]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tools: Add helper frr-reload shell script for clean error
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38
39 #include "ospfd/ospfd.h"
40 #include "ospfd/ospf_network.h"
41 #include "ospfd/ospf_interface.h"
42 #include "ospfd/ospf_ism.h"
43 #include "ospfd/ospf_asbr.h"
44 #include "ospfd/ospf_lsa.h"
45 #include "ospfd/ospf_lsdb.h"
46 #include "ospfd/ospf_neighbor.h"
47 #include "ospfd/ospf_nsm.h"
48 #include "ospfd/ospf_packet.h"
49 #include "ospfd/ospf_spf.h"
50 #include "ospfd/ospf_flood.h"
51 #include "ospfd/ospf_dump.h"
52
53 /*
54 * OSPF Fragmentation / fragmented writes
55 *
56 * ospfd can support writing fragmented packets, for cases where
57 * kernel will not fragment IP_HDRINCL and/or multicast destined
58 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
59 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
60 * flags fields, hence user-space fragmentation will not work.
61 * Only Linux is known to leave IP header unmolested.
62 * Further, fragmentation really should be done the kernel, which already
63 * supports it, and which avoids nasty IP ID state problems.
64 *
65 * Fragmentation of OSPF packets can be required on networks with router
66 * with many many interfaces active in one area, or on networks with links
67 * with low MTUs.
68 */
69 #ifdef GNU_LINUX
70 #define WANT_OSPF_WRITE_FRAGMENT
71 #endif
72
73 /* Packet Type String. */
74 const struct message ospf_packet_type_str[] = {
75 {OSPF_MSG_HELLO, "Hello"},
76 {OSPF_MSG_DB_DESC, "Database Description"},
77 {OSPF_MSG_LS_REQ, "Link State Request"},
78 {OSPF_MSG_LS_UPD, "Link State Update"},
79 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
80 {0}};
81
82 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
83 particular types, offset is the "type" field of a packet. */
84 static const u_int16_t ospf_packet_minlen[] = {
85 0,
86 OSPF_HELLO_MIN_SIZE,
87 OSPF_DB_DESC_MIN_SIZE,
88 OSPF_LS_REQ_MIN_SIZE,
89 OSPF_LS_UPD_MIN_SIZE,
90 OSPF_LS_ACK_MIN_SIZE,
91 };
92
93 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
94 types, offset is the "LSA type" field. */
95 static const u_int16_t ospf_lsa_minlen[] = {
96 0,
97 OSPF_ROUTER_LSA_MIN_SIZE,
98 OSPF_NETWORK_LSA_MIN_SIZE,
99 OSPF_SUMMARY_LSA_MIN_SIZE,
100 OSPF_SUMMARY_LSA_MIN_SIZE,
101 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
102 0,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 0,
106 0,
107 0,
108 };
109
110 /* for ospf_check_auth() */
111 static int ospf_check_sum(struct ospf_header *);
112
113 /* OSPF authentication checking function */
114 static int ospf_auth_type(struct ospf_interface *oi)
115 {
116 int auth_type;
117
118 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
119 auth_type = oi->area->auth_type;
120 else
121 auth_type = OSPF_IF_PARAM(oi, auth_type);
122
123 /* Handle case where MD5 key list is not configured aka Cisco */
124 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
125 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
126 return OSPF_AUTH_NULL;
127
128 return auth_type;
129 }
130
131 struct ospf_packet *ospf_packet_new(size_t size)
132 {
133 struct ospf_packet *new;
134
135 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
136 new->s = stream_new(size);
137
138 return new;
139 }
140
141 void ospf_packet_free(struct ospf_packet *op)
142 {
143 if (op->s)
144 stream_free(op->s);
145
146 XFREE(MTYPE_OSPF_PACKET, op);
147
148 op = NULL;
149 }
150
151 struct ospf_fifo *ospf_fifo_new()
152 {
153 struct ospf_fifo *new;
154
155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
157 }
158
159 /* Add new packet to fifo. */
160 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
161 {
162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
166
167 fifo->tail = op;
168
169 fifo->count++;
170 }
171
172 /* Add new packet to head of fifo. */
173 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
174 {
175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
183 }
184
185 /* Delete first packet from fifo. */
186 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
187 {
188 struct ospf_packet *op;
189
190 op = fifo->head;
191
192 if (op) {
193 fifo->head = op->next;
194
195 if (fifo->head == NULL)
196 fifo->tail = NULL;
197
198 fifo->count--;
199 }
200
201 return op;
202 }
203
204 /* Return first fifo entry. */
205 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
206 {
207 return fifo->head;
208 }
209
210 /* Flush ospf packet fifo. */
211 void ospf_fifo_flush(struct ospf_fifo *fifo)
212 {
213 struct ospf_packet *op;
214 struct ospf_packet *next;
215
216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
222 }
223
224 /* Free ospf packet fifo. */
225 void ospf_fifo_free(struct ospf_fifo *fifo)
226 {
227 ospf_fifo_flush(fifo);
228
229 XFREE(MTYPE_OSPF_FIFO, fifo);
230 }
231
232 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
233 {
234 if (!oi->obuf) {
235 zlog_err(
236 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
237 "destination %s) called with NULL obuf, ignoring "
238 "(please report this bug)!\n",
239 IF_NAME(oi), oi->state,
240 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
241 lookup_msg(ospf_packet_type_str,
242 stream_getc_from(op->s, 1), NULL),
243 inet_ntoa(op->dst));
244 return;
245 }
246
247 /* Add packet to end of queue. */
248 ospf_fifo_push(oi->obuf, op);
249
250 /* Debug of packet fifo*/
251 /* ospf_fifo_debug (oi->obuf); */
252 }
253
254 static void ospf_packet_add_top(struct ospf_interface *oi,
255 struct ospf_packet *op)
256 {
257 if (!oi->obuf) {
258 zlog_err(
259 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
260 "destination %s) called with NULL obuf, ignoring "
261 "(please report this bug)!\n",
262 IF_NAME(oi), oi->state,
263 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
264 lookup_msg(ospf_packet_type_str,
265 stream_getc_from(op->s, 1), NULL),
266 inet_ntoa(op->dst));
267 return;
268 }
269
270 /* Add packet to head of queue. */
271 ospf_fifo_push_head(oi->obuf, op);
272
273 /* Debug of packet fifo*/
274 /* ospf_fifo_debug (oi->obuf); */
275 }
276
277 void ospf_packet_delete(struct ospf_interface *oi)
278 {
279 struct ospf_packet *op;
280
281 op = ospf_fifo_pop(oi->obuf);
282
283 if (op)
284 ospf_packet_free(op);
285 }
286
287 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
288 {
289 struct ospf_packet *new;
290
291 if (stream_get_endp(op->s) != op->length)
292 /* XXX size_t */
293 zlog_warn(
294 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
295 (u_long)STREAM_SIZE(op->s), op->length);
296
297 /* Reserve space for MD5 authentication that may be added later. */
298 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
299 stream_copy(new->s, op->s);
300
301 new->dst = op->dst;
302 new->length = op->length;
303
304 return new;
305 }
306
307 /* XXX inline */
308 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
309 {
310 int auth = 0;
311
312 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
313 auth = OSPF_AUTH_MD5_SIZE;
314
315 return auth;
316 }
317
318 static unsigned int ospf_packet_max(struct ospf_interface *oi)
319 {
320 int max;
321
322 max = oi->ifp->mtu - ospf_packet_authspace(oi);
323
324 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
325
326 return max;
327 }
328
329
330 static int ospf_check_md5_digest(struct ospf_interface *oi,
331 struct ospf_header *ospfh)
332 {
333 MD5_CTX ctx;
334 unsigned char digest[OSPF_AUTH_MD5_SIZE];
335 struct crypt_key *ck;
336 struct ospf_neighbor *nbr;
337 u_int16_t length = ntohs(ospfh->length);
338
339 /* Get secret key. */
340 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
341 ospfh->u.crypt.key_id);
342 if (ck == NULL) {
343 zlog_warn("interface %s: ospf_check_md5 no key %d", IF_NAME(oi),
344 ospfh->u.crypt.key_id);
345 return 0;
346 }
347
348 /* check crypto seqnum. */
349 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
350
351 if (nbr
352 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
353 zlog_warn(
354 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
355 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
356 ntohl(nbr->crypt_seqnum));
357 return 0;
358 }
359
360 /* Generate a digest for the ospf packet - their digest + our digest. */
361 memset(&ctx, 0, sizeof(ctx));
362 MD5Init(&ctx);
363 MD5Update(&ctx, ospfh, length);
364 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
365 MD5Final(digest, &ctx);
366
367 /* compare the two */
368 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
369 zlog_warn("interface %s: ospf_check_md5 checksum mismatch",
370 IF_NAME(oi));
371 return 0;
372 }
373
374 /* save neighbor's crypt_seqnum */
375 if (nbr)
376 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
377 return 1;
378 }
379
380 /* This function is called from ospf_write(), it will detect the
381 authentication scheme and if it is MD5, it will change the sequence
382 and update the MD5 digest. */
383 static int ospf_make_md5_digest(struct ospf_interface *oi,
384 struct ospf_packet *op)
385 {
386 struct ospf_header *ospfh;
387 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
388 MD5_CTX ctx;
389 void *ibuf;
390 u_int32_t t;
391 struct crypt_key *ck;
392 const u_int8_t *auth_key;
393
394 ibuf = STREAM_DATA(op->s);
395 ospfh = (struct ospf_header *)ibuf;
396
397 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
398 return 0;
399
400 /* We do this here so when we dup a packet, we don't have to
401 waste CPU rewriting other headers.
402
403 Note that quagga_time /deliberately/ is not used here */
404 t = (time(NULL) & 0xFFFFFFFF);
405 if (t > oi->crypt_seqnum)
406 oi->crypt_seqnum = t;
407 else
408 oi->crypt_seqnum++;
409
410 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
411
412 /* Get MD5 Authentication key from auth_key list. */
413 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
414 auth_key = (const u_int8_t *)digest;
415 else {
416 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
417 auth_key = ck->auth_key;
418 }
419
420 /* Generate a digest for the entire packet + our secret key. */
421 memset(&ctx, 0, sizeof(ctx));
422 MD5Init(&ctx);
423 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
424 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 MD5Final(digest, &ctx);
426
427 /* Append md5 digest to the end of the stream. */
428 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
429
430 /* We do *NOT* increment the OSPF header length. */
431 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
432
433 if (stream_get_endp(op->s) != op->length)
434 /* XXX size_t */
435 zlog_warn(
436 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
437 (u_long)stream_get_endp(op->s), op->length);
438
439 return OSPF_AUTH_MD5_SIZE;
440 }
441
442
443 static int ospf_ls_req_timer(struct thread *thread)
444 {
445 struct ospf_neighbor *nbr;
446
447 nbr = THREAD_ARG(thread);
448 nbr->t_ls_req = NULL;
449
450 /* Send Link State Request. */
451 if (ospf_ls_request_count(nbr))
452 ospf_ls_req_send(nbr);
453
454 /* Set Link State Request retransmission timer. */
455 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
456
457 return 0;
458 }
459
460 void ospf_ls_req_event(struct ospf_neighbor *nbr)
461 {
462 if (nbr->t_ls_req) {
463 thread_cancel(nbr->t_ls_req);
464 nbr->t_ls_req = NULL;
465 }
466 nbr->t_ls_req = NULL;
467 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
468 }
469
470 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
471 ospf_neighbor.c */
472 int ospf_ls_upd_timer(struct thread *thread)
473 {
474 struct ospf_neighbor *nbr;
475
476 nbr = THREAD_ARG(thread);
477 nbr->t_ls_upd = NULL;
478
479 /* Send Link State Update. */
480 if (ospf_ls_retransmit_count(nbr) > 0) {
481 struct list *update;
482 struct ospf_lsdb *lsdb;
483 int i;
484 int retransmit_interval;
485
486 retransmit_interval =
487 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
488
489 lsdb = &nbr->ls_rxmt;
490 update = list_new();
491
492 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
493 struct route_table *table = lsdb->type[i].db;
494 struct route_node *rn;
495
496 for (rn = route_top(table); rn; rn = route_next(rn)) {
497 struct ospf_lsa *lsa;
498
499 if ((lsa = rn->info) != NULL) {
500 /* Don't retransmit an LSA if we
501 received it within
502 the last RxmtInterval seconds - this
503 is to allow the
504 neighbour a chance to acknowledge the
505 LSA as it may
506 have ben just received before the
507 retransmit timer
508 fired. This is a small tweak to what
509 is in the RFC,
510 but it will cut out out a lot of
511 retransmit traffic
512 - MAG */
513 if (monotime_since(&lsa->tv_recv, NULL)
514 >= retransmit_interval * 1000000LL)
515 listnode_add(update, rn->info);
516 }
517 }
518 }
519
520 if (listcount(update) > 0)
521 ospf_ls_upd_send(nbr, update,
522 OSPF_SEND_PACKET_DIRECT, 0);
523 list_delete_and_null(&update);
524 }
525
526 /* Set LS Update retransmission timer. */
527 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
528
529 return 0;
530 }
531
532 int ospf_ls_ack_timer(struct thread *thread)
533 {
534 struct ospf_interface *oi;
535
536 oi = THREAD_ARG(thread);
537 oi->t_ls_ack = NULL;
538
539 /* Send Link State Acknowledgment. */
540 if (listcount(oi->ls_ack) > 0)
541 ospf_ls_ack_send_delayed(oi);
542
543 /* Set LS Ack timer. */
544 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
545
546 return 0;
547 }
548
549 #ifdef WANT_OSPF_WRITE_FRAGMENT
550 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
551 struct msghdr *msg, unsigned int maxdatasize,
552 unsigned int mtu, int flags, u_char type)
553 {
554 #define OSPF_WRITE_FRAG_SHIFT 3
555 u_int16_t offset;
556 struct iovec *iovp;
557 int ret;
558
559 assert(op->length == stream_get_endp(op->s));
560 assert(msg->msg_iovlen == 2);
561
562 /* we can but try.
563 *
564 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
565 * well as the IP_MF flag, making this all quite pointless.
566 *
567 * However, for a system on which IP_MF is left alone, and ip_id left
568 * alone or else which sets same ip_id for each fragment this might
569 * work, eg linux.
570 *
571 * XXX-TODO: It would be much nicer to have the kernel's use their
572 * existing fragmentation support to do this for us. Bugs/RFEs need to
573 * be raised against the various kernels.
