]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1329 from opensourcerouting/debian9-pkg
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with GNU Zebra; see the file COPYING. If not, write to the Free
19 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
20 * 02111-1307, USA.
21 */
22
23 #include <zebra.h>
24
25 #include "monotime.h"
26 #include "thread.h"
27 #include "memory.h"
28 #include "linklist.h"
29 #include "prefix.h"
30 #include "if.h"
31 #include "table.h"
32 #include "sockunion.h"
33 #include "stream.h"
34 #include "log.h"
35 #include "sockopt.h"
36 #include "checksum.h"
37 #include "md5.h"
38 #include "vrf.h"
39
40 #include "ospfd/ospfd.h"
41 #include "ospfd/ospf_network.h"
42 #include "ospfd/ospf_interface.h"
43 #include "ospfd/ospf_ism.h"
44 #include "ospfd/ospf_asbr.h"
45 #include "ospfd/ospf_lsa.h"
46 #include "ospfd/ospf_lsdb.h"
47 #include "ospfd/ospf_neighbor.h"
48 #include "ospfd/ospf_nsm.h"
49 #include "ospfd/ospf_packet.h"
50 #include "ospfd/ospf_spf.h"
51 #include "ospfd/ospf_flood.h"
52 #include "ospfd/ospf_dump.h"
53
54 /*
55 * OSPF Fragmentation / fragmented writes
56 *
57 * ospfd can support writing fragmented packets, for cases where
58 * kernel will not fragment IP_HDRINCL and/or multicast destined
59 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
60 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
61 * flags fields, hence user-space fragmentation will not work.
62 * Only Linux is known to leave IP header unmolested.
63 * Further, fragmentation really should be done the kernel, which already
64 * supports it, and which avoids nasty IP ID state problems.
65 *
66 * Fragmentation of OSPF packets can be required on networks with router
67 * with many many interfaces active in one area, or on networks with links
68 * with low MTUs.
69 */
70 #ifdef GNU_LINUX
71 #define WANT_OSPF_WRITE_FRAGMENT
72 #endif
73
74 /* Packet Type String. */
75 const struct message ospf_packet_type_str[] = {
76 {OSPF_MSG_HELLO, "Hello"},
77 {OSPF_MSG_DB_DESC, "Database Description"},
78 {OSPF_MSG_LS_REQ, "Link State Request"},
79 {OSPF_MSG_LS_UPD, "Link State Update"},
80 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
81 {0}};
82
83 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
84 particular types, offset is the "type" field of a packet. */
85 static const u_int16_t ospf_packet_minlen[] = {
86 0,
87 OSPF_HELLO_MIN_SIZE,
88 OSPF_DB_DESC_MIN_SIZE,
89 OSPF_LS_REQ_MIN_SIZE,
90 OSPF_LS_UPD_MIN_SIZE,
91 OSPF_LS_ACK_MIN_SIZE,
92 };
93
94 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
95 types, offset is the "LSA type" field. */
96 static const u_int16_t ospf_lsa_minlen[] = {
97 0,
98 OSPF_ROUTER_LSA_MIN_SIZE,
99 OSPF_NETWORK_LSA_MIN_SIZE,
100 OSPF_SUMMARY_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
103 0,
104 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
105 0,
106 0,
107 0,
108 0,
109 };
110
111 /* for ospf_check_auth() */
112 static int ospf_check_sum(struct ospf_header *);
113
114 /* OSPF authentication checking function */
115 static int ospf_auth_type(struct ospf_interface *oi)
116 {
117 int auth_type;
118
119 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
120 auth_type = oi->area->auth_type;
121 else
122 auth_type = OSPF_IF_PARAM(oi, auth_type);
123
124 /* Handle case where MD5 key list is not configured aka Cisco */
125 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
126 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
127 return OSPF_AUTH_NULL;
128
129 return auth_type;
130 }
131
132 struct ospf_packet *ospf_packet_new(size_t size)
133 {
134 struct ospf_packet *new;
135
136 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
137 new->s = stream_new(size);
138
139 return new;
140 }
141
142 void ospf_packet_free(struct ospf_packet *op)
143 {
144 if (op->s)
145 stream_free(op->s);
146
147 XFREE(MTYPE_OSPF_PACKET, op);
148
149 op = NULL;
150 }
151
152 struct ospf_fifo *ospf_fifo_new()
153 {
154 struct ospf_fifo *new;
155
156 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
157 return new;
158 }
159
160 /* Add new packet to fifo. */
161 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
162 {
163 if (fifo->tail)
164 fifo->tail->next = op;
165 else
166 fifo->head = op;
167
168 fifo->tail = op;
169
170 fifo->count++;
171 }
172
173 /* Add new packet to head of fifo. */
174 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
175 {
176 op->next = fifo->head;
177
178 if (fifo->tail == NULL)
179 fifo->tail = op;
180
181 fifo->head = op;
182
183 fifo->count++;
184 }
185
186 /* Delete first packet from fifo. */
187 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
188 {
189 struct ospf_packet *op;
190
191 op = fifo->head;
192
193 if (op) {
194 fifo->head = op->next;
195
196 if (fifo->head == NULL)
197 fifo->tail = NULL;
198
199 fifo->count--;
200 }
201
202 return op;
203 }
204
205 /* Return first fifo entry. */
206 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
207 {
208 return fifo->head;
209 }
210
211 /* Flush ospf packet fifo. */
212 void ospf_fifo_flush(struct ospf_fifo *fifo)
213 {
214 struct ospf_packet *op;
215 struct ospf_packet *next;
216
217 for (op = fifo->head; op; op = next) {
218 next = op->next;
219 ospf_packet_free(op);
220 }
221 fifo->head = fifo->tail = NULL;
222 fifo->count = 0;
223 }
224
225 /* Free ospf packet fifo. */
226 void ospf_fifo_free(struct ospf_fifo *fifo)
227 {
228 ospf_fifo_flush(fifo);
229
230 XFREE(MTYPE_OSPF_FIFO, fifo);
231 }
232
233 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
234 {
235 if (!oi->obuf) {
236 zlog_err(
237 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
238 "destination %s) called with NULL obuf, ignoring "
239 "(please report this bug)!\n",
240 IF_NAME(oi), oi->state,
241 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
242 lookup_msg(ospf_packet_type_str,
243 stream_getc_from(op->s, 1), NULL),
244 inet_ntoa(op->dst));
245 return;
246 }
247
248 /* Add packet to end of queue. */
249 ospf_fifo_push(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_add_top(struct ospf_interface *oi,
256 struct ospf_packet *op)
257 {
258 if (!oi->obuf) {
259 zlog_err(
260 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
261 "destination %s) called with NULL obuf, ignoring "
262 "(please report this bug)!\n",
263 IF_NAME(oi), oi->state,
264 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
265 lookup_msg(ospf_packet_type_str,
266 stream_getc_from(op->s, 1), NULL),
267 inet_ntoa(op->dst));
268 return;
269 }
270
271 /* Add packet to head of queue. */
272 ospf_fifo_push_head(oi->obuf, op);
273
274 /* Debug of packet fifo*/
275 /* ospf_fifo_debug (oi->obuf); */
276 }
277
278 void ospf_packet_delete(struct ospf_interface *oi)
279 {
280 struct ospf_packet *op;
281
282 op = ospf_fifo_pop(oi->obuf);
283
284 if (op)
285 ospf_packet_free(op);
286 }
287
288 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
289 {
290 struct ospf_packet *new;
291
292 if (stream_get_endp(op->s) != op->length)
293 /* XXX size_t */
294 zlog_warn(
295 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
296 (u_long)STREAM_SIZE(op->s), op->length);
297
298 /* Reserve space for MD5 authentication that may be added later. */
299 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
300 stream_copy(new->s, op->s);
301
302 new->dst = op->dst;
303 new->length = op->length;
304
305 return new;
306 }
307
308 /* XXX inline */
309 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
310 {
311 int auth = 0;
312
313 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
314 auth = OSPF_AUTH_MD5_SIZE;
315
316 return auth;
317 }
318
319 static unsigned int ospf_packet_max(struct ospf_interface *oi)
320 {
321 int max;
322
323 max = oi->ifp->mtu - ospf_packet_authspace(oi);
324
325 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
326
327 return max;
328 }
329
330
331 static int ospf_check_md5_digest(struct ospf_interface *oi,
332 struct ospf_header *ospfh)
333 {
334 MD5_CTX ctx;
335 unsigned char digest[OSPF_AUTH_MD5_SIZE];
336 struct crypt_key *ck;
337 struct ospf_neighbor *nbr;
338 u_int16_t length = ntohs(ospfh->length);
339
340 /* Get secret key. */
341 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
342 ospfh->u.crypt.key_id);
343 if (ck == NULL) {
344 zlog_warn("interface %s: ospf_check_md5 no key %d", IF_NAME(oi),
345 ospfh->u.crypt.key_id);
346 return 0;
347 }
348
349 /* check crypto seqnum. */
350 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
351
352 if (nbr
353 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
354 zlog_warn(
355 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
356 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
357 ntohl(nbr->crypt_seqnum));
358 return 0;
359 }
360
361 /* Generate a digest for the ospf packet - their digest + our digest. */
362 memset(&ctx, 0, sizeof(ctx));
363 MD5Init(&ctx);
364 MD5Update(&ctx, ospfh, length);
365 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
366 MD5Final(digest, &ctx);
367
368 /* compare the two */
369 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
370 zlog_warn("interface %s: ospf_check_md5 checksum mismatch",
371 IF_NAME(oi));
372 return 0;
373 }
374
375 /* save neighbor's crypt_seqnum */
376 if (nbr)
377 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
378 return 1;
379 }
380
381 /* This function is called from ospf_write(), it will detect the
382 authentication scheme and if it is MD5, it will change the sequence
383 and update the MD5 digest. */
384 static int ospf_make_md5_digest(struct ospf_interface *oi,
385 struct ospf_packet *op)
386 {
387 struct ospf_header *ospfh;
388 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
389 MD5_CTX ctx;
390 void *ibuf;
391 u_int32_t t;
392 struct crypt_key *ck;
393 const u_int8_t *auth_key;
394
395 ibuf = STREAM_DATA(op->s);
396 ospfh = (struct ospf_header *)ibuf;
397
398 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
399 return 0;
400
401 /* We do this here so when we dup a packet, we don't have to
402 waste CPU rewriting other headers.
403
404 Note that quagga_time /deliberately/ is not used here */
405 t = (time(NULL) & 0xFFFFFFFF);
406 if (t > oi->crypt_seqnum)
407 oi->crypt_seqnum = t;
408 else
409 oi->crypt_seqnum++;
410
411 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
412
413 /* Get MD5 Authentication key from auth_key list. */
414 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
415 auth_key = (const u_int8_t *)digest;
416 else {
417 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
418 auth_key = ck->auth_key;
419 }
420
421 /* Generate a digest for the entire packet + our secret key. */
422 memset(&ctx, 0, sizeof(ctx));
423 MD5Init(&ctx);
424 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
425 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
426 MD5Final(digest, &ctx);
427
428 /* Append md5 digest to the end of the stream. */
429 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
430
431 /* We do *NOT* increment the OSPF header length. */
432 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
433
434 if (stream_get_endp(op->s) != op->length)
435 /* XXX size_t */
436 zlog_warn(
437 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
438 (u_long)stream_get_endp(op->s), op->length);
439
440 return OSPF_AUTH_MD5_SIZE;
441 }
442
443
444 static int ospf_ls_req_timer(struct thread *thread)
445 {
446 struct ospf_neighbor *nbr;
447
448 nbr = THREAD_ARG(thread);
449 nbr->t_ls_req = NULL;
450
451 /* Send Link State Request. */
452 if (ospf_ls_request_count(nbr))
453 ospf_ls_req_send(nbr);
454
455 /* Set Link State Request retransmission timer. */
456 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
457
458 return 0;
459 }
460
461 void ospf_ls_req_event(struct ospf_neighbor *nbr)
462 {
463 if (nbr->t_ls_req) {
464 thread_cancel(nbr->t_ls_req);
465 nbr->t_ls_req = NULL;
466 }
467 nbr->t_ls_req = thread_add_event(master, ospf_ls_req_timer, nbr, 0);
468 }
469
470 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
471 ospf_neighbor.c */
472 int ospf_ls_upd_timer(struct thread *thread)
473 {
474 struct ospf_neighbor *nbr;
475
476 nbr = THREAD_ARG(thread);
477 nbr->t_ls_upd = NULL;
478
479 /* Send Link State Update. */
480 if (ospf_ls_retransmit_count(nbr) > 0) {
481 struct list *update;
482 struct ospf_lsdb *lsdb;
483 int i;
484 int retransmit_interval;
485
486 retransmit_interval =
487 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
488
489 lsdb = &nbr->ls_rxmt;
490 update = list_new();
491
492 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
493 struct route_table *table = lsdb->type[i].db;
494 struct route_node *rn;
495
496 for (rn = route_top(table); rn; rn = route_next(rn)) {
497 struct ospf_lsa *lsa;
498
499 if ((lsa = rn->info) != NULL) {
500 /* Don't retransmit an LSA if we
501 received it within
502 the last RxmtInterval seconds - this
503 is to allow the
504 neighbour a chance to acknowledge the
505 LSA as it may
506 have ben just received before the
507 retransmit timer
508 fired. This is a small tweak to what
509 is in the RFC,
510 but it will cut out out a lot of
511 retransmit traffic
512 - MAG */
513 if (monotime_since(&lsa->tv_recv, NULL)
514 >= retransmit_interval * 1000000LL)
515 listnode_add(update, rn->info);
516 }
517 }
518 }
519
520 if (listcount(update) > 0)
521 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT);
522 list_delete(update);
523 }
524
525 /* Set LS Update retransmission timer. */
526 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
527
528 return 0;
529 }
530
531 int ospf_ls_ack_timer(struct thread *thread)
532 {
533 struct ospf_interface *oi;
534
535 oi = THREAD_ARG(thread);
536 oi->t_ls_ack = NULL;
537
538 /* Send Link State Acknowledgment. */
539 if (listcount(oi->ls_ack) > 0)
540 ospf_ls_ack_send_delayed(oi);
541
542 /* Set LS Ack timer. */
543 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
544
545 return 0;
546 }
547
548 #ifdef WANT_OSPF_WRITE_FRAGMENT
549 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
550 struct msghdr *msg, unsigned int maxdatasize,
551 unsigned int mtu, int flags, u_char type)
552 {
553 #define OSPF_WRITE_FRAG_SHIFT 3
554 u_int16_t offset;
555 struct iovec *iovp;
556 int ret;
557
558 assert(op->length == stream_get_endp(op->s));
559 assert(msg->msg_iovlen == 2);
560
561 /* we can but try.
562 *
563 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
564 * well as the IP_MF flag, making this all quite pointless.
565 *
566 * However, for a system on which IP_MF is left alone, and ip_id left
567 * alone or else which sets same ip_id for each fragment this might
568 * work, eg linux.
569 *
570 * XXX-TODO: It would be much nicer to have the kernel's use their
571 * existing fragmentation support to do this for us. Bugs/RFEs need to
572 * be raised against the various kernels.
