]>
git.proxmox.com Git - mirror_frr.git/blob - ldpd/packet.c
4 * Copyright (c) 2013, 2016 Renato Westphal <renato@openbsd.org>
5 * Copyright (c) 2009 Michele Marchetto <michele@openbsd.org>
6 * Copyright (c) 2004, 2005, 2008 Esben Norby <norby@openbsd.org>
8 * Permission to use, copy, modify, and distribute this software for any
9 * purpose with or without fee is hereby granted, provided that the above
10 * copyright notice and this permission notice appear in all copies.
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
29 static struct iface
*disc_find_iface(unsigned int, int,
31 static int session_read(struct thread
*);
32 static int session_write(struct thread
*);
33 static ssize_t
session_get_pdu(struct ibuf_read
*, char **);
34 static void tcp_close(struct tcp_conn
*);
35 static struct pending_conn
*pending_conn_new(int, int, union ldpd_addr
*);
36 static int pending_conn_timeout(struct thread
*);
39 gen_ldp_hdr(struct ibuf
*buf
, uint16_t size
)
41 struct ldp_hdr ldp_hdr
;
43 memset(&ldp_hdr
, 0, sizeof(ldp_hdr
));
44 ldp_hdr
.version
= htons(LDP_VERSION
);
45 /* exclude the 'Version' and 'PDU Length' fields from the total */
46 ldp_hdr
.length
= htons(size
- LDP_HDR_DEAD_LEN
);
47 ldp_hdr
.lsr_id
= ldp_rtr_id_get(leconf
);
48 ldp_hdr
.lspace_id
= 0;
50 return (ibuf_add(buf
, &ldp_hdr
, LDP_HDR_SIZE
));
54 gen_msg_hdr(struct ibuf
*buf
, uint16_t type
, uint16_t size
)
56 static int msgcnt
= 0;
59 memset(&msg
, 0, sizeof(msg
));
60 msg
.type
= htons(type
);
61 /* exclude the 'Type' and 'Length' fields from the total */
62 msg
.length
= htons(size
- LDP_MSG_DEAD_LEN
);
63 msg
.id
= htonl(++msgcnt
);
65 return (ibuf_add(buf
, &msg
, sizeof(msg
)));
70 send_packet(int fd
, int af
, union ldpd_addr
*dst
, struct iface_af
*ia
,
71 void *pkt
, size_t len
)
77 if (ia
&& IN_MULTICAST(ntohl(dst
->v4
.s_addr
))) {
78 /* set outgoing interface for multicast traffic */
79 if (sock_set_ipv4_mcast(ia
->iface
) == -1) {
80 log_debug("%s: error setting multicast "
81 "interface, %s", __func__
, ia
->iface
->name
);
87 if (ia
&& IN6_IS_ADDR_MULTICAST(&dst
->v6
)) {
88 /* set outgoing interface for multicast traffic */
89 if (sock_set_ipv6_mcast(ia
->iface
) == -1) {
90 log_debug("%s: error setting multicast "
91 "interface, %s", __func__
, ia
->iface
->name
);
97 fatalx("send_packet: unknown af");
100 addr2sa(af
, dst
, LDP_PORT
, &su
);
101 if (sendto(fd
, pkt
, len
, 0, &su
.sa
, sockaddr_len(&su
.sa
)) == -1) {
102 log_warn("%s: error sending packet to %s", __func__
,
103 log_sockaddr(&su
.sa
));
110 /* Discovery functions */
112 disc_recv_packet(struct thread
*thread
)
114 int fd
= THREAD_FD(thread
);
115 struct thread
**threadp
= THREAD_ARG(thread
);
119 #ifdef HAVE_STRUCT_SOCKADDR_DL
