]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #7261 from Niral-Networks/niral_dev_vrf_ospf6
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56 #include "ospfd/ospf_zebra.h"
57 #include "ospfd/ospf_gr_helper.h"
58
59 /*
60 * OSPF Fragmentation / fragmented writes
61 *
62 * ospfd can support writing fragmented packets, for cases where
63 * kernel will not fragment IP_HDRINCL and/or multicast destined
64 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
65 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
66 * flags fields, hence user-space fragmentation will not work.
67 * Only Linux is known to leave IP header unmolested.
68 * Further, fragmentation really should be done the kernel, which already
69 * supports it, and which avoids nasty IP ID state problems.
70 *
71 * Fragmentation of OSPF packets can be required on networks with router
72 * with many many interfaces active in one area, or on networks with links
73 * with low MTUs.
74 */
75 #ifdef GNU_LINUX
76 #define WANT_OSPF_WRITE_FRAGMENT
77 #endif
78
79 /* Packet Type String. */
80 const struct message ospf_packet_type_str[] = {
81 {OSPF_MSG_HELLO, "Hello"},
82 {OSPF_MSG_DB_DESC, "Database Description"},
83 {OSPF_MSG_LS_REQ, "Link State Request"},
84 {OSPF_MSG_LS_UPD, "Link State Update"},
85 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
86 {0}};
87
88 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
89 particular types, offset is the "type" field of a packet. */
90 static const uint16_t ospf_packet_minlen[] = {
91 0,
92 OSPF_HELLO_MIN_SIZE,
93 OSPF_DB_DESC_MIN_SIZE,
94 OSPF_LS_REQ_MIN_SIZE,
95 OSPF_LS_UPD_MIN_SIZE,
96 OSPF_LS_ACK_MIN_SIZE,
97 };
98
99 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
100 types, offset is the "LSA type" field. */
101 static const uint16_t ospf_lsa_minlen[] = {
102 0,
103 OSPF_ROUTER_LSA_MIN_SIZE,
104 OSPF_NETWORK_LSA_MIN_SIZE,
105 OSPF_SUMMARY_LSA_MIN_SIZE,
106 OSPF_SUMMARY_LSA_MIN_SIZE,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
110 0,
111 0,
112 0,
113 0,
114 };
115
116 /* for ospf_check_auth() */
117 static int ospf_check_sum(struct ospf_header *);
118
119 /* OSPF authentication checking function */
120 static int ospf_auth_type(struct ospf_interface *oi)
121 {
122 int auth_type;
123
124 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
125 auth_type = oi->area->auth_type;
126 else
127 auth_type = OSPF_IF_PARAM(oi, auth_type);
128
129 /* Handle case where MD5 key list is not configured aka Cisco */
130 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
131 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
132 return OSPF_AUTH_NULL;
133
134 return auth_type;
135 }
136
137 static struct ospf_packet *ospf_packet_new(size_t size)
138 {
139 struct ospf_packet *new;
140
141 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
142 new->s = stream_new(size);
143
144 return new;
145 }
146
147 void ospf_packet_free(struct ospf_packet *op)
148 {
149 if (op->s)
150 stream_free(op->s);
151
152 XFREE(MTYPE_OSPF_PACKET, op);
153 }
154
155 struct ospf_fifo *ospf_fifo_new(void)
156 {
157 struct ospf_fifo *new;
158
159 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
160 return new;
161 }
162
163 /* Add new packet to fifo. */
164 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
165 {
166 if (fifo->tail)
167 fifo->tail->next = op;
168 else
169 fifo->head = op;
170
171 fifo->tail = op;
172
173 fifo->count++;
174 }
175
176 /* Add new packet to head of fifo. */
177 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
178 {