573 */
574
575 /* set More Frag */
576 iph->ip_off |= IP_MF;
577
578 /* ip frag offset is expressed in units of 8byte words */
579 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
580
581 iovp = &msg->msg_iov[1];
582
583 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
584 > maxdatasize) {
585 /* data length of this frag is to next offset value */
586 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
587 iph->ip_len = iovp->iov_len + sizeof(struct ip);
588 assert(iph->ip_len <= mtu);
589
590 sockopt_iphdrincl_swab_htosys(iph);
591
592 ret = sendmsg(fd, msg, flags);
593
594 sockopt_iphdrincl_swab_systoh(iph);
595
596 if (ret < 0)
597 zlog_warn(
598 "*** ospf_write_frags: sendmsg failed to %s,"
599 " id %d, off %d, len %d, mtu %u failed with %s",
600 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
601 iph->ip_len, mtu, safe_strerror(errno));
602
603 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
604 zlog_debug(
605 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
606 iph->ip_id, iph->ip_off, iph->ip_len,
607 inet_ntoa(iph->ip_dst));
608 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
609 zlog_debug(
610 "-----------------IP Header Dump----------------------");
611 ospf_ip_header_dump(iph);
612 zlog_debug(
613 "-----------------------------------------------------");
614 }
615 }
616
617 iph->ip_off += offset;
618 stream_forward_getp(op->s, iovp->iov_len);
619 iovp->iov_base = STREAM_PNT(op->s);
620 }
621
622 /* setup for final fragment */
623 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
624 iph->ip_len = iovp->iov_len + sizeof(struct ip);
625 iph->ip_off &= (~IP_MF);
626 }
627 #endif /* WANT_OSPF_WRITE_FRAGMENT */
628
629 static int ospf_write(struct thread *thread)
630 {
631 struct ospf *ospf = THREAD_ARG(thread);
632 struct ospf_interface *oi;
633 struct ospf_interface *last_serviced_oi = NULL;
634 struct ospf_packet *op;
635 struct sockaddr_in sa_dst;
636 struct ip iph;
637 struct msghdr msg;
638 struct iovec iov[2];
639 u_char type;
640 int ret;
641 int flags = 0;
642 struct listnode *node;
643 #ifdef WANT_OSPF_WRITE_FRAGMENT
644 static u_int16_t ipid = 0;
645 u_int16_t maxdatasize;
646 #endif /* WANT_OSPF_WRITE_FRAGMENT */
647 /* $FRR indent$ */
648 /* clang-format off */
649 #define OSPF_WRITE_IPHL_SHIFT 2
650 int pkt_count = 0;
651
652 ospf->t_write = NULL;
653
654 node = listhead(ospf->oi_write_q);
655 assert(node);
656 oi = listgetdata(node);
657 assert(oi);
658
659 #ifdef WANT_OSPF_WRITE_FRAGMENT
660 /* seed ipid static with low order bits of time */
661 if (ipid == 0)
662 ipid = (time(NULL) & 0xffff);
663 #endif /* WANT_OSPF_WRITE_FRAGMENT */
664
665 while ((pkt_count < ospf->write_oi_count) && oi
666 && (last_serviced_oi != oi)) {
667 /* If there is only packet in the queue, the oi is removed from
668 write-q, so fix up the last interface that was serviced */
669 if (last_serviced_oi == NULL) {
670 last_serviced_oi = oi;
671 }
672 pkt_count++;
673 #ifdef WANT_OSPF_WRITE_FRAGMENT
674 /* convenience - max OSPF data per packet */
675 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
676 #endif /* WANT_OSPF_WRITE_FRAGMENT */
677 /* Get one packet from queue. */
678 op = ospf_fifo_head(oi->obuf);
679 assert(op);
680 assert(op->length >= OSPF_HEADER_SIZE);
681
682 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
683 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
684 ospf_if_ipmulticast(ospf, oi->address,
685 oi->ifp->ifindex);
686
687 /* Rewrite the md5 signature & update the seq */
688 ospf_make_md5_digest(oi, op);
689
690 /* Retrieve OSPF packet type. */
691 stream_set_getp(op->s, 1);
692 type = stream_getc(op->s);
693
694 /* reset get pointer */
695 stream_set_getp(op->s, 0);
696
697 memset(&iph, 0, sizeof(struct ip));
698 memset(&sa_dst, 0, sizeof(sa_dst));
699
700 sa_dst.sin_family = AF_INET;
701 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
702 sa_dst.sin_len = sizeof(sa_dst);
703 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
704 sa_dst.sin_addr = op->dst;
705 sa_dst.sin_port = htons(0);
706
707 /* Set DONTROUTE flag if dst is unicast. */
708 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
709 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
710 flags = MSG_DONTROUTE;
711
712 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
713 /* it'd be very strange for header to not be 4byte-word aligned
714 * but.. */
715 if (sizeof(struct ip)
716 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
717 iph.ip_hl++; /* we presume sizeof struct ip cant
718 overflow ip_hl.. */
719
720 iph.ip_v = IPVERSION;
721 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
722 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
723
724 #if defined(__DragonFly__)
725 /*
726 * DragonFly's raw socket expects ip_len/ip_off in network byte
727 * order.
728 */
729 iph.ip_len = htons(iph.ip_len);
730 #endif
731
732 #ifdef WANT_OSPF_WRITE_FRAGMENT
733 /* XXX-MT: not thread-safe at all..
734 * XXX: this presumes this is only programme sending OSPF
735 * packets
736 * otherwise, no guarantee ipid will be unique
737 */
738 iph.ip_id = ++ipid;
739 #endif /* WANT_OSPF_WRITE_FRAGMENT */
740
741 iph.ip_off = 0;
742 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
743 iph.ip_ttl = OSPF_VL_IP_TTL;
744 else
745 iph.ip_ttl = OSPF_IP_TTL;
746 iph.ip_p = IPPROTO_OSPFIGP;
747 iph.ip_sum = 0;
748 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
749 iph.ip_dst.s_addr = op->dst.s_addr;
750
751 memset(&msg, 0, sizeof(msg));
752 msg.msg_name = (caddr_t)&sa_dst;
753 msg.msg_namelen = sizeof(sa_dst);
754 msg.msg_iov = iov;
755 msg.msg_iovlen = 2;
756 iov[0].iov_base = (char *)&iph;
757 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
758 iov[1].iov_base = STREAM_PNT(op->s);
759 iov[1].iov_len = op->length;
760
761 /* Sadly we can not rely on kernels to fragment packets because of either
762 * IP_HDRINCL and/or multicast destination being set.
763 */
764 #ifdef WANT_OSPF_WRITE_FRAGMENT
765 if (op->length > maxdatasize)
766 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
767 oi->ifp->mtu, flags, type);
768 #endif /* WANT_OSPF_WRITE_FRAGMENT */
769
770 /* send final fragment (could be first) */
771 sockopt_iphdrincl_swab_htosys(&iph);
772 ret = sendmsg(ospf->fd, &msg, flags);
773 sockopt_iphdrincl_swab_systoh(&iph);
774 if (IS_DEBUG_OSPF_EVENT)
775 zlog_debug(
776 "ospf_write to %s, "
777 "id %d, off %d, len %d, interface %s, mtu %u:",
778 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
779 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
780
781 if (ret < 0)
782 zlog_warn(
783 "*** sendmsg in ospf_write failed to %s, "
784 "id %d, off %d, len %d, interface %s, mtu %u: %s",
785 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
786 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
787 safe_strerror(errno));
788
789 /* Show debug sending packet. */
790 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
791 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
792 zlog_debug(
793 "-----------------------------------------------------");
794 ospf_ip_header_dump(&iph);
795 stream_set_getp(op->s, 0);
796 ospf_packet_dump(op->s);
797 }
798
799 zlog_debug("%s sent to [%s] via [%s].",
800 lookup_msg(ospf_packet_type_str, type, NULL),
801 inet_ntoa(op->dst), IF_NAME(oi));
802
803 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
804 zlog_debug(
805 "-----------------------------------------------------");
806 }
807
808 /* Now delete packet from queue. */
809 ospf_packet_delete(oi);
810
811 /* Move this interface to the tail of write_q to
812 serve everyone in a round robin fashion */
813 list_delete_node(ospf->oi_write_q, node);
814 if (ospf_fifo_head(oi->obuf) == NULL) {
815 oi->on_write_q = 0;
816 last_serviced_oi = NULL;
817 oi = NULL;
818 } else {
819 listnode_add(ospf->oi_write_q, oi);
820 }
821
822 /* Setup to service from the head of the queue again */
823 if (!list_isempty(ospf->oi_write_q)) {
824 node = listhead(ospf->oi_write_q);
825 assert(node);
826 oi = listgetdata(node);
827 assert(oi);
828 }
829 }
830
831 /* If packets still remain in queue, call write thread. */
832 if (!list_isempty(ospf->oi_write_q))
833 ospf->t_write =
834 thread_add_write(master, ospf_write, ospf, ospf->fd);
835
836 return 0;
837 }
838
839 /* OSPF Hello message read -- RFC2328 Section 10.5. */
840 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
841 struct stream *s, struct ospf_interface *oi, int size)
842 {
843 struct ospf_hello *hello;
844 struct ospf_neighbor *nbr;
845 int old_state;
846 struct prefix p;
847
848 /* increment statistics. */
849 oi->hello_in++;
850
851 hello = (struct ospf_hello *)STREAM_PNT(s);
852
853 /* If Hello is myself, silently discard. */
854 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
855 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
856 zlog_debug(
857 "ospf_header[%s/%s]: selforiginated, "
858 "dropping.",
859 lookup_msg(ospf_packet_type_str, ospfh->type,
860 NULL),
861 inet_ntoa(iph->ip_src));
862 }
863 return;
864 }
865
866 /* get neighbor prefix. */
867 p.family = AF_INET;
868 p.prefixlen = ip_masklen(hello->network_mask);
869 p.u.prefix4 = iph->ip_src;
870
871 /* Compare network mask. */
872 /* Checking is ignored for Point-to-Point and Virtual link. */
873 if (oi->type != OSPF_IFTYPE_POINTOPOINT
874 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
875 if (oi->address->prefixlen != p.prefixlen) {
876 zlog_warn(
877 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
878 inet_ntoa(ospfh->router_id), IF_NAME(oi),
879 (int)oi->address->prefixlen, (int)p.prefixlen);
880 return;
881 }
882
883 /* Compare Router Dead Interval. */
884 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
885 zlog_warn(
886 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
887 "(expected %u, but received %u).",
888 inet_ntoa(ospfh->router_id), OSPF_IF_PARAM(oi, v_wait),
889 ntohl(hello->dead_interval));
890 return;
891 }
892
893 /* Compare Hello Interval - ignored if fast-hellos are set. */
894 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
895 if (OSPF_IF_PARAM(oi, v_hello)
896 != ntohs(hello->hello_interval)) {
897 zlog_warn(
898 "Packet %s [Hello:RECV]: HelloInterval mismatch "
899 "(expected %u, but received %u).",
900 inet_ntoa(ospfh->router_id),
901 OSPF_IF_PARAM(oi, v_hello),
902 ntohs(hello->hello_interval));
903 return;
904 }
905 }
906
907 if (IS_DEBUG_OSPF_EVENT)
908 zlog_debug("Packet %s [Hello:RECV]: Options %s",
909 inet_ntoa(ospfh->router_id),
910 ospf_options_dump(hello->options));
911
912 /* Compare options. */
913 #define REJECT_IF_TBIT_ON 1 /* XXX */
914 #ifdef REJECT_IF_TBIT_ON
915 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
916 /*
917 * This router does not support non-zero TOS.
918 * Drop this Hello packet not to establish neighbor
919 * relationship.
920 */
921 zlog_warn("Packet %s [Hello:RECV]: T-bit on, drop it.",
922 inet_ntoa(ospfh->router_id));
923 return;
924 }
925 #endif /* REJECT_IF_TBIT_ON */
926
927 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
928 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
929 /*
930 * This router does know the correct usage of O-bit
931 * the bit should be set in DD packet only.
932 */
933 zlog_warn("Packet %s [Hello:RECV]: O-bit abuse?",
934 inet_ntoa(ospfh->router_id));
935 #ifdef STRICT_OBIT_USAGE_CHECK
936 return; /* Reject this packet. */
937 #else /* STRICT_OBIT_USAGE_CHECK */
938 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
939 #endif /* STRICT_OBIT_USAGE_CHECK */
940 }
941
942 /* new for NSSA is to ensure that NP is on and E is off */
943
944 if (oi->area->external_routing == OSPF_AREA_NSSA) {
945 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
946 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
947 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
948 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
949 zlog_warn(
950 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
951 inet_ntoa(ospfh->router_id), OPTIONS(oi),
952 hello->options);
953 return;
954 }
955 if (IS_DEBUG_OSPF_NSSA)
956 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
957 inet_ntoa(ospfh->router_id));
958 } else
959 /* The setting of the E-bit found in the Hello Packet's Options
960 field must match this area's ExternalRoutingCapability A
961 mismatch causes processing to stop and the packet to be
962 dropped. The setting of the rest of the bits in the Hello
963 Packet's Options field should be ignored. */
964 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
965 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
966 zlog_warn(
967 "Packet %s [Hello:RECV]: my options: %x, his options %x",
968 inet_ntoa(ospfh->router_id), OPTIONS(oi),
969 hello->options);
970 return;
971 }
972
973 /* get neighbour struct */
974 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
975
976 /* neighbour must be valid, ospf_nbr_get creates if none existed */
977 assert(nbr);
978
979 old_state = nbr->state;
980
981 /* Add event to thread. */
982 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
983
984 /* RFC2328 Section 9.5.1
985 If the router is not eligible to become Designated Router,
986 (snip) It must also send an Hello Packet in reply to an
987 Hello Packet received from any eligible neighbor (other than
988 the current Designated Router and Backup Designated Router). */
989 if (oi->type == OSPF_IFTYPE_NBMA)
990 if (PRIORITY(oi) == 0 && hello->priority > 0
991 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
992 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
993 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
994 ospf_hello_reply_timer,
995 OSPF_HELLO_REPLY_DELAY);
996
997 /* on NBMA network type, it happens to receive bidirectional Hello
998 packet
999 without advance 1-Way Received event.
