]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5468 from qlyoung/bgpd-remove-bgp-attr-dup
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56
57 /*
58 * OSPF Fragmentation / fragmented writes
59 *
60 * ospfd can support writing fragmented packets, for cases where
61 * kernel will not fragment IP_HDRINCL and/or multicast destined
62 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
63 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
64 * flags fields, hence user-space fragmentation will not work.
65 * Only Linux is known to leave IP header unmolested.
66 * Further, fragmentation really should be done the kernel, which already
67 * supports it, and which avoids nasty IP ID state problems.
68 *
69 * Fragmentation of OSPF packets can be required on networks with router
70 * with many many interfaces active in one area, or on networks with links
71 * with low MTUs.
72 */
73 #ifdef GNU_LINUX
74 #define WANT_OSPF_WRITE_FRAGMENT
75 #endif
76
77 /* Packet Type String. */
78 const struct message ospf_packet_type_str[] = {
79 {OSPF_MSG_HELLO, "Hello"},
80 {OSPF_MSG_DB_DESC, "Database Description"},
81 {OSPF_MSG_LS_REQ, "Link State Request"},
82 {OSPF_MSG_LS_UPD, "Link State Update"},
83 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
84 {0}};
85
86 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
87 particular types, offset is the "type" field of a packet. */
88 static const uint16_t ospf_packet_minlen[] = {
89 0,
90 OSPF_HELLO_MIN_SIZE,
91 OSPF_DB_DESC_MIN_SIZE,
92 OSPF_LS_REQ_MIN_SIZE,
93 OSPF_LS_UPD_MIN_SIZE,
94 OSPF_LS_ACK_MIN_SIZE,
95 };
96
97 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
98 types, offset is the "LSA type" field. */
99 static const uint16_t ospf_lsa_minlen[] = {
100 0,
101 OSPF_ROUTER_LSA_MIN_SIZE,
102 OSPF_NETWORK_LSA_MIN_SIZE,
103 OSPF_SUMMARY_LSA_MIN_SIZE,
104 OSPF_SUMMARY_LSA_MIN_SIZE,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 0,
110 0,
111 0,
112 };
113
114 /* for ospf_check_auth() */
115 static int ospf_check_sum(struct ospf_header *);
116
117 /* OSPF authentication checking function */
118 static int ospf_auth_type(struct ospf_interface *oi)
119 {
120 int auth_type;
121
122 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
123 auth_type = oi->area->auth_type;
124 else
125 auth_type = OSPF_IF_PARAM(oi, auth_type);
126
127 /* Handle case where MD5 key list is not configured aka Cisco */
128 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
129 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
130 return OSPF_AUTH_NULL;
131
132 return auth_type;
133 }
134
135 static struct ospf_packet *ospf_packet_new(size_t size)
136 {
137 struct ospf_packet *new;
138
139 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
140 new->s = stream_new(size);
141
142 return new;
143 }
144
145 void ospf_packet_free(struct ospf_packet *op)
146 {
147 if (op->s)
148 stream_free(op->s);
149
150 XFREE(MTYPE_OSPF_PACKET, op);
151 }
152
153 struct ospf_fifo *ospf_fifo_new(void)
154 {
155 struct ospf_fifo *new;
156
157 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
158 return new;
159 }
160
161 /* Add new packet to fifo. */
162 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
163 {
164 if (fifo->tail)
165 fifo->tail->next = op;
166 else
167 fifo->head = op;
168
169 fifo->tail = op;
170
171 fifo->count++;
172 }
173
174 /* Add new packet to head of fifo. */
175 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
176 {
177 op->next = fifo->head;
178
179 if (fifo->tail == NULL)
180 fifo->tail = op;
181
182 fifo->head = op;
183
184 fifo->count++;
185 }
186
187 /* Delete first packet from fifo. */
188 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
189 {
190 struct ospf_packet *op;
191
192 op = fifo->head;
193
194 if (op) {
195 fifo->head = op->next;
196
197 if (fifo->head == NULL)
198 fifo->tail = NULL;
199
200 fifo->count--;
201 }
202
203 return op;
204 }
205
206 /* Return first fifo entry. */
207 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
208 {
209 return fifo->head;
210 }
211
212 /* Flush ospf packet fifo. */
213 void ospf_fifo_flush(struct ospf_fifo *fifo)
214 {
215 struct ospf_packet *op;
216 struct ospf_packet *next;
217
218 for (op = fifo->head; op; op = next) {
219 next = op->next;
220 ospf_packet_free(op);
221 }
222 fifo->head = fifo->tail = NULL;
223 fifo->count = 0;
224 }
225
226 /* Free ospf packet fifo. */
227 void ospf_fifo_free(struct ospf_fifo *fifo)
228 {
229 ospf_fifo_flush(fifo);
230
231 XFREE(MTYPE_OSPF_FIFO, fifo);
232 }
233
234 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
235 {
236 /* Add packet to end of queue. */
237 ospf_fifo_push(oi->obuf, op);
238
239 /* Debug of packet fifo*/
240 /* ospf_fifo_debug (oi->obuf); */
241 }
242
243 static void ospf_packet_add_top(struct ospf_interface *oi,
244 struct ospf_packet *op)
245 {
246 /* Add packet to head of queue. */
247 ospf_fifo_push_head(oi->obuf, op);
248
249 /* Debug of packet fifo*/
250 /* ospf_fifo_debug (oi->obuf); */
251 }
252
253 static void ospf_packet_delete(struct ospf_interface *oi)
254 {
255 struct ospf_packet *op;
256
257 op = ospf_fifo_pop(oi->obuf);
258
259 if (op)
260 ospf_packet_free(op);
261 }
262
263 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
264 {
265 struct ospf_packet *new;
266
267 if (stream_get_endp(op->s) != op->length)
268 /* XXX size_t */
269 zlog_debug(
270 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
271 (unsigned long)STREAM_SIZE(op->s), op->length);
272
273 /* Reserve space for MD5 authentication that may be added later. */
274 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
275 stream_copy(new->s, op->s);
276
277 new->dst = op->dst;
278 new->length = op->length;
279
280 return new;
281 }
282
283 /* XXX inline */
284 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
285 {
286 int auth = 0;
287
288 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
289 auth = OSPF_AUTH_MD5_SIZE;
290
291 return auth;
292 }
293
294 static unsigned int ospf_packet_max(struct ospf_interface *oi)
295 {
296 int max;
297
298 max = oi->ifp->mtu - ospf_packet_authspace(oi);
299
300 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
301
302 return max;
303 }
304
305
306 static int ospf_check_md5_digest(struct ospf_interface *oi,
307 struct ospf_header *ospfh)
308 {
309 #ifdef CRYPTO_OPENSSL
310 EVP_MD_CTX *ctx;
311 #elif CRYPTO_INTERNAL
312 MD5_CTX ctx;
313 #endif
314 unsigned char digest[OSPF_AUTH_MD5_SIZE];
315 struct crypt_key *ck;
316 struct ospf_neighbor *nbr;
317 uint16_t length = ntohs(ospfh->length);
318
319 /* Get secret key. */
320 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
321 ospfh->u.crypt.key_id);
322 if (ck == NULL) {
323 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
324 IF_NAME(oi), ospfh->u.crypt.key_id);
325 return 0;
326 }
327
328 /* check crypto seqnum. */
329 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
330
331 if (nbr
332 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
333 flog_warn(
334 EC_OSPF_MD5,
335 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
336 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
337 ntohl(nbr->crypt_seqnum));
338 return 0;
339 }
340
341 /* Generate a digest for the ospf packet - their digest + our digest. */
342 #ifdef CRYPTO_OPENSSL
343 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
344 ctx = EVP_MD_CTX_new();
345 EVP_DigestInit(ctx, EVP_md5());
346 EVP_DigestUpdate(ctx, ospfh, length);
347 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
348 EVP_DigestFinal(ctx, digest, &md5_size);
349 EVP_MD_CTX_free(ctx);
350 #elif CRYPTO_INTERNAL
351 memset(&ctx, 0, sizeof(ctx));
352 MD5Init(&ctx);
353 MD5Update(&ctx, ospfh, length);
354 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
355 MD5Final(digest, &ctx);
356 #endif
357
358 /* compare the two */
359 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
360 flog_warn(EC_OSPF_MD5,
361 "interface %s: ospf_check_md5 checksum mismatch",
362 IF_NAME(oi));
363 return 0;
364 }
365
366 /* save neighbor's crypt_seqnum */
367 if (nbr)
368 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
369 return 1;
370 }
371
372 /* This function is called from ospf_write(), it will detect the
373 authentication scheme and if it is MD5, it will change the sequence
374 and update the MD5 digest. */
375 static int ospf_make_md5_digest(struct ospf_interface *oi,
376 struct ospf_packet *op)
377 {
378 struct ospf_header *ospfh;
379 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
380 #ifdef CRYPTO_OPENSSL
381 EVP_MD_CTX *ctx;
382 #elif CRYPTO_INTERNAL
383 MD5_CTX ctx;
384 #endif
385 void *ibuf;
386 uint32_t t;
387 struct crypt_key *ck;
388 const uint8_t *auth_key;
389
390 ibuf = STREAM_DATA(op->s);
391 ospfh = (struct ospf_header *)ibuf;
392
393 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
394 return 0;
395
396 /* We do this here so when we dup a packet, we don't have to
397 waste CPU rewriting other headers.
398
399 Note that quagga_time /deliberately/ is not used here */
400 t = (time(NULL) & 0xFFFFFFFF);
401 if (t > oi->crypt_seqnum)
402 oi->crypt_seqnum = t;
403 else
404 oi->crypt_seqnum++;
405
406 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
407
408 /* Get MD5 Authentication key from auth_key list. */
409 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
410 auth_key = (const uint8_t *)digest;
411 else {
412 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
413 auth_key = ck->auth_key;
414 }
415
416 /* Generate a digest for the entire packet + our secret key. */
417 #ifdef CRYPTO_OPENSSL
418 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
419 ctx = EVP_MD_CTX_new();
420 EVP_DigestInit(ctx, EVP_md5());
421 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
422 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
423 EVP_DigestFinal(ctx, digest, &md5_size);
424 EVP_MD_CTX_free(ctx);
425 #elif CRYPTO_INTERNAL
426 memset(&ctx, 0, sizeof(ctx));
427 MD5Init(&ctx);
428 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
429 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
430 MD5Final(digest, &ctx);
431 #endif
432
433 /* Append md5 digest to the end of the stream. */
434 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
435
436 /* We do *NOT* increment the OSPF header length. */
437 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
438
439 if (stream_get_endp(op->s) != op->length)
440 /* XXX size_t */
441 flog_warn(
442 EC_OSPF_MD5,
443 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
444 (unsigned long)stream_get_endp(op->s), op->length);
445
446 return OSPF_AUTH_MD5_SIZE;
447 }
448
449
450 static int ospf_ls_req_timer(struct thread *thread)
451 {
452 struct ospf_neighbor *nbr;
453
454 nbr = THREAD_ARG(thread);
455 nbr->t_ls_req = NULL;
456
457 /* Send Link State Request. */
458 if (ospf_ls_request_count(nbr))
459 ospf_ls_req_send(nbr);
460
461 /* Set Link State Request retransmission timer. */
462 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
463
464 return 0;
465 }
466
467 void ospf_ls_req_event(struct ospf_neighbor *nbr)
468 {
469 if (nbr->t_ls_req) {
470 thread_cancel(nbr->t_ls_req);
471 nbr->t_ls_req = NULL;
472 }
473 nbr->t_ls_req = NULL;
474 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
475 }
476
477 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
478 ospf_neighbor.c */
479 int ospf_ls_upd_timer(struct thread *thread)
480 {
481 struct ospf_neighbor *nbr;
482
483 nbr = THREAD_ARG(thread);
484 nbr->t_ls_upd = NULL;
485
486 /* Send Link State Update. */
487 if (ospf_ls_retransmit_count(nbr) > 0) {
488 struct list *update;
489 struct ospf_lsdb *lsdb;
490 int i;
491 int retransmit_interval;
492
493 retransmit_interval =
494 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
495
496 lsdb = &nbr->ls_rxmt;
497 update = list_new();
498
499 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
500 struct route_table *table = lsdb->type[i].db;
501 struct route_node *rn;
502
503 for (rn = route_top(table); rn; rn = route_next(rn)) {
504 struct ospf_lsa *lsa;
505
506 if ((lsa = rn->info) != NULL) {
507 /* Don't retransmit an LSA if we
508 received it within
509 the last RxmtInterval seconds - this
510 is to allow the
511 neighbour a chance to acknowledge the
512 LSA as it may
513 have ben just received before the
514 retransmit timer
515 fired. This is a small tweak to what
516 is in the RFC,
517 but it will cut out out a lot of
518 retransmit traffic
519 - MAG */
520 if (monotime_since(&lsa->tv_recv, NULL)
521 >= retransmit_interval * 1000000LL)
522 listnode_add(update, rn->info);
523 }
524 }
525 }
526
527 if (listcount(update) > 0)
528 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
529 0);
530 list_delete(&update);
531 }
532
533 /* Set LS Update retransmission timer. */
534 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
535
536 return 0;
537 }
538
539 int ospf_ls_ack_timer(struct thread *thread)
540 {
541 struct ospf_interface *oi;
542
543 oi = THREAD_ARG(thread);
544 oi->t_ls_ack = NULL;
545
546 /* Send Link State Acknowledgment. */
547 if (listcount(oi->ls_ack) > 0)
548 ospf_ls_ack_send_delayed(oi);
549
550 /* Set LS Ack timer. */
551 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
552
553 return 0;
554 }
555
556 #ifdef WANT_OSPF_WRITE_FRAGMENT
557 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
558 struct msghdr *msg, unsigned int maxdatasize,
559 unsigned int mtu, int flags, uint8_t type)
560 {
561 #define OSPF_WRITE_FRAG_SHIFT 3
562 uint16_t offset;
563 struct iovec *iovp;
564 int ret;
565
566 assert(op->length == stream_get_endp(op->s));
567 assert(msg->msg_iovlen == 2);
568
569 /* we can but try.
570 *
571 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
572 * well as the IP_MF flag, making this all quite pointless.
573 *
574 * However, for a system on which IP_MF is left alone, and ip_id left
575 * alone or else which sets same ip_id for each fragment this might
576 * work, eg linux.
577 *
578 * XXX-TODO: It would be much nicer to have the kernel's use their
579 * existing fragmentation support to do this for us. Bugs/RFEs need to
580 * be raised against the various kernels.
