPF_LOG_ADJACENCY_DETAIL))
996c9314 1431 zlog_info(
96b663a3
MS		 1432 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1433 &nbr->router_id);
05ba78e4 1434
d62a17ae 1435 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1436
1437 /* Reset I/MS */
1438 UNSET_FLAG(nbr->dd_flags,
1439 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1440 } else {
1441 /* We're Master, ignore the initial DBD from
1442 * Slave */
05ba78e4
CS		 1443 if (CHECK_FLAG(oi->ospf->config,
1444 OSPF_LOG_ADJACENCY_DETAIL))
1445 zlog_info(
96b663a3
MS		 1446 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1447 &nbr->router_id);
d62a17ae 1448 break;
1449 }
1450 }
1451 /* Ack from the Slave */
1452 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1453 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1454 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1455 < 0) {
1456 zlog_info(
96b663a3
MS		 1457 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1458 &nbr->router_id);
d62a17ae 1459 /* Reset I, leaving MS */
1460 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1461 } else {
cf444bcf 1462 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1463 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1464 &nbr->router_id);
d62a17ae 1465 break;
1466 }
1467
1468 /* This is where the real Options are saved */
1469 nbr->options = dd->options;
1470
1471 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1472 if (IS_DEBUG_OSPF_EVENT)
1473 zlog_debug(
96b663a3
MS		 1474 "Neighbor[%pI4] is %sOpaque-capable.",
1475 &nbr->router_id,
d62a17ae 1476 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1477 ? ""
1478 : "NOT ");
1479
1480 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1481 && IPV4_ADDR_SAME(&DR(oi),
1482 &nbr->address.u.prefix4)) {
c9cc11f6 1483 flog_warn(
cf444bcf 1484 EC_OSPF_PACKET,
96b663a3
MS		 1485 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1486 &nbr->router_id);
d62a17ae 1487 /* This situation is undesirable, but not a real
1488 * error. */
1489 }
1490 }
1491
1492 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1493
1494 /* continue processing rest of packet. */
1495 ospf_db_desc_proc(s, oi, nbr, dd, size);
1496 break;
1497 case NSM_Exchange:
1498 if (ospf_db_desc_is_dup(dd, nbr)) {
1499 if (IS_SET_DD_MS(nbr->dd_flags))
1500 /* Master: discard duplicated DD packet. */
1501 zlog_info(
96b663a3
MS		 1502 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1503 &nbr->router_id);
d62a17ae 1504 else
1505 /* Slave: cause to retransmit the last Database
1506 Description. */
1507 {
1508 zlog_info(
96b663a3
MS		 1509 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1510 &nbr->router_id);
d62a17ae 1511 ospf_db_desc_resend(nbr);
1512 }
1513 break;
1514 }
1515
1516 /* Otherwise DD packet should be checked. */
1517 /* Check Master/Slave bit mismatch */
1518 if (IS_SET_DD_MS(dd->flags)
1519 != IS_SET_DD_MS(nbr->last_recv.flags)) {
cf444bcf 1520 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1521 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1522 &nbr->router_id);
d62a17ae 1523 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1524 if (IS_DEBUG_OSPF_EVENT)
1525 zlog_debug(
1526 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1527 dd->flags, nbr->dd_flags);
1528 break;
1529 }
1530
1531 /* Check initialize bit is set. */
1532 if (IS_SET_DD_I(dd->flags)) {
96b663a3
MS		 1533 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1534 &nbr->router_id);
d62a17ae 1535 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1536 break;
1537 }
1538
1539 /* Check DD Options. */
1540 if (dd->options != nbr->options) {
cf444bcf 1541 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1542 "Packet[DD]: Neighbor %pI4 options mismatch.",
1543 &nbr->router_id);
d62a17ae 1544 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1545 break;
1546 }
718e3744 1547
d62a17ae 1548 /* Check DD sequence number. */
1549 if ((IS_SET_DD_MS(nbr->dd_flags)
1550 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1551 || (!IS_SET_DD_MS(nbr->dd_flags)
1552 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
c9cc11f6 1553 flog_warn(
cf444bcf 1554 EC_OSPF_PACKET,
96b663a3
MS		 1555 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1556 &nbr->router_id);
d62a17ae 1557 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1558 break;
1559 }
1560
1561 /* Continue processing rest of packet. */
1562 ospf_db_desc_proc(s, oi, nbr, dd, size);
1563 break;
1564 case NSM_Loading:
1565 case NSM_Full:
1566 if (ospf_db_desc_is_dup(dd, nbr)) {
1567 if (IS_SET_DD_MS(nbr->dd_flags)) {
1568 /* Master should discard duplicate DD packet. */
1569 zlog_info(
96b663a3
MS		 1570 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1571 &nbr->router_id);
d62a17ae 1572 break;
1573 } else {
1574 if (monotime_since(&nbr->last_send_ts, NULL)
1575 < nbr->v_inactivity * 1000000LL) {
1576 /* In states Loading and Full the slave
1577 must resend
1578 its last Database Description packet
1579 in response to
1580 duplicate Database Description
1581 packets received
1582 from the master. For this reason the
1583 slave must
1584 wait RouterDeadInterval seconds
1585 before freeing the
1586 last Database Description packet.
1587 Reception of a
1588 Database Description packet from the
1589 master after
1590 this interval will generate a
1591 SeqNumberMismatch
1592 neighbor event. RFC2328 Section 10.8
1593 */
1594 ospf_db_desc_resend(nbr);
1595 break;
1596 }
1597 }
718e3744 1598 }
718e3744 1599
d62a17ae 1600 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1601 break;
1602 default:
cf444bcf 1603 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1604 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1605 &nbr->router_id, nbr->state);
d62a17ae 1606 break;
1607 }
718e3744 1608}
1609
1610#define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1611
1612/* OSPF Link State Request Read -- RFC2328 Section 10.7. */
d62a17ae 1613static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1614 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1615 uint16_t size)
d62a17ae 1616{
1617 struct ospf_neighbor *nbr;
d7c0a89a 1618 uint32_t ls_type;
d62a17ae 1619 struct in_addr ls_id;
1620 struct in_addr adv_router;
1621 struct ospf_lsa *find;
1622 struct list *ls_upd;
1623 unsigned int length;
1624
1625 /* Increment statistics. */
1626 oi->ls_req_in++;
1627
1628 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1629 if (nbr == NULL) {
cf444bcf 1630 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1631 "Link State Request: Unknown Neighbor %pI4",
1632 &ospfh->router_id);
d62a17ae 1633 return;
718e3744 1634 }
1635
d62a17ae 1636 /* Neighbor State should be Exchange or later. */
1637 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1638 && nbr->state != NSM_Full) {
c9cc11f6 1639 flog_warn(
cf444bcf 1640 EC_OSPF_PACKET,
96b663a3
MS		 1641 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1642 &ospfh->router_id,
d62a17ae 1643 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1644 return;
718e3744 1645 }
1646
d62a17ae 1647 /* Send Link State Update for ALL requested LSAs. */
1648 ls_upd = list_new();
1649 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1650
1651 while (size >= OSPF_LSA_KEY_SIZE) {
1652 /* Get one slice of Link State Request. */
1653 ls_type = stream_getl(s);
1654 ls_id.s_addr = stream_get_ipv4(s);
1655 adv_router.s_addr = stream_get_ipv4(s);
1656
1657 /* Verify LSA type. */
1658 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1659 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1660 list_delete(&ls_upd);
d62a17ae 1661 return;
1662 }
718e3744 1663
d62a17ae 1664 /* Search proper LSA in LSDB. */
b5a8894d
CS		 1665 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1666 adv_router);
d62a17ae 1667 if (find == NULL) {
1668 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1669 list_delete(&ls_upd);
d62a17ae 1670 return;
1671 }
718e3744 1672
d62a17ae 1673 /* Packet overflows MTU size, send immediately. */
1674 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1675 if (oi->type == OSPF_IFTYPE_NBMA)
1676 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1677 OSPF_SEND_PACKET_DIRECT, 0);
d62a17ae 1678 else
1679 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1680 OSPF_SEND_PACKET_INDIRECT, 0);
d62a17ae 1681
1682 /* Only remove list contents. Keep ls_upd. */
1683 list_delete_all_node(ls_upd);
718e3744 1684
d62a17ae 1685 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1686 }
1687
1688 /* Append LSA to update list. */
1689 listnode_add(ls_upd, find);
1690 length += ntohs(find->data->length);
718e3744 1691
d62a17ae 1692 size -= OSPF_LSA_KEY_SIZE;
1693 }
718e3744 1694
d62a17ae 1695 /* Send rest of Link State Update. */
1696 if (listcount(ls_upd) > 0) {
1697 if (oi->type == OSPF_IFTYPE_NBMA)
996c9314
LB		 1698 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1699 0);
d62a17ae 1700 else
996c9314
LB		 1701 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1702 0);
718e3744 1703
6a154c88 1704 list_delete(&ls_upd);
d62a17ae 1705 } else
6a154c88 1706 list_delete(&ls_upd);
718e3744 1707}
1708
1709/* Get the list of LSAs from Link State Update packet.
1710 And process some validation -- RFC2328 Section 13. (1)-(2). */
d62a17ae 1711static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1712 struct stream *s,
1713 struct ospf_interface *oi, size_t size)
1714{
d7c0a89a
QY		 1715 uint16_t count, sum;
1716 uint32_t length;
d62a17ae 1717 struct lsa_header *lsah;
1718 struct ospf_lsa *lsa;
1719 struct list *lsas;
1720
1721 lsas = list_new();
1722
1723 count = stream_getl(s);
1724 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1725
1726 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1727 size -= length, stream_forward_getp(s, length), count--) {
2d34fb80 1728 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1729 length = ntohs(lsah->length);
1730
1731 if (length > size) {
c9cc11f6 1732 flog_warn(
cf444bcf 1733 EC_OSPF_PACKET,
d62a17ae 1734 "Link State Update: LSA length exceeds packet size.");
1735 break;
1736 }
718e3744 1737
d62a17ae 1738 /* Validate the LSA's LS checksum. */
1739 sum = lsah->checksum;
1740 if (!ospf_lsa_checksum_valid(lsah)) {
1741 /* (bug #685) more details in a one-line message make it
1742 * possible
1743 * to identify problem source on the one hand and to
1744 * have a better
1745 * chance to compress repeated messages in syslog on the
1746 * other */
c9cc11f6 1747 flog_warn(
cf444bcf 1748 EC_OSPF_PACKET,
96b663a3
MS		 1749 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1750 sum, lsah->checksum, &lsah->id,
1751 &nbr->src, &nbr->router_id,
1752 &lsah->adv_router);
d62a17ae 1753 continue;
1754 }
718e3744 1755
d62a17ae 1756 /* Examine the LSA's LS type. */
1757 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1758 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1759 "Link State Update: Unknown LS type %d",
d62a17ae 1760 lsah->type);
1761 continue;
1762 }
718e3744 1763
d62a17ae 1764 /*
1765 * What if the received LSA's age is greater than MaxAge?
1766 * Treat it as a MaxAge case -- endo.
1767 */
1768 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1769 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
718e3744 1770
d62a17ae 1771 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1772#ifdef STRICT_OBIT_USAGE_CHECK
1773 if ((IS_OPAQUE_LSA(lsah->type)
1774 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1775 || (!IS_OPAQUE_LSA(lsah->type)
1776 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1777 /*
1778 * This neighbor must know the exact usage of
1779 * O-bit;
1780 * the bit will be set in Type-9,10,11 LSAs
1781 * only.