1000 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1001 if (oi->type == OSPF_IFTYPE_NBMA
1002 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1003 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1004 nbr->priority = hello->priority;
1005 nbr->d_router = hello->d_router;
1006 nbr->bd_router = hello->bd_router;
1007 return;
1008 }
1009
1010 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1011 size - OSPF_HELLO_MIN_SIZE)) {
1012 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1013 nbr->options |= hello->options;
1014 } else {
1015 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1016 /* Set neighbor information. */
1017 nbr->priority = hello->priority;
1018 nbr->d_router = hello->d_router;
1019 nbr->bd_router = hello->bd_router;
1020 return;
1021 }
1022
1023 /* If neighbor itself declares DR and no BDR exists,
1024 cause event BackupSeen */
1025 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1026 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1027 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1028
1029 /* neighbor itself declares BDR. */
1030 if (oi->state == ISM_Waiting
1031 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1032 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1033
1034 /* had not previously. */
1035 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1036 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1037 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1038 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1039 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1040
1041 /* had not previously. */
1042 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1043 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1044 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1045 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1046 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1047
1048 /* Neighbor priority check. */
1049 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1050 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1051
1052 /* Set neighbor information. */
1053 nbr->priority = hello->priority;
1054 nbr->d_router = hello->d_router;
1055 nbr->bd_router = hello->bd_router;
1056 }
1057
1058 /* Save DD flags/options/Seqnum received. */
1059 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1060 struct ospf_db_desc *dd)
1061 {
1062 nbr->last_recv.flags = dd->flags;
1063 nbr->last_recv.options = dd->options;
1064 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1065 }
1066
1067 /* Process rest of DD packet. */
1068 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1069 struct ospf_neighbor *nbr,
1070 struct ospf_db_desc *dd, u_int16_t size)
1071 {
1072 struct ospf_lsa *new, *find;
1073 struct lsa_header *lsah;
1074
1075 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1076 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1077 size -= OSPF_LSA_HEADER_SIZE) {
1078 lsah = (struct lsa_header *)STREAM_PNT(s);
1079 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1080
1081 /* Unknown LS type. */
1082 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1083 zlog_warn("Packet [DD:RECV]: Unknown LS type %d.",
1084 lsah->type);
1085 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1086 return;
1087 }
1088
1089 if (IS_OPAQUE_LSA(lsah->type)
1090 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1091 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1092 lsah->type, inet_ntoa(lsah->id));
1093 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1094 return;
1095 }
1096
1097 switch (lsah->type) {
1098 case OSPF_AS_EXTERNAL_LSA:
1099 case OSPF_OPAQUE_AS_LSA:
1100 /* Check for stub area. Reject if AS-External from stub
1101 but
1102 allow if from NSSA. */
1103 if (oi->area->external_routing == OSPF_AREA_STUB) {
1104 zlog_warn(
1105 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1106 lsah->type, inet_ntoa(lsah->id),
1107 (oi->area->external_routing
1108 == OSPF_AREA_STUB)
1109 ? "STUB"
1110 : "NSSA");
1111 OSPF_NSM_EVENT_SCHEDULE(nbr,
1112 NSM_SeqNumberMismatch);
1113 return;
1114 }
1115 break;
1116 default:
1117 break;
1118 }
1119
1120 /* Create LS-request object. */
1121 new = ospf_ls_request_new(lsah);
1122
1123 /* Lookup received LSA, then add LS request list. */
1124 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1125
1126 /* ospf_lsa_more_recent is fine with NULL pointers */
1127 switch (ospf_lsa_more_recent(find, new)) {
1128 case -1:
1129 /* Neighbour has a more recent LSA, we must request it
1130 */
1131 ospf_ls_request_add(nbr, new);
1132 case 0:
1133 /* If we have a copy of this LSA, it's either less
1134 * recent
1135 * and we're requesting it from neighbour (the case
1136 * above), or
1137 * it's as recent and we both have same copy (this
1138 * case).
1139 *
1140 * In neither of these two cases is there any point in
1141 * describing our copy of the LSA to the neighbour in a
1142 * DB-Summary packet, if we're still intending to do so.
1143 *
1144 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1145 * backward compatible optimisation to OSPF DB Exchange
1146 * /
1147 * DB Description process implemented here.
1148 */
1149 if (find)
1150 ospf_lsdb_delete(&nbr->db_sum, find);
1151 ospf_lsa_discard(new);
1152 break;
1153 default:
1154 /* We have the more recent copy, nothing specific to do:
1155 * - no need to request neighbours stale copy
1156 * - must leave DB summary list copy alone
1157 */
1158 if (IS_DEBUG_OSPF_EVENT)
1159 zlog_debug(
1160 "Packet [DD:RECV]: LSA received Type %d, "
1161 "ID %s is not recent.",
1162 lsah->type, inet_ntoa(lsah->id));
1163 ospf_lsa_discard(new);
1164 }
1165 }
1166
1167 /* Master */
1168 if (IS_SET_DD_MS(nbr->dd_flags)) {
1169 nbr->dd_seqnum++;
1170
1171 /* Both sides have no More, then we're done with Exchange */
1172 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1173 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1174 else
1175 ospf_db_desc_send(nbr);
1176 }
1177 /* Slave */
1178 else {
1179 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1180
1181 /* Send DD packet in reply.
1182 *
1183 * Must be done to acknowledge the Master's DD, regardless of
1184 * whether we have more LSAs ourselves to describe.
1185 *
1186 * This function will clear the 'More' bit, if after this DD
1187 * we have no more LSAs to describe to the master..
1188 */
1189 ospf_db_desc_send(nbr);
1190
1191 /* Slave can raise ExchangeDone now, if master is also done */
1192 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1193 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1194 }
1195
1196 /* Save received neighbor values from DD. */
1197 ospf_db_desc_save_current(nbr, dd);
1198
1199 if (!nbr->t_ls_req)
1200 ospf_ls_req_send(nbr);
1201 }
1202
1203 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1204 struct ospf_neighbor *nbr)
1205 {
1206 /* Is DD duplicated? */
1207 if (dd->options == nbr->last_recv.options
1208 && dd->flags == nbr->last_recv.flags
1209 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1210 return 1;
1211
1212 return 0;
1213 }
1214
1215 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1216 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1217 struct stream *s, struct ospf_interface *oi,
1218 u_int16_t size)
1219 {
1220 struct ospf_db_desc *dd;
1221 struct ospf_neighbor *nbr;
1222
1223 /* Increment statistics. */
1224 oi->db_desc_in++;
1225
1226 dd = (struct ospf_db_desc *)STREAM_PNT(s);
1227
1228 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1229 if (nbr == NULL) {
1230 zlog_warn("Packet[DD]: Unknown Neighbor %s",
1231 inet_ntoa(ospfh->router_id));
1232 return;
1233 }
1234
1235 /* Check MTU. */
1236 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1237 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1238 zlog_warn(
1239 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1240 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1241 oi->ifp->mtu);
1242 return;
1243 }
1244
1245 /*
1246 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1247 * not
1248 * required. In fact at least JunOS sends DD packets with P bit clear.
1249 * Until proper solution is developped, this hack should help.
1250 *
1251 * Update: According to the RFCs, N bit is specified /only/ for Hello
1252 * options, unfortunately its use in DD options is not specified. Hence
1253 * some
1254 * implementations follow E-bit semantics and set it in DD options, and
1255 * some
1256 * treat it as unspecified and hence follow the directive "default for
1257 * options is clear", ie unset.
1258 *
1259 * Reset the flag, as ospfd follows E-bit semantics.
1260 */
1261 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1262 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1263 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1264 if (IS_DEBUG_OSPF_EVENT)
1265 zlog_debug(
1266 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1267 inet_ntoa(nbr->router_id));
1268 SET_FLAG(dd->options, OSPF_OPTION_NP);
1269 }
1270
1271 #ifdef REJECT_IF_TBIT_ON
1272 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1273 /*
1274 * In Hello protocol, optional capability must have checked
1275 * to prevent this T-bit enabled router be my neighbor.
1276 */
1277 zlog_warn("Packet[DD]: Neighbor %s: T-bit on?",
1278 inet_ntoa(nbr->router_id));
1279 return;
1280 }
1281 #endif /* REJECT_IF_TBIT_ON */
1282
1283 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1284 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1285 /*
1286 * This node is not configured to handle O-bit, for now.
1287 * Clear it to ignore unsupported capability proposed by
1288 * neighbor.
1289 */
1290 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1291 }
1292
1293 /* Add event to thread. */
1294 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1295
1296 /* Process DD packet by neighbor status. */
1297 switch (nbr->state) {
1298 case NSM_Down:
1299 case NSM_Attempt:
1300 case NSM_TwoWay:
1301 zlog_warn(
1302 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1303 inet_ntoa(nbr->router_id),
1304 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1305 break;
1306 case NSM_Init:
1307 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1308 /* If the new state is ExStart, the processing of the current
1309 packet should then continue in this new state by falling
1310 through to case ExStart below. */
1311 if (nbr->state != NSM_ExStart)
1312 break;
1313 case NSM_ExStart:
1314 /* Initial DBD */
1315 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1316 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1317 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1318 > 0) {
1319 /* We're Slave---obey */
1320 zlog_info(
1321 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1322 inet_ntoa(nbr->router_id));
1323 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1324
1325 /* Reset I/MS */
1326 UNSET_FLAG(nbr->dd_flags,
1327 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1328 } else {
1329 /* We're Master, ignore the initial DBD from
1330 * Slave */
1331 zlog_info(
1332 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1333 "ignoring.",
1334 inet_ntoa(nbr->router_id));
1335 break;
1336 }
1337 }
1338 /* Ack from the Slave */
1339 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1340 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1341 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1342 < 0) {
1343 zlog_info(
1344 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1345 inet_ntoa(nbr->router_id));
1346 /* Reset I, leaving MS */
1347 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1348 } else {
1349 zlog_warn("Packet[DD]: Neighbor %s Negotiation fails.",
1350 inet_ntoa(nbr->router_id));
1351 break;
1352 }
1353
1354 /* This is where the real Options are saved */
1355 nbr->options = dd->options;
1356
1357 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1358 if (IS_DEBUG_OSPF_EVENT)
1359 zlog_debug(
1360 "Neighbor[%s] is %sOpaque-capable.",
1361 inet_ntoa(nbr->router_id),
1362 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1363 ? ""
1364 : "NOT ");
1365
1366 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1367 && IPV4_ADDR_SAME(&DR(oi),
1368 &nbr->address.u.prefix4)) {
1369 zlog_warn(
1370 "DR-neighbor[%s] is NOT opaque-capable; "
1371 "Opaque-LSAs cannot be reliably advertised "
1372 "in this network.",
1373 inet_ntoa(nbr->router_id));
1374 /* This situation is undesirable, but not a real
1375 * error. */
1376 }
1377 }
1378
1379 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1380
1381 /* continue processing rest of packet. */
1382 ospf_db_desc_proc(s, oi, nbr, dd, size);
1383 break;
1384 case NSM_Exchange:
1385 if (ospf_db_desc_is_dup(dd, nbr)) {
1386 if (IS_SET_DD_MS(nbr->dd_flags))
1387 /* Master: discard duplicated DD packet. */
1388 zlog_info(
1389 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1390 inet_ntoa(nbr->router_id));
1391 else
1392 /* Slave: cause to retransmit the last Database
1393 Description. */
1394 {
1395 zlog_info(
1396 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1397 inet_ntoa(nbr->router_id));
1398 ospf_db_desc_resend(nbr);
1399 }
1400 break;
1401 }
1402
1403 /* Otherwise DD packet should be checked. */
1404 /* Check Master/Slave bit mismatch */
1405 if (IS_SET_DD_MS(dd->flags)
1406 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1407 zlog_warn("Packet[DD]: Neighbor %s MS-bit mismatch.",
1408 inet_ntoa(nbr->router_id));
1409 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1410 if (IS_DEBUG_OSPF_EVENT)
1411 zlog_debug(
1412 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1413 dd->flags, nbr->dd_flags);
1414 break;
1415 }
1416
1417 /* Check initialize bit is set. */
1418 if (IS_SET_DD_I(dd->flags)) {
1419 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1420 inet_ntoa(nbr->router_id));
1421 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1422 break;
1423 }
1424
1425 /* Check DD Options. */
1426 if (dd->options != nbr->options) {
1427 #ifdef ORIGINAL_CODING
1428 /* Save the new options for debugging */
1429 nbr->options = dd->options;
1430 #endif /* ORIGINAL_CODING */
1431 zlog_warn("Packet[DD]: Neighbor %s options mismatch.",
1432 inet_ntoa(nbr->router_id));
1433 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1434 break;
1435 }
1436
1437 /* Check DD sequence number. */
1438 if ((IS_SET_DD_MS(nbr->dd_flags)
1439 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1440 || (!IS_SET_DD_MS(nbr->dd_flags)
1441 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1442 zlog_warn(
1443 "Packet[DD]: Neighbor %s sequence number mismatch.",
1444 inet_ntoa(nbr->router_id));
1445 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1446 break;
1447 }
1448
1449 /* Continue processing rest of packet. */
1450 ospf_db_desc_proc(s, oi, nbr, dd, size);
1451 break;
1452 case NSM_Loading:
1453 case NSM_Full:
1454 if (ospf_db_desc_is_dup(dd, nbr)) {
1455 if (IS_SET_DD_MS(nbr->dd_flags)) {
1456 /* Master should discard duplicate DD packet. */
1457 zlog_info(
1458 "Packet[DD]: Neighbor %s duplicated, "
1459 "packet discarded.",
1460 inet_ntoa(nbr->router_id));
1461 break;
1462 } else {
1463 if (monotime_since(&nbr->last_send_ts, NULL)
1464 < nbr->v_inactivity * 1000000LL) {
1465 /* In states Loading and Full the slave
1466 must resend
1467 its last Database Description packet
1468 in response to
1469 duplicate Database Description
1470 packets received
1471 from the master. For this reason the
1472 slave must
1473 wait RouterDeadInterval seconds
1474 before freeing the
1475 last Database Description packet.
1476 Reception of a
1477 Database Description packet from the
1478 master after
1479 this interval will generate a
1480 SeqNumberMismatch
1481 neighbor event. RFC2328 Section 10.8
1482 */
1483 ospf_db_desc_resend(nbr);
1484 break;
1485 }
1486 }
1487 }
1488
1489 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1490 break;
1491 default:
1492 zlog_warn("Packet[DD]: Neighbor %s NSM illegal status %u.",
1493 inet_ntoa(nbr->router_id), nbr->state);
1494 break;
1495 }
1496 }
1497
1498 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1499
1500 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1501 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1502 struct stream *s, struct ospf_interface *oi,
1503 u_int16_t size)
1504 {
1505 struct ospf_neighbor *nbr;
1506 u_int32_t ls_type;
1507 struct in_addr ls_id;
1508 struct in_addr adv_router;
1509 struct ospf_lsa *find;
1510 struct list *ls_upd;
1511 unsigned int length;
1512
1513 /* Increment statistics. */
1514 oi->ls_req_in++;
1515
1516 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1517 if (nbr == NULL) {
1518 zlog_warn("Link State Request: Unknown Neighbor %s.",
1519 inet_ntoa(ospfh->router_id));
1520 return;
1521 }
1522
1523 /* Add event to thread. */
1524 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1525
1526 /* Neighbor State should be Exchange or later. */
1527 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1528 && nbr->state != NSM_Full) {
1529 zlog_warn(
1530 "Link State Request received from %s: "
1531 "Neighbor state is %s, packet discarded.",
1532 inet_ntoa(ospfh->router_id),
1533 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1534 return;
1535 }
1536
1537 /* Send Link State Update for ALL requested LSAs. */
1538 ls_upd = list_new();
1539 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1540
1541 while (size >= OSPF_LSA_KEY_SIZE) {
1542 /* Get one slice of Link State Request. */
1543 ls_type = stream_getl(s);
1544 ls_id.s_addr = stream_get_ipv4(s);
1545 adv_router.s_addr = stream_get_ipv4(s);
1546
1547 /* Verify LSA type. */
1548 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1549 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1550 list_delete(ls_upd);
1551 return;
1552 }
1553
1554 /* Search proper LSA in LSDB. */
1555 find = ospf_lsa_lookup(oi->area, ls_type, ls_id, adv_router);
1556 if (find == NULL) {
1557 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1558 list_delete(ls_upd);
1559 return;
1560 }
1561
1562 /* Packet overflows MTU size, send immediately. */
1563 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1564 if (oi->type == OSPF_IFTYPE_NBMA)
1565 ospf_ls_upd_send(nbr, ls_upd,
1566 OSPF_SEND_PACKET_DIRECT);
1567 else
1568 ospf_ls_upd_send(nbr, ls_upd,
1569 OSPF_SEND_PACKET_INDIRECT);
1570
1571 /* Only remove list contents. Keep ls_upd. */
1572 list_delete_all_node(ls_upd);
1573
1574 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1575 }
1576
1577 /* Append LSA to update list. */
1578 listnode_add(ls_upd, find);
1579 length += ntohs(find->data->length);
1580
1581 size -= OSPF_LSA_KEY_SIZE;
1582 }
1583
1584 /* Send rest of Link State Update. */
1585 if (listcount(ls_upd) > 0) {
1586 if (oi->type == OSPF_IFTYPE_NBMA)
1587 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT);
1588 else
1589 ospf_ls_upd_send(nbr, ls_upd,
1590 OSPF_SEND_PACKET_INDIRECT);
1591
1592 list_delete(ls_upd);
1593 } else
1594 list_free(ls_upd);
1595 }
1596
1597 /* Get the list of LSAs from Link State Update packet.