581 */
582
583 /* set More Frag */
584 iph->ip_off |= IP_MF;
585
586 /* ip frag offset is expressed in units of 8byte words */
587 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
588
589 iovp = &msg->msg_iov[1];
590
591 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
592 > maxdatasize) {
593 /* data length of this frag is to next offset value */
594 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
595 iph->ip_len = iovp->iov_len + sizeof(struct ip);
596 assert(iph->ip_len <= mtu);
597
598 sockopt_iphdrincl_swab_htosys(iph);
599
600 ret = sendmsg(fd, msg, flags);
601
602 sockopt_iphdrincl_swab_systoh(iph);
603
604 if (ret < 0)
605 flog_err(
606 EC_LIB_SOCKET,
607 "*** ospf_write_frags: sendmsg failed to %s,"
608 " id %d, off %d, len %d, mtu %u failed with %s",
609 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
610 iph->ip_len, mtu, safe_strerror(errno));
611
612 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
613 zlog_debug(
614 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
615 iph->ip_id, iph->ip_off, iph->ip_len,
616 inet_ntoa(iph->ip_dst));
617 }
618
619 iph->ip_off += offset;
620 stream_forward_getp(op->s, iovp->iov_len);
621 iovp->iov_base = stream_pnt(op->s);
622 }
623
624 /* setup for final fragment */
625 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
626 iph->ip_len = iovp->iov_len + sizeof(struct ip);
627 iph->ip_off &= (~IP_MF);
628 }
629 #endif /* WANT_OSPF_WRITE_FRAGMENT */
630
631 static int ospf_write(struct thread *thread)
632 {
633 struct ospf *ospf = THREAD_ARG(thread);
634 struct ospf_interface *oi;
635 struct ospf_interface *last_serviced_oi = NULL;
636 struct ospf_packet *op;
637 struct sockaddr_in sa_dst;
638 struct ip iph;
639 struct msghdr msg;
640 struct iovec iov[2];
641 uint8_t type;
642 int ret;
643 int flags = 0;
644 struct listnode *node;
645 #ifdef WANT_OSPF_WRITE_FRAGMENT
646 static uint16_t ipid = 0;
647 uint16_t maxdatasize;
648 #endif /* WANT_OSPF_WRITE_FRAGMENT */
649 #define OSPF_WRITE_IPHL_SHIFT 2
650 int pkt_count = 0;
651
652 #ifdef GNU_LINUX
653 unsigned char cmsgbuf[64] = {};
654 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
655 struct in_pktinfo *pi;
656 #endif
657
658 if (ospf->fd < 0 || ospf->oi_running == 0) {
659 if (IS_DEBUG_OSPF_EVENT)
660 zlog_debug(
661 "ospf_write failed to send, fd %d, instance %u"
662 ,ospf->fd, ospf->oi_running);
663 return -1;
664 }
665
666 node = listhead(ospf->oi_write_q);
667 assert(node);
668 oi = listgetdata(node);
669
670 #ifdef WANT_OSPF_WRITE_FRAGMENT
671 /* seed ipid static with low order bits of time */
672 if (ipid == 0)
673 ipid = (time(NULL) & 0xffff);
674 #endif /* WANT_OSPF_WRITE_FRAGMENT */
675
676 while ((pkt_count < ospf->write_oi_count) && oi
677 && (last_serviced_oi != oi)) {
678 /* If there is only packet in the queue, the oi is removed from
679 write-q, so fix up the last interface that was serviced */
680 if (last_serviced_oi == NULL) {
681 last_serviced_oi = oi;
682 }
683 pkt_count++;
684 #ifdef WANT_OSPF_WRITE_FRAGMENT
685 /* convenience - max OSPF data per packet */
686 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
687 #endif /* WANT_OSPF_WRITE_FRAGMENT */
688 /* Get one packet from queue. */
689 op = ospf_fifo_head(oi->obuf);
690 assert(op);
691 assert(op->length >= OSPF_HEADER_SIZE);
692
693 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
694 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
695 ospf_if_ipmulticast(ospf, oi->address,
696 oi->ifp->ifindex);
697
698 /* Rewrite the md5 signature & update the seq */
699 ospf_make_md5_digest(oi, op);
700
701 /* Retrieve OSPF packet type. */
702 stream_set_getp(op->s, 1);
703 type = stream_getc(op->s);
704
705 /* reset get pointer */
706 stream_set_getp(op->s, 0);
707
708 memset(&iph, 0, sizeof(struct ip));
709 memset(&sa_dst, 0, sizeof(sa_dst));
710
711 sa_dst.sin_family = AF_INET;
712 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
713 sa_dst.sin_len = sizeof(sa_dst);
714 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
715 sa_dst.sin_addr = op->dst;
716 sa_dst.sin_port = htons(0);
717
718 /* Set DONTROUTE flag if dst is unicast. */
719 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
720 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
721 flags = MSG_DONTROUTE;
722
723 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
724 /* it'd be very strange for header to not be 4byte-word aligned
725 * but.. */
726 if (sizeof(struct ip)
727 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
728 iph.ip_hl++; /* we presume sizeof struct ip cant
729 overflow ip_hl.. */
730
731 iph.ip_v = IPVERSION;
732 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
733 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
734
735 #if defined(__DragonFly__)
736 /*
737 * DragonFly's raw socket expects ip_len/ip_off in network byte
738 * order.
739 */
740 iph.ip_len = htons(iph.ip_len);
741 #endif
742
743 #ifdef WANT_OSPF_WRITE_FRAGMENT
744 /* XXX-MT: not thread-safe at all..
745 * XXX: this presumes this is only programme sending OSPF
746 * packets
747 * otherwise, no guarantee ipid will be unique
748 */
749 iph.ip_id = ++ipid;
750 #endif /* WANT_OSPF_WRITE_FRAGMENT */
751
752 iph.ip_off = 0;
753 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
754 iph.ip_ttl = OSPF_VL_IP_TTL;
755 else
756 iph.ip_ttl = OSPF_IP_TTL;
757 iph.ip_p = IPPROTO_OSPFIGP;
758 iph.ip_sum = 0;
759 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
760 iph.ip_dst.s_addr = op->dst.s_addr;
761
762 memset(&msg, 0, sizeof(msg));
763 msg.msg_name = (caddr_t)&sa_dst;
764 msg.msg_namelen = sizeof(sa_dst);
765 msg.msg_iov = iov;
766 msg.msg_iovlen = 2;
767
768 iov[0].iov_base = (char *)&iph;
769 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
770 iov[1].iov_base = stream_pnt(op->s);
771 iov[1].iov_len = op->length;
772
773 #ifdef GNU_LINUX
774 msg.msg_control = (caddr_t)cm;
775 cm->cmsg_level = SOL_IP;
776 cm->cmsg_type = IP_PKTINFO;
777 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
778 pi = (struct in_pktinfo *)CMSG_DATA(cm);
779 pi->ipi_ifindex = oi->ifp->ifindex;
780
781 msg.msg_controllen = cm->cmsg_len;
782 #endif
783
784 /* Sadly we can not rely on kernels to fragment packets
785 * because of either IP_HDRINCL and/or multicast
786 * destination being set.
787 */
788
789 #ifdef WANT_OSPF_WRITE_FRAGMENT
790 if (op->length > maxdatasize)
791 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
792 oi->ifp->mtu, flags, type);
793 #endif /* WANT_OSPF_WRITE_FRAGMENT */
794
795 /* send final fragment (could be first) */
796 sockopt_iphdrincl_swab_htosys(&iph);
797 ret = sendmsg(ospf->fd, &msg, flags);
798 sockopt_iphdrincl_swab_systoh(&iph);
799 if (IS_DEBUG_OSPF_EVENT)
800 zlog_debug(
801 "ospf_write to %s, "
802 "id %d, off %d, len %d, interface %s, mtu %u:",
803 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
804 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
805
806 if (ret < 0)
807 flog_err(
808 EC_LIB_SOCKET,
809 "*** sendmsg in ospf_write failed to %s, "
810 "id %d, off %d, len %d, interface %s, mtu %u: %s",
811 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
812 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
813 safe_strerror(errno));
814
815 /* Show debug sending packet. */
816 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
817 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
818 zlog_debug(
819 "-----------------------------------------------------");
820 stream_set_getp(op->s, 0);
821 ospf_packet_dump(op->s);
822 }
823
824 zlog_debug("%s sent to [%s] via [%s].",
825 lookup_msg(ospf_packet_type_str, type, NULL),
826 inet_ntoa(op->dst), IF_NAME(oi));
827
828 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
829 zlog_debug(
830 "-----------------------------------------------------");
831 }
832
833 switch (type) {
834 case OSPF_MSG_HELLO:
835 oi->hello_out++;
836 break;
837 case OSPF_MSG_DB_DESC:
838 oi->db_desc_out++;
839 break;
840 case OSPF_MSG_LS_REQ:
841 oi->ls_req_out++;
842 break;
843 case OSPF_MSG_LS_UPD:
844 oi->ls_upd_out++;
845 break;
846 case OSPF_MSG_LS_ACK:
847 oi->ls_ack_out++;
848 break;
849 default:
850 break;
851 }
852
853 /* Now delete packet from queue. */
854 ospf_packet_delete(oi);
855
856 /* Move this interface to the tail of write_q to
857 serve everyone in a round robin fashion */
858 list_delete_node(ospf->oi_write_q, node);
859 if (ospf_fifo_head(oi->obuf) == NULL) {
860 oi->on_write_q = 0;
861 last_serviced_oi = NULL;
862 oi = NULL;
863 } else {
864 listnode_add(ospf->oi_write_q, oi);
865 }
866
867 /* Setup to service from the head of the queue again */
868 if (!list_isempty(ospf->oi_write_q)) {
869 node = listhead(ospf->oi_write_q);
870 oi = listgetdata(node);
871 }
872 }
873
874 /* If packets still remain in queue, call write thread. */
875 if (!list_isempty(ospf->oi_write_q))
876 thread_add_write(master, ospf_write, ospf, ospf->fd,
877 &ospf->t_write);
878
879 return 0;
880 }
881
882 /* OSPF Hello message read -- RFC2328 Section 10.5. */
883 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
884 struct stream *s, struct ospf_interface *oi, int size)
885 {
886 struct ospf_hello *hello;
887 struct ospf_neighbor *nbr;
888 int old_state;
889 struct prefix p;
890
891 /* increment statistics. */
892 oi->hello_in++;
893
894 hello = (struct ospf_hello *)stream_pnt(s);
895
896 /* If Hello is myself, silently discard. */
897 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
898 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
899 zlog_debug(
900 "ospf_header[%s/%s]: selforiginated, "
901 "dropping.",
902 lookup_msg(ospf_packet_type_str, ospfh->type,
903 NULL),
904 inet_ntoa(iph->ip_src));
905 }
906 return;
907 }
908
909 /* get neighbor prefix. */
910 p.family = AF_INET;
911 p.prefixlen = ip_masklen(hello->network_mask);
912 p.u.prefix4 = iph->ip_src;
913
914 /* Compare network mask. */
915 /* Checking is ignored for Point-to-Point and Virtual link. */
916 if (oi->type != OSPF_IFTYPE_POINTOPOINT
917 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
918 if (oi->address->prefixlen != p.prefixlen) {
919 flog_warn(
920 EC_OSPF_PACKET,
921 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
922 inet_ntoa(ospfh->router_id), IF_NAME(oi),
923 (int)oi->address->prefixlen, (int)p.prefixlen);
924 return;
925 }
926
927 /* Compare Router Dead Interval. */
928 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
929 flog_warn(EC_OSPF_PACKET,
930 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
931 "(expected %u, but received %u).",
932 inet_ntoa(ospfh->router_id),
933 OSPF_IF_PARAM(oi, v_wait),
934 ntohl(hello->dead_interval));
935 return;
936 }
937
938 /* Compare Hello Interval - ignored if fast-hellos are set. */
939 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
940 if (OSPF_IF_PARAM(oi, v_hello)
941 != ntohs(hello->hello_interval)) {
942 flog_warn(
943 EC_OSPF_PACKET,
944 "Packet %s [Hello:RECV]: HelloInterval mismatch "
945 "(expected %u, but received %u).",
946 inet_ntoa(ospfh->router_id),
947 OSPF_IF_PARAM(oi, v_hello),
948 ntohs(hello->hello_interval));
949 return;
950 }
951 }
952
953 if (IS_DEBUG_OSPF_EVENT)
954 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
955 inet_ntoa(ospfh->router_id),
956 ospf_options_dump(hello->options),
957 ospf_vrf_id_to_name(oi->ospf->vrf_id));
958
959 /* Compare options. */
960 #define REJECT_IF_TBIT_ON 1 /* XXX */
961 #ifdef REJECT_IF_TBIT_ON
962 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
963 /*
964 * This router does not support non-zero TOS.
965 * Drop this Hello packet not to establish neighbor
966 * relationship.
967 */
968 flog_warn(EC_OSPF_PACKET,
969 "Packet %s [Hello:RECV]: T-bit on, drop it.",
970 inet_ntoa(ospfh->router_id));
971 return;
972 }
973 #endif /* REJECT_IF_TBIT_ON */
974
975 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
976 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
977 /*
978 * This router does know the correct usage of O-bit
979 * the bit should be set in DD packet only.
980 */
981 flog_warn(EC_OSPF_PACKET,
982 "Packet %s [Hello:RECV]: O-bit abuse?",
983 inet_ntoa(ospfh->router_id));
984 #ifdef STRICT_OBIT_USAGE_CHECK
985 return; /* Reject this packet. */
986 #else /* STRICT_OBIT_USAGE_CHECK */
987 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
988 #endif /* STRICT_OBIT_USAGE_CHECK */
989 }
990
991 /* new for NSSA is to ensure that NP is on and E is off */
992
993 if (oi->area->external_routing == OSPF_AREA_NSSA) {
994 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
995 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
996 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
997 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
998 flog_warn(
999 EC_OSPF_PACKET,
1000 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1001 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1002 hello->options);
1003 return;
1004 }
1005 if (IS_DEBUG_OSPF_NSSA)
1006 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1007 inet_ntoa(ospfh->router_id));
1008 } else
1009 /* The setting of the E-bit found in the Hello Packet's Options
1010 field must match this area's ExternalRoutingCapability A
1011 mismatch causes processing to stop and the packet to be
1012 dropped. The setting of the rest of the bits in the Hello
1013 Packet's Options field should be ignored. */
1014 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1015 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1016 flog_warn(
1017 EC_OSPF_PACKET,
1018 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1019 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1020 hello->options);
1021 return;
1022 }
1023
1024 /* get neighbour struct */
1025 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1026
1027 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1028 assert(nbr);
1029
1030 old_state = nbr->state;
1031
1032 /* Add event to thread. */
1033 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1034
1035 /* RFC2328 Section 9.5.1
1036 If the router is not eligible to become Designated Router,
1037 (snip) It must also send an Hello Packet in reply to an
1038 Hello Packet received from any eligible neighbor (other than
1039 the current Designated Router and Backup Designated Router). */
1040 if (oi->type == OSPF_IFTYPE_NBMA)
1041 if (PRIORITY(oi) == 0 && hello->priority > 0
1042 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1043 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1044 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1045 ospf_hello_reply_timer,
1046 OSPF_HELLO_REPLY_DELAY);
1047
1048 /* on NBMA network type, it happens to receive bidirectional Hello
1049 packet
1050 without advance 1-Way Received event.
1051 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1052 if (oi->type == OSPF_IFTYPE_NBMA
1053 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1054 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1055 nbr->priority = hello->priority;
1056 nbr->d_router = hello->d_router;
1057 nbr->bd_router = hello->bd_router;
1058 return;
1059 }
1060
1061 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1062 size - OSPF_HELLO_MIN_SIZE)) {
1063 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1064 nbr->options |= hello->options;
1065 } else {
1066 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1067 /* Set neighbor information. */
1068 nbr->priority = hello->priority;
1069 nbr->d_router = hello->d_router;
1070 nbr->bd_router = hello->bd_router;
1071 return;
1072 }
1073
1074 /* If neighbor itself declares DR and no BDR exists,
1075 cause event BackupSeen */
1076 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1077 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1078 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1079
1080 /* neighbor itself declares BDR. */
1081 if (oi->state == ISM_Waiting
1082 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1083 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1084
1085 /* had not previously. */
1086 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1087 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1088 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1089 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1090 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1091
1092 /* had not previously. */
1093 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1094 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1095 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1096 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1097 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1098
1099 /* Neighbor priority check. */
1100 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1101 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1102
1103 /* Set neighbor information. */
1104 nbr->priority = hello->priority;
1105 nbr->d_router = hello->d_router;
1106 nbr->bd_router = hello->bd_router;
1107 }
1108
1109 /* Save DD flags/options/Seqnum received. */
1110 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1111 struct ospf_db_desc *dd)
1112 {
1113 nbr->last_recv.flags = dd->flags;
1114 nbr->last_recv.options = dd->options;
1115 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1116 }
1117
1118 /* Process rest of DD packet. */
1119 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1120 struct ospf_neighbor *nbr,
1121 struct ospf_db_desc *dd, uint16_t size)
1122 {
1123 struct ospf_lsa *new, *find;
1124 struct lsa_header *lsah;
1125
1126 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1127 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1128 size -= OSPF_LSA_HEADER_SIZE) {
1129 lsah = (struct lsa_header *)stream_pnt(s);
1130 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1131
1132 /* Unknown LS type. */
1133 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1134 flog_warn(EC_OSPF_PACKET,
1135 "Packet [DD:RECV]: Unknown LS type %d.",
1136 lsah->type);
1137 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1138 return;
1139 }
1140
1141 if (IS_OPAQUE_LSA(lsah->type)
1142 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1143 flog_warn(EC_OSPF_PACKET,
1144 "LSA[Type%d:%s]: Opaque capability mismatch?",
1145 lsah->type, inet_ntoa(lsah->id));
1146 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1147 return;
1148 }
1149
1150 switch (lsah->type) {
1151 case OSPF_AS_EXTERNAL_LSA:
1152 case OSPF_OPAQUE_AS_LSA:
1153 /* Check for stub area. Reject if AS-External from stub
1154 but
1155 allow if from NSSA. */
1156 if (oi->area->external_routing == OSPF_AREA_STUB) {
1157 flog_warn(
1158 EC_OSPF_PACKET,
1159 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1160 lsah->type, inet_ntoa(lsah->id),
1161 (oi->area->external_routing
1162 == OSPF_AREA_STUB)
1163 ? "STUB"
1164 : "NSSA");
1165 OSPF_NSM_EVENT_SCHEDULE(nbr,
1166 NSM_SeqNumberMismatch);
1167 return;
1168 }
1169 break;
1170 default:
1171 break;
1172 }
1173
1174 /* Create LS-request object. */
1175 new = ospf_ls_request_new(lsah);
1176
1177 /* Lookup received LSA, then add LS request list. */
1178 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1179
1180 /* ospf_lsa_more_recent is fine with NULL pointers */
1181 switch (ospf_lsa_more_recent(find, new)) {
1182 case -1:
1183 /* Neighbour has a more recent LSA, we must request it
1184 */
1185 ospf_ls_request_add(nbr, new);
1186 /* fallthru */
1187 case 0:
1188 /* If we have a copy of this LSA, it's either less
1189 * recent
1190 * and we're requesting it from neighbour (the case
1191 * above), or
1192 * it's as recent and we both have same copy (this
1193 * case).