179 op->next = fifo->head;
180
181 if (fifo->tail == NULL)
182 fifo->tail = op;
183
184 fifo->head = op;
185
186 fifo->count++;
187 }
188
189 /* Delete first packet from fifo. */
190 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
191 {
192 struct ospf_packet *op;
193
194 op = fifo->head;
195
196 if (op) {
197 fifo->head = op->next;
198
199 if (fifo->head == NULL)
200 fifo->tail = NULL;
201
202 fifo->count--;
203 }
204
205 return op;
206 }
207
208 /* Return first fifo entry. */
209 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
210 {
211 return fifo->head;
212 }
213
214 /* Flush ospf packet fifo. */
215 void ospf_fifo_flush(struct ospf_fifo *fifo)
216 {
217 struct ospf_packet *op;
218 struct ospf_packet *next;
219
220 for (op = fifo->head; op; op = next) {
221 next = op->next;
222 ospf_packet_free(op);
223 }
224 fifo->head = fifo->tail = NULL;
225 fifo->count = 0;
226 }
227
228 /* Free ospf packet fifo. */
229 void ospf_fifo_free(struct ospf_fifo *fifo)
230 {
231 ospf_fifo_flush(fifo);
232
233 XFREE(MTYPE_OSPF_FIFO, fifo);
234 }
235
236 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
237 {
238 /* Add packet to end of queue. */
239 ospf_fifo_push(oi->obuf, op);
240
241 /* Debug of packet fifo*/
242 /* ospf_fifo_debug (oi->obuf); */
243 }
244
245 static void ospf_packet_add_top(struct ospf_interface *oi,
246 struct ospf_packet *op)
247 {
248 /* Add packet to head of queue. */
249 ospf_fifo_push_head(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_delete(struct ospf_interface *oi)
256 {
257 struct ospf_packet *op;
258
259 op = ospf_fifo_pop(oi->obuf);
260
261 if (op)
262 ospf_packet_free(op);
263 }
264
265 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
266 {
267 struct ospf_packet *new;
268
269 if (stream_get_endp(op->s) != op->length)
270 /* XXX size_t */
271 zlog_debug(
272 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
273 (unsigned long)STREAM_SIZE(op->s), op->length);
274
275 /* Reserve space for MD5 authentication that may be added later. */
276 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
277 stream_copy(new->s, op->s);
278
279 new->dst = op->dst;
280 new->length = op->length;
281
282 return new;
283 }
284
285 /* XXX inline */
286 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
287 {
288 int auth = 0;
289
290 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
291 auth = OSPF_AUTH_MD5_SIZE;
292
293 return auth;
294 }
295
296 static unsigned int ospf_packet_max(struct ospf_interface *oi)
297 {
298 int max;
299
300 max = oi->ifp->mtu - ospf_packet_authspace(oi);
301
302 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
303
304 return max;
305 }
306
307
308 static int ospf_check_md5_digest(struct ospf_interface *oi,
309 struct ospf_header *ospfh)
310 {
311 #ifdef CRYPTO_OPENSSL
312 EVP_MD_CTX *ctx;
313 #elif CRYPTO_INTERNAL
314 MD5_CTX ctx;
315 #endif
316 unsigned char digest[OSPF_AUTH_MD5_SIZE];
317 struct crypt_key *ck;
318 struct ospf_neighbor *nbr;
319 uint16_t length = ntohs(ospfh->length);
320
321 /* Get secret key. */
322 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
323 ospfh->u.crypt.key_id);
324 if (ck == NULL) {
325 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
326 IF_NAME(oi), ospfh->u.crypt.key_id);
327 return 0;
328 }
329
330 /* check crypto seqnum. */
331 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
332
333 if (nbr
334 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
335 flog_warn(
336 EC_OSPF_MD5,
337 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