1782 */
cf444bcf 1783 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1784 "LSA[Type%d:%pI4]: O-bit abuse?",
1785 lsah->type, &lsah->id);
d62a17ae 1786 continue;
1787 }
1788#endif /* STRICT_OBIT_USAGE_CHECK */
718e3744 1789
d62a17ae 1790 /* Do not take in AS External Opaque-LSAs if we are a
1791 * stub. */
1792 if (lsah->type == OSPF_OPAQUE_AS_LSA
1793 && nbr->oi->area->external_routing
1794 != OSPF_AREA_DEFAULT) {
1795 if (IS_DEBUG_OSPF_EVENT)
1796 zlog_debug(
96b663a3 1797 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
d62a17ae 1798 lsah->type,
96b663a3 1799 &lsah->id);
d62a17ae 1800 continue;
1801 }
1802 } else if (IS_OPAQUE_LSA(lsah->type)) {
cf444bcf 1803 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1804 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1805 lsah->type, &lsah->id);
d62a17ae 1806 continue;
1807 }
718e3744 1808
d62a17ae 1809 /* Create OSPF LSA instance. */
5b3d4186 1810 lsa = ospf_lsa_new_and_data(length);
d62a17ae 1811
b5a8894d 1812 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 1813 /* We may wish to put some error checking if type NSSA comes in
1814 and area not in NSSA mode */
1815 switch (lsah->type) {
1816 case OSPF_AS_EXTERNAL_LSA:
1817 case OSPF_OPAQUE_AS_LSA:
1818 lsa->area = NULL;
1819 break;
1820 case OSPF_OPAQUE_LINK_LSA:
1821 lsa->oi = oi; /* Remember incoming interface for
1822 flooding control. */
1823 /* Fallthrough */
1824 default:
1825 lsa->area = oi->area;
1826 break;
1827 }
718e3744 1828
d62a17ae 1829 memcpy(lsa->data, lsah, length);
1830
1831 if (IS_DEBUG_OSPF_EVENT)
1832 zlog_debug(
96b663a3
MS		 1833 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1834 lsa->data->type, &lsa->data->id,
d62a17ae 1835 (void *)lsa);
1836 listnode_add(lsas, lsa);
1837 }
718e3744 1838
d62a17ae 1839 return lsas;
718e3744 1840}
1841
1842/* Cleanup Update list. */
d62a17ae 1843static void ospf_upd_list_clean(struct list *lsas)
718e3744 1844{
d62a17ae 1845 struct listnode *node, *nnode;
1846 struct ospf_lsa *lsa;
718e3744 1847
d62a17ae 1848 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1849 ospf_lsa_discard(lsa);
718e3744 1850
6a154c88 1851 list_delete(&lsas);
718e3744 1852}
1853
1854/* OSPF Link State Update message read -- RFC2328 Section 13. */
d62a17ae 1855static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1856 struct ospf_header *ospfh, struct stream *s,
d7c0a89a 1857 struct ospf_interface *oi, uint16_t size)
d62a17ae 1858{
1859 struct ospf_neighbor *nbr;
1860 struct list *lsas;
1861 struct listnode *node, *nnode;
1862 struct ospf_lsa *lsa = NULL;
1863 /* unsigned long ls_req_found = 0; */
1864
1865 /* Dis-assemble the stream, update each entry, re-encapsulate for
1866 * flooding */
1867
1868 /* Increment statistics. */
1869 oi->ls_upd_in++;
1870
1871 /* Check neighbor. */
1872 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1873 if (nbr == NULL) {
cf444bcf 1874 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1875 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1876 &ospfh->router_id, IF_NAME(oi));
d62a17ae 1877 return;
718e3744 1878 }
1879
d62a17ae 1880 /* Check neighbor state. */
1881 if (nbr->state < NSM_Exchange) {
1882 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1883 zlog_debug(
96b663a3
MS		 1884 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1885 &ospfh->router_id,
d62a17ae 1886 lookup_msg(ospf_nsm_state_msg, nbr->state,
1887 NULL));
1888 return;
1889 }
718e3744 1890
98cb53f9
RW		 1891 /* Get list of LSAs from Link State Update packet. - Also performs
1892 * Stages 1 (validate LSA checksum) and 2 (check for LSA consistent
1893 * type) of section 13.
d62a17ae 1894 */
1895 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1896
35955c14
CS		 1897 if (lsas == NULL)
1898 return;
d62a17ae 1899#define DISCARD_LSA(L, N) \
1900 { \
1901 if (IS_DEBUG_OSPF_EVENT) \
1902 zlog_debug( \
1903 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1904 " Type-%d", \
1905 N, (void *)lsa, (int)lsa->data->type); \
1906 ospf_lsa_discard(L); \
1907 continue; \
718e3744 1908 }
1909
d62a17ae 1910 /* Process each LSA received in the one packet.
1911 *
1912 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1913 * text below are from the steps in RFC 2328, Section 13.
1914 */
1915 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1916 struct ospf_lsa *ls_ret, *current;
1917 int ret = 1;
1918
231af0a5 1919 if (IS_DEBUG_OSPF(lsa, LSA))
c067e23e
DS		 1920 zlog_debug("LSA Type-%d from %pI4, ID: %pI4, ADV: %pI4",
1921 lsa->data->type, &ospfh->router_id,
1922 &lsa->data->id, &lsa->data->adv_router);
718e3744 1923
d62a17ae 1924 listnode_delete(lsas,
1925 lsa); /* We don't need it in list anymore */
1926
1927 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1928 */
1929
1930 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1931
1932 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1933 */
1934
1935 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1936 */
1937
1938 /* Do take in Type-7's if we are an NSSA */
1939
1940 /* If we are also an ABR, later translate them to a Type-5
1941 * packet */
1942
1943 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1944 translate them to a separate Type-5 packet. */
1945
1946 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1947 /* Reject from STUB or NSSA */
1948 if (nbr->oi->area->external_routing
1949 != OSPF_AREA_DEFAULT) {
1950 if (IS_DEBUG_OSPF_NSSA)
1951 zlog_debug(
1952 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1953 DISCARD_LSA(lsa, 1);
1954 }
1955
1956 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1957 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1958 if (IS_DEBUG_OSPF_NSSA)
1959 zlog_debug(
1960 "Incoming NSSA LSA Discarded: Not NSSA Area");
1961 DISCARD_LSA(lsa, 2);
1962 }
1963
1964 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1965 if (lsa->data->type == OSPF_ROUTER_LSA)
1966 if (!IPV4_ADDR_SAME(&lsa->data->id,
1967 &lsa->data->adv_router)) {
c067e23e
DS		 1968 flog_err(
1969 EC_OSPF_ROUTER_LSA_MISMATCH,
1970 "Incoming Router-LSA from %pI4 with Adv-ID[%pI4] != LS-ID[%pI4]",
1971 &ospfh->router_id, &lsa->data->id,
1972 &lsa->data->adv_router);
af4c2728 1973 flog_err(
cf444bcf 1974 EC_OSPF_DOMAIN_CORRUPT,
3efd0893 1975 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
d62a17ae 1976 DISCARD_LSA(lsa, 0);
1977 }
1978
1979 /* Find the LSA in the current database. */
1980
1981 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1982
1983 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1984 currently
1985 no instance of the LSA in the router's link state database,
1986 and none of router's neighbors are in states Exchange or
1987 Loading,
1988 then take the following actions: */
1989
1990 if (IS_LSA_MAXAGE(lsa) && !current
1991 && ospf_check_nbr_status(oi->ospf)) {
1992 /* (4a) Response Link State Acknowledgment. */
1993 ospf_ls_ack_send(nbr, lsa);
1994
1995 /* (4b) Discard LSA. */
1996 if (IS_DEBUG_OSPF(lsa, LSA)) {
1997 zlog_debug(
1998 "Link State Update[%s]: LS age is equal to MaxAge.",
1999 dump_lsa_key(lsa));
2000 }
2001 DISCARD_LSA(lsa, 3);
2002 }
2003
2004 if (IS_OPAQUE_LSA(lsa->data->type)
2005 && IPV4_ADDR_SAME(&lsa->data->adv_router,
2006 &oi->ospf->router_id)) {
2007 /*
2008 * Even if initial flushing seems to be completed, there
2009 * might
2010 * be a case that self-originated LSA with MaxAge still
2011 * remain
2012 * in the routing domain.
2013 * Just send an LSAck message to cease retransmission.
2014 */
2015 if (IS_LSA_MAXAGE(lsa)) {
c9cc11f6 2016 zlog_info("LSA[%s]: Boomerang effect?",
d62a17ae 2017 dump_lsa_key(lsa));
2018 ospf_ls_ack_send(nbr, lsa);
2019 ospf_lsa_discard(lsa);
2020
2021 if (current != NULL && !IS_LSA_MAXAGE(current))
2022 ospf_opaque_lsa_refresh_schedule(
2023 current);
2024 continue;
2025 }
2026
2027 /*
2028 * If an instance of self-originated Opaque-LSA is not
2029 * found
2030 * in the LSDB, there are some possible cases here.
2031 *
2032 * 1) This node lost opaque-capability after restart.
2033 * 2) Else, a part of opaque-type is no more supported.
2034 * 3) Else, a part of opaque-id is no more supported.
2035 *
2036 * Anyway, it is still this node's responsibility to
2037 * flush it.
2038 * Otherwise, the LSA instance remains in the routing
2039 * domain
2040 * until its age reaches to MaxAge.
2041 */
2042 /* XXX: We should deal with this for *ALL* LSAs, not
2043 * just opaque */
2044 if (current == NULL) {
2045 if (IS_DEBUG_OSPF_EVENT)
2046 zlog_debug(
3efd0893 2047 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
d62a17ae 2048 dump_lsa_key(lsa));
2049
2050 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2051
d62a17ae 2052 ospf_ls_ack_send(nbr, lsa);
2053
10514170
RW		 2054 if (!ospf->gr_info.restart_in_progress) {
2055 ospf_opaque_self_originated_lsa_received(
2056 nbr, lsa);
2057 continue;
2058 }
d62a17ae 2059 }
2060 }
2061
2062 /* It might be happen that received LSA is self-originated
2063 * network LSA, but
2064 * router ID is changed. So, we should check if LSA is a
2065 * network-LSA whose
2066 * Link State ID is one of the router's own IP interface
2067 * addresses but whose
2068 * Advertising Router is not equal to the router's own Router ID
2069 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2070 * flushed.
2071 */
2072
2073 if (lsa->data->type == OSPF_NETWORK_LSA) {
2074 struct listnode *oinode, *oinnode;
2075 struct ospf_interface *out_if;
2076 int Flag = 0;
2077
2078 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2079 oinnode, out_if)) {
2080 if (out_if == NULL)
2081 break;
2082
2083 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2084 &lsa->data->id))
2085 && (!(IPV4_ADDR_SAME(
2086 &oi->ospf->router_id,
2087 &lsa->data->adv_router)))) {
2088 if (out_if->network_lsa_self) {
2089 ospf_lsa_flush_area(
2090 lsa, out_if->area);
2091 if (IS_DEBUG_OSPF_EVENT)
2092 zlog_debug(
2093 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2094 (void *)lsa,
2095 (int)lsa->data
2096 ->type);
2097 ospf_lsa_discard(lsa);
2098 Flag = 1;
2099 }
2100 break;
2101 }
2102 }
2103 if (Flag)
2104 continue;
2105 }
2106
2107 /* (5) Find the instance of this LSA that is currently contained
2108 in the router's link state database. If there is no
2109 database copy, or the received LSA is more recent than
2110 the database copy the following steps must be performed.
2111 (The sub steps from RFC 2328 section 13 step (5) will be
2112 performed in
2113 ospf_flood() ) */
2114
2115 if (current == NULL
2116 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
76c1efd7 2117 /* CVE-2017-3224 */
44d1115a 2118 if (current && (IS_LSA_MAX_SEQ(current))
3cb62bb3 2119 && (IS_LSA_MAX_SEQ(lsa)) && !IS_LSA_MAXAGE(lsa)) {
76c1efd7 2120 zlog_debug(
44d1115a 2121 "Link State Update[%s]: has Max Seq and higher checksum but not MaxAge. Dropping it",
76c1efd7
CS		 2122 dump_lsa_key(lsa));
2123
2124 DISCARD_LSA(lsa, 4);
76c1efd7
CS		 2125 }
2126
d62a17ae 2127 /* Actual flooding procedure. */
2128 if (ospf_flood(oi->ospf, nbr, current, lsa)
2129 < 0) /* Trap NSSA later. */
76c1efd7 2130 DISCARD_LSA(lsa, 5);
d62a17ae 2131 continue;
2132 }
2133
2134 /* (6) Else, If there is an instance of the LSA on the sending
2135 neighbor's Link state request list, an error has occurred in
2136 the Database Exchange process. In this case, restart the
2137 Database Exchange process by generating the neighbor event
2138 BadLSReq for the sending neighbor and stop processing the
2139 Link State Update packet. */
2140
2141 if (ospf_ls_request_lookup(nbr, lsa)) {
2142 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
c9cc11f6 2143 flog_warn(
cf444bcf 2144 EC_OSPF_PACKET,
d62a17ae 2145 "LSA[%s] instance exists on Link state request list",
2146 dump_lsa_key(lsa));
2147
2148 /* Clean list of LSAs. */
2149 ospf_upd_list_clean(lsas);
2150 /* this lsa is not on lsas list already. */
2151 ospf_lsa_discard(lsa);
2152 return;
2153 }
2154
2155 /* If the received LSA is the same instance as the database copy
2156 (i.e., neither one is more recent) the following two steps
2157 should be performed: */
2158
2159 if (ret == 0) {
2160 /* If the LSA is listed in the Link state retransmission
2161 list
2162 for the receiving adjacency, the router itself is
2163 expecting
2164 an acknowledgment for this LSA. The router should
2165 treat the
2166 received LSA as an acknowledgment by removing the LSA
2167 from
2168 the Link state retransmission list. This is termed
2169 an
2170 "implied acknowledgment". */
2171
2172 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2173
2174 if (ls_ret != NULL) {
2175 ospf_ls_retransmit_delete(nbr, ls_ret);
2176
2177 /* Delayed acknowledgment sent if advertisement
2178 received
2179 from Designated Router, otherwise do nothing.