1194 *
1195 * In neither of these two cases is there any point in
1196 * describing our copy of the LSA to the neighbour in a
1197 * DB-Summary packet, if we're still intending to do so.
1198 *
1199 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1200 * backward compatible optimisation to OSPF DB Exchange
1201 * /
1202 * DB Description process implemented here.
1203 */
1204 if (find)
1205 ospf_lsdb_delete(&nbr->db_sum, find);
1206 ospf_lsa_discard(new);
1207 break;
1208 default:
1209 /* We have the more recent copy, nothing specific to do:
1210 * - no need to request neighbours stale copy
1211 * - must leave DB summary list copy alone
1212 */
1213 if (IS_DEBUG_OSPF_EVENT)
1214 zlog_debug(
1215 "Packet [DD:RECV]: LSA received Type %d, "
1216 "ID %s is not recent.",
1217 lsah->type, inet_ntoa(lsah->id));
1218 ospf_lsa_discard(new);
1219 }
1220 }
1221
1222 /* Master */
1223 if (IS_SET_DD_MS(nbr->dd_flags)) {
1224 nbr->dd_seqnum++;
1225
1226 /* Both sides have no More, then we're done with Exchange */
1227 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1228 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1229 else
1230 ospf_db_desc_send(nbr);
1231 }
1232 /* Slave */
1233 else {
1234 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1235
1236 /* Send DD packet in reply.
1237 *
1238 * Must be done to acknowledge the Master's DD, regardless of
1239 * whether we have more LSAs ourselves to describe.
1240 *
1241 * This function will clear the 'More' bit, if after this DD
1242 * we have no more LSAs to describe to the master..
1243 */
1244 ospf_db_desc_send(nbr);
1245
1246 /* Slave can raise ExchangeDone now, if master is also done */
1247 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1248 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1249 }
1250
1251 /* Save received neighbor values from DD. */
1252 ospf_db_desc_save_current(nbr, dd);
1253
1254 if (!nbr->t_ls_req)
1255 ospf_ls_req_send(nbr);
1256 }
1257
1258 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1259 struct ospf_neighbor *nbr)
1260 {
1261 /* Is DD duplicated? */
1262 if (dd->options == nbr->last_recv.options
1263 && dd->flags == nbr->last_recv.flags
1264 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1265 return 1;
1266
1267 return 0;
1268 }
1269
1270 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1271 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1272 struct stream *s, struct ospf_interface *oi,
1273 uint16_t size)
1274 {
1275 struct ospf_db_desc *dd;
1276 struct ospf_neighbor *nbr;
1277
1278 /* Increment statistics. */
1279 oi->db_desc_in++;
1280
1281 dd = (struct ospf_db_desc *)stream_pnt(s);
1282
1283 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1284 if (nbr == NULL) {
1285 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
1286 inet_ntoa(ospfh->router_id));
1287 return;
1288 }
1289
1290 /* Check MTU. */
1291 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1292 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1293 flog_warn(
1294 EC_OSPF_PACKET,
1295 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1296 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1297 oi->ifp->mtu);
1298 return;
1299 }
1300
1301 /*
1302 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1303 * not
1304 * required. In fact at least JunOS sends DD packets with P bit clear.
1305 * Until proper solution is developped, this hack should help.
1306 *
1307 * Update: According to the RFCs, N bit is specified /only/ for Hello
1308 * options, unfortunately its use in DD options is not specified. Hence
1309 * some
1310 * implementations follow E-bit semantics and set it in DD options, and
1311 * some
1312 * treat it as unspecified and hence follow the directive "default for
1313 * options is clear", ie unset.
1314 *
1315 * Reset the flag, as ospfd follows E-bit semantics.
1316 */
1317 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1318 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1319 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1320 if (IS_DEBUG_OSPF_EVENT)
1321 zlog_debug(
1322 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1323 inet_ntoa(nbr->router_id));
1324 SET_FLAG(dd->options, OSPF_OPTION_NP);
1325 }
1326
1327 #ifdef REJECT_IF_TBIT_ON
1328 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1329 /*
1330 * In Hello protocol, optional capability must have checked
1331 * to prevent this T-bit enabled router be my neighbor.
1332 */
1333 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
1334 inet_ntoa(nbr->router_id));
1335 return;
1336 }
1337 #endif /* REJECT_IF_TBIT_ON */
1338
1339 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1340 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1341 /*
1342 * This node is not configured to handle O-bit, for now.
1343 * Clear it to ignore unsupported capability proposed by
1344 * neighbor.
1345 */
1346 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1347 }
1348
1349 /* Add event to thread. */
1350 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1351
1352 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1353 zlog_info(
1354 "%s:Packet[DD]: Neighbor %s state is %s, seq_num:0x%x, local:0x%x",
1355 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
1356 inet_ntoa(nbr->router_id),
1357 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1358 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1359
1360 /* Process DD packet by neighbor status. */
1361 switch (nbr->state) {
1362 case NSM_Down:
1363 case NSM_Attempt:
1364 case NSM_TwoWay:
1365 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1366 zlog_info(
1367 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1368 inet_ntoa(nbr->router_id),
1369 lookup_msg(ospf_nsm_state_msg, nbr->state,
1370 NULL));
1371 break;
1372 case NSM_Init:
1373 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1374 /* If the new state is ExStart, the processing of the current
1375 packet should then continue in this new state by falling
1376 through to case ExStart below. */
1377 if (nbr->state != NSM_ExStart)
1378 break;
1379 /* fallthru */
1380 case NSM_ExStart:
1381 /* Initial DBD */
1382 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1383 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1384 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1385 > 0) {
1386 /* We're Slave---obey */
1387 if (CHECK_FLAG(oi->ospf->config,
1388 OSPF_LOG_ADJACENCY_DETAIL))
1389 zlog_info(
1390 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1391 inet_ntoa(nbr->router_id));
1392
1393 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1394
1395 /* Reset I/MS */
1396 UNSET_FLAG(nbr->dd_flags,
1397 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1398 } else {
1399 /* We're Master, ignore the initial DBD from
1400 * Slave */
1401 if (CHECK_FLAG(oi->ospf->config,
1402 OSPF_LOG_ADJACENCY_DETAIL))
1403 zlog_info(
1404 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1405 "ignoring.",
1406 inet_ntoa(nbr->router_id));
1407 break;
1408 }
1409 }
1410 /* Ack from the Slave */
1411 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1412 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1413 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1414 < 0) {
1415 zlog_info(
1416 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1417 inet_ntoa(nbr->router_id));
1418 /* Reset I, leaving MS */
1419 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1420 } else {
1421 flog_warn(EC_OSPF_PACKET,
1422 "Packet[DD]: Neighbor %s Negotiation fails.",
1423 inet_ntoa(nbr->router_id));
1424 break;
1425 }
1426
1427 /* This is where the real Options are saved */
1428 nbr->options = dd->options;
1429
1430 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1431 if (IS_DEBUG_OSPF_EVENT)
1432 zlog_debug(
1433 "Neighbor[%s] is %sOpaque-capable.",
1434 inet_ntoa(nbr->router_id),
1435 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1436 ? ""
1437 : "NOT ");
1438
1439 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1440 && IPV4_ADDR_SAME(&DR(oi),
1441 &nbr->address.u.prefix4)) {
1442 flog_warn(
1443 EC_OSPF_PACKET,
1444 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1445 inet_ntoa(nbr->router_id));
1446 /* This situation is undesirable, but not a real
1447 * error. */
1448 }
1449 }
1450
1451 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1452
1453 /* continue processing rest of packet. */
1454 ospf_db_desc_proc(s, oi, nbr, dd, size);
1455 break;
1456 case NSM_Exchange:
1457 if (ospf_db_desc_is_dup(dd, nbr)) {
1458 if (IS_SET_DD_MS(nbr->dd_flags))
1459 /* Master: discard duplicated DD packet. */
1460 zlog_info(
1461 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1462 inet_ntoa(nbr->router_id));
1463 else
1464 /* Slave: cause to retransmit the last Database
1465 Description. */
1466 {
1467 zlog_info(
1468 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1469 inet_ntoa(nbr->router_id));
1470 ospf_db_desc_resend(nbr);
1471 }
1472 break;
1473 }
1474
1475 /* Otherwise DD packet should be checked. */
1476 /* Check Master/Slave bit mismatch */
1477 if (IS_SET_DD_MS(dd->flags)
1478 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1479 flog_warn(EC_OSPF_PACKET,
1480 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1481 inet_ntoa(nbr->router_id));
1482 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1483 if (IS_DEBUG_OSPF_EVENT)
1484 zlog_debug(
1485 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1486 dd->flags, nbr->dd_flags);
1487 break;
1488 }
1489
1490 /* Check initialize bit is set. */
1491 if (IS_SET_DD_I(dd->flags)) {
1492 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1493 inet_ntoa(nbr->router_id));
1494 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1495 break;
1496 }
1497
1498 /* Check DD Options. */
1499 if (dd->options != nbr->options) {
1500 flog_warn(EC_OSPF_PACKET,
1501 "Packet[DD]: Neighbor %s options mismatch.",
1502 inet_ntoa(nbr->router_id));
1503 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1504 break;
1505 }
1506
1507 /* Check DD sequence number. */
1508 if ((IS_SET_DD_MS(nbr->dd_flags)
1509 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1510 || (!IS_SET_DD_MS(nbr->dd_flags)
1511 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1512 flog_warn(
1513 EC_OSPF_PACKET,
1514 "Packet[DD]: Neighbor %s sequence number mismatch.",
1515 inet_ntoa(nbr->router_id));
1516 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1517 break;
1518 }
1519
1520 /* Continue processing rest of packet. */
1521 ospf_db_desc_proc(s, oi, nbr, dd, size);
1522 break;
1523 case NSM_Loading:
1524 case NSM_Full:
1525 if (ospf_db_desc_is_dup(dd, nbr)) {
1526 if (IS_SET_DD_MS(nbr->dd_flags)) {
1527 /* Master should discard duplicate DD packet. */
1528 zlog_info(
1529 "Packet[DD]: Neighbor %s duplicated, "
1530 "packet discarded.",
1531 inet_ntoa(nbr->router_id));
1532 break;
1533 } else {
1534 if (monotime_since(&nbr->last_send_ts, NULL)
1535 < nbr->v_inactivity * 1000000LL) {
1536 /* In states Loading and Full the slave
1537 must resend
1538 its last Database Description packet
1539 in response to
1540 duplicate Database Description
1541 packets received
1542 from the master. For this reason the
1543 slave must
1544 wait RouterDeadInterval seconds
1545 before freeing the
1546 last Database Description packet.
1547 Reception of a
1548 Database Description packet from the
1549 master after
1550 this interval will generate a
1551 SeqNumberMismatch
1552 neighbor event. RFC2328 Section 10.8
1553 */
1554 ospf_db_desc_resend(nbr);
1555 break;
1556 }
1557 }
1558 }
1559
1560 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1561 break;
1562 default:
1563 flog_warn(EC_OSPF_PACKET,
1564 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1565 inet_ntoa(nbr->router_id), nbr->state);
1566 break;
1567 }
1568 }
1569
1570 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1571
1572 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1573 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1574 struct stream *s, struct ospf_interface *oi,
1575 uint16_t size)
1576 {
1577 struct ospf_neighbor *nbr;
1578 uint32_t ls_type;
1579 struct in_addr ls_id;
1580 struct in_addr adv_router;
1581 struct ospf_lsa *find;
1582 struct list *ls_upd;
1583 unsigned int length;
1584
1585 /* Increment statistics. */
1586 oi->ls_req_in++;
1587
1588 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1589 if (nbr == NULL) {
1590 flog_warn(EC_OSPF_PACKET,
1591 "Link State Request: Unknown Neighbor %s.",
1592 inet_ntoa(ospfh->router_id));
1593 return;
1594 }
1595
1596 /* Add event to thread. */
1597 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1598
1599 /* Neighbor State should be Exchange or later. */
1600 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1601 && nbr->state != NSM_Full) {
1602 flog_warn(
1603 EC_OSPF_PACKET,
1604 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1605 inet_ntoa(ospfh->router_id),
1606 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1607 return;
1608 }
1609
1610 /* Send Link State Update for ALL requested LSAs. */
1611 ls_upd = list_new();
1612 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1613
1614 while (size >= OSPF_LSA_KEY_SIZE) {
1615 /* Get one slice of Link State Request. */
1616 ls_type = stream_getl(s);
1617 ls_id.s_addr = stream_get_ipv4(s);
1618 adv_router.s_addr = stream_get_ipv4(s);
1619
1620 /* Verify LSA type. */
1621 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1622 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1623 list_delete(&ls_upd);
1624 return;
1625 }
1626
1627 /* Search proper LSA in LSDB. */
1628 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1629 adv_router);
1630 if (find == NULL) {
1631 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1632 list_delete(&ls_upd);
1633 return;
1634 }
1635
1636 /* Packet overflows MTU size, send immediately. */
1637 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1638 if (oi->type == OSPF_IFTYPE_NBMA)
1639 ospf_ls_upd_send(nbr, ls_upd,
1640 OSPF_SEND_PACKET_DIRECT, 0);
1641 else
1642 ospf_ls_upd_send(nbr, ls_upd,
1643 OSPF_SEND_PACKET_INDIRECT, 0);
1644
1645 /* Only remove list contents. Keep ls_upd. */
1646 list_delete_all_node(ls_upd);
1647
1648 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1649 }
1650
1651 /* Append LSA to update list. */
1652 listnode_add(ls_upd, find);
1653 length += ntohs(find->data->length);
1654
1655 size -= OSPF_LSA_KEY_SIZE;
1656 }
1657
1658 /* Send rest of Link State Update. */
1659 if (listcount(ls_upd) > 0) {
1660 if (oi->type == OSPF_IFTYPE_NBMA)
1661 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1662 0);
1663 else
1664 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1665 0);
1666
1667 list_delete(&ls_upd);
1668 } else
1669 list_delete(&ls_upd);
1670 }
1671
1672 /* Get the list of LSAs from Link State Update packet.