574 */
575
576 /* set More Frag */
577 iph->ip_off |= IP_MF;
578
579 /* ip frag offset is expressed in units of 8byte words */
580 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
581
582 iovp = &msg->msg_iov[1];
583
584 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
585 > maxdatasize) {
586 /* data length of this frag is to next offset value */
587 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
588 iph->ip_len = iovp->iov_len + sizeof(struct ip);
589 assert(iph->ip_len <= mtu);
590
591 sockopt_iphdrincl_swab_htosys(iph);
592
593 ret = sendmsg(fd, msg, flags);
594
595 sockopt_iphdrincl_swab_systoh(iph);
596
597 if (ret < 0)
598 zlog_warn(
599 "*** ospf_write_frags: sendmsg failed to %s,"
600 " id %d, off %d, len %d, mtu %u failed with %s",
601 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
602 iph->ip_len, mtu, safe_strerror(errno));
603
604 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
605 zlog_debug(
606 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
607 iph->ip_id, iph->ip_off, iph->ip_len,
608 inet_ntoa(iph->ip_dst));
609 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
610 zlog_debug(
611 "-----------------IP Header Dump----------------------");
612 ospf_ip_header_dump(iph);
613 zlog_debug(
614 "-----------------------------------------------------");
615 }
616 }
617
618 iph->ip_off += offset;
619 stream_forward_getp(op->s, iovp->iov_len);
620 iovp->iov_base = stream_pnt(op->s);
621 }
622
623 /* setup for final fragment */
624 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
625 iph->ip_len = iovp->iov_len + sizeof(struct ip);
626 iph->ip_off &= (~IP_MF);
627 }
628 #endif /* WANT_OSPF_WRITE_FRAGMENT */
629
630 static int ospf_write(struct thread *thread)
631 {
632 struct ospf *ospf = THREAD_ARG(thread);
633 struct ospf_interface *oi;
634 struct ospf_interface *last_serviced_oi = NULL;
635 struct ospf_packet *op;
636 struct sockaddr_in sa_dst;
637 struct ip iph;
638 struct msghdr msg;
639 struct iovec iov[2];
640 u_char type;
641 int ret;
642 int flags = 0;
643 struct listnode *node;
644 #ifdef WANT_OSPF_WRITE_FRAGMENT
645 static u_int16_t ipid = 0;
646 u_int16_t maxdatasize;
647 #endif /* WANT_OSPF_WRITE_FRAGMENT */
648 /* $FRR indent$ */
649 /* clang-format off */
650 #define OSPF_WRITE_IPHL_SHIFT 2
651 int pkt_count = 0;
652
653 #ifdef GNU_LINUX
654 unsigned char cmsgbuf[64] = {};
655 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
656 struct in_pktinfo *pi;
657 #endif
658
659 ospf->t_write = NULL;
660
661 node = listhead(ospf->oi_write_q);
662 assert(node);
663 oi = listgetdata(node);
664 assert(oi);
665
666 #ifdef WANT_OSPF_WRITE_FRAGMENT
667 /* seed ipid static with low order bits of time */
668 if (ipid == 0)
669 ipid = (time(NULL) & 0xffff);
670 #endif /* WANT_OSPF_WRITE_FRAGMENT */
671
672 while ((pkt_count < ospf->write_oi_count) && oi
673 && (last_serviced_oi != oi)) {
674 /* If there is only packet in the queue, the oi is removed from
675 write-q, so fix up the last interface that was serviced */
676 if (last_serviced_oi == NULL) {
677 last_serviced_oi = oi;
678 }
679 pkt_count++;
680 #ifdef WANT_OSPF_WRITE_FRAGMENT
681 /* convenience - max OSPF data per packet */
682 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
683 #endif /* WANT_OSPF_WRITE_FRAGMENT */
684 /* Get one packet from queue. */
685 op = ospf_fifo_head(oi->obuf);
686 assert(op);
687 assert(op->length >= OSPF_HEADER_SIZE);
688
689 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
690 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
691 ospf_if_ipmulticast(ospf, oi->address,
692 oi->ifp->ifindex);
693
694 /* Rewrite the md5 signature & update the seq */
695 ospf_make_md5_digest(oi, op);
696
697 /* Retrieve OSPF packet type. */
698 stream_set_getp(op->s, 1);
699 type = stream_getc(op->s);
700
701 /* reset get pointer */
702 stream_set_getp(op->s, 0);
703
704 memset(&iph, 0, sizeof(struct ip));
705 memset(&sa_dst, 0, sizeof(sa_dst));
706
707 sa_dst.sin_family = AF_INET;
708 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
709 sa_dst.sin_len = sizeof(sa_dst);
710 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
711 sa_dst.sin_addr = op->dst;
712 sa_dst.sin_port = htons(0);
713
714 /* Set DONTROUTE flag if dst is unicast. */
715 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
716 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
717 flags = MSG_DONTROUTE;
718
719 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
720 /* it'd be very strange for header to not be 4byte-word aligned
721 * but.. */
722 if (sizeof(struct ip)
723 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
724 iph.ip_hl++; /* we presume sizeof struct ip cant
725 overflow ip_hl.. */
726
727 iph.ip_v = IPVERSION;
728 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
729 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
730
731 #if defined(__DragonFly__)
732 /*
733 * DragonFly's raw socket expects ip_len/ip_off in network byte
734 * order.
735 */
736 iph.ip_len = htons(iph.ip_len);
737 #endif
738
739 #ifdef WANT_OSPF_WRITE_FRAGMENT
740 /* XXX-MT: not thread-safe at all..
741 * XXX: this presumes this is only programme sending OSPF
742 * packets
743 * otherwise, no guarantee ipid will be unique
744 */
745 iph.ip_id = ++ipid;
746 #endif /* WANT_OSPF_WRITE_FRAGMENT */
747
748 iph.ip_off = 0;
749 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
750 iph.ip_ttl = OSPF_VL_IP_TTL;
751 else
752 iph.ip_ttl = OSPF_IP_TTL;
753 iph.ip_p = IPPROTO_OSPFIGP;
754 iph.ip_sum = 0;
755 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
756 iph.ip_dst.s_addr = op->dst.s_addr;
757
758 memset(&msg, 0, sizeof(msg));
759 msg.msg_name = (caddr_t)&sa_dst;
760 msg.msg_namelen = sizeof(sa_dst);
761 msg.msg_iov = iov;
762 msg.msg_iovlen = 2;
763
764 iov[0].iov_base = (char *)&iph;
765 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
766 iov[1].iov_base = stream_pnt(op->s);
767 iov[1].iov_len = op->length;
768
769 #ifdef GNU_LINUX
770 msg.msg_control = (caddr_t)cm;
771 cm->cmsg_level = SOL_IP;
772 cm->cmsg_type = IP_PKTINFO;
773 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
774 pi = (struct in_pktinfo *)CMSG_DATA(cm);
775 pi->ipi_ifindex = oi->ifp->ifindex;
776
777 msg.msg_controllen = cm->cmsg_len;
778 #endif
779
780 /* Sadly we can not rely on kernels to fragment packets
781 * because of either IP_HDRINCL and/or multicast
782 * destination being set.
783 */
784
785 #ifdef WANT_OSPF_WRITE_FRAGMENT
786 if (op->length > maxdatasize)
787 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
788 oi->ifp->mtu, flags, type);
789 #endif /* WANT_OSPF_WRITE_FRAGMENT */
790
791 /* send final fragment (could be first) */
792 sockopt_iphdrincl_swab_htosys(&iph);
793 ret = sendmsg(ospf->fd, &msg, flags);
794 sockopt_iphdrincl_swab_systoh(&iph);
795 if (IS_DEBUG_OSPF_EVENT)
796 zlog_debug(
797 "ospf_write to %s, "
798 "id %d, off %d, len %d, interface %s, mtu %u:",
799 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
800 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
801
802 if (ret < 0)
803 zlog_warn(
804 "*** sendmsg in ospf_write failed to %s, "
805 "id %d, off %d, len %d, interface %s, mtu %u: %s",
806 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
807 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
808 safe_strerror(errno));
809
810 /* Show debug sending packet. */
811 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
812 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
813 zlog_debug(
814 "-----------------------------------------------------");
815 ospf_ip_header_dump(&iph);
816 stream_set_getp(op->s, 0);
817 ospf_packet_dump(op->s);
818 }
819
820 zlog_debug("%s sent to [%s] via [%s].",
821 lookup_msg(ospf_packet_type_str, type, NULL),
822 inet_ntoa(op->dst), IF_NAME(oi));
823
824 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
825 zlog_debug(
826 "-----------------------------------------------------");
827 }
828
829 switch (type) {
830 case OSPF_MSG_HELLO:
831 oi->hello_out++;
832 break;
833 case OSPF_MSG_DB_DESC:
834 oi->db_desc_out++;
835 break;
836 case OSPF_MSG_LS_REQ:
837 oi->ls_req_out++;
838 break;
839 case OSPF_MSG_LS_UPD:
840 oi->ls_upd_out++;
841 break;
842 case OSPF_MSG_LS_ACK:
843 oi->ls_ack_out++;
844 break;
845 default:
846 break;
847 }
848
849 /* Now delete packet from queue. */
850 ospf_packet_delete(oi);
851
852 /* Move this interface to the tail of write_q to
853 serve everyone in a round robin fashion */
854 list_delete_node(ospf->oi_write_q, node);
855 if (ospf_fifo_head(oi->obuf) == NULL) {
856 oi->on_write_q = 0;
857 last_serviced_oi = NULL;
858 oi = NULL;
859 } else {
860 listnode_add(ospf->oi_write_q, oi);
861 }
862
863 /* Setup to service from the head of the queue again */
864 if (!list_isempty(ospf->oi_write_q)) {
865 node = listhead(ospf->oi_write_q);
866 assert(node);
867 oi = listgetdata(node);
868 assert(oi);
869 }
870 }
871
872 /* If packets still remain in queue, call write thread. */
873 if (!list_isempty(ospf->oi_write_q)) {
874 ospf->t_write = NULL;
875 thread_add_write(master, ospf_write, ospf, ospf->fd,
876 &ospf->t_write);
877 }
878
879 return 0;
880 }
881
882 /* OSPF Hello message read -- RFC2328 Section 10.5. */
883 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
884 struct stream *s, struct ospf_interface *oi, int size)
885 {
886 struct ospf_hello *hello;
887 struct ospf_neighbor *nbr;
888 int old_state;
889 struct prefix p;
890
891 /* increment statistics. */
892 oi->hello_in++;
893
894 hello = (struct ospf_hello *)stream_pnt(s);
895
896 /* If Hello is myself, silently discard. */
897 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
898 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
899 zlog_debug(
900 "ospf_header[%s/%s]: selforiginated, "
901 "dropping.",
902 lookup_msg(ospf_packet_type_str, ospfh->type,
903 NULL),
904 inet_ntoa(iph->ip_src));
905 }
906 return;
907 }
908
909 /* get neighbor prefix. */
910 p.family = AF_INET;
911 p.prefixlen = ip_masklen(hello->network_mask);
912 p.u.prefix4 = iph->ip_src;
913
914 /* Compare network mask. */
915 /* Checking is ignored for Point-to-Point and Virtual link. */
916 if (oi->type != OSPF_IFTYPE_POINTOPOINT
917 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
918 if (oi->address->prefixlen != p.prefixlen) {
919 zlog_warn(
920 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
921 inet_ntoa(ospfh->router_id), IF_NAME(oi),
922 (int)oi->address->prefixlen, (int)p.prefixlen);
923 return;
924 }
925
926 /* Compare Router Dead Interval. */
927 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
928 zlog_warn(
929 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
930 "(expected %u, but received %u).",
931 inet_ntoa(ospfh->router_id), OSPF_IF_PARAM(oi, v_wait),
932 ntohl(hello->dead_interval));
933 return;
934 }
935
936 /* Compare Hello Interval - ignored if fast-hellos are set. */
937 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
938 if (OSPF_IF_PARAM(oi, v_hello)
939 != ntohs(hello->hello_interval)) {
940 zlog_warn(
941 "Packet %s [Hello:RECV]: HelloInterval mismatch "
942 "(expected %u, but received %u).",
943 inet_ntoa(ospfh->router_id),
944 OSPF_IF_PARAM(oi, v_hello),
945 ntohs(hello->hello_interval));
946 return;
947 }
948 }
949
950 if (IS_DEBUG_OSPF_EVENT)
951 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
952 inet_ntoa(ospfh->router_id),
953 ospf_options_dump(hello->options),
954 ospf_vrf_id_to_name(oi->ospf->vrf_id));
955
956 /* Compare options. */
957 #define REJECT_IF_TBIT_ON 1 /* XXX */
958 #ifdef REJECT_IF_TBIT_ON
959 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
960 /*
961 * This router does not support non-zero TOS.
962 * Drop this Hello packet not to establish neighbor
963 * relationship.
964 */
965 zlog_warn("Packet %s [Hello:RECV]: T-bit on, drop it.",
966 inet_ntoa(ospfh->router_id));
967 return;
968 }
969 #endif /* REJECT_IF_TBIT_ON */
970
971 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
972 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
973 /*
974 * This router does know the correct usage of O-bit
975 * the bit should be set in DD packet only.
976 */
977 zlog_warn("Packet %s [Hello:RECV]: O-bit abuse?",
978 inet_ntoa(ospfh->router_id));
979 #ifdef STRICT_OBIT_USAGE_CHECK
980 return; /* Reject this packet. */
981 #else /* STRICT_OBIT_USAGE_CHECK */
982 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
983 #endif /* STRICT_OBIT_USAGE_CHECK */
984 }
985
986 /* new for NSSA is to ensure that NP is on and E is off */
987
988 if (oi->area->external_routing == OSPF_AREA_NSSA) {
989 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
990 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
991 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
992 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
993 zlog_warn(
994 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
995 inet_ntoa(ospfh->router_id), OPTIONS(oi),
996 hello->options);
997 return;
998 }
999 if (IS_DEBUG_OSPF_NSSA)
1000 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1001 inet_ntoa(ospfh->router_id));
1002 } else
1003 /* The setting of the E-bit found in the Hello Packet's Options
1004 field must match this area's ExternalRoutingCapability A
1005 mismatch causes processing to stop and the packet to be
1006 dropped. The setting of the rest of the bits in the Hello
1007 Packet's Options field should be ignored. */
1008 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1009 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1010 zlog_warn(
1011 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1012 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1013 hello->options);
1014 return;
1015 }
1016
1017 /* get neighbour struct */
1018 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1019
1020 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1021 assert(nbr);
1022
1023 old_state = nbr->state;
1024
1025 /* Add event to thread. */
1026 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1027
1028 /* RFC2328 Section 9.5.1
1029 If the router is not eligible to become Designated Router,
1030 (snip) It must also send an Hello Packet in reply to an
1031 Hello Packet received from any eligible neighbor (other than
1032 the current Designated Router and Backup Designated Router). */
1033 if (oi->type == OSPF_IFTYPE_NBMA)
1034 if (PRIORITY(oi) == 0 && hello->priority > 0
1035 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1036 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1037 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1038 ospf_hello_reply_timer,
1039 OSPF_HELLO_REPLY_DELAY);
1040
1041 /* on NBMA network type, it happens to receive bidirectional Hello
1042 packet
1043 without advance 1-Way Received event.