120 char buf
[CMSG_SPACE(sizeof(struct sockaddr_dl
))];
122 char buf
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
126 struct sockaddr_storage from
;
130 struct cmsghdr
*cmsg
;
136 unsigned int ifindex
= 0;
137 struct iface
*iface
= NULL
;
139 struct ldp_hdr ldp_hdr
;
143 struct in_addr lsr_id
;
145 /* reschedule read */
147 thread_add_read(master
, disc_recv_packet
, threadp
, fd
, threadp
);
150 memset(&m
, 0, sizeof(m
));
151 iov
.iov_base
= buf
= pkt_ptr
;
152 iov
.iov_len
= IBUF_READ_SIZE
;
154 m
.msg_namelen
= sizeof(from
);
157 m
.msg_control
= &cmsgbuf
.buf
;
158 m
.msg_controllen
= sizeof(cmsgbuf
.buf
);
160 if ((r
= recvmsg(fd
, &m
, 0)) == -1) {
161 if (errno
!= EAGAIN
&& errno
!= EINTR
)
162 log_debug("%s: read error: %s", __func__
,
167 sa2addr((struct sockaddr
*)&from
, &af
, &src
, NULL
);
169 multicast
= (m
.msg_flags
& MSG_MCAST
) ? 1 : 0;
172 for (cmsg
= CMSG_FIRSTHDR(&m
); cmsg
!= NULL
;
173 cmsg
= CMSG_NXTHDR(&m
, cmsg
)) {
174 #if defined(HAVE_IP_PKTINFO)
175 if (af
== AF_INET
&& cmsg
->cmsg_level
== IPPROTO_IP
&&
176 cmsg
->cmsg_type
== IP_PKTINFO
) {
177 struct in_pktinfo
*pktinfo
;
179 pktinfo
= (struct in_pktinfo
*)CMSG_DATA(cmsg
);
180 if (IN_MULTICAST(ntohl(pktinfo
->ipi_addr
.s_addr
)))
184 #elif defined(HAVE_IP_RECVDSTADDR)
185 if (af
== AF_INET
&& cmsg
->cmsg_level
== IPPROTO_IP
&&
186 cmsg
->cmsg_type
== IP_RECVDSTADDR
) {
187 struct in_addr
*addr
;
189 addr
= (struct in_addr
*)CMSG_DATA(cmsg
);
190 if (IN_MULTICAST(ntohl(addr
->s_addr
)))
195 #error "Unsupported socket API"
197 if (af
== AF_INET6
&& cmsg
->cmsg_level
== IPPROTO_IPV6
&&
198 cmsg
->cmsg_type
== IPV6_PKTINFO
) {
199 struct in6_pktinfo
*pktinfo
;
201 pktinfo
= (struct in6_pktinfo
*)CMSG_DATA(cmsg
);
202 if (IN6_IS_ADDR_MULTICAST(&pktinfo
->ipi6_addr
))
207 #endif /* MSG_MCAST */
208 if (bad_addr(af
, &src
)) {
209 log_debug("%s: invalid source address: %s", __func__
,
213 ifindex
= getsockopt_ifindex(af
, &m
);
215 /* find a matching interface */
217 iface
= disc_find_iface(ifindex
, af
, &src
);
222 /* check packet size */
224 if (len
< (LDP_HDR_SIZE
+ LDP_MSG_SIZE
) || len
> LDP_MAX_LEN
) {
225 log_debug("%s: bad packet size, source %s", __func__
,
230 /* LDP header sanity checks */
231 memcpy(&ldp_hdr
, buf
, sizeof(ldp_hdr
));
232 if (ntohs(ldp_hdr
.version
) != LDP_VERSION
) {
233 log_debug("%s: invalid LDP version %d, source %s", __func__
,
234 ntohs(ldp_hdr
.version
), log_addr(af
, &src
));
237 if (ntohs(ldp_hdr
.lspace_id
) != 0) {
238 log_debug("%s: invalid label space %u, source %s", __func__
,
239 ntohs(ldp_hdr
.lspace_id
), log_addr(af
, &src
));
242 /* check "PDU Length" field */
243 pdu_len
= ntohs(ldp_hdr
.length
);
244 if ((pdu_len