1673 And process some validation -- RFC2328 Section 13. (1)-(2). */
1674 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1675 struct stream *s,
1676 struct ospf_interface *oi, size_t size)
1677 {
1678 uint16_t count, sum;
1679 uint32_t length;
1680 struct lsa_header *lsah;
1681 struct ospf_lsa *lsa;
1682 struct list *lsas;
1683
1684 lsas = list_new();
1685
1686 count = stream_getl(s);
1687 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1688
1689 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1690 size -= length, stream_forward_getp(s, length), count--) {
1691 lsah = (struct lsa_header *)stream_pnt(s);
1692 length = ntohs(lsah->length);
1693
1694 if (length > size) {
1695 flog_warn(
1696 EC_OSPF_PACKET,
1697 "Link State Update: LSA length exceeds packet size.");
1698 break;
1699 }
1700
1701 /* Validate the LSA's LS checksum. */
1702 sum = lsah->checksum;
1703 if (!ospf_lsa_checksum_valid(lsah)) {
1704 /* (bug #685) more details in a one-line message make it
1705 * possible
1706 * to identify problem source on the one hand and to
1707 * have a better
1708 * chance to compress repeated messages in syslog on the
1709 * other */
1710 flog_warn(
1711 EC_OSPF_PACKET,
1712 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1713 sum, lsah->checksum, inet_ntoa(lsah->id),
1714 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1715 inet_ntoa(lsah->adv_router));
1716 continue;
1717 }
1718
1719 /* Examine the LSA's LS type. */
1720 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1721 flog_warn(EC_OSPF_PACKET,
1722 "Link State Update: Unknown LS type %d",
1723 lsah->type);
1724 continue;
1725 }
1726
1727 /*
1728 * What if the received LSA's age is greater than MaxAge?
1729 * Treat it as a MaxAge case -- endo.
1730 */
1731 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1732 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1733
1734 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1735 #ifdef STRICT_OBIT_USAGE_CHECK
1736 if ((IS_OPAQUE_LSA(lsah->type)
1737 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1738 || (!IS_OPAQUE_LSA(lsah->type)
1739 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1740 /*
1741 * This neighbor must know the exact usage of
1742 * O-bit;
1743 * the bit will be set in Type-9,10,11 LSAs
1744 * only.
1745 */
1746 flog_warn(EC_OSPF_PACKET,
1747 "LSA[Type%d:%s]: O-bit abuse?",
1748 lsah->type, inet_ntoa(lsah->id));
1749 continue;
1750 }
1751 #endif /* STRICT_OBIT_USAGE_CHECK */
1752
1753 /* Do not take in AS External Opaque-LSAs if we are a
1754 * stub. */
1755 if (lsah->type == OSPF_OPAQUE_AS_LSA
1756 && nbr->oi->area->external_routing
1757 != OSPF_AREA_DEFAULT) {
1758 if (IS_DEBUG_OSPF_EVENT)
1759 zlog_debug(
1760 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1761 lsah->type,
1762 inet_ntoa(lsah->id));
1763 continue;
1764 }
1765 } else if (IS_OPAQUE_LSA(lsah->type)) {
1766 flog_warn(EC_OSPF_PACKET,
1767 "LSA[Type%d:%s]: Opaque capability mismatch?",
1768 lsah->type, inet_ntoa(lsah->id));
1769 continue;
1770 }
1771
1772 /* Create OSPF LSA instance. */
1773 lsa = ospf_lsa_new_and_data(length);
1774
1775 lsa->vrf_id = oi->ospf->vrf_id;
1776 /* We may wish to put some error checking if type NSSA comes in
1777 and area not in NSSA mode */
1778 switch (lsah->type) {
1779 case OSPF_AS_EXTERNAL_LSA:
1780 case OSPF_OPAQUE_AS_LSA:
1781 lsa->area = NULL;
1782 break;
1783 case OSPF_OPAQUE_LINK_LSA:
1784 lsa->oi = oi; /* Remember incoming interface for
1785 flooding control. */
1786 /* Fallthrough */
1787 default:
1788 lsa->area = oi->area;
1789 break;
1790 }
1791
1792 memcpy(lsa->data, lsah, length);
1793
1794 if (IS_DEBUG_OSPF_EVENT)
1795 zlog_debug(
1796 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1797 lsa->data->type, inet_ntoa(lsa->data->id),
1798 (void *)lsa);
1799 listnode_add(lsas, lsa);
1800 }
1801
1802 return lsas;
1803 }
1804
1805 /* Cleanup Update list. */
1806 static void ospf_upd_list_clean(struct list *lsas)
1807 {
1808 struct listnode *node, *nnode;
1809 struct ospf_lsa *lsa;
1810
1811 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1812 ospf_lsa_discard(lsa);
1813
1814 list_delete(&lsas);
1815 }
1816
1817 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1818 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1819 struct ospf_header *ospfh, struct stream *s,
1820 struct ospf_interface *oi, uint16_t size)
1821 {
1822 struct ospf_neighbor *nbr;
1823 struct list *lsas;
1824 struct listnode *node, *nnode;
1825 struct ospf_lsa *lsa = NULL;
1826 /* unsigned long ls_req_found = 0; */
1827
1828 /* Dis-assemble the stream, update each entry, re-encapsulate for
1829 * flooding */
1830
1831 /* Increment statistics. */
1832 oi->ls_upd_in++;
1833
1834 /* Check neighbor. */
1835 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1836 if (nbr == NULL) {
1837 flog_warn(EC_OSPF_PACKET,
1838 "Link State Update: Unknown Neighbor %s on int: %s",
1839 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1840 return;
1841 }
1842
1843 /* Add event to thread. */
1844 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1845
1846 /* Check neighbor state. */
1847 if (nbr->state < NSM_Exchange) {
1848 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1849 zlog_debug(
1850 "Link State Update: "
1851 "Neighbor[%s] state %s is less than Exchange",
1852 inet_ntoa(ospfh->router_id),
1853 lookup_msg(ospf_nsm_state_msg, nbr->state,
1854 NULL));
1855 return;
1856 }
1857
1858 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1859 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1860 * of section 13.
1861 */
1862 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1863
1864 if (lsas == NULL)
1865 return;
1866 #define DISCARD_LSA(L, N) \
1867 { \
1868 if (IS_DEBUG_OSPF_EVENT) \
1869 zlog_debug( \
1870 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1871 " Type-%d", \
1872 N, (void *)lsa, (int)lsa->data->type); \
1873 ospf_lsa_discard(L); \
1874 continue; \
1875 }
1876
1877 /* Process each LSA received in the one packet.
1878 *
1879 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1880 * text below are from the steps in RFC 2328, Section 13.
1881 */
1882 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1883 struct ospf_lsa *ls_ret, *current;
1884 int ret = 1;
1885
1886 if (IS_DEBUG_OSPF_NSSA) {
1887 char buf1[INET_ADDRSTRLEN];
1888 char buf2[INET_ADDRSTRLEN];
1889 char buf3[INET_ADDRSTRLEN];
1890
1891 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1892 lsa->data->type,
1893 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1894 INET_ADDRSTRLEN),
1895 inet_ntop(AF_INET, &lsa->data->id, buf2,
1896 INET_ADDRSTRLEN),
1897 inet_ntop(AF_INET, &lsa->data->adv_router,
1898 buf3, INET_ADDRSTRLEN));
1899 }
1900
1901 listnode_delete(lsas,
1902 lsa); /* We don't need it in list anymore */
1903
1904 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1905 */
1906
1907 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1908
1909 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1910 */
1911
1912 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1913 */
1914
1915 /* Do take in Type-7's if we are an NSSA */
1916
1917 /* If we are also an ABR, later translate them to a Type-5
1918 * packet */
1919
1920 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1921 translate them to a separate Type-5 packet. */
1922
1923 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1924 /* Reject from STUB or NSSA */
1925 if (nbr->oi->area->external_routing
1926 != OSPF_AREA_DEFAULT) {
1927 if (IS_DEBUG_OSPF_NSSA)
1928 zlog_debug(
1929 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1930 DISCARD_LSA(lsa, 1);
1931 }
1932
1933 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1934 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1935 if (IS_DEBUG_OSPF_NSSA)
1936 zlog_debug(
1937 "Incoming NSSA LSA Discarded: Not NSSA Area");
1938 DISCARD_LSA(lsa, 2);
1939 }
1940
1941 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1942 if (lsa->data->type == OSPF_ROUTER_LSA)
1943 if (!IPV4_ADDR_SAME(&lsa->data->id,
1944 &lsa->data->adv_router)) {
1945 char buf1[INET_ADDRSTRLEN];
1946 char buf2[INET_ADDRSTRLEN];
1947 char buf3[INET_ADDRSTRLEN];
1948
1949 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1950 "Incoming Router-LSA from %s with "
1951 "Adv-ID[%s] != LS-ID[%s]",
1952 inet_ntop(AF_INET, &ospfh->router_id,
1953 buf1, INET_ADDRSTRLEN),
1954 inet_ntop(AF_INET, &lsa->data->id,
1955 buf2, INET_ADDRSTRLEN),
1956 inet_ntop(AF_INET,
1957 &lsa->data->adv_router, buf3,
1958 INET_ADDRSTRLEN));
1959 flog_err(
1960 EC_OSPF_DOMAIN_CORRUPT,
1961 "OSPF domain compromised by attack or corruption. "
1962 "Verify correct operation of -ALL- OSPF routers.");
1963 DISCARD_LSA(lsa, 0);
1964 }
1965
1966 /* Find the LSA in the current database. */
1967
1968 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1969
1970 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1971 currently
1972 no instance of the LSA in the router's link state database,
1973 and none of router's neighbors are in states Exchange or
1974 Loading,
1975 then take the following actions: */
1976
1977 if (IS_LSA_MAXAGE(lsa) && !current
1978 && ospf_check_nbr_status(oi->ospf)) {
1979 /* (4a) Response Link State Acknowledgment. */
1980 ospf_ls_ack_send(nbr, lsa);
1981
1982 /* (4b) Discard LSA. */
1983 if (IS_DEBUG_OSPF(lsa, LSA)) {
1984 zlog_debug(
1985 "Link State Update[%s]: LS age is equal to MaxAge.",
1986 dump_lsa_key(lsa));
1987 }
1988 DISCARD_LSA(lsa, 3);
1989 }
1990
1991 if (IS_OPAQUE_LSA(lsa->data->type)
1992 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1993 &oi->ospf->router_id)) {
1994 /*
1995 * Even if initial flushing seems to be completed, there
1996 * might
1997 * be a case that self-originated LSA with MaxAge still
1998 * remain
1999 * in the routing domain.
2000 * Just send an LSAck message to cease retransmission.
2001 */
2002 if (IS_LSA_MAXAGE(lsa)) {
2003 zlog_info("LSA[%s]: Boomerang effect?",
2004 dump_lsa_key(lsa));
2005 ospf_ls_ack_send(nbr, lsa);
2006 ospf_lsa_discard(lsa);
2007
2008 if (current != NULL && !IS_LSA_MAXAGE(current))
2009 ospf_opaque_lsa_refresh_schedule(
2010 current);
2011 continue;
2012 }
2013
2014 /*
2015 * If an instance of self-originated Opaque-LSA is not
2016 * found
2017 * in the LSDB, there are some possible cases here.
2018 *
2019 * 1) This node lost opaque-capability after restart.
2020 * 2) Else, a part of opaque-type is no more supported.
2021 * 3) Else, a part of opaque-id is no more supported.
2022 *
2023 * Anyway, it is still this node's responsibility to
2024 * flush it.
2025 * Otherwise, the LSA instance remains in the routing
2026 * domain
2027 * until its age reaches to MaxAge.
2028 */
2029 /* XXX: We should deal with this for *ALL* LSAs, not
2030 * just opaque */
2031 if (current == NULL) {
2032 if (IS_DEBUG_OSPF_EVENT)
2033 zlog_debug(
2034 "LSA[%s]: Previously originated Opaque-LSA,"
2035 "not found in the LSDB.",
2036 dump_lsa_key(lsa));
2037
2038 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2039
2040 ospf_opaque_self_originated_lsa_received(nbr,
2041 lsa);
2042 ospf_ls_ack_send(nbr, lsa);
2043
2044 continue;
2045 }
2046 }
2047
2048 /* It might be happen that received LSA is self-originated
2049 * network LSA, but
2050 * router ID is changed. So, we should check if LSA is a
2051 * network-LSA whose
2052 * Link State ID is one of the router's own IP interface
2053 * addresses but whose
2054 * Advertising Router is not equal to the router's own Router ID
2055 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2056 * flushed.
2057 */
2058
2059 if (lsa->data->type == OSPF_NETWORK_LSA) {
2060 struct listnode *oinode, *oinnode;
2061 struct ospf_interface *out_if;
2062 int Flag = 0;
2063
2064 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2065 oinnode, out_if)) {
2066 if (out_if == NULL)
2067 break;
2068
2069 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2070 &lsa->data->id))
2071 && (!(IPV4_ADDR_SAME(
2072 &oi->ospf->router_id,
2073 &lsa->data->adv_router)))) {
2074 if (out_if->network_lsa_self) {
2075 ospf_lsa_flush_area(
2076 lsa, out_if->area);
2077 if (IS_DEBUG_OSPF_EVENT)
2078 zlog_debug(
2079 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2080 (void *)lsa,
2081 (int)lsa->data
2082 ->type);
2083 ospf_lsa_discard(lsa);
2084 Flag = 1;
2085 }
2086 break;
2087 }
2088 }
2089 if (Flag)
2090 continue;
2091 }
2092
2093 /* (5) Find the instance of this LSA that is currently contained
2094 in the router's link state database. If there is no
2095 database copy, or the received LSA is more recent than
2096 the database copy the following steps must be performed.
2097 (The sub steps from RFC 2328 section 13 step (5) will be
2098 performed in
2099 ospf_flood() ) */
2100
2101 if (current == NULL
2102 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2103 /* CVE-2017-3224 */
2104 if (current && (lsa->data->ls_seqnum ==
2105 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2106 && !IS_LSA_MAXAGE(lsa))) {
2107 zlog_debug(
2108 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2109 dump_lsa_key(lsa));
2110
2111 DISCARD_LSA(lsa, 4);
2112 }
2113
2114 /* Actual flooding procedure. */
2115 if (ospf_flood(oi->ospf, nbr, current, lsa)
2116 < 0) /* Trap NSSA later. */
2117 DISCARD_LSA(lsa, 5);
2118 continue;
2119 }
2120
2121 /* (6) Else, If there is an instance of the LSA on the sending
2122 neighbor's Link state request list, an error has occurred in
2123 the Database Exchange process. In this case, restart the
2124 Database Exchange process by generating the neighbor event
2125 BadLSReq for the sending neighbor and stop processing the
2126 Link State Update packet. */
2127
2128 if (ospf_ls_request_lookup(nbr, lsa)) {
2129 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2130 flog_warn(
2131 EC_OSPF_PACKET,
2132 "LSA[%s] instance exists on Link state request list",
2133 dump_lsa_key(lsa));
2134
2135 /* Clean list of LSAs. */
2136 ospf_upd_list_clean(lsas);
2137 /* this lsa is not on lsas list already. */
2138 ospf_lsa_discard(lsa);
2139 return;
2140 }
2141
2142 /* If the received LSA is the same instance as the database copy
2143 (i.e., neither one is more recent) the following two steps
2144 should be performed: */
2145
2146 if (ret == 0) {
2147 /* If the LSA is listed in the Link state retransmission
2148 list
2149 for the receiving adjacency, the router itself is
2150 expecting
2151 an acknowledgment for this LSA. The router should
2152 treat the
2153 received LSA as an acknowledgment by removing the LSA
2154 from
2155 the Link state retransmission list. This is termed
2156 an
2157 "implied acknowledgment". */
2158
2159 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2160
2161 if (ls_ret != NULL) {
2162 ospf_ls_retransmit_delete(nbr, ls_ret);
2163
2164 /* Delayed acknowledgment sent if advertisement
2165 received
2166 from Designated Router, otherwise do nothing.