1044 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1045 if (oi->type == OSPF_IFTYPE_NBMA
1046 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1047 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1048 nbr->priority = hello->priority;
1049 nbr->d_router = hello->d_router;
1050 nbr->bd_router = hello->bd_router;
1051 return;
1052 }
1053
1054 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1055 size - OSPF_HELLO_MIN_SIZE)) {
1056 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1057 nbr->options |= hello->options;
1058 } else {
1059 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1060 /* Set neighbor information. */
1061 nbr->priority = hello->priority;
1062 nbr->d_router = hello->d_router;
1063 nbr->bd_router = hello->bd_router;
1064 return;
1065 }
1066
1067 /* If neighbor itself declares DR and no BDR exists,
1068 cause event BackupSeen */
1069 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1070 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1071 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1072
1073 /* neighbor itself declares BDR. */
1074 if (oi->state == ISM_Waiting
1075 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1076 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1077
1078 /* had not previously. */
1079 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1080 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1081 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1082 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1083 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1084
1085 /* had not previously. */
1086 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1087 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1088 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1089 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1090 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1091
1092 /* Neighbor priority check. */
1093 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1094 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1095
1096 /* Set neighbor information. */
1097 nbr->priority = hello->priority;
1098 nbr->d_router = hello->d_router;
1099 nbr->bd_router = hello->bd_router;
1100 }
1101
1102 /* Save DD flags/options/Seqnum received. */
1103 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1104 struct ospf_db_desc *dd)
1105 {
1106 nbr->last_recv.flags = dd->flags;
1107 nbr->last_recv.options = dd->options;
1108 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1109 }
1110
1111 /* Process rest of DD packet. */
1112 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1113 struct ospf_neighbor *nbr,
1114 struct ospf_db_desc *dd, u_int16_t size)
1115 {
1116 struct ospf_lsa *new, *find;
1117 struct lsa_header *lsah;
1118
1119 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1120 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1121 size -= OSPF_LSA_HEADER_SIZE) {
1122 lsah = (struct lsa_header *)stream_pnt(s);
1123 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1124
1125 /* Unknown LS type. */
1126 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1127 zlog_warn("Packet [DD:RECV]: Unknown LS type %d.",
1128 lsah->type);
1129 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1130 return;
1131 }
1132
1133 if (IS_OPAQUE_LSA(lsah->type)
1134 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1135 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1136 lsah->type, inet_ntoa(lsah->id));
1137 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1138 return;
1139 }
1140
1141 switch (lsah->type) {
1142 case OSPF_AS_EXTERNAL_LSA:
1143 case OSPF_OPAQUE_AS_LSA:
1144 /* Check for stub area. Reject if AS-External from stub
1145 but
1146 allow if from NSSA. */
1147 if (oi->area->external_routing == OSPF_AREA_STUB) {
1148 zlog_warn(
1149 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1150 lsah->type, inet_ntoa(lsah->id),
1151 (oi->area->external_routing
1152 == OSPF_AREA_STUB)
1153 ? "STUB"
1154 : "NSSA");
1155 OSPF_NSM_EVENT_SCHEDULE(nbr,
1156 NSM_SeqNumberMismatch);
1157 return;
1158 }
1159 break;
1160 default:
1161 break;
1162 }
1163
1164 /* Create LS-request object. */
1165 new = ospf_ls_request_new(lsah);
1166
1167 /* Lookup received LSA, then add LS request list. */
1168 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1169
1170 /* ospf_lsa_more_recent is fine with NULL pointers */
1171 switch (ospf_lsa_more_recent(find, new)) {
1172 case -1:
1173 /* Neighbour has a more recent LSA, we must request it
1174 */
1175 ospf_ls_request_add(nbr, new);
1176 /* fallthru */
1177 case 0:
1178 /* If we have a copy of this LSA, it's either less
1179 * recent
1180 * and we're requesting it from neighbour (the case
1181 * above), or
1182 * it's as recent and we both have same copy (this
1183 * case).
1184 *
1185 * In neither of these two cases is there any point in
1186 * describing our copy of the LSA to the neighbour in a
1187 * DB-Summary packet, if we're still intending to do so.
1188 *
1189 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1190 * backward compatible optimisation to OSPF DB Exchange
1191 * /
1192 * DB Description process implemented here.
1193 */
1194 if (find)
1195 ospf_lsdb_delete(&nbr->db_sum, find);
1196 ospf_lsa_discard(new);
1197 break;
1198 default:
1199 /* We have the more recent copy, nothing specific to do:
1200 * - no need to request neighbours stale copy
1201 * - must leave DB summary list copy alone
1202 */
1203 if (IS_DEBUG_OSPF_EVENT)
1204 zlog_debug(
1205 "Packet [DD:RECV]: LSA received Type %d, "
1206 "ID %s is not recent.",
1207 lsah->type, inet_ntoa(lsah->id));
1208 ospf_lsa_discard(new);
1209 }
1210 }
1211
1212 /* Master */
1213 if (IS_SET_DD_MS(nbr->dd_flags)) {
1214 nbr->dd_seqnum++;
1215
1216 /* Both sides have no More, then we're done with Exchange */
1217 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1218 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1219 else
1220 ospf_db_desc_send(nbr);
1221 }
1222 /* Slave */
1223 else {
1224 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1225
1226 /* Send DD packet in reply.
1227 *
1228 * Must be done to acknowledge the Master's DD, regardless of
1229 * whether we have more LSAs ourselves to describe.
1230 *
1231 * This function will clear the 'More' bit, if after this DD
1232 * we have no more LSAs to describe to the master..
1233 */
1234 ospf_db_desc_send(nbr);
1235
1236 /* Slave can raise ExchangeDone now, if master is also done */
1237 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1238 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1239 }
1240
1241 /* Save received neighbor values from DD. */
1242 ospf_db_desc_save_current(nbr, dd);
1243
1244 if (!nbr->t_ls_req)
1245 ospf_ls_req_send(nbr);
1246 }
1247
1248 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1249 struct ospf_neighbor *nbr)
1250 {
1251 /* Is DD duplicated? */
1252 if (dd->options == nbr->last_recv.options
1253 && dd->flags == nbr->last_recv.flags
1254 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1255 return 1;
1256
1257 return 0;
1258 }
1259
1260 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1261 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1262 struct stream *s, struct ospf_interface *oi,
1263 u_int16_t size)
1264 {
1265 struct ospf_db_desc *dd;
1266 struct ospf_neighbor *nbr;
1267
1268 /* Increment statistics. */
1269 oi->db_desc_in++;
1270
1271 dd = (struct ospf_db_desc *)stream_pnt(s);
1272
1273 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1274 if (nbr == NULL) {
1275 zlog_warn("Packet[DD]: Unknown Neighbor %s",
1276 inet_ntoa(ospfh->router_id));
1277 return;
1278 }
1279
1280 /* Check MTU. */
1281 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1282 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1283 zlog_warn(
1284 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1285 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1286 oi->ifp->mtu);
1287 return;
1288 }
1289
1290 /*
1291 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1292 * not
1293 * required. In fact at least JunOS sends DD packets with P bit clear.
1294 * Until proper solution is developped, this hack should help.
1295 *
1296 * Update: According to the RFCs, N bit is specified /only/ for Hello
1297 * options, unfortunately its use in DD options is not specified. Hence
1298 * some
1299 * implementations follow E-bit semantics and set it in DD options, and
1300 * some
1301 * treat it as unspecified and hence follow the directive "default for
1302 * options is clear", ie unset.
1303 *
1304 * Reset the flag, as ospfd follows E-bit semantics.
1305 */
1306 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1307 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1308 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1309 if (IS_DEBUG_OSPF_EVENT)
1310 zlog_debug(
1311 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1312 inet_ntoa(nbr->router_id));
1313 SET_FLAG(dd->options, OSPF_OPTION_NP);
1314 }
1315
1316 #ifdef REJECT_IF_TBIT_ON
1317 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1318 /*
1319 * In Hello protocol, optional capability must have checked
1320 * to prevent this T-bit enabled router be my neighbor.
1321 */
1322 zlog_warn("Packet[DD]: Neighbor %s: T-bit on?",
1323 inet_ntoa(nbr->router_id));
1324 return;
1325 }
1326 #endif /* REJECT_IF_TBIT_ON */
1327
1328 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1329 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1330 /*
1331 * This node is not configured to handle O-bit, for now.
1332 * Clear it to ignore unsupported capability proposed by
1333 * neighbor.
1334 */
1335 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1336 }
1337
1338 /* Add event to thread. */
1339 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1340
1341 /* Process DD packet by neighbor status. */
1342 switch (nbr->state) {
1343 case NSM_Down:
1344 case NSM_Attempt:
1345 case NSM_TwoWay:
1346 zlog_warn(
1347 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1348 inet_ntoa(nbr->router_id),
1349 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1350 break;
1351 case NSM_Init:
1352 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1353 /* If the new state is ExStart, the processing of the current
1354 packet should then continue in this new state by falling
1355 through to case ExStart below. */
1356 if (nbr->state != NSM_ExStart)
1357 break;
1358 /* fallthru */
1359 case NSM_ExStart:
1360 /* Initial DBD */
1361 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1362 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1363 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1364 > 0) {
1365 /* We're Slave---obey */
1366 if (CHECK_FLAG(oi->ospf->config,
1367 OSPF_LOG_ADJACENCY_DETAIL))
1368 zlog_info("Packet[DD]: Neighbor %s Negotiation done (Slave).",
1369 inet_ntoa(nbr->router_id));
1370
1371 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1372
1373 /* Reset I/MS */
1374 UNSET_FLAG(nbr->dd_flags,
1375 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1376 } else {
1377 /* We're Master, ignore the initial DBD from
1378 * Slave */
1379 if (CHECK_FLAG(oi->ospf->config,
1380 OSPF_LOG_ADJACENCY_DETAIL))
1381 zlog_info(
1382 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1383 "ignoring.",
1384 inet_ntoa(nbr->router_id));
1385 break;
1386 }
1387 }
1388 /* Ack from the Slave */
1389 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1390 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1391 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1392 < 0) {
1393 zlog_info(
1394 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1395 inet_ntoa(nbr->router_id));
1396 /* Reset I, leaving MS */
1397 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1398 } else {
1399 zlog_warn("Packet[DD]: Neighbor %s Negotiation fails.",
1400 inet_ntoa(nbr->router_id));
1401 break;
1402 }
1403
1404 /* This is where the real Options are saved */
1405 nbr->options = dd->options;
1406
1407 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1408 if (IS_DEBUG_OSPF_EVENT)
1409 zlog_debug(
1410 "Neighbor[%s] is %sOpaque-capable.",
1411 inet_ntoa(nbr->router_id),
1412 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1413 ? ""
1414 : "NOT ");
1415
1416 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1417 && IPV4_ADDR_SAME(&DR(oi),
1418 &nbr->address.u.prefix4)) {
1419 zlog_warn(
1420 "DR-neighbor[%s] is NOT opaque-capable; "
1421 "Opaque-LSAs cannot be reliably advertised "
1422 "in this network.",
1423 inet_ntoa(nbr->router_id));
1424 /* This situation is undesirable, but not a real
1425 * error. */
1426 }
1427 }
1428
1429 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1430
1431 /* continue processing rest of packet. */
1432 ospf_db_desc_proc(s, oi, nbr, dd, size);
1433 break;
1434 case NSM_Exchange:
1435 if (ospf_db_desc_is_dup(dd, nbr)) {
1436 if (IS_SET_DD_MS(nbr->dd_flags))
1437 /* Master: discard duplicated DD packet. */
1438 zlog_info(
1439 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1440 inet_ntoa(nbr->router_id));
1441 else
1442 /* Slave: cause to retransmit the last Database
1443 Description. */
1444 {
1445 zlog_info(
1446 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1447 inet_ntoa(nbr->router_id));
1448 ospf_db_desc_resend(nbr);
1449 }
1450 break;
1451 }
1452
1453 /* Otherwise DD packet should be checked. */
1454 /* Check Master/Slave bit mismatch */
1455 if (IS_SET_DD_MS(dd->flags)
1456 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1457 zlog_warn("Packet[DD]: Neighbor %s MS-bit mismatch.",
1458 inet_ntoa(nbr->router_id));
1459 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1460 if (IS_DEBUG_OSPF_EVENT)
1461 zlog_debug(
1462 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1463 dd->flags, nbr->dd_flags);
1464 break;
1465 }
1466
1467 /* Check initialize bit is set. */
1468 if (IS_SET_DD_I(dd->flags)) {
1469 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1470 inet_ntoa(nbr->router_id));
1471 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1472 break;
1473 }
1474
1475 /* Check DD Options. */
1476 if (dd->options != nbr->options) {
1477 #ifdef ORIGINAL_CODING
1478 /* Save the new options for debugging */
1479 nbr->options = dd->options;
1480 #endif /* ORIGINAL_CODING */
1481 zlog_warn("Packet[DD]: Neighbor %s options mismatch.",
1482 inet_ntoa(nbr->router_id));
1483 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1484 break;
1485 }
1486
1487 /* Check DD sequence number. */
1488 if ((IS_SET_DD_MS(nbr->dd_flags)
1489 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1490 || (!IS_SET_DD_MS(nbr->dd_flags)
1491 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1492 zlog_warn(
1493 "Packet[DD]: Neighbor %s sequence number mismatch.",
1494 inet_ntoa(nbr->router_id));
1495 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1496 break;
1497 }
1498
1499 /* Continue processing rest of packet. */
1500 ospf_db_desc_proc(s, oi, nbr, dd, size);
1501 break;
1502 case NSM_Loading:
1503 case NSM_Full:
1504 if (ospf_db_desc_is_dup(dd, nbr)) {
1505 if (IS_SET_DD_MS(nbr->dd_flags)) {
1506 /* Master should discard duplicate DD packet. */
1507 zlog_info(
1508 "Packet[DD]: Neighbor %s duplicated, "
1509 "packet discarded.",
1510 inet_ntoa(nbr->router_id));
1511 break;
1512 } else {
1513 if (monotime_since(&nbr->last_send_ts, NULL)
1514 < nbr->v_inactivity * 1000000LL) {
1515 /* In states Loading and Full the slave
1516 must resend
1517 its last Database Description packet
1518 in response to
1519 duplicate Database Description
1520 packets received
1521 from the master. For this reason the
1522 slave must
1523 wait RouterDeadInterval seconds
1524 before freeing the
1525 last Database Description packet.
1526 Reception of a
1527 Database Description packet from the
1528 master after
1529 this interval will generate a
1530 SeqNumberMismatch
1531 neighbor event. RFC2328 Section 10.8
1532 */
1533 ospf_db_desc_resend(nbr);
1534 break;
1535 }
1536 }
1537 }
1538
1539 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1540 break;
1541 default:
1542 zlog_warn("Packet[DD]: Neighbor %s NSM illegal status %u.",
1543 inet_ntoa(nbr->router_id), nbr->state);
1544 break;
1545 }
1546 }
1547
1548 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1549
1550 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1551 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1552 struct stream *s, struct ospf_interface *oi,
1553 u_int16_t size)
1554 {
1555 struct ospf_neighbor *nbr;
1556 u_int32_t ls_type;
1557 struct in_addr ls_id;
1558 struct in_addr adv_router;
1559 struct ospf_lsa *find;
1560 struct list *ls_upd;
1561 unsigned int length;
1562
1563 /* Increment statistics. */
1564 oi->ls_req_in++;
1565
1566 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1567 if (nbr == NULL) {
1568 zlog_warn("Link State Request: Unknown Neighbor %s.",
1569 inet_ntoa(ospfh->router_id));
1570 return;
1571 }
1572
1573 /* Add event to thread. */
1574 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1575
1576 /* Neighbor State should be Exchange or later. */
1577 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1578 && nbr->state != NSM_Full) {
1579 zlog_warn(
1580 "Link State Request received from %s: "
1581 "Neighbor state is %s, packet discarded.",
1582 inet_ntoa(ospfh->router_id),
1583 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1584 return;
1585 }
1586
1587 /* Send Link State Update for ALL requested LSAs. */
1588 ls_upd = list_new();
1589 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1590
1591 while (size >= OSPF_LSA_KEY_SIZE) {
1592 /* Get one slice of Link State Request. */
1593 ls_type = stream_getl(s);
1594 ls_id.s_addr = stream_get_ipv4(s);
1595 adv_router.s_addr = stream_get_ipv4(s);
1596
1597 /* Verify LSA type. */
1598 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1599 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1600 list_delete_and_null(&ls_upd);
1601 return;
1602 }
1603
1604 /* Search proper LSA in LSDB. */
1605 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1606 adv_router);
1607 if (find == NULL) {
1608 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1609 list_delete_and_null(&ls_upd);
1610 return;
1611 }
1612
1613 /* Packet overflows MTU size, send immediately. */
1614 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1615 if (oi->type == OSPF_IFTYPE_NBMA)
1616 ospf_ls_upd_send(nbr, ls_upd,
1617 OSPF_SEND_PACKET_DIRECT, 0);
1618 else
1619 ospf_ls_upd_send(nbr, ls_upd,
1620 OSPF_SEND_PACKET_INDIRECT, 0);
1621
1622 /* Only remove list contents. Keep ls_upd. */
1623 list_delete_all_node(ls_upd);
1624
1625 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1626 }
1627
1628 /* Append LSA to update list. */
1629 listnode_add(ls_upd, find);
1630 length += ntohs(find->data->length);
1631
1632 size -= OSPF_LSA_KEY_SIZE;
1633 }
1634
1635 /* Send rest of Link State Update. */
1636 if (listcount(ls_upd) > 0) {
1637 if (oi->type == OSPF_IFTYPE_NBMA)
1638 ospf_ls_upd_send(nbr, ls_upd,
1639 OSPF_SEND_PACKET_DIRECT, 0);
1640 else
1641 ospf_ls_upd_send(nbr, ls_upd,
1642 OSPF_SEND_PACKET_INDIRECT, 0);
1643
1644 list_delete_and_null(&ls_upd);
1645 } else
1646 list_delete_and_null(&ls_upd);
1647 }
1648
1649 /* Get the list of LSAs from Link State Update packet.