2180 */
2181 if (oi->state == ISM_Backup)
2182 if (NBR_IS_DR(nbr))
2183 listnode_add(
2184 oi->ls_ack,
2185 ospf_lsa_lock(lsa));
2186
76c1efd7 2187 DISCARD_LSA(lsa, 6);
d62a17ae 2188 } else
2189 /* Acknowledge the receipt of the LSA by sending a
2190 Link State Acknowledgment packet back out the
2191 receiving
2192 interface. */
2193 {
2194 ospf_ls_ack_send(nbr, lsa);
76c1efd7 2195 DISCARD_LSA(lsa, 7);
d62a17ae 2196 }
2197 }
2198
2199 /* The database copy is more recent. If the database copy
2200 has LS age equal to MaxAge and LS sequence number equal to
2201 MaxSequenceNumber, simply discard the received LSA without
2202 acknowledging it. (In this case, the LSA's LS sequence number
2203 is
2204 wrapping, and the MaxSequenceNumber LSA must be completely
2205 flushed before any new LSA instance can be introduced). */
2206
2207 else if (ret > 0) /* Database copy is more recent */
2208 {
2209 if (IS_LSA_MAXAGE(current)
2210 && current->data->ls_seqnum
2211 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
76c1efd7 2212 DISCARD_LSA(lsa, 8);
d62a17ae 2213 }
2214 /* Otherwise, as long as the database copy has not been
2215 sent in a
2216 Link State Update within the last MinLSArrival
2217 seconds, send the
2218 database copy back to the sending neighbor,
2219 encapsulated within
2220 a Link State Update Packet. The Link State Update
2221 Packet should
2222 be sent directly to the neighbor. In so doing, do not
2223 put the
2224 database copy of the LSA on the neighbor's link state
2225 retransmission list, and do not acknowledge the
2226 received (less
2227 recent) LSA instance. */
2228 else {
2229 if (monotime_since(&current->tv_orig, NULL)
2230 >= ospf->min_ls_arrival * 1000LL)
2231 /* Trap NSSA type later.*/
2232 ospf_ls_upd_send_lsa(
2233 nbr, current,
2234 OSPF_SEND_PACKET_DIRECT);
76c1efd7 2235 DISCARD_LSA(lsa, 9);
d62a17ae 2236 }
2237 }
2238 }
2cd754de
PJ		 2239#undef DISCARD_LSA
2240
d62a17ae 2241 assert(listcount(lsas) == 0);
6a154c88 2242 list_delete(&lsas);
10514170
RW		 2243
2244 if (ospf->gr_info.restart_in_progress)
2245 ospf_gr_check_lsdb_consistency(oi->ospf, oi->area);
718e3744 2246}
2247
2248/* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
d62a17ae 2249static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2250 struct stream *s, struct ospf_interface *oi,
d7c0a89a 2251 uint16_t size)
d62a17ae 2252{
2253 struct ospf_neighbor *nbr;
2254
2255 /* increment statistics. */
2256 oi->ls_ack_in++;
2257
2258 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2259 if (nbr == NULL) {
cf444bcf 2260 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 2261 "Link State Acknowledgment: Unknown Neighbor %pI4",
2262 &ospfh->router_id);
d62a17ae 2263 return;
2264 }
2265
d62a17ae 2266 if (nbr->state < NSM_Exchange) {
2267 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2268 zlog_debug(
96b663a3
MS		 2269 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2270 &ospfh->router_id,
d62a17ae 2271 lookup_msg(ospf_nsm_state_msg, nbr->state,
2272 NULL));
2273 return;
2274 }
2275
2276 while (size >= OSPF_LSA_HEADER_SIZE) {
2277 struct ospf_lsa *lsa, *lsr;
2278
2279 lsa = ospf_lsa_new();
2d34fb80 2280 lsa->data = (struct lsa_header *)stream_pnt(s);
b5a8894d 2281 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 2282
2d34fb80 2283 /* lsah = (struct lsa_header *) stream_pnt (s); */
d62a17ae 2284 size -= OSPF_LSA_HEADER_SIZE;
2285 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2286
2287 if (lsa->data->type < OSPF_MIN_LSA
2288 || lsa->data->type >= OSPF_MAX_LSA) {
2289 lsa->data = NULL;
2290 ospf_lsa_discard(lsa);
2291 continue;
2292 }
2293
2294 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2295
3cb62bb3 2296 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0) {
d62a17ae 2297 ospf_ls_retransmit_delete(nbr, lsr);
3cb62bb3
MR		 2298 ospf_check_and_gen_init_seq_lsa(oi, lsa);
2299 }
d62a17ae 2300
2301 lsa->data = NULL;
2302 ospf_lsa_discard(lsa);
2303 }
2304
2305 return;
2306}
2307
b5a8894d
CS		 2308static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2309 struct interface **ifp,
d62a17ae 2310 struct stream *ibuf)
2311{
2312 int ret;
2313 struct ip *iph;
d7c0a89a 2314 uint16_t ip_len;
d62a17ae 2315 ifindex_t ifindex = 0;
2316 struct iovec iov;
2317 /* Header and data both require alignment. */
2318 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2319 struct msghdr msgh;
2320
2321 memset(&msgh, 0, sizeof(struct msghdr));
2322 msgh.msg_iov = &iov;
2323 msgh.msg_iovlen = 1;
2324 msgh.msg_control = (caddr_t)buff;
2325 msgh.msg_controllen = sizeof(buff);
2326
4392cc43
DS		 2327 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2328 OSPF_MAX_PACKET_SIZE + 1);
d62a17ae 2329 if (ret < 0) {
4392cc43
DS		 2330 if (errno != EAGAIN && errno != EWOULDBLOCK)
2331 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2332 safe_strerror(errno));
d62a17ae 2333 return NULL;
2334 }
e947b307 2335 if ((unsigned int)ret < sizeof(struct ip)) {
c9cc11f6 2336 flog_warn(
cf444bcf 2337 EC_OSPF_PACKET,
3efd0893 2338 "ospf_recv_packet: discarding runt packet of length %d (ip header size is %u)",
d7c0a89a 2339 ret, (unsigned int)sizeof(iph));
d62a17ae 2340 return NULL;
2341 }
2342
2343 /* Note that there should not be alignment problems with this assignment
2344 because this is at the beginning of the stream data buffer. */
2345 iph = (struct ip *)STREAM_DATA(ibuf);
2346 sockopt_iphdrincl_swab_systoh(iph);
2347
2348 ip_len = iph->ip_len;
2349
bdee8083 2350#if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
d62a17ae 2351 /*
2352 * Kernel network code touches incoming IP header parameters,
2353 * before protocol specific processing.
2354 *
2355 * 1) Convert byteorder to host representation.
2356 * --> ip_len, ip_id, ip_off
2357 *
2358 * 2) Adjust ip_len to strip IP header size!
2359 * --> If user process receives entire IP packet via RAW
2360 * socket, it must consider adding IP header size to
2361 * the "ip_len" field of "ip" structure.
2362 *
2363 * For more details, see <netinet/ip_input.c>.
2364 */
2365 ip_len = ip_len + (iph->ip_hl << 2);
718e3744 2366#endif
d62a17ae 2367
0150c9c9 2368#if defined(__DragonFly__)
d62a17ae 2369 /*
2370 * in DragonFly's raw socket, ip_len/ip_off are read
2371 * in network byte order.
2372 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2373 */
2374 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
0150c9c9
DB		 2375#endif
2376
d62a17ae 2377 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2378
b5a8894d 2379 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
d62a17ae 2380
2381 if (ret != ip_len) {
c9cc11f6 2382 flog_warn(
cf444bcf 2383 EC_OSPF_PACKET,
3efd0893 2384 "ospf_recv_packet read length mismatch: ip_len is %d, but recvmsg returned %d",
d62a17ae 2385 ip_len, ret);
2386 return NULL;
2387 }
718e3744 2388
868a0861 2389 if (IS_DEBUG_OSPF_PACKET(0, RECV))
15569c58
DA		 2390 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2391 ospf_get_name(ospf), ifindex,
2392 *ifp ? (*ifp)->name : "Unknown");
d62a17ae 2393 return ibuf;
718e3744 2394}
2395
4dadc291 2396static struct ospf_interface *
d62a17ae 2397ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2398 struct ip *iph, struct ospf_header *ospfh)
2399{
2400 struct ospf_interface *rcv_oi;
2401 struct ospf_vl_data *vl_data;
2402 struct ospf_area *vl_area;
2403 struct listnode *node;
2404
2405 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2406 || !OSPF_IS_AREA_BACKBONE(ospfh))
2407 return NULL;
2408
2409 /* look for local OSPF interface matching the destination
2410 * to determine Area ID. We presume therefore the destination address
2411 * is unique, or at least (for "unnumbered" links), not used in other
2412 * areas
2413 */
2414 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2415 == NULL)
2416 return NULL;
2417
2418 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2419 vl_area =
2420 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2421 if (!vl_area)
2422 continue;
2423
2424 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2425 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2426 if (IS_DEBUG_OSPF_EVENT)
2427 zlog_debug("associating packet with %s",
2428 IF_NAME(vl_data->vl_oi));
2429 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2430 if (IS_DEBUG_OSPF_EVENT)
2431 zlog_debug(
2432 "This VL is not up yet, sorry");
2433 return NULL;
2434 }
2435
2436 return vl_data->vl_oi;
2437 }
718e3744 2438 }
718e3744 2439
d62a17ae 2440 if (IS_DEBUG_OSPF_EVENT)
2441 zlog_debug("couldn't find any VL to associate the packet with");
2442
2443 return NULL;
718e3744 2444}
2445
d62a17ae 2446static int ospf_check_area_id(struct ospf_interface *oi,
2447 struct ospf_header *ospfh)
718e3744 2448{
d62a17ae 2449 /* Check match the Area ID of the receiving interface. */
2450 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2451 return 1;
718e3744 2452
d62a17ae 2453 return 0;
718e3744 2454}
2455
2456/* Unbound socket will accept any Raw IP packets if proto is matched.