2167 */
2168 if (oi->state == ISM_Backup)
2169 if (NBR_IS_DR(nbr))
2170 listnode_add(
2171 oi->ls_ack,
2172 ospf_lsa_lock(lsa));
2173
2174 DISCARD_LSA(lsa, 6);
2175 } else
2176 /* Acknowledge the receipt of the LSA by sending a
2177 Link State Acknowledgment packet back out the
2178 receiving
2179 interface. */
2180 {
2181 ospf_ls_ack_send(nbr, lsa);
2182 DISCARD_LSA(lsa, 7);
2183 }
2184 }
2185
2186 /* The database copy is more recent. If the database copy
2187 has LS age equal to MaxAge and LS sequence number equal to
2188 MaxSequenceNumber, simply discard the received LSA without
2189 acknowledging it. (In this case, the LSA's LS sequence number
2190 is
2191 wrapping, and the MaxSequenceNumber LSA must be completely
2192 flushed before any new LSA instance can be introduced). */
2193
2194 else if (ret > 0) /* Database copy is more recent */
2195 {
2196 if (IS_LSA_MAXAGE(current)
2197 && current->data->ls_seqnum
2198 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2199 DISCARD_LSA(lsa, 8);
2200 }
2201 /* Otherwise, as long as the database copy has not been
2202 sent in a
2203 Link State Update within the last MinLSArrival
2204 seconds, send the
2205 database copy back to the sending neighbor,
2206 encapsulated within
2207 a Link State Update Packet. The Link State Update
2208 Packet should
2209 be sent directly to the neighbor. In so doing, do not
2210 put the
2211 database copy of the LSA on the neighbor's link state
2212 retransmission list, and do not acknowledge the
2213 received (less
2214 recent) LSA instance. */
2215 else {
2216 if (monotime_since(&current->tv_orig, NULL)
2217 >= ospf->min_ls_arrival * 1000LL)
2218 /* Trap NSSA type later.*/
2219 ospf_ls_upd_send_lsa(
2220 nbr, current,
2221 OSPF_SEND_PACKET_DIRECT);
2222 DISCARD_LSA(lsa, 9);
2223 }
2224 }
2225 }
2226 #undef DISCARD_LSA
2227
2228 assert(listcount(lsas) == 0);
2229 list_delete(&lsas);
2230 }
2231
2232 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2233 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2234 struct stream *s, struct ospf_interface *oi,
2235 uint16_t size)
2236 {
2237 struct ospf_neighbor *nbr;
2238
2239 /* increment statistics. */
2240 oi->ls_ack_in++;
2241
2242 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2243 if (nbr == NULL) {
2244 flog_warn(EC_OSPF_PACKET,
2245 "Link State Acknowledgment: Unknown Neighbor %s.",
2246 inet_ntoa(ospfh->router_id));
2247 return;
2248 }
2249
2250 /* Add event to thread. */
2251 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2252
2253 if (nbr->state < NSM_Exchange) {
2254 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2255 zlog_debug(
2256 "Link State Acknowledgment: "
2257 "Neighbor[%s] state %s is less than Exchange",
2258 inet_ntoa(ospfh->router_id),
2259 lookup_msg(ospf_nsm_state_msg, nbr->state,
2260 NULL));
2261 return;
2262 }
2263
2264 while (size >= OSPF_LSA_HEADER_SIZE) {
2265 struct ospf_lsa *lsa, *lsr;
2266
2267 lsa = ospf_lsa_new();
2268 lsa->data = (struct lsa_header *)stream_pnt(s);
2269 lsa->vrf_id = oi->ospf->vrf_id;
2270
2271 /* lsah = (struct lsa_header *) stream_pnt (s); */
2272 size -= OSPF_LSA_HEADER_SIZE;
2273 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2274
2275 if (lsa->data->type < OSPF_MIN_LSA
2276 || lsa->data->type >= OSPF_MAX_LSA) {
2277 lsa->data = NULL;
2278 ospf_lsa_discard(lsa);
2279 continue;
2280 }
2281
2282 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2283
2284 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2285 ospf_ls_retransmit_delete(nbr, lsr);
2286
2287 lsa->data = NULL;
2288 ospf_lsa_discard(lsa);
2289 }
2290
2291 return;
2292 }
2293
2294 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2295 struct interface **ifp,
2296 struct stream *ibuf)
2297 {
2298 int ret;
2299 struct ip *iph;
2300 uint16_t ip_len;
2301 ifindex_t ifindex = 0;
2302 struct iovec iov;
2303 /* Header and data both require alignment. */
2304 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2305 struct msghdr msgh;
2306
2307 memset(&msgh, 0, sizeof(struct msghdr));
2308 msgh.msg_iov = &iov;
2309 msgh.msg_iovlen = 1;
2310 msgh.msg_control = (caddr_t)buff;
2311 msgh.msg_controllen = sizeof(buff);
2312
2313 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2314 OSPF_MAX_PACKET_SIZE + 1);
2315 if (ret < 0) {
2316 if (errno != EAGAIN && errno != EWOULDBLOCK)
2317 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2318 safe_strerror(errno));
2319 return NULL;
2320 }
2321 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2322 {
2323 flog_warn(
2324 EC_OSPF_PACKET,
2325 "ospf_recv_packet: discarding runt packet of length %d "
2326 "(ip header size is %u)",
2327 ret, (unsigned int)sizeof(iph));
2328 return NULL;
2329 }
2330
2331 /* Note that there should not be alignment problems with this assignment
2332 because this is at the beginning of the stream data buffer. */
2333 iph = (struct ip *)STREAM_DATA(ibuf);
2334 sockopt_iphdrincl_swab_systoh(iph);
2335
2336 ip_len = iph->ip_len;
2337
2338 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2339 /*
2340 * Kernel network code touches incoming IP header parameters,
2341 * before protocol specific processing.
2342 *
2343 * 1) Convert byteorder to host representation.
2344 * --> ip_len, ip_id, ip_off
2345 *
2346 * 2) Adjust ip_len to strip IP header size!
2347 * --> If user process receives entire IP packet via RAW
2348 * socket, it must consider adding IP header size to
2349 * the "ip_len" field of "ip" structure.
2350 *
2351 * For more details, see <netinet/ip_input.c>.
2352 */
2353 ip_len = ip_len + (iph->ip_hl << 2);
2354 #endif
2355
2356 #if defined(__DragonFly__)
2357 /*
2358 * in DragonFly's raw socket, ip_len/ip_off are read
2359 * in network byte order.
2360 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2361 */
2362 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2363 #endif
2364
2365 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2366
2367 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2368
2369 if (ret != ip_len) {
2370 flog_warn(
2371 EC_OSPF_PACKET,
2372 "ospf_recv_packet read length mismatch: ip_len is %d, "
2373 "but recvmsg returned %d",
2374 ip_len, ret);
2375 return NULL;
2376 }
2377
2378 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2379 zlog_debug("%s: fd %d(%s) on interface %d(%s)",
2380 __PRETTY_FUNCTION__, fd, ospf_get_name(ospf),
2381 ifindex, *ifp ? (*ifp)->name : "Unknown");
2382 return ibuf;
2383 }
2384
2385 static struct ospf_interface *
2386 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2387 struct ip *iph, struct ospf_header *ospfh)
2388 {
2389 struct ospf_interface *rcv_oi;
2390 struct ospf_vl_data *vl_data;
2391 struct ospf_area *vl_area;
2392 struct listnode *node;
2393
2394 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2395 || !OSPF_IS_AREA_BACKBONE(ospfh))
2396 return NULL;
2397
2398 /* look for local OSPF interface matching the destination
2399 * to determine Area ID. We presume therefore the destination address
2400 * is unique, or at least (for "unnumbered" links), not used in other
2401 * areas
2402 */
2403 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2404 == NULL)
2405 return NULL;
2406
2407 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2408 vl_area =
2409 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2410 if (!vl_area)
2411 continue;
2412
2413 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2414 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2415 if (IS_DEBUG_OSPF_EVENT)
2416 zlog_debug("associating packet with %s",
2417 IF_NAME(vl_data->vl_oi));
2418 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2419 if (IS_DEBUG_OSPF_EVENT)
2420 zlog_debug(
2421 "This VL is not up yet, sorry");
2422 return NULL;
2423 }
2424
2425 return vl_data->vl_oi;
2426 }
2427 }
2428
2429 if (IS_DEBUG_OSPF_EVENT)
2430 zlog_debug("couldn't find any VL to associate the packet with");
2431
2432 return NULL;
2433 }
2434
2435 static int ospf_check_area_id(struct ospf_interface *oi,
2436 struct ospf_header *ospfh)
2437 {
2438 /* Check match the Area ID of the receiving interface. */
2439 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2440 return 1;
2441
2442 return 0;
2443 }
2444
2445 /* Unbound socket will accept any Raw IP packets if proto is matched.
2446 To prevent it, compare src IP address and i/f address with masking
2447 i/f network mask. */
2448 static int ospf_check_network_mask(struct ospf_interface *oi,
2449 struct in_addr ip_src)
2450 {
2451 struct in_addr mask, me, him;
2452
2453 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2454 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2455 return 1;
2456
2457 masklen2ip(oi->address->prefixlen, &mask);
2458
2459 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2460 him.s_addr = ip_src.s_addr & mask.s_addr;
2461
2462 if (IPV4_ADDR_SAME(&me, &him))
2463 return 1;
2464
2465 return 0;
2466 }
2467
2468 /* Return 1, if the packet is properly authenticated and checksummed,
2469 0 otherwise. In particular, check that AuType header field is valid and
2470 matches the locally configured AuType, and that D.5 requirements are met. */
2471 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2472 {
2473 struct crypt_key *ck;
2474 uint16_t iface_auth_type;
2475 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2476
2477 switch (pkt_auth_type) {
2478 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2479 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2480 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2481 flog_warn(
2482 EC_OSPF_PACKET,
2483 "interface %s: auth-type mismatch, local %s, rcvd Null",
2484 IF_NAME(oi),
2485 lookup_msg(ospf_auth_type_str,
2486 iface_auth_type, NULL));
2487 return 0;
2488 }
2489 if (!ospf_check_sum(ospfh)) {
2490 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2491 flog_warn(
2492 EC_OSPF_PACKET,
2493 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2494 IF_NAME(oi),
2495 inet_ntoa(ospfh->router_id));
2496 return 0;
2497 }
2498 return 1;
2499 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2500 if (OSPF_AUTH_SIMPLE
2501 != (iface_auth_type = ospf_auth_type(oi))) {
2502 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2503 flog_warn(
2504 EC_OSPF_PACKET,
2505 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2506 IF_NAME(oi),
2507 lookup_msg(ospf_auth_type_str,
2508 iface_auth_type, NULL));
2509 return 0;
2510 }
2511 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2512 OSPF_AUTH_SIMPLE_SIZE)) {
2513 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2514 flog_warn(EC_OSPF_PACKET,
2515 "interface %s: Simple auth failed",
2516 IF_NAME(oi));
2517 return 0;
2518 }
2519 if (!ospf_check_sum(ospfh)) {
2520 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2521 flog_warn(
2522 EC_OSPF_PACKET,
2523 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2524 IF_NAME(oi),
2525 inet_ntoa(ospfh->router_id));
2526 return 0;
2527 }
2528 return 1;
2529 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2530 if (OSPF_AUTH_CRYPTOGRAPHIC
2531 != (iface_auth_type = ospf_auth_type(oi))) {
2532 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2533 flog_warn(
2534 EC_OSPF_PACKET,
2535 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2536 IF_NAME(oi),
2537 lookup_msg(ospf_auth_type_str,
2538 iface_auth_type, NULL));
2539 return 0;
2540 }
2541 if (ospfh->checksum) {
2542 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2543 flog_warn(
2544 EC_OSPF_PACKET,
2545 "interface %s: OSPF header checksum is not 0",
2546 IF_NAME(oi));
2547 return 0;
2548 }
2549 /* only MD5 crypto method can pass ospf_packet_examin() */
2550 if (NULL == (ck = listgetdata(
2551 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2552 || ospfh->u.crypt.key_id != ck->key_id ||
2553 /* Condition above uses the last key ID on the list,
2554 which is
2555 different from what ospf_crypt_key_lookup() does. A
2556 bug? */
2557 !ospf_check_md5_digest(oi, ospfh)) {
2558 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2559 flog_warn(EC_OSPF_MD5,
2560 "interface %s: MD5 auth failed",
2561 IF_NAME(oi));
2562 return 0;
2563 }
2564 return 1;
2565 default:
2566 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2567 flog_warn(
2568 EC_OSPF_PACKET,
2569 "interface %s: invalid packet auth-type (%02x)",
2570 IF_NAME(oi), pkt_auth_type);
2571 return 0;
2572 }
2573 }
2574
2575 static int ospf_check_sum(struct ospf_header *ospfh)
2576 {
2577 uint32_t ret;
2578 uint16_t sum;
2579
2580 /* clear auth_data for checksum. */
2581 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2582
2583 /* keep checksum and clear. */
2584 sum = ospfh->checksum;
2585 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2586
2587 /* calculate checksum. */
2588 ret = in_cksum(ospfh, ntohs(ospfh->length));
2589
2590 if (ret != sum) {
2591 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2592 ret, sum);
2593 return 0;
2594 }
2595
2596 return 1;
2597 }
2598
2599 /* Verify, that given link/TOS records are properly sized/aligned and match
2600 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2601 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2602 uint16_t linkbytes,
2603 const uint16_t num_links)
2604 {
2605 unsigned counted_links = 0, thislinklen;
2606
2607 while (linkbytes) {
2608 thislinklen =
2609 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2610 if (thislinklen > linkbytes) {
2611 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2612 zlog_debug("%s: length error in link block #%u",
2613 __func__, counted_links);
2614 return MSG_NG;
2615 }
2616 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2617 linkbytes -= thislinklen;
2618 counted_links++;
2619 }
2620 if (counted_links != num_links) {
2621 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2622 zlog_debug("%s: %u link blocks declared, %u present",
2623 __func__, num_links, counted_links);
2624 return MSG_NG;
2625 }
2626 return MSG_OK;
2627 }
2628
2629 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2630 minimum length constraint). */
2631 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2632 const uint8_t headeronly)
2633 {
2634 unsigned ret;
2635 struct router_lsa *rlsa;
2636 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2637 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2638 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2639 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2640 lookup_msg(ospf_lsa_type_msg, lsah->type,
2641 NULL));
2642 return MSG_NG;
2643 }
2644 switch (lsah->type) {
2645 case OSPF_ROUTER_LSA:
2646 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2647 * (12+)-byte link blocks */
2648 if (headeronly) {
2649 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2650 - OSPF_ROUTER_LSA_MIN_SIZE)
2651 % 4
2652 ? MSG_NG
2653 : MSG_OK;
2654 break;
2655 }
2656 rlsa = (struct router_lsa *)lsah;
2657 ret = ospf_router_lsa_links_examin(
2658 (struct router_lsa_link *)rlsa->link,
2659 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2660 header, "flags",
2661 0, "# links" */
2662 ntohs(rlsa->links) /* 16 bits */
2663 );
2664 break;
2665 case OSPF_AS_EXTERNAL_LSA:
2666 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2667 * blocks */
2668 case OSPF_AS_NSSA_LSA:
2669 /* RFC3101 C, idem */
2670 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2671 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2672 % 12
2673 ? MSG_NG
2674 : MSG_OK;
2675 break;
2676 /* Following LSA types are considered OK length-wise as soon as their
2677 * minimum
2678 * length constraint is met and length of the whole LSA is a multiple of
2679 * 4
2680 * (basic LSA header size is already a multiple of 4). */
2681 case OSPF_NETWORK_LSA:
2682 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2683 case OSPF_SUMMARY_LSA:
2684 case OSPF_ASBR_SUMMARY_LSA:
2685 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2686 * blocks */