1650 And process some validation -- RFC2328 Section 13. (1)-(2). */
1651 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1652 struct stream *s,
1653 struct ospf_interface *oi, size_t size)
1654 {
1655 u_int16_t count, sum;
1656 u_int32_t length;
1657 struct lsa_header *lsah;
1658 struct ospf_lsa *lsa;
1659 struct list *lsas;
1660
1661 lsas = list_new();
1662
1663 count = stream_getl(s);
1664 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1665
1666 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1667 size -= length, stream_forward_getp(s, length), count--) {
1668 lsah = (struct lsa_header *)stream_pnt(s);
1669 length = ntohs(lsah->length);
1670
1671 if (length > size) {
1672 zlog_warn(
1673 "Link State Update: LSA length exceeds packet size.");
1674 break;
1675 }
1676
1677 /* Validate the LSA's LS checksum. */
1678 sum = lsah->checksum;
1679 if (!ospf_lsa_checksum_valid(lsah)) {
1680 /* (bug #685) more details in a one-line message make it
1681 * possible
1682 * to identify problem source on the one hand and to
1683 * have a better
1684 * chance to compress repeated messages in syslog on the
1685 * other */
1686 zlog_warn(
1687 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1688 sum, lsah->checksum, inet_ntoa(lsah->id),
1689 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1690 inet_ntoa(lsah->adv_router));
1691 continue;
1692 }
1693
1694 /* Examine the LSA's LS type. */
1695 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1696 zlog_warn("Link State Update: Unknown LS type %d",
1697 lsah->type);
1698 continue;
1699 }
1700
1701 /*
1702 * What if the received LSA's age is greater than MaxAge?
1703 * Treat it as a MaxAge case -- endo.
1704 */
1705 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1706 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1707
1708 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1709 #ifdef STRICT_OBIT_USAGE_CHECK
1710 if ((IS_OPAQUE_LSA(lsah->type)
1711 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1712 || (!IS_OPAQUE_LSA(lsah->type)
1713 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1714 /*
1715 * This neighbor must know the exact usage of
1716 * O-bit;
1717 * the bit will be set in Type-9,10,11 LSAs
1718 * only.
1719 */
1720 zlog_warn("LSA[Type%d:%s]: O-bit abuse?",
1721 lsah->type, inet_ntoa(lsah->id));
1722 continue;
1723 }
1724 #endif /* STRICT_OBIT_USAGE_CHECK */
1725
1726 /* Do not take in AS External Opaque-LSAs if we are a
1727 * stub. */
1728 if (lsah->type == OSPF_OPAQUE_AS_LSA
1729 && nbr->oi->area->external_routing
1730 != OSPF_AREA_DEFAULT) {
1731 if (IS_DEBUG_OSPF_EVENT)
1732 zlog_debug(
1733 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1734 lsah->type,
1735 inet_ntoa(lsah->id));
1736 continue;
1737 }
1738 } else if (IS_OPAQUE_LSA(lsah->type)) {
1739 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1740 lsah->type, inet_ntoa(lsah->id));
1741 continue;
1742 }
1743
1744 /* Create OSPF LSA instance. */
1745 lsa = ospf_lsa_new();
1746
1747 lsa->vrf_id = oi->ospf->vrf_id;
1748 /* We may wish to put some error checking if type NSSA comes in
1749 and area not in NSSA mode */
1750 switch (lsah->type) {
1751 case OSPF_AS_EXTERNAL_LSA:
1752 case OSPF_OPAQUE_AS_LSA:
1753 lsa->area = NULL;
1754 break;
1755 case OSPF_OPAQUE_LINK_LSA:
1756 lsa->oi = oi; /* Remember incoming interface for
1757 flooding control. */
1758 /* Fallthrough */
1759 default:
1760 lsa->area = oi->area;
1761 break;
1762 }
1763
1764 lsa->data = ospf_lsa_data_new(length);
1765 memcpy(lsa->data, lsah, length);
1766
1767 if (IS_DEBUG_OSPF_EVENT)
1768 zlog_debug(
1769 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1770 lsa->data->type, inet_ntoa(lsa->data->id),
1771 (void *)lsa);
1772 listnode_add(lsas, lsa);
1773 }
1774
1775 return lsas;
1776 }
1777
1778 /* Cleanup Update list. */
1779 static void ospf_upd_list_clean(struct list *lsas)
1780 {
1781 struct listnode *node, *nnode;
1782 struct ospf_lsa *lsa;
1783
1784 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1785 ospf_lsa_discard(lsa);
1786
1787 list_delete_and_null(&lsas);
1788 }
1789
1790 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1791 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1792 struct ospf_header *ospfh, struct stream *s,
1793 struct ospf_interface *oi, u_int16_t size)
1794 {
1795 struct ospf_neighbor *nbr;
1796 struct list *lsas;
1797 struct listnode *node, *nnode;
1798 struct ospf_lsa *lsa = NULL;
1799 /* unsigned long ls_req_found = 0; */
1800
1801 /* Dis-assemble the stream, update each entry, re-encapsulate for
1802 * flooding */
1803
1804 /* Increment statistics. */
1805 oi->ls_upd_in++;
1806
1807 /* Check neighbor. */
1808 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1809 if (nbr == NULL) {
1810 zlog_warn("Link State Update: Unknown Neighbor %s on int: %s",
1811 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1812 return;
1813 }
1814
1815 /* Add event to thread. */
1816 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1817
1818 /* Check neighbor state. */
1819 if (nbr->state < NSM_Exchange) {
1820 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1821 zlog_debug(
1822 "Link State Update: "
1823 "Neighbor[%s] state %s is less than Exchange",
1824 inet_ntoa(ospfh->router_id),
1825 lookup_msg(ospf_nsm_state_msg, nbr->state,
1826 NULL));
1827 return;
1828 }
1829
1830 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1831 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1832 * of section 13.
1833 */
1834 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1835
1836 if (lsas == NULL)
1837 return;
1838 #define DISCARD_LSA(L, N) \
1839 { \
1840 if (IS_DEBUG_OSPF_EVENT) \
1841 zlog_debug( \
1842 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1843 " Type-%d", \
1844 N, (void *)lsa, (int)lsa->data->type); \
1845 ospf_lsa_discard(L); \
1846 continue; \
1847 }
1848
1849 /* Process each LSA received in the one packet.
1850 *
1851 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1852 * text below are from the steps in RFC 2328, Section 13.
1853 */
1854 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1855 struct ospf_lsa *ls_ret, *current;
1856 int ret = 1;
1857
1858 if (IS_DEBUG_OSPF_NSSA) {
1859 char buf1[INET_ADDRSTRLEN];
1860 char buf2[INET_ADDRSTRLEN];
1861 char buf3[INET_ADDRSTRLEN];
1862
1863 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1864 lsa->data->type,
1865 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1866 INET_ADDRSTRLEN),
1867 inet_ntop(AF_INET, &lsa->data->id, buf2,
1868 INET_ADDRSTRLEN),
1869 inet_ntop(AF_INET, &lsa->data->adv_router,
1870 buf3, INET_ADDRSTRLEN));
1871 }
1872
1873 listnode_delete(lsas,
1874 lsa); /* We don't need it in list anymore */
1875
1876 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1877 */
1878
1879 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1880
1881 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1882 */
1883
1884 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1885 */
1886
1887 /* Do take in Type-7's if we are an NSSA */
1888
1889 /* If we are also an ABR, later translate them to a Type-5
1890 * packet */
1891
1892 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1893 translate them to a separate Type-5 packet. */
1894
1895 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1896 /* Reject from STUB or NSSA */
1897 if (nbr->oi->area->external_routing
1898 != OSPF_AREA_DEFAULT) {
1899 if (IS_DEBUG_OSPF_NSSA)
1900 zlog_debug(
1901 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1902 DISCARD_LSA(lsa, 1);
1903 }
1904
1905 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1906 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1907 if (IS_DEBUG_OSPF_NSSA)
1908 zlog_debug(
1909 "Incoming NSSA LSA Discarded: Not NSSA Area");
1910 DISCARD_LSA(lsa, 2);
1911 }
1912
1913 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1914 if (lsa->data->type == OSPF_ROUTER_LSA)
1915 if (!IPV4_ADDR_SAME(&lsa->data->id,
1916 &lsa->data->adv_router)) {
1917 char buf1[INET_ADDRSTRLEN];
1918 char buf2[INET_ADDRSTRLEN];
1919 char buf3[INET_ADDRSTRLEN];
1920
1921 zlog_err(
1922 "Incoming Router-LSA from %s with "
1923 "Adv-ID[%s] != LS-ID[%s]",
1924 inet_ntop(AF_INET, &ospfh->router_id,
1925 buf1, INET_ADDRSTRLEN),
1926 inet_ntop(AF_INET, &lsa->data->id, buf2,
1927 INET_ADDRSTRLEN),
1928 inet_ntop(AF_INET,
1929 &lsa->data->adv_router, buf3,
1930 INET_ADDRSTRLEN));
1931 zlog_err(
1932 "OSPF domain compromised by attack or corruption. "
1933 "Verify correct operation of -ALL- OSPF routers.");
1934 DISCARD_LSA(lsa, 0);
1935 }
1936
1937 /* Find the LSA in the current database. */
1938
1939 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1940
1941 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1942 currently
1943 no instance of the LSA in the router's link state database,
1944 and none of router's neighbors are in states Exchange or
1945 Loading,
1946 then take the following actions: */
1947
1948 if (IS_LSA_MAXAGE(lsa) && !current
1949 && ospf_check_nbr_status(oi->ospf)) {
1950 /* (4a) Response Link State Acknowledgment. */
1951 ospf_ls_ack_send(nbr, lsa);
1952
1953 /* (4b) Discard LSA. */
1954 if (IS_DEBUG_OSPF(lsa, LSA)) {
1955 zlog_debug(
1956 "Link State Update[%s]: LS age is equal to MaxAge.",
1957 dump_lsa_key(lsa));
1958 }
1959 DISCARD_LSA(lsa, 3);
1960 }
1961
1962 if (IS_OPAQUE_LSA(lsa->data->type)
1963 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1964 &oi->ospf->router_id)) {
1965 /*
1966 * Even if initial flushing seems to be completed, there
1967 * might
1968 * be a case that self-originated LSA with MaxAge still
1969 * remain
1970 * in the routing domain.
1971 * Just send an LSAck message to cease retransmission.
1972 */
1973 if (IS_LSA_MAXAGE(lsa)) {
1974 zlog_warn("LSA[%s]: Boomerang effect?",
1975 dump_lsa_key(lsa));
1976 ospf_ls_ack_send(nbr, lsa);
1977 ospf_lsa_discard(lsa);
1978
1979 if (current != NULL && !IS_LSA_MAXAGE(current))
1980 ospf_opaque_lsa_refresh_schedule(
1981 current);
1982 continue;
1983 }
1984
1985 /*
1986 * If an instance of self-originated Opaque-LSA is not
1987 * found
1988 * in the LSDB, there are some possible cases here.
1989 *
1990 * 1) This node lost opaque-capability after restart.
1991 * 2) Else, a part of opaque-type is no more supported.
1992 * 3) Else, a part of opaque-id is no more supported.
1993 *
1994 * Anyway, it is still this node's responsibility to
1995 * flush it.
1996 * Otherwise, the LSA instance remains in the routing
1997 * domain
1998 * until its age reaches to MaxAge.
1999 */
2000 /* XXX: We should deal with this for *ALL* LSAs, not
2001 * just opaque */
2002 if (current == NULL) {
2003 if (IS_DEBUG_OSPF_EVENT)
2004 zlog_debug(
2005 "LSA[%s]: Previously originated Opaque-LSA,"
2006 "not found in the LSDB.",
2007 dump_lsa_key(lsa));
2008
2009 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2010
2011 ospf_opaque_self_originated_lsa_received(nbr,
2012 lsa);
2013 ospf_ls_ack_send(nbr, lsa);
2014
2015 continue;
2016 }
2017 }
2018
2019 /* It might be happen that received LSA is self-originated
2020 * network LSA, but
2021 * router ID is changed. So, we should check if LSA is a
2022 * network-LSA whose
2023 * Link State ID is one of the router's own IP interface
2024 * addresses but whose
2025 * Advertising Router is not equal to the router's own Router ID
2026 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2027 * flushed.
2028 */
2029
2030 if (lsa->data->type == OSPF_NETWORK_LSA) {
2031 struct listnode *oinode, *oinnode;
2032 struct ospf_interface *out_if;
2033 int Flag = 0;
2034
2035 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2036 oinnode, out_if)) {
2037 if (out_if == NULL)
2038 break;
2039
2040 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2041 &lsa->data->id))
2042 && (!(IPV4_ADDR_SAME(
2043 &oi->ospf->router_id,
2044 &lsa->data->adv_router)))) {
2045 if (out_if->network_lsa_self) {
2046 ospf_lsa_flush_area(
2047 lsa, out_if->area);
2048 if (IS_DEBUG_OSPF_EVENT)
2049 zlog_debug(
2050 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2051 (void *)lsa,
2052 (int)lsa->data
2053 ->type);
2054 ospf_lsa_discard(lsa);
2055 Flag = 1;
2056 }
2057 break;
2058 }
2059 }
2060 if (Flag)
2061 continue;
2062 }
2063
2064 /* (5) Find the instance of this LSA that is currently contained
2065 in the router's link state database. If there is no
2066 database copy, or the received LSA is more recent than
2067 the database copy the following steps must be performed.