< (LDP_HDR_PDU_LEN
+ LDP_MSG_SIZE
)) ||
245 (pdu_len
> (len
- LDP_HDR_DEAD_LEN
))) {
246 log_debug("%s: invalid LDP packet length %u, source %s",
247 __func__
, ntohs(ldp_hdr
.length
), log_addr(af
, &src
));
253 lsr_id
.s_addr
= ldp_hdr
.lsr_id
;
256 * For UDP, we process only the first message of each packet. This does
257 * not impose any restrictions since LDP uses UDP only for sending Hello
260 memcpy(&msg
, buf
, sizeof(msg
));
262 /* check "Message Length" field */
263 msg_len
= ntohs(msg
.length
);
264 if (msg_len
< LDP_MSG_LEN
|| ((msg_len
+ LDP_MSG_DEAD_LEN
) > pdu_len
)) {
265 log_debug("%s: invalid LDP message length %u, source %s",
266 __func__
, ntohs(msg
.length
), log_addr(af
, &src
));
272 /* switch LDP packet type */
273 switch (ntohs(msg
.type
)) {
275 recv_hello(lsr_id
, &msg
, af
, &src
, iface
, multicast
, buf
, len
);
278 log_debug("%s: unknown LDP packet type, source %s", __func__
,
285 static struct iface
*
286 disc_find_iface(unsigned int ifindex
, int af
, union ldpd_addr
*src
)
291 iface
= if_lookup(leconf
, ifindex
);
295 ia
= iface_af_get(iface
, af
);
300 * RFC 7552 - Section 5.1:
301 * "Link-local IPv6 address MUST be used as the source IP address in
302 * IPv6 LDP Link Hellos".
304 if (af
== AF_INET6
&& !IN6_IS_ADDR_LINKLOCAL(&src
->v6
))
311 session_accept(struct thread
*thread
)
313 int fd
= THREAD_FD(thread
);
314 struct sockaddr_storage src
;
315 socklen_t len
= sizeof(src
);
318 union ldpd_addr addr
;
320 struct pending_conn
*pconn
;
322 newfd
= accept(fd
, (struct sockaddr
*)&src
, &len
);
325 * Pause accept if we are out of file descriptors, or
326 * libevent will haunt us here too.
328 if (errno
== ENFILE
|| errno
== EMFILE
) {
330 } else if (errno
!= EWOULDBLOCK
&& errno
!= EINTR
&&
331 errno
!= ECONNABORTED
)
332 log_debug("%s: accept error: %s", __func__
,
336 sock_set_nonblock(newfd
);
338 sa2addr((struct sockaddr
*)&src
, &af
, &addr
, NULL
);
341 * Since we don't support label spaces, we can identify this neighbor
342 * just by its source address. This way we don't need to wait for its
343 * Initialization message to know who we are talking to.
345 nbr
= nbr_find_addr(af
, &addr
);
348 * According to RFC 5036, we would need to send a No Hello
349 * Error Notification message and close this TCP connection
350 * right now. But doing so would trigger the backoff exponential
351 * timer in the remote peer, which would considerably slow down
352 * the session establishment process. The trick here is to wait
353 * five seconds before sending the Notification Message. There's
354 * a good chance that the remote peer will send us a Hello
355 * message within this interval, so it's worth waiting before
356 * taking a more drastic measure.