2687 case OSPF_OPAQUE_LINK_LSA:
2688 case OSPF_OPAQUE_AREA_LSA:
2689 case OSPF_OPAQUE_AS_LSA:
2690 /* RFC5250 A.2, "some number of octets (of application-specific
2691 * data) padded to 32-bit alignment." This is considered
2692 * equivalent
2693 * to 4-byte alignment of all other LSA types, see
2694 * OSPF-ALIGNMENT.txt
2695 * file for the detailed analysis of this passage. */
2696 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2697 break;
2698 default:
2699 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2700 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2701 lsah->type);
2702 return MSG_NG;
2703 }
2704 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2705 zlog_debug("%s: alignment error in %s", __func__,
2706 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2707 return ret;
2708 }
2709
2710 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2711 includes verification of LSA blocks length/alignment and dispatching
2712 of deeper-level checks. */
2713 static unsigned
2714 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2715 size_t length, const uint8_t headeronly,
2716 /* When declared_num_lsas is not 0, compare it to the real
2717 number of LSAs
2718 and treat the difference as an error. */
2719 const uint32_t declared_num_lsas)
2720 {
2721 uint32_t counted_lsas = 0;
2722
2723 while (length) {
2724 uint16_t lsalen;
2725 if (length < OSPF_LSA_HEADER_SIZE) {
2726 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2727 zlog_debug(
2728 "%s: undersized (%zu B) trailing (#%u) LSA header",
2729 __func__, length, counted_lsas);
2730 return MSG_NG;
2731 }
2732 /* save on ntohs() calls here and in the LSA validator */
2733 lsalen = ntohs(lsah->length);
2734 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2735 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2736 zlog_debug(
2737 "%s: malformed LSA header #%u, declared length is %u B",
2738 __func__, counted_lsas, lsalen);
2739 return MSG_NG;
2740 }
2741 if (headeronly) {
2742 /* less checks here and in ospf_lsa_examin() */
2743 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2744 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2745 zlog_debug(
2746 "%s: malformed header-only LSA #%u",
2747 __func__, counted_lsas);
2748 return MSG_NG;
2749 }
2750 lsah = (struct lsa_header *)((caddr_t)lsah
2751 + OSPF_LSA_HEADER_SIZE);
2752 length -= OSPF_LSA_HEADER_SIZE;
2753 } else {
2754 /* make sure the input buffer is deep enough before
2755 * further checks */
2756 if (lsalen > length) {
2757 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2758 zlog_debug(
2759 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2760 __func__, counted_lsas, lsalen,
2761 length);
2762 return MSG_NG;
2763 }
2764 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2765 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2766 zlog_debug("%s: malformed LSA #%u",
2767 __func__, counted_lsas);
2768 return MSG_NG;
2769 }
2770 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2771 length -= lsalen;
2772 }
2773 counted_lsas++;
2774 }
2775
2776 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2777 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2778 zlog_debug(
2779 "%s: #LSAs declared (%u) does not match actual (%u)",
2780 __func__, declared_num_lsas, counted_lsas);
2781 return MSG_NG;
2782 }
2783 return MSG_OK;
2784 }
2785
2786 /* Verify a complete OSPF packet for proper sizing/alignment. */
2787 static unsigned ospf_packet_examin(struct ospf_header *oh,
2788 const unsigned bytesonwire)
2789 {
2790 uint16_t bytesdeclared, bytesauth;
2791 unsigned ret;
2792 struct ospf_ls_update *lsupd;
2793
2794 /* Length, 1st approximation. */
2795 if (bytesonwire < OSPF_HEADER_SIZE) {
2796 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2797 zlog_debug("%s: undersized (%u B) packet", __func__,
2798 bytesonwire);
2799 return MSG_NG;
2800 }
2801 /* Now it is safe to access header fields. Performing length check,
2802 * allow
2803 * for possible extra bytes of crypto auth/padding, which are not
2804 * counted
2805 * in the OSPF header "length" field. */
2806 if (oh->version != OSPF_VERSION) {
2807 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2808 zlog_debug("%s: invalid (%u) protocol version",
2809 __func__, oh->version);
2810 return MSG_NG;
2811 }
2812 bytesdeclared = ntohs(oh->length);
2813 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2814 bytesauth = 0;
2815 else {
2816 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2817 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2818 zlog_debug(
2819 "%s: unsupported crypto auth length (%u B)",
2820 __func__, oh->u.crypt.auth_data_len);
2821 return MSG_NG;
2822 }
2823 bytesauth = OSPF_AUTH_MD5_SIZE;
2824 }
2825 if (bytesdeclared + bytesauth > bytesonwire) {
2826 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2827 zlog_debug(
2828 "%s: packet length error (%u real, %u+%u declared)",
2829 __func__, bytesonwire, bytesdeclared,
2830 bytesauth);
2831 return MSG_NG;
2832 }
2833 /* Length, 2nd approximation. The type-specific constraint is checked
2834 against declared length, not amount of bytes on wire. */
2835 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2836 && bytesdeclared
2837 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2838 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2839 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2840 bytesdeclared,
2841 lookup_msg(ospf_packet_type_str, oh->type,
2842 NULL));
2843 return MSG_NG;
2844 }
2845 switch (oh->type) {
2846 case OSPF_MSG_HELLO:
2847 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2848 followed
2849 by N>=0 router-IDs. */
2850 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2851 % 4
2852 ? MSG_NG
2853 : MSG_OK;
2854 break;
2855 case OSPF_MSG_DB_DESC:
2856 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2857 followed
2858 by N>=0 header-only LSAs. */
2859 ret = ospf_lsaseq_examin(
2860 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2861 + OSPF_DB_DESC_MIN_SIZE),
2862 bytesdeclared - OSPF_HEADER_SIZE
2863 - OSPF_DB_DESC_MIN_SIZE,
2864 1, /* header-only LSAs */
2865 0);
2866 break;
2867 case OSPF_MSG_LS_REQ:
2868 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2869 * request blocks. */
2870 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2871 % OSPF_LSA_KEY_SIZE
2872 ? MSG_NG
2873 : MSG_OK;
2874 break;
2875 case OSPF_MSG_LS_UPD:
2876 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2877 followed
2878 by N>=0 full LSAs (with N declared beforehand). */
2879 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2880 + OSPF_HEADER_SIZE);
2881 ret = ospf_lsaseq_examin(
2882 (struct lsa_header *)((caddr_t)lsupd
2883 + OSPF_LS_UPD_MIN_SIZE),
2884 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2885 0, /* full LSAs */
2886 ntohl(lsupd->num_lsas) /* 32 bits */
2887 );
2888 break;
2889 case OSPF_MSG_LS_ACK:
2890 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2891 * LSAs. */
2892 ret = ospf_lsaseq_examin(
2893 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2894 + OSPF_LS_ACK_MIN_SIZE),
2895 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2896 1, /* header-only LSAs */
2897 0);
2898 break;
2899 default:
2900 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2901 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2902 oh->type);
2903 return MSG_NG;
2904 }
2905 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2906 zlog_debug("%s: malformed %s packet", __func__,
2907 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2908 return ret;
2909 }
2910
2911 /* OSPF Header verification. */
2912 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2913 struct ip *iph, struct ospf_header *ospfh)
2914 {
2915 /* Check Area ID. */
2916 if (!ospf_check_area_id(oi, ospfh)) {
2917 flog_warn(EC_OSPF_PACKET,
2918 "interface %s: ospf_read invalid Area ID %s.",
2919 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2920 return -1;
2921 }
2922
2923 /* Check network mask, Silently discarded. */
2924 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2925 flog_warn(
2926 EC_OSPF_PACKET,
2927 "interface %s: ospf_read network address is not same [%s]",
2928 IF_NAME(oi), inet_ntoa(iph->ip_src));
2929 return -1;
2930 }
2931
2932 /* Check authentication. The function handles logging actions, where
2933 * required. */
2934 if (!ospf_check_auth(oi, ospfh))
2935 return -1;
2936
2937 return 0;
2938 }
2939
2940 enum ospf_read_return_enum {
2941 OSPF_READ_ERROR,
2942 OSPF_READ_CONTINUE,
2943 };
2944
2945 static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
2946 {
2947 int ret;
2948 struct stream *ibuf;
2949 struct ospf_interface *oi;
2950 struct ip *iph;
2951 struct ospf_header *ospfh;
2952 uint16_t length;
2953 struct connected *c;
2954 struct interface *ifp = NULL;
2955
2956 stream_reset(ospf->ibuf);
2957 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2958 if (ibuf == NULL)
2959 return OSPF_READ_ERROR;
2960
2961 /*
2962 * This raw packet is known to be at least as big as its
2963 * IP header. Note that there should not be alignment problems with
2964 * this assignment because this is at the beginning of the
2965 * stream data buffer.
2966 */
2967 iph = (struct ip *)STREAM_DATA(ibuf);
2968 /*
2969 * Note that sockopt_iphdrincl_swab_systoh was called in
2970 * ospf_recv_packet.
2971 */
2972 if (ifp == NULL) {
2973 /*
2974 * Handle cases where the platform does not support
2975 * retrieving the ifindex, and also platforms (such as
2976 * Solaris 8) that claim to support ifindex retrieval but do
2977 * not.
2978 */
2979 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2980 ospf->vrf_id);
2981 if (c)
2982 ifp = c->ifp;
2983 if (ifp == NULL) {
2984 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2985 zlog_debug(
2986 "%s: Unable to determine incoming interface from: %s(%s)",
2987 __PRETTY_FUNCTION__,
2988 inet_ntoa(iph->ip_src),
2989 ospf_get_name(ospf));
2990 return OSPF_READ_CONTINUE;
2991 }
2992 }
2993
2994 /* Self-originated packet should be discarded silently. */
2995 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2996 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2997 zlog_debug(
2998 "ospf_read[%s]: Dropping self-originated packet",
2999 inet_ntoa(iph->ip_src));
3000 }
3001 return OSPF_READ_CONTINUE;
3002 }
3003
3004 /*
3005 * Advance from IP header to OSPF header (iph->ip_hl has
3006 * been verified by ospf_recv_packet() to be correct).
3007 */
3008 stream_forward_getp(ibuf, iph->ip_hl * 4);
3009
3010 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3011 if (MSG_OK
3012 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3013 - stream_get_getp(ibuf)))
3014 return OSPF_READ_CONTINUE;
3015 /* Now it is safe to access all fields of OSPF packet header. */
3016
3017 /* associate packet with ospf interface */
3018 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3019
3020 /*
3021 * ospf_verify_header() relies on a valid "oi" and thus can be called
3022 * only after the passive/backbone/other checks below are passed.
3023 * These checks in turn access the fields of unverified "ospfh"
3024 * structure for their own purposes and must remain very accurate
3025 * in doing this.
3026 */
3027
3028 /* If incoming interface is passive one, ignore it. */
3029 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3030 char buf[3][INET_ADDRSTRLEN];
3031
3032 if (IS_DEBUG_OSPF_EVENT)
3033 zlog_debug(
3034 "ignoring packet from router %s sent to %s, received on a passive interface, %s",
3035 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3036 sizeof(buf[0])),
3037 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3038 sizeof(buf[1])),
3039 inet_ntop(AF_INET, &oi->address->u.prefix4,
3040 buf[2], sizeof(buf[2])));
3041
3042 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3043 /* Try to fix multicast membership.
3044 * Some OS:es may have problems in this area,
3045 * make sure it is removed.
3046 */
3047 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3048 ospf_if_set_multicast(oi);
3049 }
3050 return OSPF_READ_CONTINUE;
3051 }
3052
3053
3054 /* if no local ospf_interface,
3055 * or header area is backbone but ospf_interface is not
3056 * check for VLINK interface
3057 */
3058 if ((oi == NULL)
3059 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3060 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3061 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3062 == NULL) {
3063 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3064 zlog_debug(
3065 "Packet from [%s] received on link %s but no ospf_interface",
3066 inet_ntoa(iph->ip_src), ifp->name);
3067 return OSPF_READ_CONTINUE;
3068 }
3069 }
3070
3071 /*
3072 * else it must be a local ospf interface, check it was
3073 * received on correct link
3074 */
3075 else if (oi->ifp != ifp) {
3076 if (IS_DEBUG_OSPF_EVENT)
3077 flog_warn(EC_OSPF_PACKET,
3078 "Packet from [%s] received on wrong link %s",
3079 inet_ntoa(iph->ip_src), ifp->name);
3080 return OSPF_READ_CONTINUE;
3081 } else if (oi->state == ISM_Down) {
3082 char buf[2][INET_ADDRSTRLEN];
3083
3084 flog_warn(
3085 EC_OSPF_PACKET,
3086 "Ignoring packet from %s to %s received on interface that is down [%s]; interface flags are %s",
3087 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3088 sizeof(buf[0])),
3089 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3090 sizeof(buf[1])),
3091 ifp->name, if_flag_dump(ifp->flags));
3092 /* Fix multicast memberships? */
3093 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3094 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3095 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3096 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3097 if (oi->multicast_memberships)
3098 ospf_if_set_multicast(oi);
3099 return OSPF_READ_CONTINUE;
3100 }
3101
3102 /*
3103 * If the received packet is destined for AllDRouters, the
3104 * packet should be accepted only if the received ospf
3105 * interface state is either DR or Backup -- endo.
3106 *
3107 * I wonder who endo is?
3108 */
3109 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3110 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3111 flog_warn(
3112 EC_OSPF_PACKET,
3113 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3114 inet_ntoa(iph->ip_src), IF_NAME(oi),
3115 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3116 /* Try to fix multicast membership. */
3117 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3118 ospf_if_set_multicast(oi);
3119 return OSPF_READ_CONTINUE;
3120 }
3121
3122 /* Verify more OSPF header fields. */
3123 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3124 if (ret < 0) {
3125 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3126 zlog_debug(
3127 "ospf_read[%s]: Header check failed, "
3128 "dropping.",
3129 inet_ntoa(iph->ip_src));
3130 return OSPF_READ_CONTINUE;
3131 }
3132
3133 /* Show debug receiving packet. */
3134 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3135 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3136 zlog_debug(
3137 "-----------------------------------------------------");
3138 ospf_packet_dump(ibuf);
3139 }
3140
3141 zlog_debug("%s received from [%s] via [%s]",
3142 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3143 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3144 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3145 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3146
3147 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3148 zlog_debug(
3149 "-----------------------------------------------------");
3150 }
3151
3152 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3153
3154 /* Adjust size to message length. */
3155 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3156
3157 /* Read rest of the packet and call each sort of packet routine.