2068 (The sub steps from RFC 2328 section 13 step (5) will be
2069 performed in
2070 ospf_flood() ) */
2071
2072 if (current == NULL
2073 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2074 /* Actual flooding procedure. */
2075 if (ospf_flood(oi->ospf, nbr, current, lsa)
2076 < 0) /* Trap NSSA later. */
2077 DISCARD_LSA(lsa, 4);
2078 continue;
2079 }
2080
2081 /* (6) Else, If there is an instance of the LSA on the sending
2082 neighbor's Link state request list, an error has occurred in
2083 the Database Exchange process. In this case, restart the
2084 Database Exchange process by generating the neighbor event
2085 BadLSReq for the sending neighbor and stop processing the
2086 Link State Update packet. */
2087
2088 if (ospf_ls_request_lookup(nbr, lsa)) {
2089 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2090 zlog_warn(
2091 "LSA[%s] instance exists on Link state request list",
2092 dump_lsa_key(lsa));
2093
2094 /* Clean list of LSAs. */
2095 ospf_upd_list_clean(lsas);
2096 /* this lsa is not on lsas list already. */
2097 ospf_lsa_discard(lsa);
2098 return;
2099 }
2100
2101 /* If the received LSA is the same instance as the database copy
2102 (i.e., neither one is more recent) the following two steps
2103 should be performed: */
2104
2105 if (ret == 0) {
2106 /* If the LSA is listed in the Link state retransmission
2107 list
2108 for the receiving adjacency, the router itself is
2109 expecting
2110 an acknowledgment for this LSA. The router should
2111 treat the
2112 received LSA as an acknowledgment by removing the LSA
2113 from
2114 the Link state retransmission list. This is termed
2115 an
2116 "implied acknowledgment". */
2117
2118 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2119
2120 if (ls_ret != NULL) {
2121 ospf_ls_retransmit_delete(nbr, ls_ret);
2122
2123 /* Delayed acknowledgment sent if advertisement
2124 received
2125 from Designated Router, otherwise do nothing.
2126 */
2127 if (oi->state == ISM_Backup)
2128 if (NBR_IS_DR(nbr))
2129 listnode_add(
2130 oi->ls_ack,
2131 ospf_lsa_lock(lsa));
2132
2133 DISCARD_LSA(lsa, 5);
2134 } else
2135 /* Acknowledge the receipt of the LSA by sending a
2136 Link State Acknowledgment packet back out the
2137 receiving
2138 interface. */
2139 {
2140 ospf_ls_ack_send(nbr, lsa);
2141 DISCARD_LSA(lsa, 6);
2142 }
2143 }
2144
2145 /* The database copy is more recent. If the database copy
2146 has LS age equal to MaxAge and LS sequence number equal to
2147 MaxSequenceNumber, simply discard the received LSA without
2148 acknowledging it. (In this case, the LSA's LS sequence number
2149 is
2150 wrapping, and the MaxSequenceNumber LSA must be completely
2151 flushed before any new LSA instance can be introduced). */
2152
2153 else if (ret > 0) /* Database copy is more recent */
2154 {
2155 if (IS_LSA_MAXAGE(current)
2156 && current->data->ls_seqnum
2157 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2158 DISCARD_LSA(lsa, 7);
2159 }
2160 /* Otherwise, as long as the database copy has not been
2161 sent in a
2162 Link State Update within the last MinLSArrival
2163 seconds, send the
2164 database copy back to the sending neighbor,
2165 encapsulated within
2166 a Link State Update Packet. The Link State Update
2167 Packet should
2168 be sent directly to the neighbor. In so doing, do not
2169 put the
2170 database copy of the LSA on the neighbor's link state
2171 retransmission list, and do not acknowledge the
2172 received (less
2173 recent) LSA instance. */
2174 else {
2175 if (monotime_since(&current->tv_orig, NULL)
2176 >= ospf->min_ls_arrival * 1000LL)
2177 /* Trap NSSA type later.*/
2178 ospf_ls_upd_send_lsa(
2179 nbr, current,
2180 OSPF_SEND_PACKET_DIRECT);
2181 DISCARD_LSA(lsa, 8);
2182 }
2183 }
2184 }
2185 #undef DISCARD_LSA
2186
2187 assert(listcount(lsas) == 0);
2188 list_delete_and_null(&lsas);
2189 }
2190
2191 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2192 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2193 struct stream *s, struct ospf_interface *oi,
2194 u_int16_t size)
2195 {
2196 struct ospf_neighbor *nbr;
2197
2198 /* increment statistics. */
2199 oi->ls_ack_in++;
2200
2201 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2202 if (nbr == NULL) {
2203 zlog_warn("Link State Acknowledgment: Unknown Neighbor %s.",
2204 inet_ntoa(ospfh->router_id));
2205 return;
2206 }
2207
2208 /* Add event to thread. */
2209 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2210
2211 if (nbr->state < NSM_Exchange) {
2212 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2213 zlog_debug(
2214 "Link State Acknowledgment: "
2215 "Neighbor[%s] state %s is less than Exchange",
2216 inet_ntoa(ospfh->router_id),
2217 lookup_msg(ospf_nsm_state_msg, nbr->state,
2218 NULL));
2219 return;
2220 }
2221
2222 while (size >= OSPF_LSA_HEADER_SIZE) {
2223 struct ospf_lsa *lsa, *lsr;
2224
2225 lsa = ospf_lsa_new();
2226 lsa->data = (struct lsa_header *)stream_pnt(s);
2227 lsa->vrf_id = oi->ospf->vrf_id;
2228
2229 /* lsah = (struct lsa_header *) stream_pnt (s); */
2230 size -= OSPF_LSA_HEADER_SIZE;
2231 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2232
2233 if (lsa->data->type < OSPF_MIN_LSA
2234 || lsa->data->type >= OSPF_MAX_LSA) {
2235 lsa->data = NULL;
2236 ospf_lsa_discard(lsa);
2237 continue;
2238 }
2239
2240 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2241
2242 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2243 ospf_ls_retransmit_delete(nbr, lsr);
2244
2245 lsa->data = NULL;
2246 ospf_lsa_discard(lsa);
2247 }
2248
2249 return;
2250 }
2251
2252 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2253 struct interface **ifp,
2254 struct stream *ibuf)
2255 {
2256 int ret;
2257 struct ip *iph;
2258 u_int16_t ip_len;
2259 ifindex_t ifindex = 0;
2260 struct iovec iov;
2261 /* Header and data both require alignment. */
2262 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2263 struct msghdr msgh;
2264
2265 memset(&msgh, 0, sizeof(struct msghdr));
2266 msgh.msg_iov = &iov;
2267 msgh.msg_iovlen = 1;
2268 msgh.msg_control = (caddr_t)buff;
2269 msgh.msg_controllen = sizeof(buff);
2270
2271 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2272 if (ret < 0) {
2273 zlog_warn("stream_recvmsg failed: %s", safe_strerror(errno));
2274 return NULL;
2275 }
2276 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2277 {
2278 zlog_warn(
2279 "ospf_recv_packet: discarding runt packet of length %d "
2280 "(ip header size is %u)",
2281 ret, (u_int)sizeof(iph));
2282 return NULL;
2283 }
2284
2285 /* Note that there should not be alignment problems with this assignment
2286 because this is at the beginning of the stream data buffer. */
2287 iph = (struct ip *)STREAM_DATA(ibuf);
2288 sockopt_iphdrincl_swab_systoh(iph);
2289
2290 ip_len = iph->ip_len;
2291
2292 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2293 /*
2294 * Kernel network code touches incoming IP header parameters,
2295 * before protocol specific processing.
2296 *
2297 * 1) Convert byteorder to host representation.
2298 * --> ip_len, ip_id, ip_off
2299 *
2300 * 2) Adjust ip_len to strip IP header size!
2301 * --> If user process receives entire IP packet via RAW
2302 * socket, it must consider adding IP header size to
2303 * the "ip_len" field of "ip" structure.
2304 *
2305 * For more details, see <netinet/ip_input.c>.
2306 */
2307 ip_len = ip_len + (iph->ip_hl << 2);
2308 #endif
2309
2310 #if defined(__DragonFly__)
2311 /*
2312 * in DragonFly's raw socket, ip_len/ip_off are read
2313 * in network byte order.
2314 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2315 */
2316 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2317 #endif
2318
2319 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2320
2321 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2322
2323 if (ret != ip_len) {
2324 zlog_warn(
2325 "ospf_recv_packet read length mismatch: ip_len is %d, "
2326 "but recvmsg returned %d",
2327 ip_len, ret);
2328 return NULL;
2329 }
2330
2331 return ibuf;
2332 }
2333
2334 static struct ospf_interface *
2335 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2336 struct ip *iph, struct ospf_header *ospfh)
2337 {
2338 struct ospf_interface *rcv_oi;
2339 struct ospf_vl_data *vl_data;
2340 struct ospf_area *vl_area;
2341 struct listnode *node;
2342
2343 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2344 || !OSPF_IS_AREA_BACKBONE(ospfh))
2345 return NULL;
2346
2347 /* look for local OSPF interface matching the destination
2348 * to determine Area ID. We presume therefore the destination address
2349 * is unique, or at least (for "unnumbered" links), not used in other
2350 * areas
2351 */
2352 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2353 == NULL)
2354 return NULL;
2355
2356 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2357 vl_area =
2358 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2359 if (!vl_area)
2360 continue;
2361
2362 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2363 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2364 if (IS_DEBUG_OSPF_EVENT)
2365 zlog_debug("associating packet with %s",
2366 IF_NAME(vl_data->vl_oi));
2367 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2368 if (IS_DEBUG_OSPF_EVENT)
2369 zlog_debug(
2370 "This VL is not up yet, sorry");
2371 return NULL;
2372 }
2373
2374 return vl_data->vl_oi;
2375 }
2376 }
2377
2378 if (IS_DEBUG_OSPF_EVENT)
2379 zlog_debug("couldn't find any VL to associate the packet with");
2380
2381 return NULL;
2382 }
2383
2384 static int ospf_check_area_id(struct ospf_interface *oi,
2385 struct ospf_header *ospfh)
2386 {
2387 /* Check match the Area ID of the receiving interface. */
2388 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2389 return 1;
2390
2391 return 0;
2392 }
2393
2394 /* Unbound socket will accept any Raw IP packets if proto is matched.
2395 To prevent it, compare src IP address and i/f address with masking
2396 i/f network mask. */
2397 static int ospf_check_network_mask(struct ospf_interface *oi,
2398 struct in_addr ip_src)
2399 {
2400 struct in_addr mask, me, him;
2401
2402 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2403 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2404 return 1;
2405
2406 masklen2ip(oi->address->prefixlen, &mask);
2407
2408 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2409 him.s_addr = ip_src.s_addr & mask.s_addr;
2410
2411 if (IPV4_ADDR_SAME(&me, &him))
2412 return 1;
2413
2414 return 0;
2415 }
2416
2417 /* Return 1, if the packet is properly authenticated and checksummed,
2418 0 otherwise. In particular, check that AuType header field is valid and
2419 matches the locally configured AuType, and that D.5 requirements are met. */
2420 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2421 {
2422 struct crypt_key *ck;
2423 u_int16_t iface_auth_type;
2424 u_int16_t pkt_auth_type = ntohs(ospfh->auth_type);
2425
2426 switch (pkt_auth_type) {
2427 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2428 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2429 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2430 zlog_warn(
2431 "interface %s: auth-type mismatch, local %s, rcvd Null",
2432 IF_NAME(oi),
2433 lookup_msg(ospf_auth_type_str,
2434 iface_auth_type, NULL));
2435 return 0;
2436 }
2437 if (!ospf_check_sum(ospfh)) {
2438 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2439 zlog_warn(
2440 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2441 IF_NAME(oi),
2442 inet_ntoa(ospfh->router_id));
2443 return 0;
2444 }
2445 return 1;
2446 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2447 if (OSPF_AUTH_SIMPLE
2448 != (iface_auth_type = ospf_auth_type(oi))) {
2449 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2450 zlog_warn(
2451 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2452 IF_NAME(oi),
2453 lookup_msg(ospf_auth_type_str,
2454 iface_auth_type, NULL));
2455 return 0;
2456 }
2457 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2458 OSPF_AUTH_SIMPLE_SIZE)) {
2459 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2460 zlog_warn("interface %s: Simple auth failed",
2461 IF_NAME(oi));
2462 return 0;
2463 }
2464 if (!ospf_check_sum(ospfh)) {
2465 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2466 zlog_warn(
2467 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2468 IF_NAME(oi),
2469 inet_ntoa(ospfh->router_id));
2470 return 0;
2471 }
2472 return 1;
2473 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2474 if (OSPF_AUTH_CRYPTOGRAPHIC
2475 != (iface_auth_type = ospf_auth_type(oi))) {
2476 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2477 zlog_warn(
2478 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2479 IF_NAME(oi),
2480 lookup_msg(ospf_auth_type_str,
2481 iface_auth_type, NULL));
2482 return 0;
2483 }
2484 if (ospfh->checksum) {
2485 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2486 zlog_warn(
2487 "interface %s: OSPF header checksum is not 0",
2488 IF_NAME(oi));
2489 return 0;
2490 }
2491 /* only MD5 crypto method can pass ospf_packet_examin() */
2492 if (
2493 NULL == (ck = listgetdata(listtail(
2494 OSPF_IF_PARAM(oi, auth_crypt))))
2495 || ospfh->u.crypt.key_id != ck->key_id ||
2496 /* Condition above uses the last key ID on the list,
2497 which is
2498 different from what ospf_crypt_key_lookup() does. A
2499 bug? */
2500 !ospf_check_md5_digest(oi, ospfh)) {
2501 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2502 zlog_warn("interface %s: MD5 auth failed",
2503 IF_NAME(oi));
2504 return 0;
2505 }
2506 return 1;
2507 default:
2508 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2509 zlog_warn(
2510 "interface %s: invalid packet auth-type (%02x)",
2511 IF_NAME(oi), pkt_auth_type);
2512 return 0;
2513 }
2514 }
2515
2516 static int ospf_check_sum(struct ospf_header *ospfh)
2517 {
2518 u_int32_t ret;
2519 u_int16_t sum;
2520
2521 /* clear auth_data for checksum. */
2522 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2523
2524 /* keep checksum and clear. */
2525 sum = ospfh->checksum;
2526 memset(&ospfh->checksum, 0, sizeof(u_int16_t));
2527
2528 /* calculate checksum. */
2529 ret = in_cksum(ospfh, ntohs(ospfh->length));
2530
2531 if (ret != sum) {
2532 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2533 ret, sum);
2534 return 0;
2535 }
2536
2537 return 1;
2538 }
2539
2540 /* Verify, that given link/TOS records are properly sized/aligned and match
2541 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2542 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2543 u_int16_t linkbytes,
2544 const u_int16_t num_links)
2545 {
2546 unsigned counted_links = 0, thislinklen;
2547
2548 while (linkbytes) {
2549 thislinklen =
2550 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2551 if (thislinklen > linkbytes) {
2552 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2553 zlog_debug("%s: length error in link block #%u",
2554 __func__, counted_links);
2555 return MSG_NG;
2556 }
2557 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2558 linkbytes -= thislinklen;
2559 counted_links++;
2560 }
2561 if (counted_links != num_links) {
2562 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2563 zlog_debug("%s: %u link blocks declared, %u present",
2564 __func__, num_links, counted_links);
2565 return MSG_NG;
2566 }
2567 return MSG_OK;
2568 }
2569
2570 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2571 minimum length constraint). */
2572 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const u_int16_t lsalen,
2573 const u_char headeronly)