1598 And process some validation -- RFC2328 Section 13. (1)-(2). */
1599 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1600 struct stream *s,
1601 struct ospf_interface *oi, size_t size)
1602 {
1603 u_int16_t count, sum;
1604 u_int32_t length;
1605 struct lsa_header *lsah;
1606 struct ospf_lsa *lsa;
1607 struct list *lsas;
1608
1609 lsas = list_new();
1610
1611 count = stream_getl(s);
1612 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1613
1614 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1615 size -= length, stream_forward_getp(s, length), count--) {
1616 lsah = (struct lsa_header *)STREAM_PNT(s);
1617 length = ntohs(lsah->length);
1618
1619 if (length > size) {
1620 zlog_warn(
1621 "Link State Update: LSA length exceeds packet size.");
1622 break;
1623 }
1624
1625 /* Validate the LSA's LS checksum. */
1626 sum = lsah->checksum;
1627 if (!ospf_lsa_checksum_valid(lsah)) {
1628 /* (bug #685) more details in a one-line message make it
1629 * possible
1630 * to identify problem source on the one hand and to
1631 * have a better
1632 * chance to compress repeated messages in syslog on the
1633 * other */
1634 zlog_warn(
1635 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1636 sum, lsah->checksum, inet_ntoa(lsah->id),
1637 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1638 inet_ntoa(lsah->adv_router));
1639 continue;
1640 }
1641
1642 /* Examine the LSA's LS type. */
1643 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1644 zlog_warn("Link State Update: Unknown LS type %d",
1645 lsah->type);
1646 continue;
1647 }
1648
1649 /*
1650 * What if the received LSA's age is greater than MaxAge?
1651 * Treat it as a MaxAge case -- endo.
1652 */
1653 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1654 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1655
1656 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1657 #ifdef STRICT_OBIT_USAGE_CHECK
1658 if ((IS_OPAQUE_LSA(lsah->type)
1659 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1660 || (!IS_OPAQUE_LSA(lsah->type)
1661 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1662 /*
1663 * This neighbor must know the exact usage of
1664 * O-bit;
1665 * the bit will be set in Type-9,10,11 LSAs
1666 * only.
1667 */
1668 zlog_warn("LSA[Type%d:%s]: O-bit abuse?",
1669 lsah->type, inet_ntoa(lsah->id));
1670 continue;
1671 }
1672 #endif /* STRICT_OBIT_USAGE_CHECK */
1673
1674 /* Do not take in AS External Opaque-LSAs if we are a
1675 * stub. */
1676 if (lsah->type == OSPF_OPAQUE_AS_LSA
1677 && nbr->oi->area->external_routing
1678 != OSPF_AREA_DEFAULT) {
1679 if (IS_DEBUG_OSPF_EVENT)
1680 zlog_debug(
1681 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1682 lsah->type,
1683 inet_ntoa(lsah->id));
1684 continue;
1685 }
1686 } else if (IS_OPAQUE_LSA(lsah->type)) {
1687 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1688 lsah->type, inet_ntoa(lsah->id));
1689 continue;
1690 }
1691
1692 /* Create OSPF LSA instance. */
1693 lsa = ospf_lsa_new();
1694
1695 /* We may wish to put some error checking if type NSSA comes in
1696 and area not in NSSA mode */
1697 switch (lsah->type) {
1698 case OSPF_AS_EXTERNAL_LSA:
1699 case OSPF_OPAQUE_AS_LSA:
1700 lsa->area = NULL;
1701 break;
1702 case OSPF_OPAQUE_LINK_LSA:
1703 lsa->oi = oi; /* Remember incoming interface for
1704 flooding control. */
1705 /* Fallthrough */
1706 default:
1707 lsa->area = oi->area;
1708 break;
1709 }
1710
1711 lsa->data = ospf_lsa_data_new(length);
1712 memcpy(lsa->data, lsah, length);
1713
1714 if (IS_DEBUG_OSPF_EVENT)
1715 zlog_debug(
1716 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1717 lsa->data->type, inet_ntoa(lsa->data->id),
1718 (void *)lsa);
1719 listnode_add(lsas, lsa);
1720 }
1721
1722 return lsas;
1723 }
1724
1725 /* Cleanup Update list. */
1726 static void ospf_upd_list_clean(struct list *lsas)
1727 {
1728 struct listnode *node, *nnode;
1729 struct ospf_lsa *lsa;
1730
1731 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1732 ospf_lsa_discard(lsa);
1733
1734 list_delete(lsas);
1735 }
1736
1737 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1738 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1739 struct ospf_header *ospfh, struct stream *s,
1740 struct ospf_interface *oi, u_int16_t size)
1741 {
1742 struct ospf_neighbor *nbr;
1743 struct list *lsas;
1744 struct listnode *node, *nnode;
1745 struct ospf_lsa *lsa = NULL;
1746 /* unsigned long ls_req_found = 0; */
1747
1748 /* Dis-assemble the stream, update each entry, re-encapsulate for
1749 * flooding */
1750
1751 /* Increment statistics. */
1752 oi->ls_upd_in++;
1753
1754 /* Check neighbor. */
1755 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1756 if (nbr == NULL) {
1757 zlog_warn("Link State Update: Unknown Neighbor %s on int: %s",
1758 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1759 return;
1760 }
1761
1762 /* Add event to thread. */
1763 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1764
1765 /* Check neighbor state. */
1766 if (nbr->state < NSM_Exchange) {
1767 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1768 zlog_debug(
1769 "Link State Update: "
1770 "Neighbor[%s] state %s is less than Exchange",
1771 inet_ntoa(ospfh->router_id),
1772 lookup_msg(ospf_nsm_state_msg, nbr->state,
1773 NULL));
1774 return;
1775 }
1776
1777 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1778 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1779 * of section 13.
1780 */
1781 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1782
1783 #define DISCARD_LSA(L, N) \
1784 { \
1785 if (IS_DEBUG_OSPF_EVENT) \
1786 zlog_debug( \
1787 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1788 " Type-%d", \
1789 N, (void *)lsa, (int)lsa->data->type); \
1790 ospf_lsa_discard(L); \
1791 continue; \
1792 }
1793
1794 /* Process each LSA received in the one packet.
1795 *
1796 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1797 * text below are from the steps in RFC 2328, Section 13.
1798 */
1799 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1800 struct ospf_lsa *ls_ret, *current;
1801 int ret = 1;
1802
1803 if (IS_DEBUG_OSPF_NSSA) {
1804 char buf1[INET_ADDRSTRLEN];
1805 char buf2[INET_ADDRSTRLEN];
1806 char buf3[INET_ADDRSTRLEN];
1807
1808 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1809 lsa->data->type,
1810 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1811 INET_ADDRSTRLEN),
1812 inet_ntop(AF_INET, &lsa->data->id, buf2,
1813 INET_ADDRSTRLEN),
1814 inet_ntop(AF_INET, &lsa->data->adv_router,
1815 buf3, INET_ADDRSTRLEN));
1816 }
1817
1818 listnode_delete(lsas,
1819 lsa); /* We don't need it in list anymore */
1820
1821 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1822 */
1823
1824 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1825
1826 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1827 */
1828
1829 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1830 */
1831
1832 /* Do take in Type-7's if we are an NSSA */
1833
1834 /* If we are also an ABR, later translate them to a Type-5
1835 * packet */
1836
1837 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1838 translate them to a separate Type-5 packet. */
1839
1840 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1841 /* Reject from STUB or NSSA */
1842 if (nbr->oi->area->external_routing
1843 != OSPF_AREA_DEFAULT) {
1844 if (IS_DEBUG_OSPF_NSSA)
1845 zlog_debug(
1846 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1847 DISCARD_LSA(lsa, 1);
1848 }
1849
1850 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1851 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1852 if (IS_DEBUG_OSPF_NSSA)
1853 zlog_debug(
1854 "Incoming NSSA LSA Discarded: Not NSSA Area");
1855 DISCARD_LSA(lsa, 2);
1856 }
1857
1858 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1859 if (lsa->data->type == OSPF_ROUTER_LSA)
1860 if (!IPV4_ADDR_SAME(&lsa->data->id,
1861 &lsa->data->adv_router)) {
1862 char buf1[INET_ADDRSTRLEN];
1863 char buf2[INET_ADDRSTRLEN];
1864 char buf3[INET_ADDRSTRLEN];
1865
1866 zlog_err(
1867 "Incoming Router-LSA from %s with "
1868 "Adv-ID[%s] != LS-ID[%s]",
1869 inet_ntop(AF_INET, &ospfh->router_id,
1870 buf1, INET_ADDRSTRLEN),
1871 inet_ntop(AF_INET, &lsa->data->id, buf2,
1872 INET_ADDRSTRLEN),
1873 inet_ntop(AF_INET,
1874 &lsa->data->adv_router, buf3,
1875 INET_ADDRSTRLEN));
1876 zlog_err(
1877 "OSPF domain compromised by attack or corruption. "
1878 "Verify correct operation of -ALL- OSPF routers.");
1879 DISCARD_LSA(lsa, 0);
1880 }
1881
1882 /* Find the LSA in the current database. */
1883
1884 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1885
1886 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1887 currently
1888 no instance of the LSA in the router's link state database,
1889 and none of router's neighbors are in states Exchange or
1890 Loading,
1891 then take the following actions: */
1892
1893 if (IS_LSA_MAXAGE(lsa) && !current
1894 && ospf_check_nbr_status(oi->ospf)) {
1895 /* (4a) Response Link State Acknowledgment. */
1896 ospf_ls_ack_send(nbr, lsa);
1897
1898 /* (4b) Discard LSA. */
1899 if (IS_DEBUG_OSPF(lsa, LSA)) {
1900 zlog_debug(
1901 "Link State Update[%s]: LS age is equal to MaxAge.",
1902 dump_lsa_key(lsa));
1903 }
1904 DISCARD_LSA(lsa, 3);
1905 }
1906
1907 if (IS_OPAQUE_LSA(lsa->data->type)
1908 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1909 &oi->ospf->router_id)) {
1910 /*
1911 * Even if initial flushing seems to be completed, there
1912 * might
1913 * be a case that self-originated LSA with MaxAge still
1914 * remain
1915 * in the routing domain.
1916 * Just send an LSAck message to cease retransmission.
1917 */
1918 if (IS_LSA_MAXAGE(lsa)) {
1919 zlog_warn("LSA[%s]: Boomerang effect?",
1920 dump_lsa_key(lsa));
1921 ospf_ls_ack_send(nbr, lsa);
1922 ospf_lsa_discard(lsa);
1923
1924 if (current != NULL && !IS_LSA_MAXAGE(current))
1925 ospf_opaque_lsa_refresh_schedule(
1926 current);
1927 continue;
1928 }
1929
1930 /*
1931 * If an instance of self-originated Opaque-LSA is not
1932 * found
1933 * in the LSDB, there are some possible cases here.
1934 *
1935 * 1) This node lost opaque-capability after restart.
1936 * 2) Else, a part of opaque-type is no more supported.
1937 * 3) Else, a part of opaque-id is no more supported.
1938 *
1939 * Anyway, it is still this node's responsibility to
1940 * flush it.
1941 * Otherwise, the LSA instance remains in the routing
1942 * domain
1943 * until its age reaches to MaxAge.
1944 */
1945 /* XXX: We should deal with this for *ALL* LSAs, not
1946 * just opaque */
1947 if (current == NULL) {
1948 if (IS_DEBUG_OSPF_EVENT)
1949 zlog_debug(
1950 "LSA[%s]: Previously originated Opaque-LSA,"
1951 "not found in the LSDB.",
1952 dump_lsa_key(lsa));
1953
1954 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
1955
1956 ospf_opaque_self_originated_lsa_received(nbr,
1957 lsa);
1958 ospf_ls_ack_send(nbr, lsa);
1959
1960 continue;
1961 }
1962 }
1963
1964 /* It might be happen that received LSA is self-originated
1965 * network LSA, but
1966 * router ID is changed. So, we should check if LSA is a
1967 * network-LSA whose
1968 * Link State ID is one of the router's own IP interface
1969 * addresses but whose
1970 * Advertising Router is not equal to the router's own Router ID
1971 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
1972 * flushed.
1973 */
1974
1975 if (lsa->data->type == OSPF_NETWORK_LSA) {
1976 struct listnode *oinode, *oinnode;
1977 struct ospf_interface *out_if;
1978 int Flag = 0;
1979
1980 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
1981 oinnode, out_if)) {
1982 if (out_if == NULL)
1983 break;
1984
1985 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
1986 &lsa->data->id))
1987 && (!(IPV4_ADDR_SAME(
1988 &oi->ospf->router_id,
1989 &lsa->data->adv_router)))) {
1990 if (out_if->network_lsa_self) {
1991 ospf_lsa_flush_area(
1992 lsa, out_if->area);
1993 if (IS_DEBUG_OSPF_EVENT)
1994 zlog_debug(
1995 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
1996 (void *)lsa,
1997 (int)lsa->data
1998 ->type);
1999 ospf_lsa_discard(lsa);
2000 Flag = 1;
2001 }
2002 break;
2003 }
2004 }
2005 if (Flag)
2006 continue;
2007 }
2008
2009 /* (5) Find the instance of this LSA that is currently contained
2010 in the router's link state database. If there is no
2011 database copy, or the received LSA is more recent than
2012 the database copy the following steps must be performed.