3158 */
3159 switch (ospfh->type) {
3160 case OSPF_MSG_HELLO:
3161 ospf_hello(iph, ospfh, ibuf, oi, length);
3162 break;
3163 case OSPF_MSG_DB_DESC:
3164 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3165 break;
3166 case OSPF_MSG_LS_REQ:
3167 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3168 break;
3169 case OSPF_MSG_LS_UPD:
3170 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3171 break;
3172 case OSPF_MSG_LS_ACK:
3173 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3174 break;
3175 default:
3176 flog_warn(
3177 EC_OSPF_PACKET,
3178 "interface %s(%s): OSPF packet header type %d is illegal",
3179 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3180 break;
3181 }
3182
3183 return OSPF_READ_CONTINUE;
3184 }
3185
3186 /* Starting point of packet process function. */
3187 int ospf_read(struct thread *thread)
3188 {
3189 struct ospf *ospf;
3190 int32_t count = 0;
3191 enum ospf_read_return_enum ret;
3192
3193 /* first of all get interface pointer. */
3194 ospf = THREAD_ARG(thread);
3195
3196 /* prepare for next packet. */
3197 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3198
3199 while (count < ospf->write_oi_count) {
3200 count++;
3201 ret = ospf_read_helper(ospf);
3202 switch (ret) {
3203 case OSPF_READ_ERROR:
3204 return -1;
3205 break;
3206 case OSPF_READ_CONTINUE:
3207 break;
3208 }
3209 }
3210
3211 return 0;
3212 }
3213
3214 /* Make OSPF header. */
3215 static void ospf_make_header(int type, struct ospf_interface *oi,
3216 struct stream *s)
3217 {
3218 struct ospf_header *ospfh;
3219
3220 ospfh = (struct ospf_header *)STREAM_DATA(s);
3221
3222 ospfh->version = (uint8_t)OSPF_VERSION;
3223 ospfh->type = (uint8_t)type;
3224
3225 ospfh->router_id = oi->ospf->router_id;
3226
3227 ospfh->checksum = 0;
3228 ospfh->area_id = oi->area->area_id;
3229 ospfh->auth_type = htons(ospf_auth_type(oi));
3230
3231 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3232
3233 stream_forward_endp(s, OSPF_HEADER_SIZE);
3234 }
3235
3236 /* Make Authentication Data. */
3237 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3238 {
3239 struct crypt_key *ck;
3240
3241 switch (ospf_auth_type(oi)) {
3242 case OSPF_AUTH_NULL:
3243 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3244 */
3245 break;
3246 case OSPF_AUTH_SIMPLE:
3247 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3248 OSPF_AUTH_SIMPLE_SIZE);
3249 break;
3250 case OSPF_AUTH_CRYPTOGRAPHIC:
3251 /* If key is not set, then set 0. */
3252 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3253 ospfh->u.crypt.zero = 0;
3254 ospfh->u.crypt.key_id = 0;
3255 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3256 } else {
3257 ck = listgetdata(
3258 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3259 ospfh->u.crypt.zero = 0;
3260 ospfh->u.crypt.key_id = ck->key_id;
3261 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3262 }
3263 /* note: the seq is done in ospf_make_md5_digest() */
3264 break;
3265 default:
3266 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3267 */
3268 break;
3269 }
3270
3271 return 0;
3272 }
3273
3274 /* Fill rest of OSPF header. */
3275 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3276 uint16_t length)
3277 {
3278 struct ospf_header *ospfh;
3279
3280 ospfh = (struct ospf_header *)STREAM_DATA(s);
3281
3282 /* Fill length. */
3283 ospfh->length = htons(length);
3284
3285 /* Calculate checksum. */
3286 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3287 ospfh->checksum = in_cksum(ospfh, length);
3288 else
3289 ospfh->checksum = 0;
3290
3291 /* Add Authentication Data. */
3292 ospf_make_auth(oi, ospfh);
3293 }
3294
3295 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3296 {
3297 struct ospf_neighbor *nbr;
3298 struct route_node *rn;
3299 uint16_t length = OSPF_HELLO_MIN_SIZE;
3300 struct in_addr mask;
3301 unsigned long p;
3302 int flag = 0;
3303
3304 /* Set netmask of interface. */
3305 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3306 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3307 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3308 masklen2ip(oi->address->prefixlen, &mask);
3309 else
3310 memset((char *)&mask, 0, sizeof(struct in_addr));
3311 stream_put_ipv4(s, mask.s_addr);
3312
3313 /* Set Hello Interval. */
3314 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3315 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3316 else
3317 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3318
3319 if (IS_DEBUG_OSPF_EVENT)
3320 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3321 IF_NAME(oi));
3322
3323 /* Set Options. */
3324 stream_putc(s, OPTIONS(oi));
3325
3326 /* Set Router Priority. */
3327 stream_putc(s, PRIORITY(oi));
3328
3329 /* Set Router Dead Interval. */
3330 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3331
3332 /* Set Designated Router. */
3333 stream_put_ipv4(s, DR(oi).s_addr);
3334
3335 p = stream_get_endp(s);
3336
3337 /* Set Backup Designated Router. */
3338 stream_put_ipv4(s, BDR(oi).s_addr);
3339
3340 /* Add neighbor seen. */
3341 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3342 if ((nbr = rn->info))
3343 if (nbr->router_id.s_addr
3344 != 0) /* Ignore 0.0.0.0 node. */
3345 if (nbr->state
3346 != NSM_Attempt) /* Ignore Down neighbor. */
3347 if (nbr->state
3348 != NSM_Down) /* This is myself for
3349 DR election. */
3350 if (!IPV4_ADDR_SAME(
3351 &nbr->router_id,
3352 &oi->ospf->router_id)) {
3353 /* Check neighbor is
3354 * sane? */
3355 if (nbr->d_router.s_addr
3356 != 0
3357 && IPV4_ADDR_SAME(
3358 &nbr->d_router,
3359 &oi->address
3360 ->u
3361 .prefix4)
3362 && IPV4_ADDR_SAME(
3363 &nbr->bd_router,
3364 &oi->address
3365 ->u
3366 .prefix4))
3367 flag = 1;
3368
3369 /* Hello packet overflows interface MTU. */
3370 if (length + sizeof(uint32_t)
3371 > ospf_packet_max(oi)) {
3372 flog_err(
3373 EC_OSPF_LARGE_HELLO,
3374 "Oversized Hello packet! Larger than MTU. Not sending it out");
3375 return 0;
3376 }
3377
3378 stream_put_ipv4(
3379 s,
3380 nbr->router_id
3381 .s_addr);
3382 length += 4;
3383 }
3384
3385 /* Let neighbor generate BackupSeen. */
3386 if (flag == 1)
3387 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3388
3389 return length;
3390 }
3391
3392 static int ospf_make_db_desc(struct ospf_interface *oi,
3393 struct ospf_neighbor *nbr, struct stream *s)
3394 {
3395 struct ospf_lsa *lsa;
3396 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3397 uint8_t options;
3398 unsigned long pp;
3399 int i;
3400 struct ospf_lsdb *lsdb;
3401
3402 /* Set Interface MTU. */
3403 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3404 stream_putw(s, 0);
3405 else
3406 stream_putw(s, oi->ifp->mtu);
3407
3408 /* Set Options. */
3409 options = OPTIONS(oi);
3410 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3411 SET_FLAG(options, OSPF_OPTION_O);
3412 stream_putc(s, options);
3413
3414 /* DD flags */
3415 pp = stream_get_endp(s);
3416 stream_putc(s, nbr->dd_flags);
3417
3418 /* Set DD Sequence Number. */
3419 stream_putl(s, nbr->dd_seqnum);
3420
3421 /* shortcut unneeded walk of (empty) summary LSDBs */
3422 if (ospf_db_summary_isempty(nbr))
3423 goto empty;
3424
3425 /* Describe LSA Header from Database Summary List. */
3426 lsdb = &nbr->db_sum;
3427
3428 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3429 struct route_table *table = lsdb->type[i].db;
3430 struct route_node *rn;
3431
3432 for (rn = route_top(table); rn; rn = route_next(rn))
3433 if ((lsa = rn->info) != NULL) {
3434 if (IS_OPAQUE_LSA(lsa->data->type)
3435 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3436 /* Suppress advertising
3437 * opaque-information. */
3438 /* Remove LSA from DB summary list. */
3439 ospf_lsdb_delete(lsdb, lsa);
3440 continue;
3441 }
3442
3443 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3444 struct lsa_header *lsah;
3445 uint16_t ls_age;
3446
3447 /* DD packet overflows interface MTU. */
3448 if (length + OSPF_LSA_HEADER_SIZE
3449 > ospf_packet_max(oi))
3450 break;
3451
3452 /* Keep pointer to LS age. */
3453 lsah = (struct lsa_header
3454 *)(STREAM_DATA(s)
3455 + stream_get_endp(
3456 s));
3457
3458 /* Proceed stream pointer. */
3459 stream_put(s, lsa->data,
3460 OSPF_LSA_HEADER_SIZE);
3461 length += OSPF_LSA_HEADER_SIZE;
3462
3463 /* Set LS age. */
3464 ls_age = LS_AGE(lsa);
3465 lsah->ls_age = htons(ls_age);
3466 }
3467
3468 /* Remove LSA from DB summary list. */
3469 ospf_lsdb_delete(lsdb, lsa);
3470 }
3471 }
3472
3473 /* Update 'More' bit */
3474 if (ospf_db_summary_isempty(nbr)) {
3475 empty:
3476 if (nbr->state >= NSM_Exchange) {
3477 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3478 /* Rewrite DD flags */
3479 stream_putc_at(s, pp, nbr->dd_flags);
3480 } else {
3481 assert(IS_SET_DD_M(nbr->dd_flags));
3482 }
3483 }
3484 return length;
3485 }
3486
3487 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3488 unsigned long delta, struct ospf_neighbor *nbr,
3489 struct ospf_lsa *lsa)
3490 {
3491 struct ospf_interface *oi;
3492
3493 oi = nbr->oi;
3494
3495 /* LS Request packet overflows interface MTU
3496 * delta is just number of bytes required for 1 LS Req
3497 * ospf_packet_max will return the number of bytes can
3498 * be accomodated without ospf header. So length+delta
3499 * can be compared to ospf_packet_max
3500 * to check if it can fit another lsreq in the same packet.
3501 */
3502
3503 if (*length + delta > ospf_packet_max(oi))
3504 return 0;
3505
3506 stream_putl(s, lsa->data->type);
3507 stream_put_ipv4(s, lsa->data->id.s_addr);
3508 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3509
3510 ospf_lsa_unlock(&nbr->ls_req_last);
3511 nbr->ls_req_last = ospf_lsa_lock(lsa);
3512
3513 *length += 12;
3514 return 1;
3515 }
3516
3517 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3518 {
3519 struct ospf_lsa *lsa;
3520 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3521 unsigned long delta = 12;
3522 struct route_table *table;
3523 struct route_node *rn;
3524 int i;
3525 struct ospf_lsdb *lsdb;
3526
3527 lsdb = &nbr->ls_req;
3528
3529 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3530 table = lsdb->type[i].db;
3531 for (rn = route_top(table); rn; rn = route_next(rn))
3532 if ((lsa = (rn->info)) != NULL)
3533 if (ospf_make_ls_req_func(s, &length, delta,
3534 nbr, lsa)
3535 == 0) {
3536 route_unlock_node(rn);
3537 break;
3538 }
3539 }
3540 return length;
3541 }
3542
3543 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3544 {
3545 int age;
3546
3547 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3548
3549 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3550 }
3551
3552 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3553 struct stream *s)
3554 {
3555 struct ospf_lsa *lsa;
3556 struct listnode *node;
3557 uint16_t length = 0;
3558 unsigned int size_noauth;
3559 unsigned long delta = stream_get_endp(s);
3560 unsigned long pp;
3561 int count = 0;
3562
3563 if (IS_DEBUG_OSPF_EVENT)
3564 zlog_debug("ospf_make_ls_upd: Start");
3565
3566 pp = stream_get_endp(s);
3567 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3568 length += OSPF_LS_UPD_MIN_SIZE;
3569
3570 /* Calculate amount of packet usable for data. */
3571 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3572
3573 while ((node = listhead(update)) != NULL) {
3574 struct lsa_header *lsah;
3575 uint16_t ls_age;
3576
3577 if (IS_DEBUG_OSPF_EVENT)
3578 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3579 count);
3580
3581 lsa = listgetdata(node);
3582
3583 assert(lsa->data);
3584
3585 /* Will it fit? Minimum it has to fit atleast one */
3586 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3587 (count > 0))
3588 break;
3589
3590 /* Keep pointer to LS age. */
3591 lsah = (struct lsa_header *)(STREAM_DATA(s)
3592 + stream_get_endp(s));
3593
3594 /* Put LSA to Link State Request. */
3595 stream_put(s, lsa->data, ntohs(lsa->data->length));
3596
3597 /* Set LS age. */
3598 /* each hop must increment an lsa_age by transmit_delay
3599 of OSPF interface */
3600 ls_age = ls_age_increment(lsa,
3601 OSPF_IF_PARAM(oi, transmit_delay));
3602 lsah->ls_age = htons(ls_age);
3603
3604 length += ntohs(lsa->data->length);
3605 count++;
3606
3607 list_delete_node(update, node);
3608 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3609 }
3610
3611 /* Now set #LSAs. */
3612 stream_putl_at(s, pp, count);
3613
3614 if (IS_DEBUG_OSPF_EVENT)
3615 zlog_debug("ospf_make_ls_upd: Stop");
3616 return length;
3617 }
3618
3619 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3620 struct stream *s)
3621 {
3622 struct listnode *node, *nnode;
3623 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3624 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3625 struct ospf_lsa *lsa;
3626
3627 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3628 assert(lsa);
3629
3630 /* LS Ack packet overflows interface MTU
3631 * delta is just number of bytes required for
3632 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3633 * the number of bytes can be accomodated without
3634 * ospf header. So length+delta can be compared
3635 * against ospf_packet_max to check if it can fit
3636 * another ls header in the same packet.
3637 */
3638 if ((length + delta) > ospf_packet_max(oi))
3639 break;
3640
3641 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3642 length += OSPF_LSA_HEADER_SIZE;
3643
3644 listnode_delete(ack, lsa);
3645 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3646 }
3647
3648 return length;
3649 }
3650
3651 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3652 {
3653 struct ospf_packet *op;
3654 uint16_t length = OSPF_HEADER_SIZE;
3655
3656 op = ospf_packet_new(oi->ifp->mtu);
3657
3658 /* Prepare OSPF common header. */
3659 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3660
3661 /* Prepare OSPF Hello body. */
3662 length += ospf_make_hello(oi, op->s);
3663 if (length == OSPF_HEADER_SIZE) {
3664 /* Hello overshooting MTU */
3665 ospf_packet_free(op);
3666 return;
3667 }
3668
3669 /* Fill OSPF header. */
3670 ospf_fill_header(oi, op->s, length);
3671
3672 /* Set packet length. */
3673 op->length = length;
3674
3675 op->dst.s_addr = addr;
3676
3677 if (IS_DEBUG_OSPF_EVENT) {
3678 if (oi->ospf->vrf_id)
3679 zlog_debug(
3680 "%s: Hello Tx interface %s ospf vrf %s id %u",
3681 __PRETTY_FUNCTION__, oi->ifp->name,
3682 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3683 oi->ospf->vrf_id);
3684 }
3685 /* Add packet to the top of the interface output queue, so that they
3686 * can't get delayed by things like long queues of LS Update packets
3687 */
3688 ospf_packet_add_top(oi, op);
3689
3690 /* Hook thread to write packet. */
3691 OSPF_ISM_WRITE_ON(oi->ospf);
3692 }
3693
3694 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3695 {
3696 struct ospf_interface *oi;
3697
3698 oi = nbr_nbma->oi;
3699 assert(oi);
3700
3701 /* If this is passive interface, do not send OSPF Hello. */
3702 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3703 return;
3704
3705 if (oi->type != OSPF_IFTYPE_NBMA)
3706 return;
3707
3708 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3709 return;
3710
3711 if (PRIORITY(oi) == 0)
3712 return;
3713
3714 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3715 && oi->state != ISM_Backup)
3716 return;
3717
3718 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3719 }
3720
3721 int ospf_poll_timer(struct thread *thread)
3722 {
3723 struct ospf_nbr_nbma *nbr_nbma;
3724
3725 nbr_nbma = THREAD_ARG(thread);
3726 nbr_nbma->t_poll = NULL;
3727
3728 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3729 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3730 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3731
3732 ospf_poll_send(nbr_nbma);
3733
3734 if (nbr_nbma->v_poll > 0)
3735 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3736 nbr_nbma->v_poll);
3737
3738 return 0;
3739 }
3740
3741
3742 int ospf_hello_reply_timer(struct thread *thread)
3743 {
3744 struct ospf_neighbor *nbr;
3745
3746 nbr = THREAD_ARG(thread);
3747 nbr->t_hello_reply = NULL;
3748
3749 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3750 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3751 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3752
3753 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3754
3755 return 0;
3756 }
3757
3758 /* Send OSPF Hello. */
3759 void ospf_hello_send(struct ospf_interface *oi)
3760 {
3761 /* If this is passive interface, do not send OSPF Hello. */
3762 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3763 return;
3764
3765 if (oi->type == OSPF_IFTYPE_NBMA) {
3766 struct ospf_neighbor *nbr;
3767 struct route_node *rn;
3768
3769 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3770 if ((nbr = rn->info))
3771 if (nbr != oi->nbr_self)
3772 if (nbr->state != NSM_Down) {
3773 /* RFC 2328 Section 9.5.1
3774 If the router is not
3775 eligible to become Designated
3776 Router,
3777 it must periodically send
3778 Hello Packets to both the
3779 Designated Router and the
3780 Backup Designated Router (if
3781 they
3782 exist). */
3783 if (PRIORITY(oi) == 0
3784 && IPV4_ADDR_CMP(
3785 &DR(oi),
3786 &nbr->address.u
3787 .prefix4)
3788 && IPV4_ADDR_CMP(
3789 &BDR(oi),
3790 &nbr->address.u
3791 .prefix4))
3792 continue;
3793
3794 /* If the router is eligible to
3795 become Designated Router, it
3796 must periodically send Hello
3797 Packets to all neighbors that
3798 are also eligible. In
3799 addition, if the router is
3800 itself the
3801 Designated Router or Backup
3802 Designated Router, it must
3803 also
3804 send periodic Hello Packets
3805 to all other neighbors. */
3806
3807 if (nbr->priority == 0
3808 && oi->state == ISM_DROther)
3809 continue;
3810 /* if oi->state == Waiting, send
3811 * hello to all neighbors */
3812 ospf_hello_send_sub(
3813 oi,
3814 nbr->address.u.prefix4
3815 .s_addr);
3816 }
3817 } else {
3818 /* Decide destination address. */
3819 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3820 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3821 else
3822 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3823 }
3824 }
3825
3826 /* Send OSPF Database Description. */
3827 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3828 {
3829 struct ospf_interface *oi;
3830 struct ospf_packet *op;
3831 uint16_t length = OSPF_HEADER_SIZE;
3832
3833 oi = nbr->oi;
3834 op = ospf_packet_new(oi->ifp->mtu);
3835
3836 /* Prepare OSPF common header. */
3837 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3838
3839 /* Prepare OSPF Database Description body. */
3840 length += ospf_make_db_desc(oi, nbr, op->s);
3841
3842 /* Fill OSPF header. */
3843 ospf_fill_header(oi, op->s, length);
3844
3845 /* Set packet length. */
3846 op->length = length;
3847
3848 /* Decide destination address. */
3849 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3850 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3851 else
3852 op->dst = nbr->address.u.prefix4;
3853
3854 /* Add packet to the interface output queue. */
3855 ospf_packet_add(oi, op);
3856
3857 /* Hook thread to write packet. */
3858 OSPF_ISM_WRITE_ON(oi->ospf);
3859
3860 /* Remove old DD packet, then copy new one and keep in neighbor
3861 * structure. */
3862 if (nbr->last_send)
3863 ospf_packet_free(nbr->last_send);
3864 nbr->last_send = ospf_packet_dup(op);
3865 monotime(&nbr->last_send_ts);
3866 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3867 zlog_info(
3868 "%s:Packet[DD]: %s DB Desc send with seqnum:%x , flags:%x",
3869 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3870 inet_ntoa(nbr->router_id), nbr->dd_seqnum,
3871 nbr->dd_flags);
3872 }
3873
3874 /* Re-send Database Description. */
3875 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3876 {
3877 struct ospf_interface *oi;
3878
3879 oi = nbr->oi;
3880
3881 /* Add packet to the interface output queue. */
3882 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3883
3884 /* Hook thread to write packet. */
3885 OSPF_ISM_WRITE_ON(oi->ospf);
3886 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3887 zlog_info(
3888 "%s:Packet[DD]: %s DB Desc resend with seqnum:%x , flags:%x",
3889 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3890 inet_ntoa(nbr->router_id), nbr->dd_seqnum,
3891 nbr->dd_flags);
3892 }
3893
3894 /* Send Link State Request. */
3895 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3896 {
3897 struct ospf_interface *oi;
3898 struct ospf_packet *op;
3899 uint16_t length = OSPF_HEADER_SIZE;
3900
3901 oi = nbr->oi;
3902 op = ospf_packet_new(oi->ifp->mtu);
3903
3904 /* Prepare OSPF common header. */
3905 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3906
3907 /* Prepare OSPF Link State Request body. */
3908 length += ospf_make_ls_req(nbr, op->s);
3909 if (length == OSPF_HEADER_SIZE) {
3910 ospf_packet_free(op);
3911 return;
3912 }
3913
3914 /* Fill OSPF header. */
3915 ospf_fill_header(oi, op->s, length);
3916
3917 /* Set packet length. */
3918 op->length = length;
3919
3920 /* Decide destination address. */
3921 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3922 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3923 else
3924 op->dst = nbr->address.u.prefix4;
3925
3926 /* Add packet to the interface output queue. */
3927 ospf_packet_add(oi, op);
3928
3929 /* Hook thread to write packet. */
3930 OSPF_ISM_WRITE_ON(oi->ospf);
3931
3932 /* Add Link State Request Retransmission Timer. */
3933 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3934 }
3935
3936 /* Send Link State Update with an LSA. */
3937 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3938 int flag)
3939 {
3940 struct list *update;
3941
3942 update = list_new();
3943
3944 listnode_add(update, lsa);
3945
3946 /*ospf instance is going down, send self originated
3947 * MAXAGE LSA update to neighbors to remove from LSDB */
3948 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3949 ospf_ls_upd_send(nbr, update, flag, 1);
3950 else
3951 ospf_ls_upd_send(nbr, update, flag, 0);
3952
3953 list_delete(&update);
3954 }
3955
3956 /* Determine size for packet. Must be at least big enough to accomodate next
3957 * LSA on list, which may be bigger than MTU size.