358 pconn
= pending_conn_find(af
, &addr
);
362 pending_conn_new(newfd
, af
, &addr
);
365 /* protection against buggy implementations */
366 if (nbr_session_active_role(nbr
)) {
370 if (nbr
->state
!= NBR_STA_PRESENT
) {
371 log_debug("%s: lsr-id %s: rejecting additional transport "
372 "connection", __func__
, inet_ntoa(nbr
->id
));
377 session_accept_nbr(nbr
, newfd
);
383 session_accept_nbr(struct nbr
*nbr
, int fd
)
386 struct nbr_params
*nbrp
;
390 nbrp
= nbr_params_find(leconf
, nbr
->id
);
391 if (nbr_gtsm_check(fd
, nbr
, nbrp
)) {
396 if (nbrp
&& nbrp
->auth
.method
== AUTH_MD5SIG
) {
397 if (sysdep
.no_pfkey
|| sysdep
.no_md5sig
) {
398 log_warnx("md5sig configured but not available");
404 if (getsockopt(fd
, IPPROTO_TCP
, TCP_MD5SIG
, &opt
, &len
) == -1)
405 fatal("getsockopt TCP_MD5SIG");
406 if (!opt
) { /* non-md5'd connection! */
407 log_warnx("connection attempt without md5 signature");
414 nbr
->tcp
= tcp_new(fd
, nbr
);
415 nbr_fsm(nbr
, NBR_EVT_MATCH_ADJ
);
419 session_read(struct thread
*thread
)
421 int fd
= THREAD_FD(thread
);
422 struct nbr
*nbr
= THREAD_ARG(thread
);
423 struct tcp_conn
*tcp
= nbr
->tcp
;
424 struct ldp_hdr
*ldp_hdr
;
426 char *buf
= NULL
, *pdu
;
428 uint16_t pdu_len
, msg_len
, msg_size
, max_pdu_len
;
432 thread_add_read(master
, session_read
, nbr
, fd
, &tcp
->rev
);
434 if ((n
= read(fd
, tcp
->rbuf
->buf
+ tcp
->rbuf
->wpos
,
435 sizeof(tcp
->rbuf
->buf
) - tcp
->rbuf
->wpos
)) == -1) {
436 if (errno
!= EINTR
&& errno
!= EAGAIN
) {
437 log_warn("%s: read error", __func__
);
438 nbr_fsm(nbr
, NBR_EVT_CLOSE_SESSION
);
445 /* connection closed */
446 log_debug("%s: connection closed by remote end", __func__
);
447 nbr_fsm(nbr
, NBR_EVT_CLOSE_SESSION
);
450 tcp
->rbuf
->wpos
+= n
;
452 while ((len
= session_get_pdu(tcp
->rbuf
, &buf
)) > 0) {
454 ldp_hdr
= (struct ldp_hdr
*)pdu
;
455 if (ntohs(ldp_hdr
->version
) != LDP_VERSION
) {
456 session_shutdown(nbr
, S_BAD_PROTO_VER
, 0, 0);
461 pdu_len
= ntohs(ldp_hdr
->length
);
463 * RFC 5036 - Section 3.5.3:
464 * "Prior to completion of the negotiation, the maximum
465 * allowable length is 4096 bytes".
467 if (nbr
->state
== NBR_STA_OPER
)
468 max_pdu_len
= nbr
->max_pdu_len
;
470 max_pdu_len
= LDP_MAX_LEN
;
471 if (pdu_len
< (LDP_HDR_PDU_LEN
+ LDP_MSG_SIZE
) ||
472 pdu_len
> max_pdu_len
) {
473 session_shutdown(nbr
, S_BAD_PDU_LEN
, 0, 0);
477 pdu_len
-= LDP_HDR_PDU_LEN
;
478 if (ldp_hdr
->lsr_id
!= nbr
->id
.s_addr
||
479 ldp_hdr
->lspace_id
!= 0) {
480 session_shutdown(nbr
, S_BAD_LDP_ID
, 0, 0);
487 nbr_fsm(nbr
, NBR_EVT_PDU_RCVD