2013 (The sub steps from RFC 2328 section 13 step (5) will be
2014 performed in
2015 ospf_flood() ) */
2016
2017 if (current == NULL
2018 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2019 /* Actual flooding procedure. */
2020 if (ospf_flood(oi->ospf, nbr, current, lsa)
2021 < 0) /* Trap NSSA later. */
2022 DISCARD_LSA(lsa, 4);
2023 continue;
2024 }
2025
2026 /* (6) Else, If there is an instance of the LSA on the sending
2027 neighbor's Link state request list, an error has occurred in
2028 the Database Exchange process. In this case, restart the
2029 Database Exchange process by generating the neighbor event
2030 BadLSReq for the sending neighbor and stop processing the
2031 Link State Update packet. */
2032
2033 if (ospf_ls_request_lookup(nbr, lsa)) {
2034 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2035 zlog_warn(
2036 "LSA[%s] instance exists on Link state request list",
2037 dump_lsa_key(lsa));
2038
2039 /* Clean list of LSAs. */
2040 ospf_upd_list_clean(lsas);
2041 /* this lsa is not on lsas list already. */
2042 ospf_lsa_discard(lsa);
2043 return;
2044 }
2045
2046 /* If the received LSA is the same instance as the database copy
2047 (i.e., neither one is more recent) the following two steps
2048 should be performed: */
2049
2050 if (ret == 0) {
2051 /* If the LSA is listed in the Link state retransmission
2052 list
2053 for the receiving adjacency, the router itself is
2054 expecting
2055 an acknowledgment for this LSA. The router should
2056 treat the
2057 received LSA as an acknowledgment by removing the LSA
2058 from
2059 the Link state retransmission list. This is termed
2060 an
2061 "implied acknowledgment". */
2062
2063 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2064
2065 if (ls_ret != NULL) {
2066 ospf_ls_retransmit_delete(nbr, ls_ret);
2067
2068 /* Delayed acknowledgment sent if advertisement
2069 received
2070 from Designated Router, otherwise do nothing.
2071 */
2072 if (oi->state == ISM_Backup)
2073 if (NBR_IS_DR(nbr))
2074 listnode_add(
2075 oi->ls_ack,
2076 ospf_lsa_lock(lsa));
2077
2078 DISCARD_LSA(lsa, 5);
2079 } else
2080 /* Acknowledge the receipt of the LSA by sending a
2081 Link State Acknowledgment packet back out the
2082 receiving
2083 interface. */
2084 {
2085 ospf_ls_ack_send(nbr, lsa);
2086 DISCARD_LSA(lsa, 6);
2087 }
2088 }
2089
2090 /* The database copy is more recent. If the database copy
2091 has LS age equal to MaxAge and LS sequence number equal to
2092 MaxSequenceNumber, simply discard the received LSA without
2093 acknowledging it. (In this case, the LSA's LS sequence number
2094 is
2095 wrapping, and the MaxSequenceNumber LSA must be completely
2096 flushed before any new LSA instance can be introduced). */
2097
2098 else if (ret > 0) /* Database copy is more recent */
2099 {
2100 if (IS_LSA_MAXAGE(current)
2101 && current->data->ls_seqnum
2102 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2103 DISCARD_LSA(lsa, 7);
2104 }
2105 /* Otherwise, as long as the database copy has not been
2106 sent in a
2107 Link State Update within the last MinLSArrival
2108 seconds, send the
2109 database copy back to the sending neighbor,
2110 encapsulated within
2111 a Link State Update Packet. The Link State Update
2112 Packet should
2113 be sent directly to the neighbor. In so doing, do not
2114 put the
2115 database copy of the LSA on the neighbor's link state
2116 retransmission list, and do not acknowledge the
2117 received (less
2118 recent) LSA instance. */
2119 else {
2120 if (monotime_since(&current->tv_orig, NULL)
2121 >= ospf->min_ls_arrival * 1000LL)
2122 /* Trap NSSA type later.*/
2123 ospf_ls_upd_send_lsa(
2124 nbr, current,
2125 OSPF_SEND_PACKET_DIRECT);
2126 DISCARD_LSA(lsa, 8);
2127 }
2128 }
2129 }
2130 #undef DISCARD_LSA
2131
2132 assert(listcount(lsas) == 0);
2133 list_delete(lsas);
2134 }
2135
2136 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2137 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2138 struct stream *s, struct ospf_interface *oi,
2139 u_int16_t size)
2140 {
2141 struct ospf_neighbor *nbr;
2142
2143 /* increment statistics. */
2144 oi->ls_ack_in++;
2145
2146 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2147 if (nbr == NULL) {
2148 zlog_warn("Link State Acknowledgment: Unknown Neighbor %s.",
2149 inet_ntoa(ospfh->router_id));
2150 return;
2151 }
2152
2153 /* Add event to thread. */
2154 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2155
2156 if (nbr->state < NSM_Exchange) {
2157 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2158 zlog_debug(
2159 "Link State Acknowledgment: "
2160 "Neighbor[%s] state %s is less than Exchange",
2161 inet_ntoa(ospfh->router_id),
2162 lookup_msg(ospf_nsm_state_msg, nbr->state,
2163 NULL));
2164 return;
2165 }
2166
2167 while (size >= OSPF_LSA_HEADER_SIZE) {
2168 struct ospf_lsa *lsa, *lsr;
2169
2170 lsa = ospf_lsa_new();
2171 lsa->data = (struct lsa_header *)STREAM_PNT(s);
2172
2173 /* lsah = (struct lsa_header *) STREAM_PNT (s); */
2174 size -= OSPF_LSA_HEADER_SIZE;
2175 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2176
2177 if (lsa->data->type < OSPF_MIN_LSA
2178 || lsa->data->type >= OSPF_MAX_LSA) {
2179 lsa->data = NULL;
2180 ospf_lsa_discard(lsa);
2181 continue;
2182 }
2183
2184 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2185
2186 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2187 ospf_ls_retransmit_delete(nbr, lsr);
2188
2189 lsa->data = NULL;
2190 ospf_lsa_discard(lsa);
2191 }
2192
2193 return;
2194 }
2195
2196 static struct stream *ospf_recv_packet(int fd, struct interface **ifp,
2197 struct stream *ibuf)
2198 {
2199 int ret;
2200 struct ip *iph;
2201 u_int16_t ip_len;
2202 ifindex_t ifindex = 0;
2203 struct iovec iov;
2204 /* Header and data both require alignment. */
2205 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2206 struct msghdr msgh;
2207
2208 memset(&msgh, 0, sizeof(struct msghdr));
2209 msgh.msg_iov = &iov;
2210 msgh.msg_iovlen = 1;
2211 msgh.msg_control = (caddr_t)buff;
2212 msgh.msg_controllen = sizeof(buff);
2213
2214 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2215 if (ret < 0) {
2216 zlog_warn("stream_recvmsg failed: %s", safe_strerror(errno));
2217 return NULL;
2218 }
2219 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2220 {
2221 zlog_warn(
2222 "ospf_recv_packet: discarding runt packet of length %d "
2223 "(ip header size is %u)",
2224 ret, (u_int)sizeof(iph));
2225 return NULL;
2226 }
2227
2228 /* Note that there should not be alignment problems with this assignment
2229 because this is at the beginning of the stream data buffer. */
2230 iph = (struct ip *)STREAM_DATA(ibuf);
2231 sockopt_iphdrincl_swab_systoh(iph);
2232
2233 ip_len = iph->ip_len;
2234
2235 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2236 /*
2237 * Kernel network code touches incoming IP header parameters,
2238 * before protocol specific processing.
2239 *
2240 * 1) Convert byteorder to host representation.
2241 * --> ip_len, ip_id, ip_off
2242 *
2243 * 2) Adjust ip_len to strip IP header size!
2244 * --> If user process receives entire IP packet via RAW
2245 * socket, it must consider adding IP header size to
2246 * the "ip_len" field of "ip" structure.
2247 *
2248 * For more details, see <netinet/ip_input.c>.
2249 */
2250 ip_len = ip_len + (iph->ip_hl << 2);
2251 #endif
2252
2253 #if defined(__DragonFly__)
2254 /*
2255 * in DragonFly's raw socket, ip_len/ip_off are read
2256 * in network byte order.
2257 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2258 */
2259 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2260 #endif
2261
2262 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2263
2264 *ifp = if_lookup_by_index(ifindex, VRF_DEFAULT);
2265
2266 if (ret != ip_len) {
2267 zlog_warn(
2268 "ospf_recv_packet read length mismatch: ip_len is %d, "
2269 "but recvmsg returned %d",
2270 ip_len, ret);
2271 return NULL;
2272 }
2273
2274 return ibuf;
2275 }
2276
2277 static struct ospf_interface *
2278 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2279 struct ip *iph, struct ospf_header *ospfh)
2280 {
2281 struct ospf_interface *rcv_oi;
2282 struct ospf_vl_data *vl_data;
2283 struct ospf_area *vl_area;
2284 struct listnode *node;
2285
2286 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2287 || !OSPF_IS_AREA_BACKBONE(ospfh))
2288 return NULL;
2289
2290 /* look for local OSPF interface matching the destination
2291 * to determine Area ID. We presume therefore the destination address
2292 * is unique, or at least (for "unnumbered" links), not used in other
2293 * areas
2294 */
2295 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2296 == NULL)
2297 return NULL;
2298
2299 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2300 vl_area =
2301 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2302 if (!vl_area)
2303 continue;
2304
2305 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2306 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2307 if (IS_DEBUG_OSPF_EVENT)
2308 zlog_debug("associating packet with %s",
2309 IF_NAME(vl_data->vl_oi));
2310 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2311 if (IS_DEBUG_OSPF_EVENT)
2312 zlog_debug(
2313 "This VL is not up yet, sorry");
2314 return NULL;
2315 }
2316
2317 return vl_data->vl_oi;
2318 }
2319 }
2320
2321 if (IS_DEBUG_OSPF_EVENT)
2322 zlog_debug("couldn't find any VL to associate the packet with");
2323
2324 return NULL;
2325 }
2326
2327 static int ospf_check_area_id(struct ospf_interface *oi,
2328 struct ospf_header *ospfh)
2329 {
2330 /* Check match the Area ID of the receiving interface. */
2331 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2332 return 1;
2333
2334 return 0;
2335 }
2336
2337 /* Unbound socket will accept any Raw IP packets if proto is matched.
2338 To prevent it, compare src IP address and i/f address with masking
2339 i/f network mask. */
2340 static int ospf_check_network_mask(struct ospf_interface *oi,
2341 struct in_addr ip_src)
2342 {
2343 struct in_addr mask, me, him;
2344
2345 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2346 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2347 return 1;
2348
2349 masklen2ip(oi->address->prefixlen, &mask);
2350
2351 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2352 him.s_addr = ip_src.s_addr & mask.s_addr;
2353
2354 if (IPV4_ADDR_SAME(&me, &him))
2355 return 1;
2356
2357 return 0;
2358 }
2359
2360 /* Return 1, if the packet is properly authenticated and checksummed,
2361 0 otherwise. In particular, check that AuType header field is valid and
2362 matches the locally configured AuType, and that D.5 requirements are met. */
2363 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2364 {
2365 struct crypt_key *ck;
2366 u_int16_t iface_auth_type;
2367 u_int16_t pkt_auth_type = ntohs(ospfh->auth_type);
2368
2369 switch (pkt_auth_type) {
2370 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2371 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2372 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2373 zlog_warn(
2374 "interface %s: auth-type mismatch, local %s, rcvd Null",
2375 IF_NAME(oi),
2376 lookup_msg(ospf_auth_type_str,
2377 iface_auth_type, NULL));
2378 return 0;
2379 }
2380 if (!ospf_check_sum(ospfh)) {
2381 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2382 zlog_warn(
2383 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2384 IF_NAME(oi),
2385 inet_ntoa(ospfh->router_id));
2386 return 0;
2387 }
2388 return 1;
2389 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2390 if (OSPF_AUTH_SIMPLE
2391 != (iface_auth_type = ospf_auth_type(oi))) {
2392 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2393 zlog_warn(
2394 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2395 IF_NAME(oi),
2396 lookup_msg(ospf_auth_type_str,
2397 iface_auth_type, NULL));
2398 return 0;
2399 }
2400 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2401 OSPF_AUTH_SIMPLE_SIZE)) {
2402 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2403 zlog_warn("interface %s: Simple auth failed",
2404 IF_NAME(oi));
2405 return 0;
2406 }
2407 if (!ospf_check_sum(ospfh)) {
2408 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2409 zlog_warn(
2410 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2411 IF_NAME(oi),
2412 inet_ntoa(ospfh->router_id));
2413 return 0;
2414 }
2415 return 1;
2416 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2417 if (OSPF_AUTH_CRYPTOGRAPHIC
2418 != (iface_auth_type = ospf_auth_type(oi))) {
2419 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2420 zlog_warn(
2421 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2422 IF_NAME(oi),
2423 lookup_msg(ospf_auth_type_str,
2424 iface_auth_type, NULL));
2425 return 0;
2426 }
2427 if (ospfh->checksum) {
2428 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2429 zlog_warn(
2430 "interface %s: OSPF header checksum is not 0",
2431 IF_NAME(oi));
2432 return 0;
2433 }
2434 /* only MD5 crypto method can pass ospf_packet_examin() */
2435 if (
2436 NULL == (ck = listgetdata(listtail(
2437 OSPF_IF_PARAM(oi, auth_crypt))))
2438 || ospfh->u.crypt.key_id != ck->key_id ||
2439 /* Condition above uses the last key ID on the list,
2440 which is
2441 different from what ospf_crypt_key_lookup() does. A
2442 bug? */
2443 !ospf_check_md5_digest(oi, ospfh)) {
2444 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2445 zlog_warn("interface %s: MD5 auth failed",
2446 IF_NAME(oi));
2447 return 0;
2448 }
2449 return 1;
2450 default:
2451 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2452 zlog_warn(
2453 "interface %s: invalid packet auth-type (%02x)",
2454 IF_NAME(oi), pkt_auth_type);
2455 return 0;
2456 }
2457 }
2458
2459 static int ospf_check_sum(struct ospf_header *ospfh)
2460 {
2461 u_int32_t ret;
2462 u_int16_t sum;
2463
2464 /* clear auth_data for checksum. */
2465 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2466
2467 /* keep checksum and clear. */
2468 sum = ospfh->checksum;
2469 memset(&ospfh->checksum, 0, sizeof(u_int16_t));
2470
2471 /* calculate checksum. */
2472 ret = in_cksum(ospfh, ntohs(ospfh->length));
2473
2474 if (ret != sum) {
2475 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2476 ret, sum);
2477 return 0;
2478 }
2479
2480 return 1;
2481 }
2482
2483 /* Verify, that given link/TOS records are properly sized/aligned and match
2484 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2485 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2486 u_int16_t linkbytes,
2487 const u_int16_t num_links)
2488 {
2489 unsigned counted_links = 0, thislinklen;
2490
2491 while (linkbytes) {
2492 thislinklen =
2493 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2494 if (thislinklen > linkbytes) {
2495 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2496 zlog_debug("%s: length error in link block #%u",
2497 __func__, counted_links);
2498 return MSG_NG;
2499 }
2500 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2501 linkbytes -= thislinklen;
2502 counted_links++;
2503 }
2504 if (counted_links != num_links) {
2505 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2506 zlog_debug("%s: %u link blocks declared, %u present",
2507 __func__, num_links, counted_links);
2508 return MSG_NG;
2509 }
2510 return MSG_OK;
2511 }
2512
2513 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2514 minimum length constraint). */
2515 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const u_int16_t lsalen,
2516 const u_char headeronly)
2517 {