2574 {
2575 unsigned ret;
2576 struct router_lsa *rlsa;
2577 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2578 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2579 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2580 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2581 lookup_msg(ospf_lsa_type_msg, lsah->type,
2582 NULL));
2583 return MSG_NG;
2584 }
2585 switch (lsah->type) {
2586 case OSPF_ROUTER_LSA:
2587 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2588 * (12+)-byte link blocks */
2589 if (headeronly) {
2590 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2591 - OSPF_ROUTER_LSA_MIN_SIZE)
2592 % 4
2593 ? MSG_NG
2594 : MSG_OK;
2595 break;
2596 }
2597 rlsa = (struct router_lsa *)lsah;
2598 ret = ospf_router_lsa_links_examin(
2599 (struct router_lsa_link *)rlsa->link,
2600 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2601 header, "flags",
2602 0, "# links" */
2603 ntohs(rlsa->links) /* 16 bits */
2604 );
2605 break;
2606 case OSPF_AS_EXTERNAL_LSA:
2607 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2608 * blocks */
2609 case OSPF_AS_NSSA_LSA:
2610 /* RFC3101 C, idem */
2611 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2612 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2613 % 12
2614 ? MSG_NG
2615 : MSG_OK;
2616 break;
2617 /* Following LSA types are considered OK length-wise as soon as their
2618 * minimum
2619 * length constraint is met and length of the whole LSA is a multiple of
2620 * 4
2621 * (basic LSA header size is already a multiple of 4). */
2622 case OSPF_NETWORK_LSA:
2623 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2624 case OSPF_SUMMARY_LSA:
2625 case OSPF_ASBR_SUMMARY_LSA:
2626 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2627 * blocks */
2628 case OSPF_OPAQUE_LINK_LSA:
2629 case OSPF_OPAQUE_AREA_LSA:
2630 case OSPF_OPAQUE_AS_LSA:
2631 /* RFC5250 A.2, "some number of octets (of application-specific
2632 * data) padded to 32-bit alignment." This is considered
2633 * equivalent
2634 * to 4-byte alignment of all other LSA types, see
2635 * OSPF-ALIGNMENT.txt
2636 * file for the detailed analysis of this passage. */
2637 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2638 break;
2639 default:
2640 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2641 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2642 lsah->type);
2643 return MSG_NG;
2644 }
2645 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2646 zlog_debug("%s: alignment error in %s", __func__,
2647 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2648 return ret;
2649 }
2650
2651 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2652 includes verification of LSA blocks length/alignment and dispatching
2653 of deeper-level checks. */
2654 static unsigned
2655 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2656 size_t length, const u_char headeronly,
2657 /* When declared_num_lsas is not 0, compare it to the real
2658 number of LSAs
2659 and treat the difference as an error. */
2660 const u_int32_t declared_num_lsas)
2661 {
2662 u_int32_t counted_lsas = 0;
2663
2664 while (length) {
2665 u_int16_t lsalen;
2666 if (length < OSPF_LSA_HEADER_SIZE) {
2667 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2668 zlog_debug(
2669 "%s: undersized (%zu B) trailing (#%u) LSA header",
2670 __func__, length, counted_lsas);
2671 return MSG_NG;
2672 }
2673 /* save on ntohs() calls here and in the LSA validator */
2674 lsalen = ntohs(lsah->length);
2675 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2676 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2677 zlog_debug(
2678 "%s: malformed LSA header #%u, declared length is %u B",
2679 __func__, counted_lsas, lsalen);
2680 return MSG_NG;
2681 }
2682 if (headeronly) {
2683 /* less checks here and in ospf_lsa_examin() */
2684 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2685 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2686 zlog_debug(
2687 "%s: malformed header-only LSA #%u",
2688 __func__, counted_lsas);
2689 return MSG_NG;
2690 }
2691 lsah = (struct lsa_header *)((caddr_t)lsah
2692 + OSPF_LSA_HEADER_SIZE);
2693 length -= OSPF_LSA_HEADER_SIZE;
2694 } else {
2695 /* make sure the input buffer is deep enough before
2696 * further checks */
2697 if (lsalen > length) {
2698 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2699 zlog_debug(
2700 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2701 __func__, counted_lsas, lsalen,
2702 length);
2703 return MSG_NG;
2704 }
2705 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2706 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2707 zlog_debug("%s: malformed LSA #%u",
2708 __func__, counted_lsas);
2709 return MSG_NG;
2710 }
2711 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2712 length -= lsalen;
2713 }
2714 counted_lsas++;
2715 }
2716
2717 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2718 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2719 zlog_debug(
2720 "%s: #LSAs declared (%u) does not match actual (%u)",
2721 __func__, declared_num_lsas, counted_lsas);
2722 return MSG_NG;
2723 }
2724 return MSG_OK;
2725 }
2726
2727 /* Verify a complete OSPF packet for proper sizing/alignment. */
2728 static unsigned ospf_packet_examin(struct ospf_header *oh,
2729 const unsigned bytesonwire)
2730 {
2731 u_int16_t bytesdeclared, bytesauth;
2732 unsigned ret;
2733 struct ospf_ls_update *lsupd;
2734
2735 /* Length, 1st approximation. */
2736 if (bytesonwire < OSPF_HEADER_SIZE) {
2737 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2738 zlog_debug("%s: undersized (%u B) packet", __func__,
2739 bytesonwire);
2740 return MSG_NG;
2741 }
2742 /* Now it is safe to access header fields. Performing length check,
2743 * allow
2744 * for possible extra bytes of crypto auth/padding, which are not
2745 * counted
2746 * in the OSPF header "length" field. */
2747 if (oh->version != OSPF_VERSION) {
2748 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2749 zlog_debug("%s: invalid (%u) protocol version",
2750 __func__, oh->version);
2751 return MSG_NG;
2752 }
2753 bytesdeclared = ntohs(oh->length);
2754 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2755 bytesauth = 0;
2756 else {
2757 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2758 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2759 zlog_debug(
2760 "%s: unsupported crypto auth length (%u B)",
2761 __func__, oh->u.crypt.auth_data_len);
2762 return MSG_NG;
2763 }
2764 bytesauth = OSPF_AUTH_MD5_SIZE;
2765 }
2766 if (bytesdeclared + bytesauth > bytesonwire) {
2767 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2768 zlog_debug(
2769 "%s: packet length error (%u real, %u+%u declared)",
2770 __func__, bytesonwire, bytesdeclared,
2771 bytesauth);
2772 return MSG_NG;
2773 }
2774 /* Length, 2nd approximation. The type-specific constraint is checked
2775 against declared length, not amount of bytes on wire. */
2776 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2777 && bytesdeclared
2778 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2779 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2780 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2781 bytesdeclared,
2782 lookup_msg(ospf_packet_type_str, oh->type,
2783 NULL));
2784 return MSG_NG;
2785 }
2786 switch (oh->type) {
2787 case OSPF_MSG_HELLO:
2788 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2789 followed
2790 by N>=0 router-IDs. */
2791 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2792 % 4
2793 ? MSG_NG
2794 : MSG_OK;
2795 break;
2796 case OSPF_MSG_DB_DESC:
2797 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2798 followed
2799 by N>=0 header-only LSAs. */
2800 ret = ospf_lsaseq_examin(
2801 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2802 + OSPF_DB_DESC_MIN_SIZE),
2803 bytesdeclared - OSPF_HEADER_SIZE
2804 - OSPF_DB_DESC_MIN_SIZE,
2805 1, /* header-only LSAs */
2806 0);
2807 break;
2808 case OSPF_MSG_LS_REQ:
2809 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2810 * request blocks. */
2811 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2812 % OSPF_LSA_KEY_SIZE
2813 ? MSG_NG
2814 : MSG_OK;
2815 break;
2816 case OSPF_MSG_LS_UPD:
2817 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2818 followed
2819 by N>=0 full LSAs (with N declared beforehand). */
2820 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2821 + OSPF_HEADER_SIZE);
2822 ret = ospf_lsaseq_examin(
2823 (struct lsa_header *)((caddr_t)lsupd
2824 + OSPF_LS_UPD_MIN_SIZE),
2825 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2826 0, /* full LSAs */
2827 ntohl(lsupd->num_lsas) /* 32 bits */
2828 );
2829 break;
2830 case OSPF_MSG_LS_ACK:
2831 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2832 * LSAs. */
2833 ret = ospf_lsaseq_examin(
2834 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2835 + OSPF_LS_ACK_MIN_SIZE),
2836 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2837 1, /* header-only LSAs */
2838 0);
2839 break;
2840 default:
2841 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2842 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2843 oh->type);
2844 return MSG_NG;
2845 }
2846 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2847 zlog_debug("%s: malformed %s packet", __func__,
2848 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2849 return ret;
2850 }
2851
2852 /* OSPF Header verification. */
2853 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2854 struct ip *iph, struct ospf_header *ospfh)
2855 {
2856 /* Check Area ID. */
2857 if (!ospf_check_area_id(oi, ospfh)) {
2858 zlog_warn("interface %s: ospf_read invalid Area ID %s.",
2859 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2860 return -1;
2861 }
2862
2863 /* Check network mask, Silently discarded. */
2864 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2865 zlog_warn(
2866 "interface %s: ospf_read network address is not same [%s]",
2867 IF_NAME(oi), inet_ntoa(iph->ip_src));
2868 return -1;
2869 }
2870
2871 /* Check authentication. The function handles logging actions, where
2872 * required. */
2873 if (!ospf_check_auth(oi, ospfh))
2874 return -1;
2875
2876 return 0;
2877 }
2878
2879 /* Starting point of packet process function. */
2880 int ospf_read(struct thread *thread)
2881 {
2882 int ret;
2883 struct stream *ibuf;
2884 struct ospf *ospf;
2885 struct ospf_interface *oi;
2886 struct ip *iph;
2887 struct ospf_header *ospfh;
2888 u_int16_t length;
2889 struct interface *ifp = NULL;
2890 struct connected *c;
2891
2892 /* first of all get interface pointer. */
2893 ospf = THREAD_ARG(thread);
2894
2895 /* prepare for next packet. */
2896 ospf->t_read = NULL;
2897 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2898
2899 stream_reset(ospf->ibuf);
2900 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2901 if (ibuf == NULL)
2902 return -1;
2903 /* This raw packet is known to be at least as big as its IP header. */
2904
2905 /* Note that there should not be alignment problems with this assignment
2906 because this is at the beginning of the stream data buffer. */
2907 iph = (struct ip *)STREAM_DATA(ibuf);
2908 /* Note that sockopt_iphdrincl_swab_systoh was called in
2909 * ospf_recv_packet. */
2910
2911 if (ifp == NULL) {
2912 /* Handle cases where the platform does not support retrieving
2913 the ifindex,
2914 and also platforms (such as Solaris 8) that claim to support
2915 ifindex
2916 retrieval but do not. */
2917 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2918 ospf->vrf_id);
2919 if (c)
2920 ifp = c->ifp;
2921 if (ifp == NULL)
2922 return 0;
2923 }
2924
2925 /* IP Header dump. */
2926 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2927 ospf_ip_header_dump(iph);
2928
2929 /* Self-originated packet should be discarded silently. */
2930 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2931 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2932 zlog_debug(
2933 "ospf_read[%s]: Dropping self-originated packet",
2934 inet_ntoa(iph->ip_src));
2935 }
2936 return 0;
2937 }
2938
2939 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2940 by ospf_recv_packet() to be correct). */
2941 stream_forward_getp(ibuf, iph->ip_hl * 4);
2942
2943 ospfh = (struct ospf_header *)stream_pnt(ibuf);
2944 if (MSG_OK
2945 != ospf_packet_examin(
2946 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2947 return -1;
2948 /* Now it is safe to access all fields of OSPF packet header. */
2949
2950 /* associate packet with ospf interface */
2951 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2952
2953 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2954 only
2955 after the passive/backbone/other checks below are passed. These
2956 checks
2957 in turn access the fields of unverified "ospfh" structure for their
2958 own
2959 purposes and must remain very accurate in doing this. */
2960
2961 /* If incoming interface is passive one, ignore it. */
2962 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
2963 char buf[3][INET_ADDRSTRLEN];
2964
2965 if (IS_DEBUG_OSPF_EVENT)
2966 zlog_debug(
2967 "ignoring packet from router %s sent to %s, "
2968 "received on a passive interface, %s",
2969 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
2970 sizeof(buf[0])),
2971 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2972 sizeof(buf[1])),
2973 inet_ntop(AF_INET, &oi->address->u.prefix4,
2974 buf[2], sizeof(buf[2])));
2975
2976 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
2977 /* Try to fix multicast membership.
2978 * Some OS:es may have problems in this area,
2979 * make sure it is removed.
2980 */
2981 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2982 ospf_if_set_multicast(oi);
2983 }
2984 return 0;
2985 }
2986
2987
2988 /* if no local ospf_interface,
2989 * or header area is backbone but ospf_interface is not
2990 * check for VLINK interface
2991 */
2992 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
2993 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
2994 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
2995 == NULL) {
2996 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
2997 zlog_debug(
2998 "Packet from [%s] received on link %s"
2999 " but no ospf_interface",
3000 inet_ntoa(iph->ip_src), ifp->name);
3001 return 0;
3002 }
3003 }
3004
3005 /* else it must be a local ospf interface, check it was received on
3006 * correct link
3007 */
3008 else if (oi->ifp != ifp) {
3009 if (IS_DEBUG_OSPF_EVENT)
3010 zlog_warn("Packet from [%s] received on wrong link %s",
3011 inet_ntoa(iph->ip_src), ifp->name);
3012 return 0;
3013 } else if (oi->state == ISM_Down) {
3014 char buf[2][INET_ADDRSTRLEN];
3015 zlog_warn(
3016 "Ignoring packet from %s to %s received on interface that is "
3017 "down [%s]; interface flags are %s",
3018 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3019 sizeof(buf[0])),
3020 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3021 sizeof(buf[1])),
3022 ifp->name, if_flag_dump(ifp->flags));
3023 /* Fix multicast memberships? */
3024 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3025 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3026 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3027 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3028 if (oi->multicast_memberships)
3029 ospf_if_set_multicast(oi);
3030 return 0;
3031 }
3032
3033 /*
3034 * If the received packet is destined for AllDRouters, the packet
3035 * should be accepted only if the received ospf interface state is
3036 * either DR or Backup -- endo.