338 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
339 ntohl(nbr->crypt_seqnum));
340 return 0;
341 }
342
343 /* Generate a digest for the ospf packet - their digest + our digest. */
344 #ifdef CRYPTO_OPENSSL
345 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
346 ctx = EVP_MD_CTX_new();
347 EVP_DigestInit(ctx, EVP_md5());
348 EVP_DigestUpdate(ctx, ospfh, length);
349 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
350 EVP_DigestFinal(ctx, digest, &md5_size);
351 EVP_MD_CTX_free(ctx);
352 #elif CRYPTO_INTERNAL
353 memset(&ctx, 0, sizeof(ctx));
354 MD5Init(&ctx);
355 MD5Update(&ctx, ospfh, length);
356 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
357 MD5Final(digest, &ctx);
358 #endif
359
360 /* compare the two */
361 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
362 flog_warn(EC_OSPF_MD5,
363 "interface %s: ospf_check_md5 checksum mismatch",
364 IF_NAME(oi));
365 return 0;
366 }
367
368 /* save neighbor's crypt_seqnum */
369 if (nbr)
370 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
371 return 1;
372 }
373
374 /* This function is called from ospf_write(), it will detect the
375 authentication scheme and if it is MD5, it will change the sequence
376 and update the MD5 digest. */
377 static int ospf_make_md5_digest(struct ospf_interface *oi,
378 struct ospf_packet *op)
379 {
380 struct ospf_header *ospfh;
381 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
382 #ifdef CRYPTO_OPENSSL
383 EVP_MD_CTX *ctx;
384 #elif CRYPTO_INTERNAL
385 MD5_CTX ctx;
386 #endif
387 void *ibuf;
388 uint32_t t;
389 struct crypt_key *ck;
390 const uint8_t *auth_key;
391
392 ibuf = STREAM_DATA(op->s);
393 ospfh = (struct ospf_header *)ibuf;
394
395 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
396 return 0;
397
398 /* We do this here so when we dup a packet, we don't have to
399 waste CPU rewriting other headers.
400
401 Note that quagga_time /deliberately/ is not used here */
402 t = (time(NULL) & 0xFFFFFFFF);
403 if (t > oi->crypt_seqnum)
404 oi->crypt_seqnum = t;
405 else
406 oi->crypt_seqnum++;
407
408 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
409
410 /* Get MD5 Authentication key from auth_key list. */
411 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
412 auth_key = (const uint8_t *)digest;
413 else {
414 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
415 auth_key = ck->auth_key;
416 }
417
418 /* Generate a digest for the entire packet + our secret key. */
419 #ifdef CRYPTO_OPENSSL
420 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
421 ctx = EVP_MD_CTX_new();
422 EVP_DigestInit(ctx, EVP_md5());
423 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
424 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 EVP_DigestFinal(ctx, digest, &md5_size);
426 EVP_MD_CTX_free(ctx);
427 #elif CRYPTO_INTERNAL
428 memset(&ctx, 0, sizeof(ctx));
429 MD5Init(&ctx);
430 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
431 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
432 MD5Final(digest, &ctx);
433 #endif
434
435 /* Append md5 digest to the end of the stream. */
436 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
437
438 /* We do *NOT* increment the OSPF header length. */
439 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
440
441 if (stream_get_endp(op->s) != op->length)
442 /* XXX size_t */
443 flog_warn(
444 EC_OSPF_MD5,
445 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
446 (unsigned long)stream_get_endp(op->s), op->length);
447
448 return OSPF_AUTH_MD5_SIZE;
449 }
450
451