2518 unsigned ret;
2519 struct router_lsa *rlsa;
2520 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2521 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2522 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2523 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2524 lookup_msg(ospf_lsa_type_msg, lsah->type,
2525 NULL));
2526 return MSG_NG;
2527 }
2528 switch (lsah->type) {
2529 case OSPF_ROUTER_LSA:
2530 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2531 * (12+)-byte link blocks */
2532 if (headeronly) {
2533 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2534 - OSPF_ROUTER_LSA_MIN_SIZE)
2535 % 4
2536 ? MSG_NG
2537 : MSG_OK;
2538 break;
2539 }
2540 rlsa = (struct router_lsa *)lsah;
2541 ret = ospf_router_lsa_links_examin(
2542 (struct router_lsa_link *)rlsa->link,
2543 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2544 header, "flags",
2545 0, "# links" */
2546 ntohs(rlsa->links) /* 16 bits */
2547 );
2548 break;
2549 case OSPF_AS_EXTERNAL_LSA:
2550 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2551 * blocks */
2552 case OSPF_AS_NSSA_LSA:
2553 /* RFC3101 C, idem */
2554 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2555 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2556 % 12
2557 ? MSG_NG
2558 : MSG_OK;
2559 break;
2560 /* Following LSA types are considered OK length-wise as soon as their
2561 * minimum
2562 * length constraint is met and length of the whole LSA is a multiple of
2563 * 4
2564 * (basic LSA header size is already a multiple of 4). */
2565 case OSPF_NETWORK_LSA:
2566 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2567 case OSPF_SUMMARY_LSA:
2568 case OSPF_ASBR_SUMMARY_LSA:
2569 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2570 * blocks */
2571 case OSPF_OPAQUE_LINK_LSA:
2572 case OSPF_OPAQUE_AREA_LSA:
2573 case OSPF_OPAQUE_AS_LSA:
2574 /* RFC5250 A.2, "some number of octets (of application-specific
2575 * data) padded to 32-bit alignment." This is considered
2576 * equivalent
2577 * to 4-byte alignment of all other LSA types, see
2578 * OSPF-ALIGNMENT.txt
2579 * file for the detailed analysis of this passage. */
2580 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2581 break;
2582 default:
2583 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2584 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2585 lsah->type);
2586 return MSG_NG;
2587 }
2588 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2589 zlog_debug("%s: alignment error in %s", __func__,
2590 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2591 return ret;
2592 }
2593
2594 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2595 includes verification of LSA blocks length/alignment and dispatching
2596 of deeper-level checks. */
2597 static unsigned
2598 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2599 size_t length, const u_char headeronly,
2600 /* When declared_num_lsas is not 0, compare it to the real
2601 number of LSAs
2602 and treat the difference as an error. */
2603 const u_int32_t declared_num_lsas)
2604 {
2605 u_int32_t counted_lsas = 0;
2606
2607 while (length) {
2608 u_int16_t lsalen;
2609 if (length < OSPF_LSA_HEADER_SIZE) {
2610 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2611 zlog_debug(
2612 "%s: undersized (%zu B) trailing (#%u) LSA header",
2613 __func__, length, counted_lsas);
2614 return MSG_NG;
2615 }
2616 /* save on ntohs() calls here and in the LSA validator */
2617 lsalen = ntohs(lsah->length);
2618 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2619 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2620 zlog_debug(
2621 "%s: malformed LSA header #%u, declared length is %u B",
2622 __func__, counted_lsas, lsalen);
2623 return MSG_NG;
2624 }
2625 if (headeronly) {
2626 /* less checks here and in ospf_lsa_examin() */
2627 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2628 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2629 zlog_debug(
2630 "%s: malformed header-only LSA #%u",
2631 __func__, counted_lsas);
2632 return MSG_NG;
2633 }
2634 lsah = (struct lsa_header *)((caddr_t)lsah
2635 + OSPF_LSA_HEADER_SIZE);
2636 length -= OSPF_LSA_HEADER_SIZE;
2637 } else {
2638 /* make sure the input buffer is deep enough before
2639 * further checks */
2640 if (lsalen > length) {
2641 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2642 zlog_debug(
2643 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2644 __func__, counted_lsas, lsalen,
2645 length);
2646 return MSG_NG;
2647 }
2648 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2649 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2650 zlog_debug("%s: malformed LSA #%u",
2651 __func__, counted_lsas);
2652 return MSG_NG;
2653 }
2654 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2655 length -= lsalen;
2656 }
2657 counted_lsas++;
2658 }
2659
2660 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2661 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2662 zlog_debug(
2663 "%s: #LSAs declared (%u) does not match actual (%u)",
2664 __func__, declared_num_lsas, counted_lsas);
2665 return MSG_NG;
2666 }
2667 return MSG_OK;
2668 }
2669
2670 /* Verify a complete OSPF packet for proper sizing/alignment. */
2671 static unsigned ospf_packet_examin(struct ospf_header *oh,
2672 const unsigned bytesonwire)
2673 {
2674 u_int16_t bytesdeclared, bytesauth;
2675 unsigned ret;
2676 struct ospf_ls_update *lsupd;
2677
2678 /* Length, 1st approximation. */
2679 if (bytesonwire < OSPF_HEADER_SIZE) {
2680 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2681 zlog_debug("%s: undersized (%u B) packet", __func__,
2682 bytesonwire);
2683 return MSG_NG;
2684 }
2685 /* Now it is safe to access header fields. Performing length check,
2686 * allow
2687 * for possible extra bytes of crypto auth/padding, which are not
2688 * counted
2689 * in the OSPF header "length" field. */
2690 if (oh->version != OSPF_VERSION) {
2691 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2692 zlog_debug("%s: invalid (%u) protocol version",
2693 __func__, oh->version);
2694 return MSG_NG;
2695 }
2696 bytesdeclared = ntohs(oh->length);
2697 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2698 bytesauth = 0;
2699 else {
2700 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2701 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2702 zlog_debug(
2703 "%s: unsupported crypto auth length (%u B)",
2704 __func__, oh->u.crypt.auth_data_len);
2705 return MSG_NG;
2706 }
2707 bytesauth = OSPF_AUTH_MD5_SIZE;
2708 }
2709 if (bytesdeclared + bytesauth > bytesonwire) {
2710 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2711 zlog_debug(
2712 "%s: packet length error (%u real, %u+%u declared)",
2713 __func__, bytesonwire, bytesdeclared,
2714 bytesauth);
2715 return MSG_NG;
2716 }
2717 /* Length, 2nd approximation. The type-specific constraint is checked
2718 against declared length, not amount of bytes on wire. */
2719 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2720 && bytesdeclared
2721 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2722 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2723 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2724 bytesdeclared,
2725 lookup_msg(ospf_packet_type_str, oh->type,
2726 NULL));
2727 return MSG_NG;
2728 }
2729 switch (oh->type) {
2730 case OSPF_MSG_HELLO:
2731 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2732 followed
2733 by N>=0 router-IDs. */
2734 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2735 % 4
2736 ? MSG_NG
2737 : MSG_OK;
2738 break;
2739 case OSPF_MSG_DB_DESC:
2740 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2741 followed
2742 by N>=0 header-only LSAs. */
2743 ret = ospf_lsaseq_examin(
2744 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2745 + OSPF_DB_DESC_MIN_SIZE),
2746 bytesdeclared - OSPF_HEADER_SIZE
2747 - OSPF_DB_DESC_MIN_SIZE,
2748 1, /* header-only LSAs */
2749 0);
2750 break;
2751 case OSPF_MSG_LS_REQ:
2752 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2753 * request blocks. */
2754 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2755 % OSPF_LSA_KEY_SIZE
2756 ? MSG_NG
2757 : MSG_OK;
2758 break;
2759 case OSPF_MSG_LS_UPD:
2760 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2761 followed
2762 by N>=0 full LSAs (with N declared beforehand). */
2763 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2764 + OSPF_HEADER_SIZE);
2765 ret = ospf_lsaseq_examin(
2766 (struct lsa_header *)((caddr_t)lsupd
2767 + OSPF_LS_UPD_MIN_SIZE),
2768 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2769 0, /* full LSAs */
2770 ntohl(lsupd->num_lsas) /* 32 bits */
2771 );
2772 break;
2773 case OSPF_MSG_LS_ACK:
2774 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2775 * LSAs. */
2776 ret = ospf_lsaseq_examin(
2777 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2778 + OSPF_LS_ACK_MIN_SIZE),
2779 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2780 1, /* header-only LSAs */
2781 0);
2782 break;
2783 default:
2784 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2785 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2786 oh->type);
2787 return MSG_NG;
2788 }
2789 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2790 zlog_debug("%s: malformed %s packet", __func__,
2791 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2792 return ret;
2793 }
2794
2795 /* OSPF Header verification. */
2796 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2797 struct ip *iph, struct ospf_header *ospfh)
2798 {
2799 /* Check Area ID. */
2800 if (!ospf_check_area_id(oi, ospfh)) {
2801 zlog_warn("interface %s: ospf_read invalid Area ID %s.",
2802 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2803 return -1;
2804 }
2805
2806 /* Check network mask, Silently discarded. */
2807 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2808 zlog_warn(
2809 "interface %s: ospf_read network address is not same [%s]",
2810 IF_NAME(oi), inet_ntoa(iph->ip_src));
2811 return -1;
2812 }
2813
2814 /* Check authentication. The function handles logging actions, where
2815 * required. */
2816 if (!ospf_check_auth(oi, ospfh))
2817 return -1;
2818
2819 return 0;
2820 }
2821
2822 /* Starting point of packet process function. */
2823 int ospf_read(struct thread *thread)
2824 {
2825 int ret;
2826 struct stream *ibuf;
2827 struct ospf *ospf;
2828 struct ospf_interface *oi;
2829 struct ip *iph;
2830 struct ospf_header *ospfh;
2831 u_int16_t length;
2832 struct interface *ifp;
2833 struct connected *c;
2834
2835 /* first of all get interface pointer. */
2836 ospf = THREAD_ARG(thread);
2837
2838 /* prepare for next packet. */
2839 ospf->t_read = thread_add_read(master, ospf_read, ospf, ospf->fd);
2840
2841 stream_reset(ospf->ibuf);
2842 if (!(ibuf = ospf_recv_packet(ospf->fd, &ifp, ospf->ibuf)))
2843 return -1;
2844 /* This raw packet is known to be at least as big as its IP header. */
2845
2846 /* Note that there should not be alignment problems with this assignment
2847 because this is at the beginning of the stream data buffer. */
2848 iph = (struct ip *)STREAM_DATA(ibuf);
2849 /* Note that sockopt_iphdrincl_swab_systoh was called in
2850 * ospf_recv_packet. */
2851
2852 if (ifp == NULL) {
2853 /* Handle cases where the platform does not support retrieving
2854 the ifindex,
2855 and also platforms (such as Solaris 8) that claim to support
2856 ifindex
2857 retrieval but do not. */
2858 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2859 VRF_DEFAULT);
2860 if (c)
2861 ifp = c->ifp;
2862 if (ifp == NULL)
2863 return 0;
2864 }
2865
2866 /* IP Header dump. */
2867 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2868 ospf_ip_header_dump(iph);
2869
2870 /* Self-originated packet should be discarded silently. */
2871 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2872 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2873 zlog_debug(
2874 "ospf_read[%s]: Dropping self-originated packet",
2875 inet_ntoa(iph->ip_src));
2876 }
2877 return 0;
2878 }
2879
2880 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2881 by ospf_recv_packet() to be correct). */
2882 stream_forward_getp(ibuf, iph->ip_hl * 4);
2883
2884 ospfh = (struct ospf_header *)STREAM_PNT(ibuf);
2885 if (MSG_OK
2886 != ospf_packet_examin(
2887 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2888 return -1;
2889 /* Now it is safe to access all fields of OSPF packet header. */
2890
2891 /* associate packet with ospf interface */
2892 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2893
2894 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2895 only
2896 after the passive/backbone/other checks below are passed. These
2897 checks
2898 in turn access the fields of unverified "ospfh" structure for their
2899 own
2900 purposes and must remain very accurate in doing this. */
2901
2902 /* If incoming interface is passive one, ignore it. */
2903 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
2904 char buf[3][INET_ADDRSTRLEN];
2905
2906 if (IS_DEBUG_OSPF_EVENT)
2907 zlog_debug(
2908 "ignoring packet from router %s sent to %s, "
2909 "received on a passive interface, %s",
2910 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
2911 sizeof(buf[0])),
2912 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2913 sizeof(buf[1])),
2914 inet_ntop(AF_INET, &oi->address->u.prefix4,
2915 buf[2], sizeof(buf[2])));
2916
2917 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
2918 /* Try to fix multicast membership.
2919 * Some OS:es may have problems in this area,
2920 * make sure it is removed.
2921 */
2922 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2923 ospf_if_set_multicast(oi);
2924 }
2925 return 0;
2926 }
2927
2928
2929 /* if no local ospf_interface,
2930 * or header area is backbone but ospf_interface is not
2931 * check for VLINK interface
2932 */
2933 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
2934 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
2935 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
2936 == NULL) {
2937 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
2938 zlog_debug(
2939 "Packet from [%s] received on link %s"
2940 " but no ospf_interface",
2941 inet_ntoa(iph->ip_src), ifp->name);
2942 return 0;
2943 }
2944 }
2945
2946 /* else it must be a local ospf interface, check it was received on
2947 * correct link
2948 */
2949 else if (oi->ifp != ifp) {
2950 if (IS_DEBUG_OSPF_EVENT)
2951 zlog_warn("Packet from [%s] received on wrong link %s",
2952 inet_ntoa(iph->ip_src), ifp->name);
2953 return 0;
2954 } else if (oi->state == ISM_Down) {
2955 char buf[2][INET_ADDRSTRLEN];
2956 zlog_warn(
2957 "Ignoring packet from %s to %s received on interface that is "
2958 "down [%s]; interface flags are %s",
2959 inet_ntop(AF_INET, &iph->ip_src, buf[0],
2960 sizeof(buf[0])),
2961 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2962 sizeof(buf[1])),
2963 ifp->name, if_flag_dump(ifp->flags));
2964 /* Fix multicast memberships? */
2965 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
2966 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2967 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
2968 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
2969 if (oi->multicast_memberships)
2970 ospf_if_set_multicast(oi);
2971 return 0;
2972 }
2973
2974 /*
2975 * If the received packet is destined for AllDRouters, the packet
2976 * should be accepted only if the received ospf interface state is
2977 * either DR or Backup -- endo.