3037 */
3038 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3039 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3040 zlog_warn(
3041 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3042 inet_ntoa(iph->ip_src), IF_NAME(oi),
3043 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3044 /* Try to fix multicast membership. */
3045 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3046 ospf_if_set_multicast(oi);
3047 return 0;
3048 }
3049
3050 /* Verify more OSPF header fields. */
3051 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3052 if (ret < 0) {
3053 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3054 zlog_debug(
3055 "ospf_read[%s]: Header check failed, "
3056 "dropping.",
3057 inet_ntoa(iph->ip_src));
3058 return ret;
3059 }
3060
3061 /* Show debug receiving packet. */
3062 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3063 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3064 zlog_debug(
3065 "-----------------------------------------------------");
3066 ospf_packet_dump(ibuf);
3067 }
3068
3069 zlog_debug("%s received from [%s] via [%s]",
3070 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3071 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3072 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3073 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3074
3075 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3076 zlog_debug(
3077 "-----------------------------------------------------");
3078 }
3079
3080 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3081
3082 /* Adjust size to message length. */
3083 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3084
3085 /* Read rest of the packet and call each sort of packet routine. */
3086 switch (ospfh->type) {
3087 case OSPF_MSG_HELLO:
3088 ospf_hello(iph, ospfh, ibuf, oi, length);
3089 break;
3090 case OSPF_MSG_DB_DESC:
3091 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3092 break;
3093 case OSPF_MSG_LS_REQ:
3094 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3095 break;
3096 case OSPF_MSG_LS_UPD:
3097 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3098 break;
3099 case OSPF_MSG_LS_ACK:
3100 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3101 break;
3102 default:
3103 zlog_warn("interface %s: OSPF packet header type %d is illegal",
3104 IF_NAME(oi), ospfh->type);
3105 break;
3106 }
3107
3108 return 0;
3109 }
3110
3111 /* Make OSPF header. */
3112 static void ospf_make_header(int type, struct ospf_interface *oi,
3113 struct stream *s)
3114 {
3115 struct ospf_header *ospfh;
3116
3117 ospfh = (struct ospf_header *)STREAM_DATA(s);
3118
3119 ospfh->version = (u_char)OSPF_VERSION;
3120 ospfh->type = (u_char)type;
3121
3122 ospfh->router_id = oi->ospf->router_id;
3123
3124 ospfh->checksum = 0;
3125 ospfh->area_id = oi->area->area_id;
3126 ospfh->auth_type = htons(ospf_auth_type(oi));
3127
3128 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3129
3130 stream_forward_endp(s, OSPF_HEADER_SIZE);
3131 }
3132
3133 /* Make Authentication Data. */
3134 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3135 {
3136 struct crypt_key *ck;
3137
3138 switch (ospf_auth_type(oi)) {
3139 case OSPF_AUTH_NULL:
3140 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3141 */
3142 break;
3143 case OSPF_AUTH_SIMPLE:
3144 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3145 OSPF_AUTH_SIMPLE_SIZE);
3146 break;
3147 case OSPF_AUTH_CRYPTOGRAPHIC:
3148 /* If key is not set, then set 0. */
3149 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3150 ospfh->u.crypt.zero = 0;
3151 ospfh->u.crypt.key_id = 0;
3152 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3153 } else {
3154 ck = listgetdata(
3155 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3156 ospfh->u.crypt.zero = 0;
3157 ospfh->u.crypt.key_id = ck->key_id;
3158 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3159 }
3160 /* note: the seq is done in ospf_make_md5_digest() */
3161 break;
3162 default:
3163 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3164 */
3165 break;
3166 }
3167
3168 return 0;
3169 }
3170
3171 /* Fill rest of OSPF header. */
3172 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3173 u_int16_t length)
3174 {
3175 struct ospf_header *ospfh;
3176
3177 ospfh = (struct ospf_header *)STREAM_DATA(s);
3178
3179 /* Fill length. */
3180 ospfh->length = htons(length);
3181
3182 /* Calculate checksum. */
3183 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3184 ospfh->checksum = in_cksum(ospfh, length);
3185 else
3186 ospfh->checksum = 0;
3187
3188 /* Add Authentication Data. */
3189 ospf_make_auth(oi, ospfh);
3190 }
3191
3192 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3193 {
3194 struct ospf_neighbor *nbr;
3195 struct route_node *rn;
3196 u_int16_t length = OSPF_HELLO_MIN_SIZE;
3197 struct in_addr mask;
3198 unsigned long p;
3199 int flag = 0;
3200
3201 /* Set netmask of interface. */
3202 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3203 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3204 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3205 masklen2ip(oi->address->prefixlen, &mask);
3206 else
3207 memset((char *)&mask, 0, sizeof(struct in_addr));
3208 stream_put_ipv4(s, mask.s_addr);
3209
3210 /* Set Hello Interval. */
3211 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3212 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3213 else
3214 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3215
3216 if (IS_DEBUG_OSPF_EVENT)
3217 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3218 IF_NAME(oi));
3219
3220 /* Set Options. */
3221 stream_putc(s, OPTIONS(oi));
3222
3223 /* Set Router Priority. */
3224 stream_putc(s, PRIORITY(oi));
3225
3226 /* Set Router Dead Interval. */
3227 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3228
3229 /* Set Designated Router. */
3230 stream_put_ipv4(s, DR(oi).s_addr);
3231
3232 p = stream_get_endp(s);
3233
3234 /* Set Backup Designated Router. */
3235 stream_put_ipv4(s, BDR(oi).s_addr);
3236
3237 /* Add neighbor seen. */
3238 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3239 if ((nbr = rn->info))
3240 if (nbr->router_id.s_addr
3241 != 0) /* Ignore 0.0.0.0 node. */
3242 if (nbr->state
3243 != NSM_Attempt) /* Ignore Down neighbor. */
3244 if (nbr->state
3245 != NSM_Down) /* This is myself for
3246 DR election. */
3247 if (!IPV4_ADDR_SAME(
3248 &nbr->router_id,
3249 &oi->ospf->router_id)) {
3250 /* Check neighbor is
3251 * sane? */
3252 if (nbr->d_router.s_addr
3253 != 0
3254 && IPV4_ADDR_SAME(
3255 &nbr->d_router,
3256 &oi->address
3257 ->u
3258 .prefix4)
3259 && IPV4_ADDR_SAME(
3260 &nbr->bd_router,
3261 &oi->address
3262 ->u
3263 .prefix4))
3264 flag = 1;
3265
3266 stream_put_ipv4(
3267 s,
3268 nbr->router_id
3269 .s_addr);
3270 length += 4;
3271 }
3272
3273 /* Let neighbor generate BackupSeen. */
3274 if (flag == 1)
3275 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3276
3277 return length;
3278 }
3279
3280 static int ospf_make_db_desc(struct ospf_interface *oi,
3281 struct ospf_neighbor *nbr, struct stream *s)
3282 {
3283 struct ospf_lsa *lsa;
3284 u_int16_t length = OSPF_DB_DESC_MIN_SIZE;
3285 u_char options;
3286 unsigned long pp;
3287 int i;
3288 struct ospf_lsdb *lsdb;
3289
3290 /* Set Interface MTU. */
3291 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3292 stream_putw(s, 0);
3293 else
3294 stream_putw(s, oi->ifp->mtu);
3295
3296 /* Set Options. */
3297 options = OPTIONS(oi);
3298 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3299 SET_FLAG(options, OSPF_OPTION_O);
3300 stream_putc(s, options);
3301
3302 /* DD flags */
3303 pp = stream_get_endp(s);
3304 stream_putc(s, nbr->dd_flags);
3305
3306 /* Set DD Sequence Number. */
3307 stream_putl(s, nbr->dd_seqnum);
3308
3309 /* shortcut unneeded walk of (empty) summary LSDBs */
3310 if (ospf_db_summary_isempty(nbr))
3311 goto empty;
3312
3313 /* Describe LSA Header from Database Summary List. */
3314 lsdb = &nbr->db_sum;
3315
3316 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3317 struct route_table *table = lsdb->type[i].db;
3318 struct route_node *rn;
3319
3320 for (rn = route_top(table); rn; rn = route_next(rn))
3321 if ((lsa = rn->info) != NULL) {
3322 if (IS_OPAQUE_LSA(lsa->data->type)
3323 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3324 /* Suppress advertising
3325 * opaque-informations. */
3326 /* Remove LSA from DB summary list. */
3327 ospf_lsdb_delete(lsdb, lsa);
3328 continue;
3329 }
3330
3331 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3332 struct lsa_header *lsah;
3333 u_int16_t ls_age;
3334
3335 /* DD packet overflows interface MTU. */
3336 if (length + OSPF_LSA_HEADER_SIZE
3337 > ospf_packet_max(oi))
3338 break;
3339
3340 /* Keep pointer to LS age. */
3341 lsah = (struct lsa_header
3342 *)(STREAM_DATA(s)
3343 + stream_get_endp(
3344 s));
3345
3346 /* Proceed stream pointer. */
3347 stream_put(s, lsa->data,
3348 OSPF_LSA_HEADER_SIZE);
3349 length += OSPF_LSA_HEADER_SIZE;
3350
3351 /* Set LS age. */
3352 ls_age = LS_AGE(lsa);
3353 lsah->ls_age = htons(ls_age);
3354 }
3355
3356 /* Remove LSA from DB summary list. */
3357 ospf_lsdb_delete(lsdb, lsa);
3358 }
3359 }
3360
3361 /* Update 'More' bit */
3362 if (ospf_db_summary_isempty(nbr)) {
3363 empty:
3364 if (nbr->state >= NSM_Exchange) {
3365 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3366 /* Rewrite DD flags */
3367 stream_putc_at(s, pp, nbr->dd_flags);
3368 } else {
3369 assert(IS_SET_DD_M(nbr->dd_flags));
3370 }
3371 }
3372 return length;
3373 }
3374
3375 static int ospf_make_ls_req_func(struct stream *s, u_int16_t *length,
3376 unsigned long delta, struct ospf_neighbor *nbr,
3377 struct ospf_lsa *lsa)
3378 {
3379 struct ospf_interface *oi;
3380
3381 oi = nbr->oi;
3382
3383 /* LS Request packet overflows interface MTU. */
3384 if (*length + delta > ospf_packet_max(oi))
3385 return 0;
3386
3387 stream_putl(s, lsa->data->type);
3388 stream_put_ipv4(s, lsa->data->id.s_addr);
3389 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3390
3391 ospf_lsa_unlock(&nbr->ls_req_last);
3392 nbr->ls_req_last = ospf_lsa_lock(lsa);
3393
3394 *length += 12;
3395 return 1;
3396 }
3397
3398 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3399 {
3400 struct ospf_lsa *lsa;
3401 u_int16_t length = OSPF_LS_REQ_MIN_SIZE;
3402 unsigned long delta = stream_get_endp(s) + 12;
3403 struct route_table *table;
3404 struct route_node *rn;
3405 int i;
3406 struct ospf_lsdb *lsdb;
3407
3408 lsdb = &nbr->ls_req;
3409
3410 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3411 table = lsdb->type[i].db;
3412 for (rn = route_top(table); rn; rn = route_next(rn))
3413 if ((lsa = (rn->info)) != NULL)
3414 if (ospf_make_ls_req_func(s, &length, delta,
3415 nbr, lsa)
3416 == 0) {
3417 route_unlock_node(rn);
3418 break;
3419 }
3420 }
3421 return length;
3422 }
3423
3424 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3425 {
3426 int age;
3427
3428 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3429
3430 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3431 }
3432
3433 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3434 struct stream *s)
3435 {
3436 struct ospf_lsa *lsa;
3437 struct listnode *node;
3438 u_int16_t length = 0;
3439 unsigned int size_noauth;
3440 unsigned long delta = stream_get_endp(s);
3441 unsigned long pp;
3442 int count = 0;
3443
3444 if (IS_DEBUG_OSPF_EVENT)
3445 zlog_debug("ospf_make_ls_upd: Start");
3446
3447 pp = stream_get_endp(s);
3448 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3449 length += OSPF_LS_UPD_MIN_SIZE;
3450
3451 /* Calculate amount of packet usable for data. */
3452 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3453
3454 while ((node = listhead(update)) != NULL) {
3455 struct lsa_header *lsah;
3456 u_int16_t ls_age;
3457
3458 if (IS_DEBUG_OSPF_EVENT)
3459 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3460 count);
3461
3462 lsa = listgetdata(node);
3463
3464 assert(lsa->data);
3465
3466 /* Will it fit? */
3467 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3468 break;
3469
3470 /* Keep pointer to LS age. */
3471 lsah = (struct lsa_header *)(STREAM_DATA(s)
3472 + stream_get_endp(s));
3473
3474 /* Put LSA to Link State Request. */
3475 stream_put(s, lsa->data, ntohs(lsa->data->length));
3476
3477 /* Set LS age. */
3478 /* each hop must increment an lsa_age by transmit_delay
3479 of OSPF interface */
3480 ls_age = ls_age_increment(lsa,
3481 OSPF_IF_PARAM(oi, transmit_delay));
3482 lsah->ls_age = htons(ls_age);
3483
3484 length += ntohs(lsa->data->length);
3485 count++;
3486
3487 list_delete_node(update, node);
3488 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3489 }
3490
3491 /* Now set #LSAs. */
3492 stream_putl_at(s, pp, count);
3493
3494 if (IS_DEBUG_OSPF_EVENT)
3495 zlog_debug("ospf_make_ls_upd: Stop");
3496 return length;
3497 }
3498
3499 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3500 struct stream *s)
3501 {
3502 struct listnode *node, *nnode;
3503 u_int16_t length = OSPF_LS_ACK_MIN_SIZE;
3504 unsigned long delta = stream_get_endp(s) + 24;
3505 struct ospf_lsa *lsa;
3506
3507 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3508 assert(lsa);
3509
3510 if (length + delta > ospf_packet_max(oi))
3511 break;
3512
3513 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3514 length += OSPF_LSA_HEADER_SIZE;
3515
3516 listnode_delete(ack, lsa);
3517 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3518 }
3519
3520 return length;
3521 }
3522
3523 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3524 {
3525 struct ospf_packet *op;
3526 u_int16_t length = OSPF_HEADER_SIZE;
3527
3528 op = ospf_packet_new(oi->ifp->mtu);
3529
3530 /* Prepare OSPF common header. */
3531 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3532
3533 /* Prepare OSPF Hello body. */
3534 length += ospf_make_hello(oi, op->s);
3535
3536 /* Fill OSPF header. */
3537 ospf_fill_header(oi, op->s, length);
3538
3539 /* Set packet length. */
3540 op->length = length;
3541
3542 op->dst.s_addr = addr;
3543
3544 if (IS_DEBUG_OSPF_EVENT) {
3545 if (oi->ospf->vrf_id)
3546 zlog_debug("%s: Hello Tx interface %s ospf vrf %s id %u",
3547 __PRETTY_FUNCTION__, oi->ifp->name,
3548 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3549 oi->ospf->vrf_id);
3550 }
3551 /* Add packet to the top of the interface output queue, so that they
3552 * can't get delayed by things like long queues of LS Update packets
3553 */
3554 ospf_packet_add_top(oi, op);
3555
3556 /* Hook thread to write packet. */
3557 OSPF_ISM_WRITE_ON(oi->ospf);
3558 }
3559
3560 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3561 {
3562 struct ospf_interface *oi;
3563
3564 oi = nbr_nbma->oi;
3565 assert(oi);
3566
3567 /* If this is passive interface, do not send OSPF Hello. */
3568 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3569 return;
3570
3571 if (oi->type != OSPF_IFTYPE_NBMA)
3572 return;
3573
3574 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3575 return;
3576
3577 if (PRIORITY(oi) == 0)
3578 return;
3579
3580 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3581 && oi->state != ISM_Backup)
3582 return;
3583
3584 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3585 }
3586
3587 int ospf_poll_timer(struct thread *thread)
3588 {
3589 struct ospf_nbr_nbma *nbr_nbma;
3590
3591 nbr_nbma = THREAD_ARG(thread);
3592 nbr_nbma->t_poll = NULL;
3593
3594 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3595 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3596 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3597
3598 ospf_poll_send(nbr_nbma);
3599
3600 if (nbr_nbma->v_poll > 0)
3601 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3602 nbr_nbma->v_poll);
3603
3604 return 0;
3605 }
3606
3607
3608 int ospf_hello_reply_timer(struct thread *thread)
3609 {
3610 struct ospf_neighbor *nbr;
3611
3612 nbr = THREAD_ARG(thread);
3613 nbr->t_hello_reply = NULL;
3614
3615 assert(nbr->oi);
3616
3617 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3618 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3619 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3620
3621 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3622
3623 return 0;
3624 }
3625
3626 /* Send OSPF Hello. */
3627 void ospf_hello_send(struct ospf_interface *oi)
3628 {
3629 /* If this is passive interface, do not send OSPF Hello. */
3630 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3631 return;
3632
3633 if (oi->type == OSPF_IFTYPE_NBMA) {
3634 struct ospf_neighbor *nbr;
3635 struct route_node *rn;
3636
3637 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3638 if ((nbr = rn->info))
3639 if (nbr != oi->nbr_self)
3640 if (nbr->state != NSM_Down) {
3641 /* RFC 2328 Section 9.5.1
3642 If the router is not
3643 eligible to become Designated
3644 Router,
3645 it must periodically send
3646 Hello Packets to both the
3647 Designated Router and the
3648 Backup Designated Router (if
3649 they
3650 exist). */
3651 if (PRIORITY(oi) == 0
3652 && IPV4_ADDR_CMP(
3653 &DR(oi),
3654 &nbr->address.u
3655 .prefix4)
3656 && IPV4_ADDR_CMP(
3657 &BDR(oi),
3658 &nbr->address.u
3659 .prefix4))
3660 continue;
3661
3662 /* If the router is eligible to
3663 become Designated Router, it
3664 must periodically send Hello
3665 Packets to all neighbors that
3666 are also eligible. In
3667 addition, if the router is
3668 itself the
3669 Designated Router or Backup
3670 Designated Router, it must
3671 also
3672 send periodic Hello Packets
3673 to all other neighbors. */
3674
3675 if (nbr->priority == 0
3676 && oi->state == ISM_DROther)
3677 continue;
3678 /* if oi->state == Waiting, send
3679 * hello to all neighbors */
3680 ospf_hello_send_sub(
3681 oi,
3682 nbr->address.u.prefix4
3683 .s_addr);
3684 }
3685 } else {
3686 /* Decide destination address. */
3687 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3688 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3689 else
3690 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3691 }
3692 }
3693
3694 /* Send OSPF Database Description. */
3695 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3696 {
3697 struct ospf_interface *oi;
3698 struct ospf_packet *op;
3699 u_int16_t length = OSPF_HEADER_SIZE;
3700
3701 oi = nbr->oi;
3702 op = ospf_packet_new(oi->ifp->mtu);
3703
3704 /* Prepare OSPF common header. */
3705 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3706
3707 /* Prepare OSPF Database Description body. */
3708 length += ospf_make_db_desc(oi, nbr, op->s);
3709
3710 /* Fill OSPF header. */
3711 ospf_fill_header(oi, op->s, length);
3712
3713 /* Set packet length. */
3714 op->length = length;
3715
3716 /* Decide destination address. */
3717 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3718 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3719 else
3720 op->dst = nbr->address.u.prefix4;
3721
3722 /* Add packet to the interface output queue. */
3723 ospf_packet_add(oi, op);
3724
3725 /* Hook thread to write packet. */
3726 OSPF_ISM_WRITE_ON(oi->ospf);
3727
3728 /* Remove old DD packet, then copy new one and keep in neighbor
3729 * structure. */
3730 if (nbr->last_send)
3731 ospf_packet_free(nbr->last_send);
3732 nbr->last_send = ospf_packet_dup(op);
3733 monotime(&nbr->last_send_ts);
3734 }
3735
3736 /* Re-send Database Description. */
3737 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3738 {
3739 struct ospf_interface *oi;
3740
3741 oi = nbr->oi;
3742
3743 /* Add packet to the interface output queue. */
3744 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3745
3746 /* Hook thread to write packet. */
3747 OSPF_ISM_WRITE_ON(oi->ospf);
3748 }
3749
3750 /* Send Link State Request. */
3751 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3752 {
3753 struct ospf_interface *oi;
3754 struct ospf_packet *op;
3755 u_int16_t length = OSPF_HEADER_SIZE;
3756
3757 oi = nbr->oi;
3758 op = ospf_packet_new(oi->ifp->mtu);
3759
3760 /* Prepare OSPF common header. */
3761 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3762
3763 /* Prepare OSPF Link State Request body. */
3764 length += ospf_make_ls_req(nbr, op->s);
3765 if (length == OSPF_HEADER_SIZE) {
3766 ospf_packet_free(op);
3767 return;
3768 }
3769
3770 /* Fill OSPF header. */
3771 ospf_fill_header(oi, op->s, length);
3772
3773 /* Set packet length. */
3774 op->length = length;
3775
3776 /* Decide destination address. */
3777 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3778 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3779 else
3780 op->dst = nbr->address.u.prefix4;
3781
3782 /* Add packet to the interface output queue. */
3783 ospf_packet_add(oi, op);
3784
3785 /* Hook thread to write packet. */
3786 OSPF_ISM_WRITE_ON(oi->ospf);
3787
3788 /* Add Link State Request Retransmission Timer. */
3789 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3790 }
3791
3792 /* Send Link State Update with an LSA. */
3793 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3794 int flag)
3795 {
3796 struct list *update;
3797
3798 update = list_new();
3799
3800 listnode_add(update, lsa);
3801
3802 /*ospf instance is going down, send self originated
3803 * MAXAGE LSA update to neighbors to remove from LSDB */
3804 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3805 ospf_ls_upd_send(nbr, update, flag, 1);
3806 else
3807 ospf_ls_upd_send(nbr, update, flag, 0);
3808
3809 list_delete_and_null(&update);
3810 }
3811
3812 /* Determine size for packet. Must be at least big enough to accomodate next
3813 * LSA on list, which may be bigger than MTU size.