2457 To prevent it, compare src IP address and i/f address with masking
2458 i/f network mask. */
d62a17ae 2459static int ospf_check_network_mask(struct ospf_interface *oi,
2460 struct in_addr ip_src)
718e3744 2461{
d62a17ae 2462 struct in_addr mask, me, him;
718e3744 2463
d62a17ae 2464 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2465 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2466 return 1;
718e3744 2467
0c5506a8
AL		 2468 /* Ignore mask check for max prefix length (32) */
2469 if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
2470 && oi->address->prefixlen == IPV4_MAX_BITLEN)
2471 return 1;
2472
d62a17ae 2473 masklen2ip(oi->address->prefixlen, &mask);
718e3744 2474
d62a17ae 2475 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2476 him.s_addr = ip_src.s_addr & mask.s_addr;
718e3744 2477
d62a17ae 2478 if (IPV4_ADDR_SAME(&me, &him))
2479 return 1;
718e3744 2480
d62a17ae 2481 return 0;
718e3744 2482}
2483
bd5651f0
DO		 2484/* Return 1, if the packet is properly authenticated and checksummed,
2485 0 otherwise. In particular, check that AuType header field is valid and
2486 matches the locally configured AuType, and that D.5 requirements are met. */
d62a17ae 2487static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2488{
2489 struct crypt_key *ck;
d7c0a89a
QY		 2490 uint16_t iface_auth_type;
2491 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
d62a17ae 2492
2493 switch (pkt_auth_type) {
2494 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2495 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2496 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2497 flog_warn(
cf444bcf 2498 EC_OSPF_PACKET,
d62a17ae 2499 "interface %s: auth-type mismatch, local %s, rcvd Null",
2500 IF_NAME(oi),
2501 lookup_msg(ospf_auth_type_str,
2502 iface_auth_type, NULL));
2503 return 0;
2504 }
2505 if (!ospf_check_sum(ospfh)) {
2506 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2507 flog_warn(
cf444bcf 2508 EC_OSPF_PACKET,
96b663a3 2509 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
d62a17ae 2510 IF_NAME(oi),
96b663a3 2511 &ospfh->router_id);
d62a17ae 2512 return 0;
2513 }
2514 return 1;
2515 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2516 if (OSPF_AUTH_SIMPLE
2517 != (iface_auth_type = ospf_auth_type(oi))) {
2518 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2519 flog_warn(
cf444bcf 2520 EC_OSPF_PACKET,
d62a17ae 2521 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2522 IF_NAME(oi),
2523 lookup_msg(ospf_auth_type_str,
2524 iface_auth_type, NULL));
2525 return 0;
2526 }
2527 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2528 OSPF_AUTH_SIMPLE_SIZE)) {
2529 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2530 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2531 "interface %s: Simple auth failed",
d62a17ae 2532 IF_NAME(oi));
2533 return 0;
2534 }
2535 if (!ospf_check_sum(ospfh)) {
2536 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2537 flog_warn(
cf444bcf 2538 EC_OSPF_PACKET,
96b663a3 2539 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
d62a17ae 2540 IF_NAME(oi),
96b663a3 2541 &ospfh->router_id);
d62a17ae 2542 return 0;
2543 }
2544 return 1;
2545 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2546 if (OSPF_AUTH_CRYPTOGRAPHIC
2547 != (iface_auth_type = ospf_auth_type(oi))) {
2548 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2549 flog_warn(
cf444bcf 2550 EC_OSPF_PACKET,
d62a17ae 2551 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2552 IF_NAME(oi),
2553 lookup_msg(ospf_auth_type_str,
2554 iface_auth_type, NULL));
2555 return 0;
2556 }
2557 if (ospfh->checksum) {
2558 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2559 flog_warn(
cf444bcf 2560 EC_OSPF_PACKET,
d62a17ae 2561 "interface %s: OSPF header checksum is not 0",
2562 IF_NAME(oi));
2563 return 0;
2564 }
2565 /* only MD5 crypto method can pass ospf_packet_examin() */
996c9314
LB		 2566 if (NULL == (ck = listgetdata(
2567 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2568 || ospfh->u.crypt.key_id != ck->key_id ||
2569 /* Condition above uses the last key ID on the list,
2570 which is
2571 different from what ospf_crypt_key_lookup() does. A
2572 bug? */
2573 !ospf_check_md5_digest(oi, ospfh)) {
d62a17ae 2574 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2575 flog_warn(EC_OSPF_MD5,
c9cc11f6 2576 "interface %s: MD5 auth failed",
d62a17ae 2577 IF_NAME(oi));
2578 return 0;
2579 }
2580 return 1;
2581 default:
2582 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2583 flog_warn(
cf444bcf 2584 EC_OSPF_PACKET,
d62a17ae 2585 "interface %s: invalid packet auth-type (%02x)",
2586 IF_NAME(oi), pkt_auth_type);
2587 return 0;
2588 }
2589}
2590
2591static int ospf_check_sum(struct ospf_header *ospfh)
2592{
d7c0a89a
QY		 2593 uint32_t ret;
2594 uint16_t sum;
d62a17ae 2595
2596 /* clear auth_data for checksum. */
2597 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2598
2599 /* keep checksum and clear. */
2600 sum = ospfh->checksum;
d7c0a89a 2601 memset(&ospfh->checksum, 0, sizeof(uint16_t));
d62a17ae 2602
2603 /* calculate checksum. */
2604 ret = in_cksum(ospfh, ntohs(ospfh->length));
2605
2606 if (ret != sum) {
2607 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2608 ret, sum);
2609 return 0;
2610 }
2611
2612 return 1;
718e3744 2613}
2614
4e31de79
DO		 2615/* Verify, that given link/TOS records are properly sized/aligned and match
2616 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
d62a17ae 2617static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
d7c0a89a
QY		 2618 uint16_t linkbytes,
2619 const uint16_t num_links)
d62a17ae 2620{
2621 unsigned counted_links = 0, thislinklen;
2622
04d6a0f8 2623 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
d62a17ae 2624 thislinklen =
2625 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2626 if (thislinklen > linkbytes) {
2627 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2628 zlog_debug("%s: length error in link block #%u",
2629 __func__, counted_links);
2630 return MSG_NG;
2631 }
2632 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2633 linkbytes -= thislinklen;
2634 counted_links++;
2635 }
2636 if (counted_links != num_links) {
2637 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2638 zlog_debug("%s: %u link blocks declared, %u present",
2639 __func__, num_links, counted_links);
2640 return MSG_NG;
2641 }
2642 return MSG_OK;
4e31de79
DO		 2643}
2644
2645/* Verify, that the given LSA is properly sized/aligned (including type-specific
2646 minimum length constraint). */
d7c0a89a
QY		 2647static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2648 const uint8_t headeronly)
d62a17ae 2649{
2650 unsigned ret;
2651 struct router_lsa *rlsa;
2652 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2653 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2654 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2655 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2656 lookup_msg(ospf_lsa_type_msg, lsah->type,
2657 NULL));
2658 return MSG_NG;
2659 }
2660 switch (lsah->type) {
04d6a0f8
QY		 2661 case OSPF_ROUTER_LSA: {
2662 /*
2663 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2664 * (12+)-byte link blocks
2665 */
2666 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2667 - OSPF_ROUTER_LSA_MIN_SIZE;
2668
2669 /*
2670 * LSA link blocks are variable length but always multiples of
2671 * 4; basic sanity check
2672 */
2673 if (linkbytes_len % 4 != 0)
2674 return MSG_NG;
2675
2676 if (headeronly)
2677 return MSG_OK;
2678
d62a17ae 2679 rlsa = (struct router_lsa *)lsah;
04d6a0f8 2680
d62a17ae 2681 ret = ospf_router_lsa_links_examin(
2682 (struct router_lsa_link *)rlsa->link,
04d6a0f8
QY		 2683 linkbytes_len,
2684 ntohs(rlsa->links));
d62a17ae 2685 break;
04d6a0f8 2686 }
d62a17ae 2687 case OSPF_AS_EXTERNAL_LSA:
2688 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2689 * blocks */
2690 case OSPF_AS_NSSA_LSA:
2691 /* RFC3101 C, idem */
2692 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2693 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2694 % 12
2695 ? MSG_NG
2696 : MSG_OK;
2697 break;
2698 /* Following LSA types are considered OK length-wise as soon as their
2699 * minimum
2700 * length constraint is met and length of the whole LSA is a multiple of
2701 * 4
2702 * (basic LSA header size is already a multiple of 4). */
2703 case OSPF_NETWORK_LSA:
2704 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2705 case OSPF_SUMMARY_LSA:
2706 case OSPF_ASBR_SUMMARY_LSA:
2707 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2708 * blocks */
2709 case OSPF_OPAQUE_LINK_LSA:
2710 case OSPF_OPAQUE_AREA_LSA:
2711 case OSPF_OPAQUE_AS_LSA:
2712 /* RFC5250 A.2, "some number of octets (of application-specific
2713 * data) padded to 32-bit alignment." This is considered
2714 * equivalent
2715 * to 4-byte alignment of all other LSA types, see
2716 * OSPF-ALIGNMENT.txt
2717 * file for the detailed analysis of this passage. */
2718 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2719 break;
2720 default:
2721 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2722 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2723 lsah->type);
2724 return MSG_NG;
2725 }
2726 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2727 zlog_debug("%s: alignment error in %s", __func__,
2728 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2729 return ret;
4e31de79
DO		 2730}
2731
2732/* Verify if the provided input buffer is a valid sequence of LSAs. This
2733 includes verification of LSA blocks length/alignment and dispatching
2734 of deeper-level checks. */
2735static unsigned
d62a17ae 2736ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
d7c0a89a 2737 size_t length, const uint8_t headeronly,
d62a17ae 2738 /* When declared_num_lsas is not 0, compare it to the real
2739 number of LSAs
2740 and treat the difference as an error. */
d7c0a89a 2741 const uint32_t declared_num_lsas)
d62a17ae 2742{
d7c0a89a 2743 uint32_t counted_lsas = 0;
d62a17ae 2744
2745 while (length) {
d7c0a89a 2746 uint16_t lsalen;
d62a17ae 2747 if (length < OSPF_LSA_HEADER_SIZE) {
2748 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2749 zlog_debug(
2750 "%s: undersized (%zu B) trailing (#%u) LSA header",
2751 __func__, length, counted_lsas);
2752 return MSG_NG;
2753 }
2754 /* save on ntohs() calls here and in the LSA validator */
2755 lsalen = ntohs(lsah->length);
2756 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2757 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2758 zlog_debug(
2759 "%s: malformed LSA header #%u, declared length is %u B",
2760 __func__, counted_lsas, lsalen);
2761 return MSG_NG;
2762 }
2763 if (headeronly) {
2764 /* less checks here and in ospf_lsa_examin() */
2765 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2766 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2767 zlog_debug(
2768 "%s: malformed header-only LSA #%u",
2769 __func__, counted_lsas);
2770 return MSG_NG;
2771 }
2772 lsah = (struct lsa_header *)((caddr_t)lsah
2773 + OSPF_LSA_HEADER_SIZE);
2774 length -= OSPF_LSA_HEADER_SIZE;
2775 } else {
2776 /* make sure the input buffer is deep enough before
2777 * further checks */
2778 if (lsalen > length) {
2779 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2780 zlog_debug(
2781 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2782 __func__, counted_lsas, lsalen,
2783 length);
2784 return MSG_NG;
2785 }
2786 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2787 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2788 zlog_debug("%s: malformed LSA #%u",
2789 __func__, counted_lsas);
2790 return MSG_NG;
2791 }
2792 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2793 length -= lsalen;
2794 }
2795 counted_lsas++;
2796 }
2797
2798 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2799 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2800 zlog_debug(
2801 "%s: #LSAs declared (%u) does not match actual (%u)",
2802 __func__, declared_num_lsas, counted_lsas);
2803 return MSG_NG;
2804 }
2805 return MSG_OK;
4e31de79
DO		 2806}
2807
75c8eabb 2808/* Verify a complete OSPF packet for proper sizing/alignment. */
d62a17ae 2809static unsigned ospf_packet_examin(struct ospf_header *oh,
2810 const unsigned bytesonwire)
2811{
d7c0a89a 2812 uint16_t bytesdeclared, bytesauth;
d62a17ae 2813 unsigned ret;
2814 struct ospf_ls_update *lsupd;
2815
2816 /* Length, 1st approximation. */
2817 if (bytesonwire < OSPF_HEADER_SIZE) {
2818 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2819 zlog_debug("%s: undersized (%u B) packet", __func__,
2820 bytesonwire);
2821 return MSG_NG;
2822 }
2823 /* Now it is safe to access header fields. Performing length check,
2824 * allow
2825 * for possible extra bytes of crypto auth/padding, which are not
2826 * counted
2827 * in the OSPF header "length" field. */
2828 if (oh->version != OSPF_VERSION) {
2829 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2830 zlog_debug("%s: invalid (%u) protocol version",
2831 __func__, oh->version);
2832 return MSG_NG;
2833 }
2834 bytesdeclared = ntohs(oh->length);
2835 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2836 bytesauth = 0;
2837 else {
2838 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2839 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2840 zlog_debug(
2841 "%s: unsupported crypto auth length (%u B)",
2842 __func__, oh->u.crypt.auth_data_len);
2843 return MSG_NG;
2844 }
2845 bytesauth = OSPF_AUTH_MD5_SIZE;
2846 }
2847 if (bytesdeclared + bytesauth > bytesonwire) {
2848 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2849 zlog_debug(
2850 "%s: packet length error (%u real, %u+%u declared)",
2851 __func__, bytesonwire, bytesdeclared,
2852 bytesauth);
2853 return MSG_NG;
2854 }
2855 /* Length, 2nd approximation. The type-specific constraint is checked
2856 against declared length, not amount of bytes on wire. */
2857 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2858 && bytesdeclared
2859 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2860 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2861 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2862 bytesdeclared,
2863 lookup_msg(ospf_packet_type_str, oh->type,
2864 NULL));
2865 return MSG_NG;
2866 }
2867 switch (oh->type) {
2868 case OSPF_MSG_HELLO:
2869 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2870 followed
2871 by N>=0 router-IDs. */
2872 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2873 % 4
2874 ? MSG_NG
2875 : MSG_OK;
2876 break;
2877 case OSPF_MSG_DB_DESC:
2878 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2879 followed
2880 by N>=0 header-only LSAs. */
2881 ret = ospf_lsaseq_examin(
2882 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2883 + OSPF_DB_DESC_MIN_SIZE),
2884 bytesdeclared - OSPF_HEADER_SIZE
2885 - OSPF_DB_DESC_MIN_SIZE,
2886 1, /* header-only LSAs */
2887 0);
2888 break;
2889 case OSPF_MSG_LS_REQ:
2890 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2891 * request blocks. */
2892 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2893 % OSPF_LSA_KEY_SIZE
2894 ? MSG_NG
2895 : MSG_OK;
2896 break;
2897 case OSPF_MSG_LS_UPD:
2898 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2899 followed
2900 by N>=0 full LSAs (with N declared beforehand). */
2901 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2902 + OSPF_HEADER_SIZE);
2903 ret = ospf_lsaseq_examin(
2904 (struct lsa_header *)((caddr_t)lsupd
2905 + OSPF_LS_UPD_MIN_SIZE),
2906 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2907 0, /* full LSAs */
2908 ntohl(lsupd->num_lsas) /* 32 bits */
9d303b37 2909 );
d62a17ae 2910 break;
2911 case OSPF_MSG_LS_ACK:
2912 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2913 * LSAs. */
2914 ret = ospf_lsaseq_examin(
2915 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2916 + OSPF_LS_ACK_MIN_SIZE),
2917 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2918 1, /* header-only LSAs */
2919 0);
2920 break;
2921 default:
2922 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2923 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2924 oh->type);
2925 return MSG_NG;
2926 }
2927 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2928 zlog_debug("%s: malformed %s packet", __func__,
2929 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2930 return ret;
75c8eabb
DO		 2931}
2932
718e3744 2933/* OSPF Header verification. */
d62a17ae 2934static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2935 struct ip *iph, struct ospf_header *ospfh)
2936{
2937 /* Check Area ID. */
2938 if (!ospf_check_area_id(oi, ospfh)) {
cf444bcf 2939 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 2940 "interface %s: ospf_read invalid Area ID %pI4",
2941 IF_NAME(oi), &ospfh->area_id);
d62a17ae 2942 return -1;
2943 }
718e3744 2944
d62a17ae 2945 /* Check network mask, Silently discarded. */
2946 if (!ospf_check_network_mask(oi, iph->ip_src)) {
c9cc11f6 2947 flog_warn(
cf444bcf 2948 EC_OSPF_PACKET,
96b663a3
MS		 2949 "interface %s: ospf_read network address is not same [%pI4]",
2950 IF_NAME(oi), &iph->ip_src);
d62a17ae 2951 return -1;
2952 }
718e3744 2953
d62a17ae 2954 /* Check authentication. The function handles logging actions, where
2955 * required. */
2956 if (!ospf_check_auth(oi, ospfh))
2957 return -1;
718e3744 2958
d62a17ae 2959 return 0;
718e3744 2960}
2961
02637513
DS		 2962enum ospf_read_return_enum {
2963 OSPF_READ_ERROR,
2964 OSPF_READ_CONTINUE,
2965};
2966
2967static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
d62a17ae 2968{
2969 int ret;
2970 struct stream *ibuf;
d62a17ae 2971 struct ospf_interface *oi;
2972 struct ip *iph;
2973 struct ospf_header *ospfh;
d7c0a89a 2974 uint16_t length;
d62a17ae 2975 struct connected *c;
02637513 2976 struct interface *ifp = NULL;
d62a17ae 2977
02637513
DS		 2978 stream_reset(ospf->ibuf);
2979 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2980 if (ibuf == NULL)
2981 return OSPF_READ_ERROR;
d62a17ae 2982
02637513
DS		 2983 /*
2984 * This raw packet is known to be at least as big as its
2985 * IP header. Note that there should not be alignment problems with
2986 * this assignment because this is at the beginning of the
2987 * stream data buffer.