2978 */
2979 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
2980 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
2981 zlog_warn(
2982 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
2983 inet_ntoa(iph->ip_src), IF_NAME(oi),
2984 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
2985 /* Try to fix multicast membership. */
2986 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
2987 ospf_if_set_multicast(oi);
2988 return 0;
2989 }
2990
2991 /* Verify more OSPF header fields. */
2992 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
2993 if (ret < 0) {
2994 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2995 zlog_debug(
2996 "ospf_read[%s]: Header check failed, "
2997 "dropping.",
2998 inet_ntoa(iph->ip_src));
2999 return ret;
3000 }
3001
3002 /* Show debug receiving packet. */
3003 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3004 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3005 zlog_debug(
3006 "-----------------------------------------------------");
3007 ospf_packet_dump(ibuf);
3008 }
3009
3010 zlog_debug("%s received from [%s] via [%s]",
3011 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3012 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3013 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3014 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3015
3016 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3017 zlog_debug(
3018 "-----------------------------------------------------");
3019 }
3020
3021 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3022
3023 /* Adjust size to message length. */
3024 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3025
3026 /* Read rest of the packet and call each sort of packet routine. */
3027 switch (ospfh->type) {
3028 case OSPF_MSG_HELLO:
3029 ospf_hello(iph, ospfh, ibuf, oi, length);
3030 break;
3031 case OSPF_MSG_DB_DESC:
3032 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3033 break;
3034 case OSPF_MSG_LS_REQ:
3035 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3036 break;
3037 case OSPF_MSG_LS_UPD:
3038 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3039 break;
3040 case OSPF_MSG_LS_ACK:
3041 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3042 break;
3043 default:
3044 zlog_warn("interface %s: OSPF packet header type %d is illegal",
3045 IF_NAME(oi), ospfh->type);
3046 break;
3047 }
3048
3049 return 0;
3050 }
3051
3052 /* Make OSPF header. */
3053 static void ospf_make_header(int type, struct ospf_interface *oi,
3054 struct stream *s)
3055 {
3056 struct ospf_header *ospfh;
3057
3058 ospfh = (struct ospf_header *)STREAM_DATA(s);
3059
3060 ospfh->version = (u_char)OSPF_VERSION;
3061 ospfh->type = (u_char)type;
3062
3063 ospfh->router_id = oi->ospf->router_id;
3064
3065 ospfh->checksum = 0;
3066 ospfh->area_id = oi->area->area_id;
3067 ospfh->auth_type = htons(ospf_auth_type(oi));
3068
3069 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3070
3071 stream_forward_endp(s, OSPF_HEADER_SIZE);
3072 }
3073
3074 /* Make Authentication Data. */
3075 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3076 {
3077 struct crypt_key *ck;
3078
3079 switch (ospf_auth_type(oi)) {
3080 case OSPF_AUTH_NULL:
3081 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3082 */
3083 break;
3084 case OSPF_AUTH_SIMPLE:
3085 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3086 OSPF_AUTH_SIMPLE_SIZE);
3087 break;
3088 case OSPF_AUTH_CRYPTOGRAPHIC:
3089 /* If key is not set, then set 0. */
3090 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3091 ospfh->u.crypt.zero = 0;
3092 ospfh->u.crypt.key_id = 0;
3093 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3094 } else {
3095 ck = listgetdata(
3096 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3097 ospfh->u.crypt.zero = 0;
3098 ospfh->u.crypt.key_id = ck->key_id;
3099 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3100 }
3101 /* note: the seq is done in ospf_make_md5_digest() */
3102 break;
3103 default:
3104 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3105 */
3106 break;
3107 }
3108
3109 return 0;
3110 }
3111
3112 /* Fill rest of OSPF header. */
3113 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3114 u_int16_t length)
3115 {
3116 struct ospf_header *ospfh;
3117
3118 ospfh = (struct ospf_header *)STREAM_DATA(s);
3119
3120 /* Fill length. */
3121 ospfh->length = htons(length);
3122
3123 /* Calculate checksum. */
3124 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3125 ospfh->checksum = in_cksum(ospfh, length);
3126 else
3127 ospfh->checksum = 0;
3128
3129 /* Add Authentication Data. */
3130 ospf_make_auth(oi, ospfh);
3131 }
3132
3133 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3134 {
3135 struct ospf_neighbor *nbr;
3136 struct route_node *rn;
3137 u_int16_t length = OSPF_HELLO_MIN_SIZE;
3138 struct in_addr mask;
3139 unsigned long p;
3140 int flag = 0;
3141
3142 /* Set netmask of interface. */
3143 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3144 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3145 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3146 masklen2ip(oi->address->prefixlen, &mask);
3147 else
3148 memset((char *)&mask, 0, sizeof(struct in_addr));
3149 stream_put_ipv4(s, mask.s_addr);
3150
3151 /* Set Hello Interval. */
3152 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3153 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3154 else
3155 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3156
3157 if (IS_DEBUG_OSPF_EVENT)
3158 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3159 IF_NAME(oi));
3160
3161 /* Set Options. */
3162 stream_putc(s, OPTIONS(oi));
3163
3164 /* Set Router Priority. */
3165 stream_putc(s, PRIORITY(oi));
3166
3167 /* Set Router Dead Interval. */
3168 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3169
3170 /* Set Designated Router. */
3171 stream_put_ipv4(s, DR(oi).s_addr);
3172
3173 p = stream_get_endp(s);
3174
3175 /* Set Backup Designated Router. */
3176 stream_put_ipv4(s, BDR(oi).s_addr);
3177
3178 /* Add neighbor seen. */
3179 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3180 if ((nbr = rn->info))
3181 if (nbr->router_id.s_addr
3182 != 0) /* Ignore 0.0.0.0 node. */
3183 if (nbr->state
3184 != NSM_Attempt) /* Ignore Down neighbor. */
3185 if (nbr->state
3186 != NSM_Down) /* This is myself for
3187 DR election. */
3188 if (!IPV4_ADDR_SAME(
3189 &nbr->router_id,
3190 &oi->ospf->router_id)) {
3191 /* Check neighbor is
3192 * sane? */
3193 if (nbr->d_router.s_addr
3194 != 0
3195 && IPV4_ADDR_SAME(
3196 &nbr->d_router,
3197 &oi->address
3198 ->u
3199 .prefix4)
3200 && IPV4_ADDR_SAME(
3201 &nbr->bd_router,
3202 &oi->address
3203 ->u
3204 .prefix4))
3205 flag = 1;
3206
3207 stream_put_ipv4(
3208 s,
3209 nbr->router_id
3210 .s_addr);
3211 length += 4;
3212 }
3213
3214 /* Let neighbor generate BackupSeen. */
3215 if (flag == 1)
3216 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3217
3218 return length;
3219 }
3220
3221 static int ospf_make_db_desc(struct ospf_interface *oi,
3222 struct ospf_neighbor *nbr, struct stream *s)
3223 {
3224 struct ospf_lsa *lsa;
3225 u_int16_t length = OSPF_DB_DESC_MIN_SIZE;
3226 u_char options;
3227 unsigned long pp;
3228 int i;
3229 struct ospf_lsdb *lsdb;
3230
3231 /* Set Interface MTU. */
3232 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3233 stream_putw(s, 0);
3234 else
3235 stream_putw(s, oi->ifp->mtu);
3236
3237 /* Set Options. */
3238 options = OPTIONS(oi);
3239 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3240 SET_FLAG(options, OSPF_OPTION_O);
3241 stream_putc(s, options);
3242
3243 /* DD flags */
3244 pp = stream_get_endp(s);
3245 stream_putc(s, nbr->dd_flags);
3246
3247 /* Set DD Sequence Number. */
3248 stream_putl(s, nbr->dd_seqnum);
3249
3250 /* shortcut unneeded walk of (empty) summary LSDBs */
3251 if (ospf_db_summary_isempty(nbr))
3252 goto empty;
3253
3254 /* Describe LSA Header from Database Summary List. */
3255 lsdb = &nbr->db_sum;
3256
3257 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3258 struct route_table *table = lsdb->type[i].db;
3259 struct route_node *rn;
3260
3261 for (rn = route_top(table); rn; rn = route_next(rn))
3262 if ((lsa = rn->info) != NULL) {
3263 if (IS_OPAQUE_LSA(lsa->data->type)
3264 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3265 /* Suppress advertising
3266 * opaque-informations. */
3267 /* Remove LSA from DB summary list. */
3268 ospf_lsdb_delete(lsdb, lsa);
3269 continue;
3270 }
3271
3272 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3273 struct lsa_header *lsah;
3274 u_int16_t ls_age;
3275
3276 /* DD packet overflows interface MTU. */
3277 if (length + OSPF_LSA_HEADER_SIZE
3278 > ospf_packet_max(oi))
3279 break;
3280
3281 /* Keep pointer to LS age. */
3282 lsah = (struct lsa_header
3283 *)(STREAM_DATA(s)
3284 + stream_get_endp(
3285 s));
3286
3287 /* Proceed stream pointer. */
3288 stream_put(s, lsa->data,
3289 OSPF_LSA_HEADER_SIZE);
3290 length += OSPF_LSA_HEADER_SIZE;
3291
3292 /* Set LS age. */
3293 ls_age = LS_AGE(lsa);
3294 lsah->ls_age = htons(ls_age);
3295 }
3296
3297 /* Remove LSA from DB summary list. */
3298 ospf_lsdb_delete(lsdb, lsa);
3299 }
3300 }
3301
3302 /* Update 'More' bit */
3303 if (ospf_db_summary_isempty(nbr)) {
3304 empty:
3305 if (nbr->state >= NSM_Exchange) {
3306 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3307 /* Rewrite DD flags */
3308 stream_putc_at(s, pp, nbr->dd_flags);
3309 } else {
3310 assert(IS_SET_DD_M(nbr->dd_flags));
3311 }
3312 }
3313 return length;
3314 }
3315
3316 static int ospf_make_ls_req_func(struct stream *s, u_int16_t *length,
3317 unsigned long delta, struct ospf_neighbor *nbr,
3318 struct ospf_lsa *lsa)
3319 {
3320 struct ospf_interface *oi;
3321
3322 oi = nbr->oi;
3323
3324 /* LS Request packet overflows interface MTU. */
3325 if (*length + delta > ospf_packet_max(oi))
3326 return 0;
3327
3328 stream_putl(s, lsa->data->type);
3329 stream_put_ipv4(s, lsa->data->id.s_addr);
3330 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3331
3332 ospf_lsa_unlock(&nbr->ls_req_last);
3333 nbr->ls_req_last = ospf_lsa_lock(lsa);
3334
3335 *length += 12;
3336 return 1;
3337 }
3338
3339 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3340 {
3341 struct ospf_lsa *lsa;
3342 u_int16_t length = OSPF_LS_REQ_MIN_SIZE;
3343 unsigned long delta = stream_get_endp(s) + 12;
3344 struct route_table *table;
3345 struct route_node *rn;
3346 int i;
3347 struct ospf_lsdb *lsdb;
3348
3349 lsdb = &nbr->ls_req;
3350
3351 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3352 table = lsdb->type[i].db;
3353 for (rn = route_top(table); rn; rn = route_next(rn))
3354 if ((lsa = (rn->info)) != NULL)
3355 if (ospf_make_ls_req_func(s, &length, delta,
3356 nbr, lsa)
3357 == 0) {
3358 route_unlock_node(rn);
3359 break;
3360 }
3361 }
3362 return length;
3363 }
3364
3365 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3366 {
3367 int age;
3368
3369 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3370
3371 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3372 }
3373
3374 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3375 struct stream *s)
3376 {
3377 struct ospf_lsa *lsa;
3378 struct listnode *node;
3379 u_int16_t length = 0;
3380 unsigned int size_noauth;
3381 unsigned long delta = stream_get_endp(s);
3382 unsigned long pp;
3383 int count = 0;
3384
3385 if (IS_DEBUG_OSPF_EVENT)
3386 zlog_debug("ospf_make_ls_upd: Start");
3387
3388 pp = stream_get_endp(s);
3389 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3390 length += OSPF_LS_UPD_MIN_SIZE;
3391
3392 /* Calculate amount of packet usable for data. */
3393 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3394
3395 while ((node = listhead(update)) != NULL) {
3396 struct lsa_header *lsah;
3397 u_int16_t ls_age;
3398
3399 if (IS_DEBUG_OSPF_EVENT)
3400 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3401 count);
3402
3403 lsa = listgetdata(node);
3404
3405 assert(lsa->data);
3406
3407 /* Will it fit? */
3408 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3409 break;
3410
3411 /* Keep pointer to LS age. */
3412 lsah = (struct lsa_header *)(STREAM_DATA(s)
3413 + stream_get_endp(s));
3414
3415 /* Put LSA to Link State Request. */
3416 stream_put(s, lsa->data, ntohs(lsa->data->length));
3417
3418 /* Set LS age. */
3419 /* each hop must increment an lsa_age by transmit_delay
3420 of OSPF interface */
3421 ls_age = ls_age_increment(lsa,
3422 OSPF_IF_PARAM(oi, transmit_delay));
3423 lsah->ls_age = htons(ls_age);
3424
3425 length += ntohs(lsa->data->length);
3426 count++;
3427
3428 list_delete_node(update, node);
3429 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3430 }
3431
3432 /* Now set #LSAs. */
3433 stream_putl_at(s, pp, count);
3434
3435 if (IS_DEBUG_OSPF_EVENT)
3436 zlog_debug("ospf_make_ls_upd: Stop");
3437 return length;
3438 }
3439
3440 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3441 struct stream *s)
3442 {
3443 struct listnode *node, *nnode;
3444 u_int16_t length = OSPF_LS_ACK_MIN_SIZE;
3445 unsigned long delta = stream_get_endp(s) + 24;
3446 struct ospf_lsa *lsa;
3447
3448 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3449 assert(lsa);
3450
3451 if (length + delta > ospf_packet_max(oi))
3452 break;
3453
3454 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3455 length += OSPF_LSA_HEADER_SIZE;
3456
3457 listnode_delete(ack, lsa);
3458 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3459 }
3460
3461 return length;
3462 }
3463
3464 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3465 {
3466 struct ospf_packet *op;
3467 u_int16_t length = OSPF_HEADER_SIZE;
3468
3469 op = ospf_packet_new(oi->ifp->mtu);
3470
3471 /* Prepare OSPF common header. */
3472 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3473
3474 /* Prepare OSPF Hello body. */
3475 length += ospf_make_hello(oi, op->s);
3476
3477 /* Fill OSPF header. */
3478 ospf_fill_header(oi, op->s, length);
3479
3480 /* Set packet length. */
3481 op->length = length;
3482
3483 op->dst.s_addr = addr;
3484
3485 /* Add packet to the top of the interface output queue, so that they
3486 * can't get delayed by things like long queues of LS Update packets
3487 */
3488 ospf_packet_add_top(oi, op);
3489
3490 /* Hook thread to write packet. */
3491 OSPF_ISM_WRITE_ON(oi->ospf);
3492 }
3493
3494 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3495 {
3496 struct ospf_interface *oi;
3497
3498 oi = nbr_nbma->oi;
3499 assert(oi);
3500
3501 /* If this is passive interface, do not send OSPF Hello. */
3502 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3503 return;
3504
3505 if (oi->type != OSPF_IFTYPE_NBMA)
3506 return;
3507
3508 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3509 return;
3510
3511 if (PRIORITY(oi) == 0)
3512 return;
3513
3514 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3515 && oi->state != ISM_Backup)
3516 return;
3517
3518 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3519 }
3520
3521 int ospf_poll_timer(struct thread *thread)
3522 {
3523 struct ospf_nbr_nbma *nbr_nbma;
3524
3525 nbr_nbma = THREAD_ARG(thread);
3526 nbr_nbma->t_poll = NULL;
3527
3528 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3529 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3530 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3531
3532 ospf_poll_send(nbr_nbma);
3533
3534 if (nbr_nbma->v_poll > 0)
3535 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3536 nbr_nbma->v_poll);
3537
3538 return 0;
3539 }
3540
3541
3542 int ospf_hello_reply_timer(struct thread *thread)
3543 {
3544 struct ospf_neighbor *nbr;
3545
3546 nbr = THREAD_ARG(thread);
3547 nbr->t_hello_reply = NULL;
3548
3549 assert(nbr->oi);
3550
3551 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3552 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3553 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3554
3555 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3556
3557 return 0;
3558 }
3559
3560 /* Send OSPF Hello. */