3814 *
3815 * Return pointer to new ospf_packet
3816 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3817 * on packet sizes (in which case offending LSA is deleted from update list)
3818 */
3819 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3820 struct ospf_interface *oi)
3821 {
3822 struct ospf_lsa *lsa;
3823 struct listnode *ln;
3824 size_t size;
3825 static char warned = 0;
3826
3827 lsa = listgetdata((ln = listhead(update)));
3828 assert(lsa->data);
3829
3830 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3831 > ospf_packet_max(oi)) {
3832 if (!warned) {
3833 zlog_warn(
3834 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3835 "will need to fragment. Not optimal. Try divide up"
3836 " your network with areas. Use 'debug ospf packet send'"
3837 " to see details, or look at 'show ip ospf database ..'");
3838 warned = 1;
3839 }
3840
3841 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3842 zlog_debug(
3843 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3844 " %d bytes originated by %s, will be fragmented!",
3845 inet_ntoa(lsa->data->id),
3846 ntohs(lsa->data->length),
3847 inet_ntoa(lsa->data->adv_router));
3848
3849 /*
3850 * Allocate just enough to fit this LSA only, to avoid including
3851 * other
3852 * LSAs in fragmented LSA Updates.
3853 */
3854 size = ntohs(lsa->data->length)
3855 + (oi->ifp->mtu - ospf_packet_max(oi))
3856 + OSPF_LS_UPD_MIN_SIZE;
3857 } else
3858 size = oi->ifp->mtu;
3859
3860 if (size > OSPF_MAX_PACKET_SIZE) {
3861 zlog_warn(
3862 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3863 " %d bytes, packet size %ld, dropping it completely."
3864 " OSPF routing is broken!",
3865 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3866 (long int)size);
3867 list_delete_node(update, ln);
3868 return NULL;
3869 }
3870
3871 /* IP header is built up separately by ospf_write(). This means, that we
3872 * must
3873 * reduce the "affordable" size just calculated by length of an IP
3874 * header.
3875 * This makes sure, that even if we manage to fill the payload with LSA
3876 * data
3877 * completely, the final packet (our data plus IP header) still fits
3878 * into
3879 * outgoing interface MTU. This correction isn't really meaningful for
3880 * an
3881 * oversized LSA, but for consistency the correction is done for both
3882 * cases.
3883 *
3884 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3885 */
3886 return ospf_packet_new(size - sizeof(struct ip));
3887 }
3888
3889 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3890 struct list *update, struct in_addr addr,
3891 int send_lsupd_now)
3892 {
3893 struct ospf_packet *op;
3894 u_int16_t length = OSPF_HEADER_SIZE;
3895
3896 if (IS_DEBUG_OSPF_EVENT)
3897 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3898 IF_NAME(oi), inet_ntoa(addr));
3899
3900 /* Check that we have really something to process */
3901 if (listcount(update) == 0)
3902 return;
3903
3904 op = ospf_ls_upd_packet_new(update, oi);
3905
3906 /* Prepare OSPF common header. */
3907 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3908
3909 /* Prepare OSPF Link State Update body.
3910 * Includes Type-7 translation.
3911 */
3912 length += ospf_make_ls_upd(oi, update, op->s);
3913
3914 /* Fill OSPF header. */
3915 ospf_fill_header(oi, op->s, length);
3916
3917 /* Set packet length. */
3918 op->length = length;
3919
3920 /* Decide destination address. */
3921 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3922 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3923 else
3924 op->dst.s_addr = addr.s_addr;
3925
3926 /* Add packet to the interface output queue. */
3927 ospf_packet_add(oi, op);
3928 /* Call ospf_write() right away to send ospf packets to neighbors */
3929 if (send_lsupd_now) {
3930 struct thread os_packet_thd;
3931
3932 os_packet_thd.arg = (void *)oi->ospf;
3933 if (oi->on_write_q == 0) {
3934 listnode_add(oi->ospf->oi_write_q, oi);
3935 oi->on_write_q = 1;
3936 }
3937 ospf_write(&os_packet_thd);
3938 } else {
3939 /* Hook thread to write packet. */
3940 OSPF_ISM_WRITE_ON(oi->ospf);
3941 }
3942 }
3943
3944 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3945 {
3946 struct ospf_interface *oi = THREAD_ARG(thread);
3947 struct route_node *rn;
3948 struct route_node *rnext;
3949 struct list *update;
3950 char again = 0;
3951
3952 oi->t_ls_upd_event = NULL;
3953
3954 if (IS_DEBUG_OSPF_EVENT)
3955 zlog_debug("ospf_ls_upd_send_queue start");
3956
3957 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
3958 rnext = route_next(rn);
3959
3960 if (rn->info == NULL)
3961 continue;
3962
3963 update = (struct list *)rn->info;
3964
3965 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
3966
3967 /* list might not be empty. */
3968 if (listcount(update) == 0) {
3969 list_delete_and_null((struct list **)&rn->info);
3970 route_unlock_node(rn);
3971 } else
3972 again = 1;
3973 }
3974
3975 if (again != 0) {
3976 if (IS_DEBUG_OSPF_EVENT)
3977 zlog_debug(
3978 "ospf_ls_upd_send_queue: update lists not cleared,"
3979 " %d nodes to try again, raising new event",
3980 again);
3981 oi->t_ls_upd_event = NULL;
3982 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
3983 &oi->t_ls_upd_event);
3984 }
3985
3986 if (IS_DEBUG_OSPF_EVENT)
3987 zlog_debug("ospf_ls_upd_send_queue stop");
3988
3989 return 0;
3990 }
3991
3992 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
3993 int send_lsupd_now)
3994 {
3995 struct ospf_interface *oi;
3996 struct ospf_lsa *lsa;
3997 struct prefix_ipv4 p;
3998 struct route_node *rn;
3999 struct listnode *node;
4000
4001 oi = nbr->oi;
4002
4003 p.family = AF_INET;
4004 p.prefixlen = IPV4_MAX_BITLEN;
4005
4006 /* Decide destination address. */
4007 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4008 p.prefix = oi->vl_data->peer_addr;
4009 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4010 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4011 else if (flag == OSPF_SEND_PACKET_DIRECT)
4012 p.prefix = nbr->address.u.prefix4;
4013 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4014 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4015 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4016 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4017 else
4018 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4019
4020 if (oi->type == OSPF_IFTYPE_NBMA) {
4021 if (flag == OSPF_SEND_PACKET_INDIRECT)
4022 zlog_warn(
4023 "* LS-Update is directly sent on NBMA network.");
4024 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4025 zlog_warn("* LS-Update is sent to myself.");
4026 }
4027
4028 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4029
4030 if (rn->info == NULL)
4031 rn->info = list_new();
4032 else
4033 route_unlock_node(rn);
4034
4035 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4036 listnode_add(rn->info,
4037 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4038 if (send_lsupd_now) {
4039 struct list *send_update_list;
4040 struct route_node *rn, *rnext;
4041
4042 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4043 rnext = route_next(rn);
4044
4045 if (rn->info == NULL)
4046 continue;
4047
4048 send_update_list = (struct list *)rn->info;
4049
4050 ospf_ls_upd_queue_send(oi, send_update_list,
4051 rn->p.u.prefix4, 1);
4052
4053 }
4054 } else
4055 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4056 &oi->t_ls_upd_event);
4057 }
4058
4059 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4060 struct in_addr dst)
4061 {
4062 struct ospf_packet *op;
4063 u_int16_t length = OSPF_HEADER_SIZE;
4064
4065 op = ospf_packet_new(oi->ifp->mtu);
4066
4067 /* Prepare OSPF common header. */
4068 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4069
4070 /* Prepare OSPF Link State Acknowledgment body. */
4071 length += ospf_make_ls_ack(oi, ack, op->s);
4072
4073 /* Fill OSPF header. */
4074 ospf_fill_header(oi, op->s, length);
4075
4076 /* Set packet length. */
4077 op->length = length;
4078
4079 /* Decide destination address. */
4080 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4081 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4082 else
4083 op->dst.s_addr = dst.s_addr;
4084
4085 /* Add packet to the interface output queue. */
4086 ospf_packet_add(oi, op);
4087
4088 /* Hook thread to write packet. */
4089 OSPF_ISM_WRITE_ON(oi->ospf);
4090 }
4091
4092 static int ospf_ls_ack_send_event(struct thread *thread)
4093 {
4094 struct ospf_interface *oi = THREAD_ARG(thread);
4095
4096 oi->t_ls_ack_direct = NULL;
4097
4098 while (listcount(oi->ls_ack_direct.ls_ack))
4099 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4100 oi->ls_ack_direct.dst);
4101
4102 return 0;
4103 }
4104
4105 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4106 {
4107 struct ospf_interface *oi = nbr->oi;
4108
4109 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4110 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4111
4112 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4113
4114 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4115 &oi->t_ls_ack_direct);
4116 }
4117
4118 /* Send Link State Acknowledgment delayed. */
4119 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4120 {
4121 struct in_addr dst;
4122
4123 /* Decide destination address. */
4124 /* RFC2328 Section 13.5 On non-broadcast
4125 networks, delayed Link State Acknowledgment packets must be
4126 unicast separately over each adjacency (i.e., neighbor whose
4127 state is >= Exchange). */
4128 if (oi->type == OSPF_IFTYPE_NBMA) {
4129 struct ospf_neighbor *nbr;
4130 struct route_node *rn;
4131
4132 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4133 if ((nbr = rn->info) != NULL)
4134 if (nbr != oi->nbr_self
4135 && nbr->state >= NSM_Exchange)
4136 while (listcount(oi->ls_ack))
4137 ospf_ls_ack_send_list(
4138 oi, oi->ls_ack,
4139 nbr->address.u.prefix4);
4140 return;
4141 }
4142 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4143 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4144 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4145 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4146 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4147 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4148 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4149 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4150 else
4151 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4152
4153 while (listcount(oi->ls_ack))
4154 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4155 }
4156
4157 /*
4158 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4159 * address. As a result, the kernel does not need to learn the interface
4160 * MAC of the OSPF neighbor. However, in our world, this will delay
4161 * convergence. Take the case when due to a link flap, all routes now
4162 * want to use an interface which was deemed to be costlier prior to this
4163 * event. For routes that will be installed, the missing MAC will have
4164 * punt-to-CPU set on them. This may overload the CPU control path that
4165 * can be avoided if the MAC was known apriori.
4166 */
4167 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4168 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4169 {
4170 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4171 int ret;
4172
4173 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4174 return;
4175
4176 snprintf(ping_nbr, sizeof(ping_nbr),
4177 "ping -c 1 -I %s %s > /dev/null 2>&1 &",
4178 nbr->oi->ifp->name, inet_ntoa(nbr->address.u.prefix4));
4179
4180 ret = system(ping_nbr);
4181 if (IS_DEBUG_OSPF_EVENT)
4182 zlog_debug("Executed %s %s", ping_nbr,
4183 ((ret == 0) ? "successfully" : "but failed"));
4184 }
FRRouting mirror