3958 *
3959 * Return pointer to new ospf_packet
3960 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3961 * on packet sizes (in which case offending LSA is deleted from update list)
3962 */
3963 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3964 struct ospf_interface *oi)
3965 {
3966 struct ospf_lsa *lsa;
3967 struct listnode *ln;
3968 size_t size;
3969 static char warned = 0;
3970
3971 lsa = listgetdata((ln = listhead(update)));
3972 assert(lsa->data);
3973
3974 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3975 > ospf_packet_max(oi)) {
3976 if (!warned) {
3977 flog_warn(
3978 EC_OSPF_LARGE_LSA,
3979 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3980 "will need to fragment. Not optimal. Try divide up"
3981 " your network with areas. Use 'debug ospf packet send'"
3982 " to see details, or look at 'show ip ospf database ..'");
3983 warned = 1;
3984 }
3985
3986 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3987 zlog_debug(
3988 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3989 " %d bytes originated by %s, will be fragmented!",
3990 inet_ntoa(lsa->data->id),
3991 ntohs(lsa->data->length),
3992 inet_ntoa(lsa->data->adv_router));
3993
3994 /*
3995 * Allocate just enough to fit this LSA only, to avoid including
3996 * other
3997 * LSAs in fragmented LSA Updates.
3998 */
3999 size = ntohs(lsa->data->length)
4000 + (oi->ifp->mtu - ospf_packet_max(oi))
4001 + OSPF_LS_UPD_MIN_SIZE;
4002 } else
4003 size = oi->ifp->mtu;
4004
4005 if (size > OSPF_MAX_PACKET_SIZE) {
4006 flog_warn(EC_OSPF_LARGE_LSA,
4007 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
4008 " %d bytes, packet size %ld, dropping it completely."
4009 " OSPF routing is broken!",
4010 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
4011 (long int)size);
4012 list_delete_node(update, ln);
4013 return NULL;
4014 }
4015
4016 /* IP header is built up separately by ospf_write(). This means, that we
4017 * must
4018 * reduce the "affordable" size just calculated by length of an IP
4019 * header.
4020 * This makes sure, that even if we manage to fill the payload with LSA
4021 * data
4022 * completely, the final packet (our data plus IP header) still fits
4023 * into
4024 * outgoing interface MTU. This correction isn't really meaningful for
4025 * an
4026 * oversized LSA, but for consistency the correction is done for both
4027 * cases.
4028 *
4029 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4030 */
4031 return ospf_packet_new(size - sizeof(struct ip));
4032 }
4033
4034 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4035 struct list *update, struct in_addr addr,
4036 int send_lsupd_now)
4037 {
4038 struct ospf_packet *op;
4039 uint16_t length = OSPF_HEADER_SIZE;
4040
4041 if (IS_DEBUG_OSPF_EVENT)
4042 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
4043 IF_NAME(oi), inet_ntoa(addr));
4044
4045 /* Check that we have really something to process */
4046 if (listcount(update) == 0)
4047 return;
4048
4049 op = ospf_ls_upd_packet_new(update, oi);
4050
4051 /* Prepare OSPF common header. */
4052 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4053
4054 /* Prepare OSPF Link State Update body.
4055 * Includes Type-7 translation.
4056 */
4057 length += ospf_make_ls_upd(oi, update, op->s);
4058
4059 /* Fill OSPF header. */
4060 ospf_fill_header(oi, op->s, length);
4061
4062 /* Set packet length. */
4063 op->length = length;
4064
4065 /* Decide destination address. */
4066 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4067 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4068 else
4069 op->dst.s_addr = addr.s_addr;
4070
4071 /* Add packet to the interface output queue. */
4072 ospf_packet_add(oi, op);
4073 /* Call ospf_write() right away to send ospf packets to neighbors */
4074 if (send_lsupd_now) {
4075 struct thread os_packet_thd;
4076
4077 os_packet_thd.arg = (void *)oi->ospf;
4078 if (oi->on_write_q == 0) {
4079 listnode_add(oi->ospf->oi_write_q, oi);
4080 oi->on_write_q = 1;
4081 }
4082 ospf_write(&os_packet_thd);
4083 /*
4084 * We are fake calling ospf_write with a fake
4085 * thread. Imagine that we have oi_a already
4086 * enqueued and we have turned on the write
4087 * thread(t_write).
4088 * Now this function calls this for oi_b
4089 * so the on_write_q has oi_a and oi_b on
4090 * it, ospf_write runs and clears the packets
4091 * for both oi_a and oi_b. Removing them from
4092 * the on_write_q. After this thread of execution
4093 * finishes we will execute the t_write thread
4094 * with nothing in the on_write_q causing an
4095 * assert. So just make sure that the t_write
4096 * is actually turned off.
4097 */
4098 if (list_isempty(oi->ospf->oi_write_q))
4099 OSPF_TIMER_OFF(oi->ospf->t_write);
4100 } else {
4101 /* Hook thread to write packet. */
4102 OSPF_ISM_WRITE_ON(oi->ospf);
4103 }
4104 }
4105
4106 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4107 {
4108 struct ospf_interface *oi = THREAD_ARG(thread);
4109 struct route_node *rn;
4110 struct route_node *rnext;
4111 struct list *update;
4112 char again = 0;
4113
4114 oi->t_ls_upd_event = NULL;
4115
4116 if (IS_DEBUG_OSPF_EVENT)
4117 zlog_debug("ospf_ls_upd_send_queue start");
4118
4119 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4120 rnext = route_next(rn);
4121
4122 if (rn->info == NULL)
4123 continue;
4124
4125 update = (struct list *)rn->info;
4126
4127 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4128
4129 /* list might not be empty. */
4130 if (listcount(update) == 0) {
4131 list_delete((struct list **)&rn->info);
4132 route_unlock_node(rn);
4133 } else
4134 again = 1;
4135 }
4136
4137 if (again != 0) {
4138 if (IS_DEBUG_OSPF_EVENT)
4139 zlog_debug(
4140 "ospf_ls_upd_send_queue: update lists not cleared,"
4141 " %d nodes to try again, raising new event",
4142 again);
4143 oi->t_ls_upd_event = NULL;
4144 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4145 &oi->t_ls_upd_event);
4146 }
4147
4148 if (IS_DEBUG_OSPF_EVENT)
4149 zlog_debug("ospf_ls_upd_send_queue stop");
4150
4151 return 0;
4152 }
4153
4154 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4155 int send_lsupd_now)
4156 {
4157 struct ospf_interface *oi;
4158 struct ospf_lsa *lsa;
4159 struct prefix_ipv4 p;
4160 struct route_node *rn;
4161 struct listnode *node;
4162
4163 oi = nbr->oi;
4164
4165 p.family = AF_INET;
4166 p.prefixlen = IPV4_MAX_BITLEN;
4167
4168 /* Decide destination address. */
4169 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4170 p.prefix = oi->vl_data->peer_addr;
4171 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4172 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4173 else if (flag == OSPF_SEND_PACKET_DIRECT)
4174 p.prefix = nbr->address.u.prefix4;
4175 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4176 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4177 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4178 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4179 else
4180 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4181
4182 if (oi->type == OSPF_IFTYPE_NBMA) {
4183 if (flag == OSPF_SEND_PACKET_INDIRECT)
4184 flog_warn(
4185 EC_OSPF_PACKET,
4186 "* LS-Update is directly sent on NBMA network.");
4187 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4188 flog_warn(EC_OSPF_PACKET,
4189 "* LS-Update is sent to myself.");
4190 }
4191
4192 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4193
4194 if (rn->info == NULL)
4195 rn->info = list_new();
4196 else
4197 route_unlock_node(rn);
4198
4199 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4200 listnode_add(rn->info,
4201 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4202 if (send_lsupd_now) {
4203 struct list *send_update_list;
4204 struct route_node *rnext;
4205
4206 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4207 rnext = route_next(rn);
4208
4209 if (rn->info == NULL)
4210 continue;
4211
4212 send_update_list = (struct list *)rn->info;
4213
4214 ospf_ls_upd_queue_send(oi, send_update_list,
4215 rn->p.u.prefix4, 1);
4216 }
4217 } else
4218 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4219 &oi->t_ls_upd_event);
4220 }
4221
4222 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4223 struct in_addr dst)
4224 {
4225 struct ospf_packet *op;
4226 uint16_t length = OSPF_HEADER_SIZE;
4227
4228 op = ospf_packet_new(oi->ifp->mtu);
4229
4230 /* Prepare OSPF common header. */
4231 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4232
4233 /* Prepare OSPF Link State Acknowledgment body. */
4234 length += ospf_make_ls_ack(oi, ack, op->s);
4235
4236 /* Fill OSPF header. */
4237 ospf_fill_header(oi, op->s, length);
4238
4239 /* Set packet length. */
4240 op->length = length;
4241
4242 /* Decide destination address. */
4243 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4244 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4245 else
4246 op->dst.s_addr = dst.s_addr;
4247
4248 /* Add packet to the interface output queue. */
4249 ospf_packet_add(oi, op);
4250
4251 /* Hook thread to write packet. */
4252 OSPF_ISM_WRITE_ON(oi->ospf);
4253 }
4254
4255 static int ospf_ls_ack_send_event(struct thread *thread)
4256 {
4257 struct ospf_interface *oi = THREAD_ARG(thread);
4258
4259 oi->t_ls_ack_direct = NULL;
4260
4261 while (listcount(oi->ls_ack_direct.ls_ack))
4262 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4263 oi->ls_ack_direct.dst);
4264
4265 return 0;
4266 }
4267
4268 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4269 {
4270 struct ospf_interface *oi = nbr->oi;
4271
4272 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4273 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4274
4275 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4276
4277 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4278 &oi->t_ls_ack_direct);
4279 }
4280
4281 /* Send Link State Acknowledgment delayed. */
4282 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4283 {
4284 struct in_addr dst;
4285
4286 /* Decide destination address. */
4287 /* RFC2328 Section 13.5 On non-broadcast
4288 networks, delayed Link State Acknowledgment packets must be
4289 unicast separately over each adjacency (i.e., neighbor whose
4290 state is >= Exchange). */
4291 if (oi->type == OSPF_IFTYPE_NBMA) {
4292 struct ospf_neighbor *nbr;
4293 struct route_node *rn;
4294
4295 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4296 if ((nbr = rn->info) != NULL)
4297 if (nbr != oi->nbr_self
4298 && nbr->state >= NSM_Exchange)
4299 while (listcount(oi->ls_ack))
4300 ospf_ls_ack_send_list(
4301 oi, oi->ls_ack,
4302 nbr->address.u.prefix4);
4303 return;
4304 }
4305 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4306 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4307 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4308 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4309 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4310 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4311 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4312 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4313 else
4314 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4315
4316 while (listcount(oi->ls_ack))
4317 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4318 }
4319
4320 /*
4321 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4322 * address. As a result, the kernel does not need to learn the interface
4323 * MAC of the OSPF neighbor. However, in our world, this will delay
4324 * convergence. Take the case when due to a link flap, all routes now
4325 * want to use an interface which was deemed to be costlier prior to this
4326 * event. For routes that will be installed, the missing MAC will have
4327 * punt-to-CPU set on them. This may overload the CPU control path that
4328 * can be avoided if the MAC was known apriori.
4329 */
4330 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4331 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4332 {
4333 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4334 int ret;
4335
4336 if (!nbr)
4337 return;
4338
4339 snprintf(ping_nbr, sizeof(ping_nbr),
4340 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4341 inet_ntoa(nbr->address.u.prefix4));
4342
4343 ret = system(ping_nbr);
4344 if (IS_DEBUG_OSPF_EVENT)
4345 zlog_debug("Executed %s %s", ping_nbr,
4346 ((ret == 0) ? "successfully" : "but failed"));
4347 }
FRRouting mirror