);
489 while (len
>= LDP_MSG_SIZE
) {
492 msg
= (struct ldp_msg
*)pdu
;
493 type
= ntohs(msg
->type
);
494 msg_len
= ntohs(msg
->length
);
495 if (msg_len
< LDP_MSG_LEN
||
496 (msg_len
+ LDP_MSG_DEAD_LEN
) > pdu_len
) {
497 session_shutdown(nbr
, S_BAD_MSG_LEN
, msg
->id
,
502 msg_size
= msg_len
+ LDP_MSG_DEAD_LEN
;
505 /* check for error conditions earlier */
508 if ((nbr
->state
!= NBR_STA_INITIAL
) &&
509 (nbr
->state
!= NBR_STA_OPENSENT
)) {
510 session_shutdown(nbr
, S_SHUTDOWN
,
516 case MSG_TYPE_KEEPALIVE
:
517 if ((nbr
->state
== NBR_STA_INITIAL
) ||
518 (nbr
->state
== NBR_STA_OPENSENT
)) {
519 session_shutdown(nbr
, S_SHUTDOWN
,
525 case MSG_TYPE_NOTIFICATION
:
528 if (nbr
->state
!= NBR_STA_OPER
) {
529 session_shutdown(nbr
, S_SHUTDOWN
,
537 /* switch LDP packet type */
539 case MSG_TYPE_NOTIFICATION
:
540 ret
= recv_notification(nbr
, pdu
, msg_size
);
543 ret
= recv_init(nbr
, pdu
, msg_size
);
545 case MSG_TYPE_KEEPALIVE
:
546 ret
= recv_keepalive(nbr
, pdu
, msg_size
);
548 case MSG_TYPE_CAPABILITY
:
549 ret
= recv_capability(nbr
, pdu
, msg_size
);
552 case MSG_TYPE_ADDRWITHDRAW
:
553 ret
= recv_address(nbr
, pdu
, msg_size
);
555 case MSG_TYPE_LABELMAPPING
:
556 case MSG_TYPE_LABELREQUEST
:
557 case MSG_TYPE_LABELWITHDRAW
:
558 case MSG_TYPE_LABELRELEASE
:
559 case MSG_TYPE_LABELABORTREQ
:
560 ret
= recv_labelmessage(nbr
, pdu
, msg_size
,
564 log_debug("%s: unknown LDP message from nbr %s",
565 __func__
, inet_ntoa(nbr
->id
));
566 if (!(ntohs(msg
->type
) & UNKNOWN_FLAG
))
567 send_notification(nbr
->tcp
,
568 S_UNKNOWN_MSG
, msg
->id
, msg
->type
);
569 /* ignore the message */
575 /* parser failed, giving up */
580 /* no errors - update per neighbor message counters */
582 case MSG_TYPE_NOTIFICATION
:
583 nbr
->stats
.notif_rcvd
++;
585 case MSG_TYPE_KEEPALIVE
:
586 nbr
->stats
.kalive_rcvd
++;
588 case MSG_TYPE_CAPABILITY
:
589 nbr
->stats
.capability_rcvd
++;
592 nbr
->stats
.addr_rcvd
++;
594 case MSG_TYPE_ADDRWITHDRAW
:
595 nbr
->stats
.addrwdraw_rcvd
++;
597 case MSG_TYPE_LABELMAPPING
:
598 nbr
->stats
.labelmap_rcvd
++;
600 case MSG_TYPE_LABELREQUEST
:
601 nbr
->stats
.labelreq_rcvd
++;
603 case MSG_TYPE_LABELWITHDRAW
:
604 nbr
->stats
.labelwdraw_rcvd
++;
606 case MSG_TYPE_LABELRELEASE
:
607 nbr
->stats
.labelrel_rcvd
++;
609 case MSG_TYPE_LABELABORTREQ
:
610 nbr
->stats
.labelabreq_rcvd
++;
616 /* Analyse the next message */
623 session_shutdown(nbr
, S_BAD_PDU_LEN
, 0, 0);
628 /* shouldn't happen, session_get_pdu should be > 0 if buf was
629 * allocated - but let's get rid of the SA warning.