3561 void ospf_hello_send(struct ospf_interface *oi)
3562 {
3563 /* If this is passive interface, do not send OSPF Hello. */
3564 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3565 return;
3566
3567 if (oi->type == OSPF_IFTYPE_NBMA) {
3568 struct ospf_neighbor *nbr;
3569 struct route_node *rn;
3570
3571 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3572 if ((nbr = rn->info))
3573 if (nbr != oi->nbr_self)
3574 if (nbr->state != NSM_Down) {
3575 /* RFC 2328 Section 9.5.1
3576 If the router is not
3577 eligible to become Designated
3578 Router,
3579 it must periodically send
3580 Hello Packets to both the
3581 Designated Router and the
3582 Backup Designated Router (if
3583 they
3584 exist). */
3585 if (PRIORITY(oi) == 0
3586 && IPV4_ADDR_CMP(
3587 &DR(oi),
3588 &nbr->address.u
3589 .prefix4)
3590 && IPV4_ADDR_CMP(
3591 &BDR(oi),
3592 &nbr->address.u
3593 .prefix4))
3594 continue;
3595
3596 /* If the router is eligible to
3597 become Designated Router, it
3598 must periodically send Hello
3599 Packets to all neighbors that
3600 are also eligible. In
3601 addition, if the router is
3602 itself the
3603 Designated Router or Backup
3604 Designated Router, it must
3605 also
3606 send periodic Hello Packets
3607 to all other neighbors. */
3608
3609 if (nbr->priority == 0
3610 && oi->state == ISM_DROther)
3611 continue;
3612 /* if oi->state == Waiting, send
3613 * hello to all neighbors */
3614 ospf_hello_send_sub(
3615 oi,
3616 nbr->address.u.prefix4
3617 .s_addr);
3618 }
3619 } else {
3620 /* Decide destination address. */
3621 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3622 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3623 else
3624 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3625 }
3626 }
3627
3628 /* Send OSPF Database Description. */
3629 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3630 {
3631 struct ospf_interface *oi;
3632 struct ospf_packet *op;
3633 u_int16_t length = OSPF_HEADER_SIZE;
3634
3635 oi = nbr->oi;
3636 op = ospf_packet_new(oi->ifp->mtu);
3637
3638 /* Prepare OSPF common header. */
3639 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3640
3641 /* Prepare OSPF Database Description body. */
3642 length += ospf_make_db_desc(oi, nbr, op->s);
3643
3644 /* Fill OSPF header. */
3645 ospf_fill_header(oi, op->s, length);
3646
3647 /* Set packet length. */
3648 op->length = length;
3649
3650 /* Decide destination address. */
3651 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3652 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3653 else
3654 op->dst = nbr->address.u.prefix4;
3655
3656 /* Add packet to the interface output queue. */
3657 ospf_packet_add(oi, op);
3658
3659 /* Hook thread to write packet. */
3660 OSPF_ISM_WRITE_ON(oi->ospf);
3661
3662 /* Remove old DD packet, then copy new one and keep in neighbor
3663 * structure. */
3664 if (nbr->last_send)
3665 ospf_packet_free(nbr->last_send);
3666 nbr->last_send = ospf_packet_dup(op);
3667 monotime(&nbr->last_send_ts);
3668 }
3669
3670 /* Re-send Database Description. */
3671 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3672 {
3673 struct ospf_interface *oi;
3674
3675 oi = nbr->oi;
3676
3677 /* Add packet to the interface output queue. */
3678 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3679
3680 /* Hook thread to write packet. */
3681 OSPF_ISM_WRITE_ON(oi->ospf);
3682 }
3683
3684 /* Send Link State Request. */
3685 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3686 {
3687 struct ospf_interface *oi;
3688 struct ospf_packet *op;
3689 u_int16_t length = OSPF_HEADER_SIZE;
3690
3691 oi = nbr->oi;
3692 op = ospf_packet_new(oi->ifp->mtu);
3693
3694 /* Prepare OSPF common header. */
3695 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3696
3697 /* Prepare OSPF Link State Request body. */
3698 length += ospf_make_ls_req(nbr, op->s);
3699 if (length == OSPF_HEADER_SIZE) {
3700 ospf_packet_free(op);
3701 return;
3702 }
3703
3704 /* Fill OSPF header. */
3705 ospf_fill_header(oi, op->s, length);
3706
3707 /* Set packet length. */
3708 op->length = length;
3709
3710 /* Decide destination address. */
3711 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3712 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3713 else
3714 op->dst = nbr->address.u.prefix4;
3715
3716 /* Add packet to the interface output queue. */
3717 ospf_packet_add(oi, op);
3718
3719 /* Hook thread to write packet. */
3720 OSPF_ISM_WRITE_ON(oi->ospf);
3721
3722 /* Add Link State Request Retransmission Timer. */
3723 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3724 }
3725
3726 /* Send Link State Update with an LSA. */
3727 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3728 int flag)
3729 {
3730 struct list *update;
3731
3732 update = list_new();
3733
3734 listnode_add(update, lsa);
3735 ospf_ls_upd_send(nbr, update, flag);
3736
3737 list_delete(update);
3738 }
3739
3740 /* Determine size for packet. Must be at least big enough to accomodate next
3741 * LSA on list, which may be bigger than MTU size.
3742 *
3743 * Return pointer to new ospf_packet
3744 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3745 * on packet sizes (in which case offending LSA is deleted from update list)
3746 */
3747 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3748 struct ospf_interface *oi)
3749 {
3750 struct ospf_lsa *lsa;
3751 struct listnode *ln;
3752 size_t size;
3753 static char warned = 0;
3754
3755 lsa = listgetdata((ln = listhead(update)));
3756 assert(lsa->data);
3757
3758 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3759 > ospf_packet_max(oi)) {
3760 if (!warned) {
3761 zlog_warn(
3762 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3763 "will need to fragment. Not optimal. Try divide up"
3764 " your network with areas. Use 'debug ospf packet send'"
3765 " to see details, or look at 'show ip ospf database ..'");
3766 warned = 1;
3767 }
3768
3769 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3770 zlog_debug(
3771 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3772 " %d bytes originated by %s, will be fragmented!",
3773 inet_ntoa(lsa->data->id),
3774 ntohs(lsa->data->length),
3775 inet_ntoa(lsa->data->adv_router));
3776
3777 /*
3778 * Allocate just enough to fit this LSA only, to avoid including
3779 * other
3780 * LSAs in fragmented LSA Updates.
3781 */
3782 size = ntohs(lsa->data->length)
3783 + (oi->ifp->mtu - ospf_packet_max(oi))
3784 + OSPF_LS_UPD_MIN_SIZE;
3785 } else
3786 size = oi->ifp->mtu;
3787
3788 if (size > OSPF_MAX_PACKET_SIZE) {
3789 zlog_warn(
3790 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3791 " %d bytes, packet size %ld, dropping it completely."
3792 " OSPF routing is broken!",
3793 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3794 (long int)size);
3795 list_delete_node(update, ln);
3796 return NULL;
3797 }
3798
3799 /* IP header is built up separately by ospf_write(). This means, that we
3800 * must
3801 * reduce the "affordable" size just calculated by length of an IP
3802 * header.
3803 * This makes sure, that even if we manage to fill the payload with LSA
3804 * data
3805 * completely, the final packet (our data plus IP header) still fits
3806 * into
3807 * outgoing interface MTU. This correction isn't really meaningful for
3808 * an
3809 * oversized LSA, but for consistency the correction is done for both
3810 * cases.
3811 *
3812 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3813 */
3814 return ospf_packet_new(size - sizeof(struct ip));
3815 }
3816
3817 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3818 struct list *update, struct in_addr addr)
3819 {
3820 struct ospf_packet *op;
3821 u_int16_t length = OSPF_HEADER_SIZE;
3822
3823 if (IS_DEBUG_OSPF_EVENT)
3824 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3825 IF_NAME(oi), inet_ntoa(addr));
3826
3827 op = ospf_ls_upd_packet_new(update, oi);
3828
3829 /* Prepare OSPF common header. */
3830 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3831
3832 /* Prepare OSPF Link State Update body.
3833 * Includes Type-7 translation.
3834 */
3835 length += ospf_make_ls_upd(oi, update, op->s);
3836
3837 /* Fill OSPF header. */
3838 ospf_fill_header(oi, op->s, length);
3839
3840 /* Set packet length. */
3841 op->length = length;
3842
3843 /* Decide destination address. */
3844 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3845 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3846 else
3847 op->dst.s_addr = addr.s_addr;
3848
3849 /* Add packet to the interface output queue. */
3850 ospf_packet_add(oi, op);
3851
3852 /* Hook thread to write packet. */
3853 OSPF_ISM_WRITE_ON(oi->ospf);
3854 }
3855
3856 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3857 {
3858 struct ospf_interface *oi = THREAD_ARG(thread);
3859 struct route_node *rn;
3860 struct route_node *rnext;
3861 struct list *update;
3862 char again = 0;
3863
3864 oi->t_ls_upd_event = NULL;
3865
3866 if (IS_DEBUG_OSPF_EVENT)
3867 zlog_debug("ospf_ls_upd_send_queue start");
3868
3869 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
3870 rnext = route_next(rn);
3871
3872 if (rn->info == NULL)
3873 continue;
3874
3875 update = (struct list *)rn->info;
3876
3877 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4);
3878
3879 /* list might not be empty. */
3880 if (listcount(update) == 0) {
3881 list_delete(rn->info);
3882 rn->info = NULL;
3883 route_unlock_node(rn);
3884 } else
3885 again = 1;
3886 }
3887
3888 if (again != 0) {
3889 if (IS_DEBUG_OSPF_EVENT)
3890 zlog_debug(
3891 "ospf_ls_upd_send_queue: update lists not cleared,"
3892 " %d nodes to try again, raising new event",
3893 again);
3894 oi->t_ls_upd_event = thread_add_event(
3895 master, ospf_ls_upd_send_queue_event, oi, 0);
3896 }
3897
3898 if (IS_DEBUG_OSPF_EVENT)
3899 zlog_debug("ospf_ls_upd_send_queue stop");
3900
3901 return 0;
3902 }
3903
3904 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag)
3905 {
3906 struct ospf_interface *oi;
3907 struct ospf_lsa *lsa;
3908 struct prefix_ipv4 p;
3909 struct route_node *rn;
3910 struct listnode *node;
3911
3912 oi = nbr->oi;
3913
3914 p.family = AF_INET;
3915 p.prefixlen = IPV4_MAX_BITLEN;
3916
3917 /* Decide destination address. */
3918 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3919 p.prefix = oi->vl_data->peer_addr;
3920 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3921 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3922 else if (flag == OSPF_SEND_PACKET_DIRECT)
3923 p.prefix = nbr->address.u.prefix4;
3924 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
3925 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3926 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
3927 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3928 else
3929 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
3930
3931 if (oi->type == OSPF_IFTYPE_NBMA) {
3932 if (flag == OSPF_SEND_PACKET_INDIRECT)
3933 zlog_warn(
3934 "* LS-Update is directly sent on NBMA network.");
3935 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix.s_addr))
3936 zlog_warn("* LS-Update is sent to myself.");
3937 }
3938
3939 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
3940
3941 if (rn->info == NULL)
3942 rn->info = list_new();
3943 else
3944 route_unlock_node(rn);
3945
3946 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
3947 listnode_add(rn->info,
3948 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
3949
3950 if (oi->t_ls_upd_event == NULL)
3951 oi->t_ls_upd_event = thread_add_event(
3952 master, ospf_ls_upd_send_queue_event, oi, 0);
3953 }
3954
3955 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
3956 struct in_addr dst)
3957 {
3958 struct ospf_packet *op;
3959 u_int16_t length = OSPF_HEADER_SIZE;
3960
3961 op = ospf_packet_new(oi->ifp->mtu);
3962
3963 /* Prepare OSPF common header. */
3964 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
3965
3966 /* Prepare OSPF Link State Acknowledgment body. */
3967 length += ospf_make_ls_ack(oi, ack, op->s);
3968
3969 /* Fill OSPF header. */
3970 ospf_fill_header(oi, op->s, length);
3971
3972 /* Set packet length. */
3973 op->length = length;
3974
3975 /* Decide destination address. */
3976 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3977 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3978 else
3979 op->dst.s_addr = dst.s_addr;
3980
3981 /* Add packet to the interface output queue. */
3982 ospf_packet_add(oi, op);
3983
3984 /* Hook thread to write packet. */
3985 OSPF_ISM_WRITE_ON(oi->ospf);
3986 }
3987
3988 static int ospf_ls_ack_send_event(struct thread *thread)
3989 {
3990 struct ospf_interface *oi = THREAD_ARG(thread);
3991
3992 oi->t_ls_ack_direct = NULL;
3993
3994 while (listcount(oi->ls_ack_direct.ls_ack))
3995 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
3996 oi->ls_ack_direct.dst);
3997
3998 return 0;
3999 }
4000
4001 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4002 {
4003 struct ospf_interface *oi = nbr->oi;
4004
4005 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4006 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4007
4008 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4009
4010 if (oi->t_ls_ack_direct == NULL)
4011 oi->t_ls_ack_direct =
4012 thread_add_event(master, ospf_ls_ack_send_event, oi, 0);
4013 }
4014
4015 /* Send Link State Acknowledgment delayed. */
4016 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4017 {
4018 struct in_addr dst;
4019
4020 /* Decide destination address. */
4021 /* RFC2328 Section 13.5 On non-broadcast
4022 networks, delayed Link State Acknowledgment packets must be
4023 unicast separately over each adjacency (i.e., neighbor whose
4024 state is >= Exchange). */
4025 if (oi->type == OSPF_IFTYPE_NBMA) {
4026 struct ospf_neighbor *nbr;
4027 struct route_node *rn;
4028
4029 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4030 if ((nbr = rn->info) != NULL)
4031 if (nbr != oi->nbr_self
4032 && nbr->state >= NSM_Exchange)
4033 while (listcount(oi->ls_ack))
4034 ospf_ls_ack_send_list(
4035 oi, oi->ls_ack,
4036 nbr->address.u.prefix4);
4037 return;
4038 }
4039 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4040 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4041 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4042 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4043 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4044 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4045 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4046 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4047 else
4048 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4049
4050 while (listcount(oi->ls_ack))
4051 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4052 }
4053
4054 /*
4055 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4056 * address. As a result, the kernel does not need to learn the interface
4057 * MAC of the OSPF neighbor. However, in our world, this will delay
4058 * convergence. Take the case when due to a link flap, all routes now
4059 * want to use an interface which was deemed to be costlier prior to this
4060 * event. For routes that will be installed, the missing MAC will have
4061 * punt-to-CPU set on them. This may overload the CPU control path that
4062 * can be avoided if the MAC was known apriori.
4063 */
4064 #define OSPF_PING_NBR_STR_MAX (8 + 40 + 20)
4065 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4066 {
4067 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4068 char *str_ptr;
4069 int ret;
4070
4071 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4072 return;
4073
4074 str_ptr = strcpy(ping_nbr, "ping -c 1 -I ");
4075 str_ptr = strcat(str_ptr, nbr->oi->ifp->name);
4076 str_ptr = strcat(str_ptr, " ");
4077 str_ptr = strcat(str_ptr, inet_ntoa(nbr->address.u.prefix4));
4078 str_ptr = strcat(str_ptr, " > /dev/null 2>&1 &");
4079 ret = system(ping_nbr);
4080 if (IS_DEBUG_OSPF_EVENT)
4081 zlog_debug("Executed %s %s", ping_nbr,
4082 ((ret == 0) ? "successfully" : "but failed"));
4083 }
FRRouting mirror