2988 */
2989 iph = (struct ip *)STREAM_DATA(ibuf);
2990 /*
2991 * Note that sockopt_iphdrincl_swab_systoh was called in
2992 * ospf_recv_packet.
2993 */
2994 if (ifp == NULL) {
4392cc43 2995 /*
02637513
DS		 2996 * Handle cases where the platform does not support
2997 * retrieving the ifindex, and also platforms (such as
2998 * Solaris 8) that claim to support ifindex retrieval but do
2999 * not.
4392cc43 3000 */
02637513
DS		 3001 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
3002 ospf->vrf_id);
3003 if (c)
3004 ifp = c->ifp;
868a0861 3005 if (ifp == NULL) {
02637513 3006 if (IS_DEBUG_OSPF_PACKET(0, RECV))
4392cc43 3007 zlog_debug(
96b663a3
MS		 3008 "%s: Unable to determine incoming interface from: %pI4(%s)",
3009 __func__, &iph->ip_src,
02637513
DS		 3010 ospf_get_name(ospf));
3011 return OSPF_READ_CONTINUE;
d62a17ae 3012 }
02637513 3013 }
d62a17ae 3014
555691e9
DS		 3015 if (ospf->vrf_id == VRF_DEFAULT && ospf->vrf_id != ifp->vrf_id) {
3016 /*
3017 * We may have a situation where l3mdev_accept == 1
3018 * let's just kindly drop the packet and move on.
3019 * ospf really really really does not like when
3020 * we receive the same packet multiple times.
3021 */
3022 return OSPF_READ_CONTINUE;
3023 }
3024
02637513
DS		 3025 /* Self-originated packet should be discarded silently. */
3026 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3027 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3028 zlog_debug(
96b663a3
MS		 3029 "ospf_read[%pI4]: Dropping self-originated packet",
3030 &iph->ip_src);
02637513
DS		 3031 }
3032 return OSPF_READ_CONTINUE;
3033 }
d62a17ae 3034
01e3c376
QY		 3035 /* Check that we have enough for an IP header */
3036 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3037 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3038 flog_warn(
3039 EC_OSPF_PACKET,
3040 "Rx'd IP packet with OSPF protocol number but no payload");
3041 } else {
3042 flog_warn(
3043 EC_OSPF_PACKET,
3044 "IP header length field claims header is %u bytes, but we only have %zu",
3045 (unsigned int)(iph->ip_hl << 2),
3046 STREAM_READABLE(ibuf));
3047 }
3048
3049 return OSPF_READ_ERROR;
3050 }
3051 stream_forward_getp(ibuf, iph->ip_hl << 2);
d62a17ae 3052
02637513
DS		 3053 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3054 if (MSG_OK
3055 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3056 - stream_get_getp(ibuf)))
3057 return OSPF_READ_CONTINUE;
3058 /* Now it is safe to access all fields of OSPF packet header. */
4392cc43 3059
02637513
DS		 3060 /* associate packet with ospf interface */
3061 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
4392cc43 3062
02637513
DS		 3063 /*
3064 * ospf_verify_header() relies on a valid "oi" and thus can be called
3065 * only after the passive/backbone/other checks below are passed.
3066 * These checks in turn access the fields of unverified "ospfh"
3067 * structure for their own purposes and must remain very accurate
3068 * in doing this.
3069 */
4392cc43 3070
02637513
DS		 3071 /* If incoming interface is passive one, ignore it. */
3072 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
02637513
DS		 3073 if (IS_DEBUG_OSPF_EVENT)
3074 zlog_debug(
c067e23e
DS		 3075 "ignoring packet from router %pI4 sent to %pI4, received on a passive interface, %pI4",
3076 &ospfh->router_id, &iph->ip_dst,
3077 &oi->address->u.prefix4);
d62a17ae 3078
02637513
DS		 3079 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3080 /* Try to fix multicast membership.
3081 * Some OS:es may have problems in this area,
3082 * make sure it is removed.
3083 */
3084 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
d62a17ae 3085 ospf_if_set_multicast(oi);
3086 }
02637513
DS		 3087 return OSPF_READ_CONTINUE;
3088 }
d62a17ae 3089
02637513
DS		 3090
3091 /* if no local ospf_interface,
3092 * or header area is backbone but ospf_interface is not
3093 * check for VLINK interface
3094 */
3095 if ((oi == NULL)
3096 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3097 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3098 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3099 == NULL) {
3100 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
d62a17ae 3101 zlog_debug(
96b663a3
MS		 3102 "Packet from [%pI4] received on link %s but no ospf_interface",
3103 &iph->ip_src, ifp->name);
02637513 3104 return OSPF_READ_CONTINUE;
d62a17ae 3105 }
02637513 3106 }
d62a17ae 3107
02637513
DS		 3108 /*
3109 * else it must be a local ospf interface, check it was
3110 * received on correct link
3111 */
3112 else if (oi->ifp != ifp) {
3113 if (IS_DEBUG_OSPF_EVENT)
3114 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 3115 "Packet from [%pI4] received on wrong link %s",
3116 &iph->ip_src, ifp->name);
02637513
DS		 3117 return OSPF_READ_CONTINUE;
3118 } else if (oi->state == ISM_Down) {
02637513
DS		 3119 flog_warn(
3120 EC_OSPF_PACKET,
c067e23e
DS		 3121 "Ignoring packet from %pI4 to %pI4 received on interface that is down [%s]; interface flags are %s",
3122 &iph->ip_src, &iph->ip_dst, ifp->name,
3123 if_flag_dump(ifp->flags));
02637513
DS		 3124 /* Fix multicast memberships? */
3125 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3126 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3127 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3128 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3129 if (oi->multicast_memberships)
3130 ospf_if_set_multicast(oi);
3131 return OSPF_READ_CONTINUE;
3132 }
d62a17ae 3133
02637513
DS		 3134 /*
3135 * If the received packet is destined for AllDRouters, the
3136 * packet should be accepted only if the received ospf
3137 * interface state is either DR or Backup -- endo.
3138 *
3139 * I wonder who endo is?
3140 */
3141 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3142 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3143 flog_warn(
3144 EC_OSPF_PACKET,
96b663a3
MS		 3145 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3146 &iph->ip_src, IF_NAME(oi),
02637513
DS		 3147 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3148 /* Try to fix multicast membership. */
3149 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3150 ospf_if_set_multicast(oi);
3151 return OSPF_READ_CONTINUE;
3152 }
3153
3154 /* Verify more OSPF header fields. */
3155 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3156 if (ret < 0) {
3157 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3158 zlog_debug(
96b663a3
MS		 3159 "ospf_read[%pI4]: Header check failed, dropping.",
3160 &iph->ip_src);
02637513
DS		 3161 return OSPF_READ_CONTINUE;
3162 }
3163
3164 /* Show debug receiving packet. */
3165 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3166 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3167 zlog_debug(
3168 "-----------------------------------------------------");
3169 ospf_packet_dump(ibuf);
d62a17ae 3170 }
3171
96b663a3 3172 zlog_debug("%s received from [%pI4] via [%s]",
02637513 3173 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
96b663a3
MS		 3174 &ospfh->router_id, IF_NAME(oi));
3175 zlog_debug(" src [%pI4],", &iph->ip_src);
3176 zlog_debug(" dst [%pI4]", &iph->ip_dst);
d62a17ae 3177
02637513
DS		 3178 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3179 zlog_debug(
3180 "-----------------------------------------------------");
3181 }
d62a17ae 3182
02637513
DS		 3183 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3184
3185 /* Adjust size to message length. */
3186 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3187
3188 /* Read rest of the packet and call each sort of packet routine.