636 session_write(struct thread
*thread
)
638 struct tcp_conn
*tcp
= THREAD_ARG(thread
);
639 struct nbr
*nbr
= tcp
->nbr
;
643 if (msgbuf_write(&tcp
->wbuf
.wbuf
) <= 0)
644 if (errno
!= EAGAIN
&& nbr
)
645 nbr_fsm(nbr
, NBR_EVT_CLOSE_SESSION
);
647 if (nbr
== NULL
&& !tcp
->wbuf
.wbuf
.queued
) {
649 * We are done sending the notification message, now we can
656 evbuf_event_add(&tcp
->wbuf
);
662 session_shutdown(struct nbr
*nbr
, uint32_t status
, uint32_t msg_id
,
665 switch (nbr
->state
) {
666 case NBR_STA_PRESENT
:
667 if (nbr_pending_connect(nbr
))
668 THREAD_WRITE_OFF(nbr
->ev_connect
);
670 case NBR_STA_INITIAL
:
671 case NBR_STA_OPENREC
:
672 case NBR_STA_OPENSENT
:
674 send_notification(nbr
->tcp
, status
, msg_id
, msg_type
);
676 nbr_fsm(nbr
, NBR_EVT_CLOSE_SESSION
);
679 fatalx("session_shutdown: unknown neighbor state");
684 session_close(struct nbr
*nbr
)
686 log_debug("%s: closing session with lsr-id %s", __func__
,
690 nbr_stop_ktimer(nbr
);
691 nbr_stop_ktimeout(nbr
);
692 nbr_stop_itimeout(nbr
);
696 session_get_pdu(struct ibuf_read
*r
, char **b
)
699 size_t av
, dlen
, left
;
705 memcpy(&l
, r
->buf
, sizeof(l
));
706 dlen
= ntohs(l
.length
) + LDP_HDR_DEAD_LEN
;
710 if ((*b
= malloc(dlen
)) == NULL
)
713 memcpy(*b
, r
->buf
, dlen
);
716 memmove(r
->buf
, r
->buf
+ dlen
, left
);
725 tcp_new(int fd
, struct nbr
*nbr
)
727 struct tcp_conn
*tcp
;
728 struct sockaddr_storage ss
;
729 socklen_t len
= sizeof(ss
);
731 if ((tcp
= calloc(1, sizeof(*tcp
))) == NULL
)
735 evbuf_init(&tcp
->wbuf
, tcp
->fd
, session_write
, tcp
);
738 if ((tcp
->rbuf
= calloc(1, sizeof(struct ibuf_read
))) == NULL
)
742 thread_add_read(master
, session_read
, nbr
, tcp
->fd
, &tcp
->rev
);
746 if (getsockname(fd
, (struct sockaddr
*)&ss
, &len
) != 0)
747 log_warn("%s: getsockname", __func__
);
749 sa2addr((struct sockaddr
*)&ss
, NULL
, NULL
, &tcp
->lport
);
750 if (getpeername(fd
, (struct sockaddr
*)&ss
, &len
) != 0)
751 log_warn("%s: getpeername", __func__
);
753 sa2addr((struct sockaddr
*)&ss
, NULL
, NULL
, &tcp
->rport
);
759 tcp_close(struct tcp_conn
*tcp
)
761 /* try to flush write buffer */
762 msgbuf_write(&tcp
->wbuf
.wbuf
);
763 evbuf_clear(&tcp
->wbuf
);
766 THREAD_READ_OFF(tcp
->rev
);
768 tcp
->nbr
->tcp
= NULL
;
776 static struct pending_conn
*
777 pending_conn_new(int fd
, int af
, union ldpd_addr
*addr
)
779 struct pending_conn
*pconn
;
781 if ((pconn
= calloc(1, sizeof(*pconn
))) == NULL
)
787 TAILQ_INSERT_TAIL(&global
.pending_conns
, pconn
, entry
);
788 pconn
->ev_timeout
= NULL
;
789 thread_add_timer(master
, pending_conn_timeout
, pconn
, PENDING_CONN_TIMEOUT
,
796 pending_conn_del(struct pending_conn
*pconn
)
798 THREAD_TIMER_OFF(pconn
->ev_timeout
);
799 TAILQ_REMOVE(&global
.pending_conns
, pconn
, entry
);
803 struct pending_conn
*
804 pending_conn_find(int af
, union ldpd_addr
*addr
)
806 struct pending_conn
*pconn
;
808 TAILQ_FOREACH(pconn
, &global
.pending_conns
, entry
)
809 if (af
== pconn
->af
&&
810 ldp_addrcmp(af
, addr
, &pconn
->addr
) == 0)
817 pending_conn_timeout(struct thread
*thread
)
819 struct pending_conn
*pconn
= THREAD_ARG(thread
);
820 struct tcp_conn
*tcp
;
822 pconn
->ev_timeout
= NULL
;
824 log_debug("%s: no adjacency with remote end: %s", __func__
,
825 log_addr(pconn
->af
, &pconn
->addr
));
828 * Create a write buffer detached from any neighbor to send a
829 * notification message reliably.
831 tcp
= tcp_new(pconn
->fd
, NULL
);
832 send_notification(tcp
, S_NO_HELLO
, 0, 0);
833 msgbuf_write(&tcp
->wbuf
.wbuf
);
835 pending_conn_del(pconn
);