452 static int ospf_ls_req_timer(struct thread *thread)
453 {
454 struct ospf_neighbor *nbr;
455
456 nbr = THREAD_ARG(thread);
457 nbr->t_ls_req = NULL;
458
459 /* Send Link State Request. */
460 if (ospf_ls_request_count(nbr))
461 ospf_ls_req_send(nbr);
462
463 /* Set Link State Request retransmission timer. */
464 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
465
466 return 0;
467 }
468
469 void ospf_ls_req_event(struct ospf_neighbor *nbr)
470 {
471 thread_cancel(&nbr->t_ls_req);
472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
473 }
474
475 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
477 int ospf_ls_upd_timer(struct thread *thread)
478 {
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
524
525 if (listcount(update) > 0)
526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
528 list_delete(&update);
529 }
530
531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
533
534 return 0;
535 }
536
537 int ospf_ls_ack_timer(struct thread *thread)
538 {
539 struct ospf_interface *oi;
540
541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
543
544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
547
548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
550
551 return 0;
552 }
553
554 #ifdef WANT_OSPF_WRITE_FRAGMENT
555 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
557 unsigned int mtu, int flags, uint8_t type)
558 {
559 #define OSPF_WRITE_FRAG_SHIFT 3
560 uint16_t offset;
561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
603 flog_err(
604 EC_LIB_SOCKET,
605 "*** ospf_write_frags: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
606 &iph->ip_dst, iph->ip_id, iph->ip_off,
607 iph->ip_len, mtu, safe_strerror(errno));
608
609 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
610 zlog_debug(
611 "ospf_write_frags: sent id %d, off %d, len %d to %pI4",
612 iph->ip_id, iph->ip_off, iph->ip_len,
613 &iph->ip_dst);
614 }
615
616 iph->ip_off += offset;
617 stream_forward_getp(op->s, iovp->iov_len);
618 iovp->iov_base = stream_pnt(op->s);
619 }
620
621 /* setup for final fragment */
622 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
623 iph->ip_len = iovp->iov_len + sizeof(struct ip);
624 iph->ip_off &= (~IP_MF);
625 }
626 #endif /* WANT_OSPF_WRITE_FRAGMENT */
627
628 static int ospf_write(struct thread *thread)
629 {
630 struct ospf *ospf = THREAD_ARG(thread);
631 struct ospf_interface *oi;
632 struct ospf_interface *last_serviced_oi = NULL;
633 struct ospf_packet *op;
634 struct sockaddr_in sa_dst;
635 struct ip iph;
636 struct msghdr msg;
637 struct iovec iov[2];
638 uint8_t type;
639 int ret;
640 int flags = 0;
641 struct listnode *node;
642 #ifdef WANT_OSPF_WRITE_FRAGMENT
643 static uint16_t ipid = 0;
644 uint16_t maxdatasize;
645 #endif /* WANT_OSPF_WRITE_FRAGMENT */
646 #define OSPF_WRITE_IPHL_SHIFT 2
647 int pkt_count = 0;
648
649 #ifdef GNU_LINUX
650 unsigned char cmsgbuf[64] = {};
651 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
652 struct in_pktinfo *pi;
653 #endif
654
655 if (ospf->fd < 0 || ospf->oi_running == 0) {
656 if (IS_DEBUG_OSPF_EVENT)
657 zlog_debug(
658 "ospf_write failed to send, fd %d, instance %u",
659 ospf->fd, ospf->oi_running);
660 return -1;
661 }
662
663 node = listhead(ospf->oi_write_q);
664 assert(node);
665 oi = listgetdata(node);
666
667 #ifdef WANT_OSPF_WRITE_FRAGMENT
668 /* seed ipid static with low order bits of time */
669 if (ipid == 0)
670 ipid = (time(NULL) & 0xffff);
671 #endif /* WANT_OSPF_WRITE_FRAGMENT */
672
673 while ((pkt_count < ospf->write_oi_count) && oi
674 && (last_serviced_oi != oi)) {