3189 */
3190 switch (ospfh->type) {
3191 case OSPF_MSG_HELLO:
3192 ospf_hello(iph, ospfh, ibuf, oi, length);
3193 break;
3194 case OSPF_MSG_DB_DESC:
3195 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3196 break;
3197 case OSPF_MSG_LS_REQ:
3198 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3199 break;
3200 case OSPF_MSG_LS_UPD:
3201 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3202 break;
3203 case OSPF_MSG_LS_ACK:
3204 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3205 break;
3206 default:
3207 flog_warn(
3208 EC_OSPF_PACKET,
3209 "interface %s(%s): OSPF packet header type %d is illegal",
3210 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3211 break;
3212 }
3213
3214 return OSPF_READ_CONTINUE;
3215}
3216
3217/* Starting point of packet process function. */
3218int ospf_read(struct thread *thread)
3219{
3220 struct ospf *ospf;
3221 int32_t count = 0;
3222 enum ospf_read_return_enum ret;
3223
3224 /* first of all get interface pointer. */
3225 ospf = THREAD_ARG(thread);
3226
3227 /* prepare for next packet. */
3228 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3229
3230 while (count < ospf->write_oi_count) {
3231 count++;
3232 ret = ospf_read_helper(ospf);
3233 switch (ret) {
3234 case OSPF_READ_ERROR:
3235 return -1;
02637513 3236 case OSPF_READ_CONTINUE:
4392cc43
DS		 3237 break;
3238 }
d62a17ae 3239 }
3240
b10ce841 3241 return 0;
718e3744 3242}
3243
3244/* Make OSPF header. */
d62a17ae 3245static void ospf_make_header(int type, struct ospf_interface *oi,
3246 struct stream *s)
718e3744 3247{
d62a17ae 3248 struct ospf_header *ospfh;
718e3744 3249
d62a17ae 3250 ospfh = (struct ospf_header *)STREAM_DATA(s);
718e3744 3251
d7c0a89a
QY		 3252 ospfh->version = (uint8_t)OSPF_VERSION;
3253 ospfh->type = (uint8_t)type;
718e3744 3254
d62a17ae 3255 ospfh->router_id = oi->ospf->router_id;
718e3744 3256
d62a17ae 3257 ospfh->checksum = 0;
3258 ospfh->area_id = oi->area->area_id;
3259 ospfh->auth_type = htons(ospf_auth_type(oi));
718e3744 3260
d62a17ae 3261 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
718e3744 3262
d62a17ae 3263 stream_forward_endp(s, OSPF_HEADER_SIZE);
718e3744 3264}
3265
3266/* Make Authentication Data. */
d62a17ae 3267static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3268{
3269 struct crypt_key *ck;
3270
3271 switch (ospf_auth_type(oi)) {
3272 case OSPF_AUTH_NULL:
0d6f7fd6 3273 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
d62a17ae 3274 */
3275 break;
3276 case OSPF_AUTH_SIMPLE:
3277 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3278 OSPF_AUTH_SIMPLE_SIZE);
3279 break;
3280 case OSPF_AUTH_CRYPTOGRAPHIC:
3281 /* If key is not set, then set 0. */
3282 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3283 ospfh->u.crypt.zero = 0;
3284 ospfh->u.crypt.key_id = 0;
3285 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3286 } else {
3287 ck = listgetdata(
3288 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3289 ospfh->u.crypt.zero = 0;
3290 ospfh->u.crypt.key_id = ck->key_id;
3291 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3292 }
3293 /* note: the seq is done in ospf_make_md5_digest() */
3294 break;
3295 default:
0d6f7fd6 3296 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
d62a17ae 3297 */
3298 break;
718e3744 3299 }
718e3744 3300
d62a17ae 3301 return 0;
718e3744 3302}
3303
3304/* Fill rest of OSPF header. */
d62a17ae 3305static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
d7c0a89a 3306 uint16_t length)
d62a17ae 3307{
3308 struct ospf_header *ospfh;
3309
3310 ospfh = (struct ospf_header *)STREAM_DATA(s);
3311
3312 /* Fill length. */
3313 ospfh->length = htons(length);
3314
3315 /* Calculate checksum. */
3316 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3317 ospfh->checksum = in_cksum(ospfh, length);
3318 else
3319 ospfh->checksum = 0;
3320
3321 /* Add Authentication Data. */
3322 ospf_make_auth(oi, ospfh);
3323}
3324
3325static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3326{
3327 struct ospf_neighbor *nbr;
3328 struct route_node *rn;
d7c0a89a 3329 uint16_t length = OSPF_HELLO_MIN_SIZE;
d62a17ae 3330 struct in_addr mask;
3331 unsigned long p;
3332 int flag = 0;
3333
3334 /* Set netmask of interface. */
3335 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3336 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3337 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3338 masklen2ip(oi->address->prefixlen, &mask);
3339 else
3340 memset((char *)&mask, 0, sizeof(struct in_addr));
3341 stream_put_ipv4(s, mask.s_addr);
3342
3343 /* Set Hello Interval. */
3344 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3345 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3346 else
3347 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3348
3349 if (IS_DEBUG_OSPF_EVENT)
3350 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3351 IF_NAME(oi));
3352
3353 /* Set Options. */
3354 stream_putc(s, OPTIONS(oi));
3355
3356 /* Set Router Priority. */
3357 stream_putc(s, PRIORITY(oi));
3358
3359 /* Set Router Dead Interval. */
3360 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3361
3362 /* Set Designated Router. */
3363 stream_put_ipv4(s, DR(oi).s_addr);
3364
3365 p = stream_get_endp(s);
3366
3367 /* Set Backup Designated Router. */
3368 stream_put_ipv4(s, BDR(oi).s_addr);
3369
3370 /* Add neighbor seen. */
3371 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3372 if ((nbr = rn->info))
3373 if (nbr->router_id.s_addr
975a328e 3374 != INADDR_ANY) /* Ignore 0.0.0.0 node. */
d62a17ae 3375 if (nbr->state
3376 != NSM_Attempt) /* Ignore Down neighbor. */
3377 if (nbr->state
3378 != NSM_Down) /* This is myself for
3379 DR election. */
3380 if (!IPV4_ADDR_SAME(
3381 &nbr->router_id,
3382 &oi->ospf->router_id)) {
3383 /* Check neighbor is
3384 * sane? */
3385 if (nbr->d_router.s_addr
975a328e 3386 != INADDR_ANY
d62a17ae 3387 && IPV4_ADDR_SAME(
975a328e
DA		 3388 &nbr->d_router,
3389 &oi->address
3390 ->u
3391 .prefix4)
d62a17ae 3392 && IPV4_ADDR_SAME(
975a328e
DA		 3393 &nbr->bd_router,
3394 &oi->address
3395 ->u
3396 .prefix4))
d62a17ae 3397 flag = 1;
3398
9b18d58e
NS		 3399 /* Hello packet overflows interface MTU. */
3400 if (length + sizeof(uint32_t)
3401 > ospf_packet_max(oi)) {
3402 flog_err(
3403 EC_OSPF_LARGE_HELLO,
c531be7c 3404 "Oversized Hello packet! Larger than MTU. Not sending it out");
9b18d58e
NS		 3405 return 0;
3406 }
3407
d62a17ae 3408 stream_put_ipv4(
3409 s,
3410 nbr->router_id
3411 .s_addr);
3412 length += 4;
3413 }
3414
3415 /* Let neighbor generate BackupSeen. */
3416 if (flag == 1)
3417 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3418
3419 return length;
3420}
3421
3422static int ospf_make_db_desc(struct ospf_interface *oi,
3423 struct ospf_neighbor *nbr, struct stream *s)
3424{
3425 struct ospf_lsa *lsa;
d7c0a89a
QY		 3426 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3427 uint8_t options;
d62a17ae 3428 unsigned long pp;
3429 int i;
3430 struct ospf_lsdb *lsdb;
3431
3432 /* Set Interface MTU. */
3433 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3434 stream_putw(s, 0);
3435 else
3436 stream_putw(s, oi->ifp->mtu);
3437
3438 /* Set Options. */
3439 options = OPTIONS(oi);
3440 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3441 SET_FLAG(options, OSPF_OPTION_O);
3442 stream_putc(s, options);
3443
3444 /* DD flags */
3445 pp = stream_get_endp(s);
3446 stream_putc(s, nbr->dd_flags);
3447
3448 /* Set DD Sequence Number. */
3449 stream_putl(s, nbr->dd_seqnum);
3450
3451 /* shortcut unneeded walk of (empty) summary LSDBs */
3452 if (ospf_db_summary_isempty(nbr))
3453 goto empty;
3454
3455 /* Describe LSA Header from Database Summary List. */
3456 lsdb = &nbr->db_sum;
3457
3458 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3459 struct route_table *table = lsdb->type[i].db;
3460 struct route_node *rn;
3461
3462 for (rn = route_top(table); rn; rn = route_next(rn))
3463 if ((lsa = rn->info) != NULL) {
3464 if (IS_OPAQUE_LSA(lsa->data->type)
3465 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3466 /* Suppress advertising
0437e105 3467 * opaque-information. */
d62a17ae 3468 /* Remove LSA from DB summary list. */
3469 ospf_lsdb_delete(lsdb, lsa);
3470 continue;
3471 }
3472
3473 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3474 struct lsa_header *lsah;
d7c0a89a 3475 uint16_t ls_age;
d62a17ae 3476
3477 /* DD packet overflows interface MTU. */
3478 if (length + OSPF_LSA_HEADER_SIZE
3479 > ospf_packet_max(oi))
3480 break;
3481
3482 /* Keep pointer to LS age. */
3483 lsah = (struct lsa_header
3484 *)(STREAM_DATA(s)
3485 + stream_get_endp(
3486 s));
3487
3488 /* Proceed stream pointer. */
3489 stream_put(s, lsa->data,
3490 OSPF_LSA_HEADER_SIZE);
3491 length += OSPF_LSA_HEADER_SIZE;
3492
3493 /* Set LS age. */
3494 ls_age = LS_AGE(lsa);
3495 lsah->ls_age = htons(ls_age);
3496 }
3497
3498 /* Remove LSA from DB summary list. */
3499 ospf_lsdb_delete(lsdb, lsa);
3500 }
3501 }
718e3744 3502
d62a17ae 3503 /* Update 'More' bit */
3504 if (ospf_db_summary_isempty(nbr)) {
3505 empty:
3506 if (nbr->state >= NSM_Exchange) {
3507 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3508 /* Rewrite DD flags */
3509 stream_putc_at(s, pp, nbr->dd_flags);
3510 } else {
3511 assert(IS_SET_DD_M(nbr->dd_flags));
3512 }
3513 }
3514 return length;
3515}
86f1fd96 3516
d7c0a89a 3517static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
d62a17ae 3518 unsigned long delta, struct ospf_neighbor *nbr,
3519 struct ospf_lsa *lsa)
3520{
3521 struct ospf_interface *oi;
718e3744 3522
d62a17ae 3523 oi = nbr->oi;
718e3744 3524
9570f737
S		 3525 /* LS Request packet overflows interface MTU
3526 * delta is just number of bytes required for 1 LS Req
3527 * ospf_packet_max will return the number of bytes can
3528 * be accomodated without ospf header. So length+delta
3529 * can be compared to ospf_packet_max
3530 * to check if it can fit another lsreq in the same packet.
3531 */
3532
d62a17ae 3533 if (*length + delta > ospf_packet_max(oi))
3534 return 0;
1eb8ef25 3535
d62a17ae 3536 stream_putl(s, lsa->data->type);
3537 stream_put_ipv4(s, lsa->data->id.s_addr);
3538 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
718e3744 3539
d62a17ae 3540 ospf_lsa_unlock(&nbr->ls_req_last);
3541 nbr->ls_req_last = ospf_lsa_lock(lsa);
59ea14c6 3542
d62a17ae 3543 *length += 12;
3544 return 1;
3545}
718e3744 3546
d62a17ae 3547static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3548{
3549 struct ospf_lsa *lsa;
d7c0a89a 3550 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
9570f737 3551 unsigned long delta = 12;
d62a17ae 3552 struct route_table *table;
3553 struct route_node *rn;
3554 int i;
3555 struct ospf_lsdb *lsdb;
718e3744 3556
d62a17ae 3557 lsdb = &nbr->ls_req;
718e3744 3558
d62a17ae 3559 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3560 table = lsdb->type[i].db;
3561 for (rn = route_top(table); rn; rn = route_next(rn))
3562 if ((lsa = (rn->info)) != NULL)
3563 if (ospf_make_ls_req_func(s, &length, delta,
3564 nbr, lsa)
3565 == 0) {
3566 route_unlock_node(rn);
3567 break;
3568 }
3569 }
3570 return length;
3571}
718e3744 3572
d62a17ae 3573static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3574{
3575 int age;
718e3744 3576
d62a17ae 3577 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
718e3744 3578
d62a17ae 3579 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
718e3744 3580}
3581
d62a17ae 3582static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3583 struct stream *s)
718e3744 3584{
d62a17ae 3585 struct ospf_lsa *lsa;
3586 struct listnode *node;
d7c0a89a 3587 uint16_t length = 0;
d62a17ae 3588 unsigned int size_noauth;
3589 unsigned long delta = stream_get_endp(s);
3590 unsigned long pp;
3591 int count = 0;
3592
3593 if (IS_DEBUG_OSPF_EVENT)
3594 zlog_debug("ospf_make_ls_upd: Start");
3595
3596 pp = stream_get_endp(s);
3597 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3598 length += OSPF_LS_UPD_MIN_SIZE;
3599
3600 /* Calculate amount of packet usable for data. */
3601 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3602
3603 while ((node = listhead(update)) != NULL) {
3604 struct lsa_header *lsah;
d7c0a89a 3605 uint16_t ls_age;
d62a17ae 3606
d62a17ae 3607 lsa = listgetdata(node);
d62a17ae 3608 assert(lsa->data);
3609
e9505bc6
RW		 3610 if (IS_DEBUG_OSPF_EVENT)
3611 zlog_debug("%s: List Iteration %d LSA[%s]", __func__,
3612 count, dump_lsa_key(lsa));
3613
9570f737
S		 3614 /* Will it fit? Minimum it has to fit atleast one */
3615 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3616 (count > 0))
d62a17ae 3617 break;
3618
3619 /* Keep pointer to LS age. */
3620 lsah = (struct lsa_header *)(STREAM_DATA(s)
3621 + stream_get_endp(s));
3622
3623 /* Put LSA to Link State Request. */
3624 stream_put(s, lsa->data, ntohs(lsa->data->length));
718e3744 3625
d62a17ae 3626 /* Set LS age. */
3627 /* each hop must increment an lsa_age by transmit_delay
3628 of OSPF interface */
3629 ls_age = ls_age_increment(lsa,
3630 OSPF_IF_PARAM(oi, transmit_delay));
3631 lsah->ls_age = htons(ls_age);
3632
3633 length += ntohs(lsa->data->length);
3634 count++;
3635
3636 list_delete_node(update, node);
3637 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3638 }
3639
3640 /* Now set #LSAs. */
3641 stream_putl_at(s, pp, count);
3642
3643 if (IS_DEBUG_OSPF_EVENT)
3644 zlog_debug("ospf_make_ls_upd: Stop");
3645 return length;
718e3744 3646}
3647
d62a17ae 3648static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3649 struct stream *s)
718e3744 3650{
d62a17ae 3651 struct listnode *node, *nnode;
d7c0a89a 3652 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
9570f737 3653 unsigned long delta = OSPF_LSA_HEADER_SIZE;
d62a17ae 3654 struct ospf_lsa *lsa;
718e3744 3655
d62a17ae 3656 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3657 assert(lsa);
718e3744 3658
9570f737
S		 3659 /* LS Ack packet overflows interface MTU
3660 * delta is just number of bytes required for
3661 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3662 * the number of bytes can be accomodated without
3663 * ospf header. So length+delta can be compared
3664 * against ospf_packet_max to check if it can fit
3665 * another ls header in the same packet.