675 /* If there is only packet in the queue, the oi is removed from
676 write-q, so fix up the last interface that was serviced */
677 if (last_serviced_oi == NULL) {
678 last_serviced_oi = oi;
679 }
680 pkt_count++;
681 #ifdef WANT_OSPF_WRITE_FRAGMENT
682 /* convenience - max OSPF data per packet */
683 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
684 #endif /* WANT_OSPF_WRITE_FRAGMENT */
685 /* Get one packet from queue. */
686 op = ospf_fifo_head(oi->obuf);
687 assert(op);
688 assert(op->length >= OSPF_HEADER_SIZE);
689
690 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
691 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
692 ospf_if_ipmulticast(ospf, oi->address,
693 oi->ifp->ifindex);
694
695 /* Rewrite the md5 signature & update the seq */
696 ospf_make_md5_digest(oi, op);
697
698 /* Retrieve OSPF packet type. */
699 stream_set_getp(op->s, 1);
700 type = stream_getc(op->s);
701
702 /* reset get pointer */
703 stream_set_getp(op->s, 0);
704
705 memset(&iph, 0, sizeof(struct ip));
706 memset(&sa_dst, 0, sizeof(sa_dst));
707
708 sa_dst.sin_family = AF_INET;
709 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
710 sa_dst.sin_len = sizeof(sa_dst);
711 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
712 sa_dst.sin_addr = op->dst;
713 sa_dst.sin_port = htons(0);
714
715 /* Set DONTROUTE flag if dst is unicast. */
716 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
717 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
718 flags = MSG_DONTROUTE;
719
720 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
721 /* it'd be very strange for header to not be 4byte-word aligned
722 * but.. */
723 if (sizeof(struct ip)
724 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
725 iph.ip_hl++; /* we presume sizeof(struct ip) cant
726 overflow ip_hl.. */
727
728 iph.ip_v = IPVERSION;
729 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
730 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
731
732 #if defined(__DragonFly__)
733 /*
734 * DragonFly's raw socket expects ip_len/ip_off in network byte
735 * order.
736 */
737 iph.ip_len = htons(iph.ip_len);
738 #endif
739
740 #ifdef WANT_OSPF_WRITE_FRAGMENT
741 /* XXX-MT: not thread-safe at all..
742 * XXX: this presumes this is only programme sending OSPF
743 * packets
744 * otherwise, no guarantee ipid will be unique
745 */
746 iph.ip_id = ++ipid;
747 #endif /* WANT_OSPF_WRITE_FRAGMENT */
748
749 iph.ip_off = 0;
750 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
751 iph.ip_ttl = OSPF_VL_IP_TTL;
752 else
753 iph.ip_ttl = OSPF_IP_TTL;
754 iph.ip_p = IPPROTO_OSPFIGP;
755 iph.ip_sum = 0;
756 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
757 iph.ip_dst.s_addr = op->dst.s_addr;
758
759 memset(&msg, 0, sizeof(msg));
760 msg.msg_name = (caddr_t)&sa_dst;
761 msg.msg_namelen = sizeof(sa_dst);
762 msg.msg_iov = iov;
763 msg.msg_iovlen = 2;
764
765 iov[0].iov_base = (char *)&iph;
766 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
767 iov[1].iov_base = stream_pnt(op->s);
768 iov[1].iov_len = op->length;
769
770 #ifdef GNU_LINUX
771 msg.msg_control = (caddr_t)cm;
772 cm->cmsg_level = SOL_IP;
773 cm->cmsg_type = IP_PKTINFO;
774 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
775 pi = (struct in_pktinfo *)CMSG_DATA(cm);
776 pi->ipi_ifindex = oi->ifp->ifindex;
777
778 msg.msg_controllen = cm->cmsg_len;
779 #endif
780
781 /* Sadly we can not rely on kernels to fragment packets
782 * because of either IP_HDRINCL and/or multicast
783 * destination being set.