3666 */
3667 if ((length + delta) > ospf_packet_max(oi))
d62a17ae 3668 break;
718e3744 3669
d62a17ae 3670 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3671 length += OSPF_LSA_HEADER_SIZE;
3672
3673 listnode_delete(ack, lsa);
3674 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3675 }
3676
3677 return length;
3678}
3679
3680static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3681{
3682 struct ospf_packet *op;
d7c0a89a 3683 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3684
d62a17ae 3685 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3686
d62a17ae 3687 /* Prepare OSPF common header. */
3688 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
718e3744 3689
d62a17ae 3690 /* Prepare OSPF Hello body. */
3691 length += ospf_make_hello(oi, op->s);
9b18d58e
NS		 3692 if (length == OSPF_HEADER_SIZE) {
3693 /* Hello overshooting MTU */
3694 ospf_packet_free(op);
3695 return;
3696 }
718e3744 3697
d62a17ae 3698 /* Fill OSPF header. */
3699 ospf_fill_header(oi, op->s, length);
718e3744 3700
d62a17ae 3701 /* Set packet length. */
3702 op->length = length;
3703
3704 op->dst.s_addr = addr;
3705
b5a8894d
CS		 3706 if (IS_DEBUG_OSPF_EVENT) {
3707 if (oi->ospf->vrf_id)
996c9314
LB		 3708 zlog_debug(
3709 "%s: Hello Tx interface %s ospf vrf %s id %u",
15569c58 3710 __func__, oi->ifp->name,
996c9314
LB		 3711 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3712 oi->ospf->vrf_id);
b5a8894d 3713 }
d62a17ae 3714 /* Add packet to the top of the interface output queue, so that they
3715 * can't get delayed by things like long queues of LS Update packets
3716 */
3717 ospf_packet_add_top(oi, op);
3718
3719 /* Hook thread to write packet. */
3720 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3721}
3722
d62a17ae 3723static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
718e3744 3724{
d62a17ae 3725 struct ospf_interface *oi;
718e3744 3726
d62a17ae 3727 oi = nbr_nbma->oi;
3728 assert(oi);
718e3744 3729
d62a17ae 3730 /* If this is passive interface, do not send OSPF Hello. */
3731 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3732 return;
718e3744 3733
d62a17ae 3734 if (oi->type != OSPF_IFTYPE_NBMA)
3735 return;
718e3744 3736
d62a17ae 3737 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3738 return;
718e3744 3739
d62a17ae 3740 if (PRIORITY(oi) == 0)
3741 return;
718e3744 3742
d62a17ae 3743 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3744 && oi->state != ISM_Backup)
3745 return;
718e3744 3746
d62a17ae 3747 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
718e3744 3748}
3749
d62a17ae 3750int ospf_poll_timer(struct thread *thread)
718e3744 3751{
d62a17ae 3752 struct ospf_nbr_nbma *nbr_nbma;
718e3744 3753
d62a17ae 3754 nbr_nbma = THREAD_ARG(thread);
3755 nbr_nbma->t_poll = NULL;
718e3744 3756
d62a17ae 3757 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
96b663a3
MS		 3758 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3759 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
718e3744 3760
d62a17ae 3761 ospf_poll_send(nbr_nbma);
718e3744 3762
d62a17ae 3763 if (nbr_nbma->v_poll > 0)
3764 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3765 nbr_nbma->v_poll);
718e3744 3766
d62a17ae 3767 return 0;
718e3744 3768}
3769
3770
d62a17ae 3771int ospf_hello_reply_timer(struct thread *thread)
718e3744 3772{
d62a17ae 3773 struct ospf_neighbor *nbr;
718e3744 3774
d62a17ae 3775 nbr = THREAD_ARG(thread);
3776 nbr->t_hello_reply = NULL;
718e3744 3777
d62a17ae 3778 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
96b663a3
MS		 3779 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3780 IF_NAME(nbr->oi), &nbr->router_id);
718e3744 3781
d62a17ae 3782 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
718e3744 3783
d62a17ae 3784 return 0;
718e3744 3785}
3786
3787/* Send OSPF Hello. */
d62a17ae 3788void ospf_hello_send(struct ospf_interface *oi)
3789{
3790 /* If this is passive interface, do not send OSPF Hello. */
3791 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3792 return;
3793
3794 if (oi->type == OSPF_IFTYPE_NBMA) {
3795 struct ospf_neighbor *nbr;
3796 struct route_node *rn;
3797
3798 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3799 if ((nbr = rn->info))
3800 if (nbr != oi->nbr_self)
3801 if (nbr->state != NSM_Down) {
3802 /* RFC 2328 Section 9.5.1
3803 If the router is not
3804 eligible to become Designated
3805 Router,
3806 it must periodically send
3807 Hello Packets to both the
3808 Designated Router and the
3809 Backup Designated Router (if
3810 they
3811 exist). */
3812 if (PRIORITY(oi) == 0
3813 && IPV4_ADDR_CMP(
3814 &DR(oi),
3815 &nbr->address.u
3816 .prefix4)
3817 && IPV4_ADDR_CMP(
3818 &BDR(oi),
3819 &nbr->address.u
3820 .prefix4))
3821 continue;
3822
3823 /* If the router is eligible to
3824 become Designated Router, it
3825 must periodically send Hello
3826 Packets to all neighbors that
3827 are also eligible. In
3828 addition, if the router is
3829 itself the
3830 Designated Router or Backup
3831 Designated Router, it must
3832 also
3833 send periodic Hello Packets
3834 to all other neighbors. */
3835
3836 if (nbr->priority == 0
3837 && oi->state == ISM_DROther)
3838 continue;
3839 /* if oi->state == Waiting, send
3840 * hello to all neighbors */
3841 ospf_hello_send_sub(
3842 oi,
3843 nbr->address.u.prefix4
3844 .s_addr);
3845 }
3846 } else {
3847 /* Decide destination address. */
3848 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3849 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3850 else
3851 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3852 }
718e3744 3853}
3854
3855/* Send OSPF Database Description. */
d62a17ae 3856void ospf_db_desc_send(struct ospf_neighbor *nbr)
718e3744 3857{
d62a17ae 3858 struct ospf_interface *oi;
3859 struct ospf_packet *op;
d7c0a89a 3860 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3861
d62a17ae 3862 oi = nbr->oi;
3863 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3864
d62a17ae 3865 /* Prepare OSPF common header. */
3866 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
718e3744 3867
d62a17ae 3868 /* Prepare OSPF Database Description body. */
3869 length += ospf_make_db_desc(oi, nbr, op->s);
718e3744 3870
d62a17ae 3871 /* Fill OSPF header. */
3872 ospf_fill_header(oi, op->s, length);
718e3744 3873
d62a17ae 3874 /* Set packet length. */
3875 op->length = length;
718e3744 3876
d62a17ae 3877 /* Decide destination address. */
3878 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3879 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3880 else
3881 op->dst = nbr->address.u.prefix4;
718e3744 3882
d62a17ae 3883 /* Add packet to the interface output queue. */
3884 ospf_packet_add(oi, op);
718e3744 3885
d62a17ae 3886 /* Hook thread to write packet. */
3887 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3888
d62a17ae 3889 /* Remove old DD packet, then copy new one and keep in neighbor
3890 * structure. */
3891 if (nbr->last_send)
3892 ospf_packet_free(nbr->last_send);
3893 nbr->last_send = ospf_packet_dup(op);
3894 monotime(&nbr->last_send_ts);
e6a22aeb
SK		 3895 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3896 zlog_info(
96b663a3 3897 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
44076f4d
RW		 3898 ospf_get_name(oi->ospf), &nbr->router_id,
3899 nbr->dd_seqnum, nbr->dd_flags);
718e3744 3900}
3901
3902/* Re-send Database Description. */
d62a17ae 3903void ospf_db_desc_resend(struct ospf_neighbor *nbr)
718e3744 3904{
d62a17ae 3905 struct ospf_interface *oi;
718e3744 3906
d62a17ae 3907 oi = nbr->oi;
718e3744 3908
d62a17ae 3909 /* Add packet to the interface output queue. */
3910 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
718e3744 3911
d62a17ae 3912 /* Hook thread to write packet. */
3913 OSPF_ISM_WRITE_ON(oi->ospf);
e6a22aeb
SK		 3914 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3915 zlog_info(
96b663a3 3916 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
44076f4d
RW		 3917 ospf_get_name(oi->ospf), &nbr->router_id,
3918 nbr->dd_seqnum, nbr->dd_flags);
718e3744 3919}
3920
3921/* Send Link State Request. */
d62a17ae 3922void ospf_ls_req_send(struct ospf_neighbor *nbr)
718e3744 3923{
d62a17ae 3924 struct ospf_interface *oi;
3925 struct ospf_packet *op;
d7c0a89a 3926 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3927
d62a17ae 3928 oi = nbr->oi;
3929 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3930
d62a17ae 3931 /* Prepare OSPF common header. */
3932 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
718e3744 3933
d62a17ae 3934 /* Prepare OSPF Link State Request body. */
3935 length += ospf_make_ls_req(nbr, op->s);
3936 if (length == OSPF_HEADER_SIZE) {
3937 ospf_packet_free(op);
3938 return;
3939 }
718e3744 3940
d62a17ae 3941 /* Fill OSPF header. */
3942 ospf_fill_header(oi, op->s, length);
718e3744 3943
d62a17ae 3944 /* Set packet length. */
3945 op->length = length;
718e3744 3946
d62a17ae 3947 /* Decide destination address. */
3948 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3949 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3950 else
3951 op->dst = nbr->address.u.prefix4;
718e3744 3952
d62a17ae 3953 /* Add packet to the interface output queue. */
3954 ospf_packet_add(oi, op);
718e3744 3955
d62a17ae 3956 /* Hook thread to write packet. */
3957 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3958
d62a17ae 3959 /* Add Link State Request Retransmission Timer. */
3960 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 3961}
3962
3963/* Send Link State Update with an LSA. */
d62a17ae 3964void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3965 int flag)
718e3744 3966{
d62a17ae 3967 struct list *update;
718e3744 3968
d62a17ae 3969 update = list_new();
718e3744 3970
d62a17ae 3971 listnode_add(update, lsa);
046460a1
CS		 3972
3973 /*ospf instance is going down, send self originated
3974 * MAXAGE LSA update to neighbors to remove from LSDB */
3975 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3976 ospf_ls_upd_send(nbr, update, flag, 1);
3977 else
3978 ospf_ls_upd_send(nbr, update, flag, 0);
718e3744 3979
6a154c88 3980 list_delete(&update);
718e3744 3981}
3982
68b7339a 3983/* Determine size for packet. Must be at least big enough to accomodate next
3984 * LSA on list, which may be bigger than MTU size.
3985 *
3986 * Return pointer to new ospf_packet
3987 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3988 * on packet sizes (in which case offending LSA is deleted from update list)
3989 */
d62a17ae 3990static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3991 struct ospf_interface *oi)
3992{
3993 struct ospf_lsa *lsa;
3994 struct listnode *ln;
3995 size_t size;
3996 static char warned = 0;
3997
3998 lsa = listgetdata((ln = listhead(update)));
3999 assert(lsa->data);
4000
4001 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
4002 > ospf_packet_max(oi)) {
4003 if (!warned) {
c9cc11f6 4004 flog_warn(
cf444bcf 4005 EC_OSPF_LARGE_LSA,
3efd0893 4006 "ospf_ls_upd_packet_new: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'");
d62a17ae 4007 warned = 1;
4008 }
4009
4010 if (IS_DEBUG_OSPF_PACKET(0, SEND))
4011 zlog_debug(
96b663a3
MS		 4012 "ospf_ls_upd_packet_new: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
4013 &lsa->data->id,
d62a17ae 4014 ntohs(lsa->data->length),
96b663a3 4015 &lsa->data->adv_router);
d62a17ae 4016
4017 /*
4018 * Allocate just enough to fit this LSA only, to avoid including
4019 * other
4020 * LSAs in fragmented LSA Updates.
4021 */
4022 size = ntohs(lsa->data->length)
4023 + (oi->ifp->mtu - ospf_packet_max(oi))
4024 + OSPF_LS_UPD_MIN_SIZE;
4025 } else
4026 size = oi->ifp->mtu;
4027
4028 if (size > OSPF_MAX_PACKET_SIZE) {
cf444bcf 4029 flog_warn(EC_OSPF_LARGE_LSA,
96b663a3
MS		 4030 "ospf_ls_upd_packet_new: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
4031 &lsa->data->id, ntohs(lsa->data->length),
c9cc11f6 4032 (long int)size);
d62a17ae 4033 list_delete_node(update, ln);
4034 return NULL;
4035 }
718e3744 4036
d62a17ae 4037 /* IP header is built up separately by ospf_write(). This means, that we
4038 * must
4039 * reduce the "affordable" size just calculated by length of an IP
4040 * header.
4041 * This makes sure, that even if we manage to fill the payload with LSA
4042 * data
4043 * completely, the final packet (our data plus IP header) still fits
4044 * into
4045 * outgoing interface MTU. This correction isn't really meaningful for
4046 * an
4047 * oversized LSA, but for consistency the correction is done for both
4048 * cases.
4049 *
4050 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4051 */
4052 return ospf_packet_new(size - sizeof(struct ip));
718e3744 4053}
4054
d62a17ae 4055static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
046460a1
CS		 4056 struct list *update, struct in_addr addr,
4057 int send_lsupd_now)
718e3744 4058{
d62a17ae 4059 struct ospf_packet *op;
d7c0a89a 4060 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4061
4062 if (IS_DEBUG_OSPF_EVENT)
96b663a3
MS		 4063 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4064 IF_NAME(oi), &addr);
d62a17ae 4065
19274fe8
OD		 4066 /* Check that we have really something to process */
4067 if (listcount(update) == 0)
4068 return;
4069
d62a17ae 4070 op = ospf_ls_upd_packet_new(update, oi);
718e3744 4071
d62a17ae 4072 /* Prepare OSPF common header. */
4073 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
718e3744 4074
d62a17ae 4075 /* Prepare OSPF Link State Update body.
4076 * Includes Type-7 translation.
4077 */
4078 length += ospf_make_ls_upd(oi, update, op->s);
4079
4080 /* Fill OSPF header. */
4081 ospf_fill_header(oi, op->s, length);
4082
4083 /* Set packet length. */
4084 op->length = length;
4085
4086 /* Decide destination address. */
4087 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4088 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4089 else
4090 op->dst.s_addr = addr.s_addr;
4091
4092 /* Add packet to the interface output queue. */
4093 ospf_packet_add(oi, op);
046460a1
CS		 4094 /* Call ospf_write() right away to send ospf packets to neighbors */
4095 if (send_lsupd_now) {
4096 struct thread os_packet_thd;
4097
4098 os_packet_thd.arg = (void *)oi->ospf;
4099 if (oi->on_write_q == 0) {
4100 listnode_add(oi->ospf->oi_write_q, oi);
4101 oi->on_write_q = 1;
4102 }
4103 ospf_write(&os_packet_thd);
4173cc8e
DS		 4104 /*
4105 * We are fake calling ospf_write with a fake
4106 * thread. Imagine that we have oi_a already
4107 * enqueued and we have turned on the write
4108 * thread(t_write).
4109 * Now this function calls this for oi_b
4110 * so the on_write_q has oi_a and oi_b on
4111 * it, ospf_write runs and clears the packets
4112 * for both oi_a and oi_b. Removing them from
4113 * the on_write_q. After this thread of execution
4114 * finishes we will execute the t_write thread
4115 * with nothing in the on_write_q causing an
4116 * assert. So just make sure that the t_write
4117 * is actually turned off.
4118 */
4119 if (list_isempty(oi->ospf->oi_write_q))
4120 OSPF_TIMER_OFF(oi->ospf->t_write);
046460a1
CS		 4121 } else {
4122 /* Hook thread to write packet. */
4123 OSPF_ISM_WRITE_ON(oi->ospf);
4124 }
d62a17ae 4125}
4126
4127static int ospf_ls_upd_send_queue_event(struct thread *thread)
4128{
4129 struct ospf_interface *oi = THREAD_ARG(thread);
4130 struct route_node *rn;
4131 struct route_node *rnext;
4132 struct list *update;
4133 char again = 0;
4134
4135 oi->t_ls_upd_event = NULL;
4136
4137 if (IS_DEBUG_OSPF_EVENT)
4138 zlog_debug("ospf_ls_upd_send_queue start");
4139
4140 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4141 rnext = route_next(rn);
4142
4143 if (rn->info == NULL)
4144 continue;
4145
4146 update = (struct list *)rn->info;
4147
046460a1 4148 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
d62a17ae 4149
4150 /* list might not be empty. */
4151 if (listcount(update) == 0) {
6a154c88 4152 list_delete((struct list **)&rn->info);
d62a17ae 4153 route_unlock_node(rn);
4154 } else
4155 again = 1;
4156 }
4157
4158 if (again != 0) {
4159 if (IS_DEBUG_OSPF_EVENT)
4160 zlog_debug(
3efd0893 4161 "ospf_ls_upd_send_queue: update lists not cleared, %d nodes to try again, raising new event",
d62a17ae 4162 again);
4163 oi->t_ls_upd_event = NULL;
4164 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4165 &oi->t_ls_upd_event);
4166 }
4167
4168 if (IS_DEBUG_OSPF_EVENT)
4169 zlog_debug("ospf_ls_upd_send_queue stop");
4170
4171 return 0;
4172}
4173
046460a1
CS		 4174void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4175 int send_lsupd_now)
d62a17ae 4176{
4177 struct ospf_interface *oi;
4178 struct ospf_lsa *lsa;
4179 struct prefix_ipv4 p;
4180 struct route_node *rn;
4181 struct listnode *node;
4182
4183 oi = nbr->oi;
4184
4185 p.family = AF_INET;
4186 p.prefixlen = IPV4_MAX_BITLEN;
4187
4188 /* Decide destination address. */
4189 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4190 p.prefix = oi->vl_data->peer_addr;
4191 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4192 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4193 else if (flag == OSPF_SEND_PACKET_DIRECT)
4194 p.prefix = nbr->address.u.prefix4;
4195 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4196 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4197 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4198 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4199 else
4200 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4201
4202 if (oi->type == OSPF_IFTYPE_NBMA) {
4203 if (flag == OSPF_SEND_PACKET_INDIRECT)
c9cc11f6 4204 flog_warn(
cf444bcf 4205 EC_OSPF_PACKET,
d62a17ae 4206 "* LS-Update is directly sent on NBMA network.");
19aad877 4207 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
cf444bcf 4208 flog_warn(EC_OSPF_PACKET,
c9cc11f6 4209 "* LS-Update is sent to myself.");
d62a17ae 4210 }
4211
4212 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4213
4214 if (rn->info == NULL)
4215 rn->info = list_new();
4216 else
4217 route_unlock_node(rn);
4218
4219 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4220 listnode_add(rn->info,
4221 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
046460a1
CS		 4222 if (send_lsupd_now) {
4223 struct list *send_update_list;
f7813c7c 4224 struct route_node *rnext;
d62a17ae 4225
046460a1
CS		 4226 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4227 rnext = route_next(rn);
4228
4229 if (rn->info == NULL)
4230 continue;
4231
4232 send_update_list = (struct list *)rn->info;
4233
4234 ospf_ls_upd_queue_send(oi, send_update_list,
4235 rn->p.u.prefix4, 1);
046460a1
CS		 4236 }
4237 } else
4238 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
996c9314 4239 &oi->t_ls_upd_event);
718e3744 4240}
4241
d62a17ae 4242static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4243 struct in_addr dst)
718e3744 4244{
d62a17ae 4245 struct ospf_packet *op;
d7c0a89a 4246 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4247
4248 op = ospf_packet_new(oi->ifp->mtu);
4249
4250 /* Prepare OSPF common header. */
4251 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4252
4253 /* Prepare OSPF Link State Acknowledgment body. */
4254 length += ospf_make_ls_ack(oi, ack, op->s);
4255
4256 /* Fill OSPF header. */
4257 ospf_fill_header(oi, op->s, length);
718e3744 4258
d62a17ae 4259 /* Set packet length. */
4260 op->length = length;
4261
4262 /* Decide destination address. */
4263 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4264 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4265 else
4266 op->dst.s_addr = dst.s_addr;
4267
4268 /* Add packet to the interface output queue. */
4269 ospf_packet_add(oi, op);
4270
4271 /* Hook thread to write packet. */
4272 OSPF_ISM_WRITE_ON(oi->ospf);
4273}
4274
4275static int ospf_ls_ack_send_event(struct thread *thread)
4276{
4277 struct ospf_interface *oi = THREAD_ARG(thread);
4278
4279 oi->t_ls_ack_direct = NULL;
4280
4281 while (listcount(oi->ls_ack_direct.ls_ack))
4282 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4283 oi->ls_ack_direct.dst);
4284
4285 return 0;
4286}
4287
4288void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4289{
4290 struct ospf_interface *oi = nbr->oi;
4291
5a77dd8f 4292 if (IS_GRACE_LSA(lsa)) {
3f87e1d8 4293 if (IS_DEBUG_OSPF_GR)
5a77dd8f 4294 zlog_debug("%s, Sending GRACE ACK to Restarter.",
a4544597 4295 __func__);
5a77dd8f 4296 }
4297
d62a17ae 4298 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4299 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4300
4301 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4302
4303 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4304 &oi->t_ls_ack_direct);
718e3744 4305}
4306
4307/* Send Link State Acknowledgment delayed. */
d62a17ae 4308void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4309{
4310 struct in_addr dst;
4311
4312 /* Decide destination address. */
4313 /* RFC2328 Section 13.5 On non-broadcast
4314 networks, delayed Link State Acknowledgment packets must be
4315 unicast separately over each adjacency (i.e., neighbor whose
4316 state is >= Exchange). */
4317 if (oi->type == OSPF_IFTYPE_NBMA) {
4318 struct ospf_neighbor *nbr;
4319 struct route_node *rn;
4320
4321 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4322 if ((nbr = rn->info) != NULL)
4323 if (nbr != oi->nbr_self
4324 && nbr->state >= NSM_Exchange)
4325 while (listcount(oi->ls_ack))
4326 ospf_ls_ack_send_list(
4327 oi, oi->ls_ack,
4328 nbr->address.u.prefix4);
4329 return;
4330 }
4331 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4332 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4333 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4334 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4335 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4336 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4337 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4338 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4339 else
4340 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4341
4342 while (listcount(oi->ls_ack))
4343 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
718e3744 4344}
8b6912c2
DS		 4345
4346/*
4347 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4348 * address. As a result, the kernel does not need to learn the interface
4349 * MAC of the OSPF neighbor. However, in our world, this will delay
4350 * convergence. Take the case when due to a link flap, all routes now
4351 * want to use an interface which was deemed to be costlier prior to this
4352 * event. For routes that will be installed, the missing MAC will have
4353 * punt-to-CPU set on them. This may overload the CPU control path that
4354 * can be avoided if the MAC was known apriori.
4355 */
d62a17ae 4356void ospf_proactively_arp(struct ospf_neighbor *nbr)
4357{
a92706bb 4358 if (!nbr || !nbr->oi->ospf->proactive_arp)
d62a17ae 4359 return;
4360
aa530b62 4361 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
8b6912c2 4362}
FRRouting mirror