784 */
785
786 #ifdef WANT_OSPF_WRITE_FRAGMENT
787 if (op->length > maxdatasize)
788 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
789 oi->ifp->mtu, flags, type);
790 #endif /* WANT_OSPF_WRITE_FRAGMENT */
791
792 /* send final fragment (could be first) */
793 sockopt_iphdrincl_swab_htosys(&iph);
794 ret = sendmsg(ospf->fd, &msg, flags);
795 sockopt_iphdrincl_swab_systoh(&iph);
796 if (IS_DEBUG_OSPF_EVENT)
797 zlog_debug(
798 "ospf_write to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
799 &iph.ip_dst, iph.ip_id, iph.ip_off,
800 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
801
802 if (ret < 0)
803 flog_err(
804 EC_LIB_SOCKET,
805 "*** sendmsg in ospf_write failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
806 &iph.ip_dst, iph.ip_id, iph.ip_off,
807 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
808 safe_strerror(errno));
809
810 /* Show debug sending packet. */
811 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
812 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
813 zlog_debug(
814 "-----------------------------------------------------");
815 stream_set_getp(op->s, 0);
816 ospf_packet_dump(op->s);
817 }
818
819 zlog_debug("%s sent to [%pI4] via [%s].",
820 lookup_msg(ospf_packet_type_str, type, NULL),
821 &op->dst, IF_NAME(oi));
822
823 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
824 zlog_debug(
825 "-----------------------------------------------------");
826 }
827
828 switch (type) {
829 case OSPF_MSG_HELLO:
830 oi->hello_out++;
831 break;
832 case OSPF_MSG_DB_DESC:
833 oi->db_desc_out++;
834 break;
835 case OSPF_MSG_LS_REQ:
836 oi->ls_req_out++;
837 break;
838 case OSPF_MSG_LS_UPD:
839 oi->ls_upd_out++;
840 break;
841 case OSPF_MSG_LS_ACK:
842 oi->ls_ack_out++;
843 break;
844 default:
845 break;
846 }
847
848 /* Now delete packet from queue. */
849 ospf_packet_delete(oi);
850
851 /* Move this interface to the tail of write_q to
852 serve everyone in a round robin fashion */
853 list_delete_node(ospf->oi_write_q, node);
854 if (ospf_fifo_head(oi->obuf) == NULL) {
855 oi->on_write_q = 0;
856 last_serviced_oi = NULL;
857 oi = NULL;
858 } else {
859 listnode_add(ospf->oi_write_q, oi);
860 }
861
862 /* Setup to service from the head of the queue again */
863 if (!list_isempty(ospf->oi_write_q)) {
864 node = listhead(ospf->oi_write_q);
865 oi = listgetdata(node);
866 }
867 }
868
869 /* If packets still remain in queue, call write thread. */
870 if (!list_isempty(ospf->oi_write_q))
871 thread_add_write(master, ospf_write, ospf, ospf->fd,
872 &ospf->t_write);
873
874 return 0;
875 }
876
877 /* OSPF Hello message read -- RFC2328 Section 10.5. */
878 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
879 struct stream *s, struct ospf_interface *oi, int size)
880 {
881 struct ospf_hello *hello;
882 struct ospf_neighbor *nbr;
883 int old_state;
884 struct prefix p;
885
886 /* increment statistics. */
887 oi->hello_in++;
888
889 hello = (struct ospf_hello *)stream_pnt(s);
890
891 /* If Hello is myself, silently discard. */
892 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
893 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
894 zlog_debug(
895 "ospf_header[%s/%pI4]: selforiginated, dropping.",
896 lookup_msg(ospf_packet_type_str, ospfh->type,
897 NULL),
898 &iph->ip_src);
899 }
900 return;
901 }
902
903 /* get neighbor prefix. */
904 p.family = AF_INET;
905 p.prefixlen = ip_masklen(hello->network_mask);
906 p.u.prefix4 = iph->ip_src;
907
908 /* Compare network mask. */
909 /* Checking is ignored for Point-to-Point and Virtual link. */
910 if (oi->type != OSPF_IFTYPE_POINTOPOINT
911 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
912 if (oi->address->prefixlen != p.prefixlen) {
913 flog_warn(
914 EC_OSPF_PACKET,
915 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
916 &ospfh->router_id, IF_NAME(oi),
917 (int)oi->address->prefixlen, (int)p.prefixlen);
918 return;
919 }
920
921 /* Compare Router Dead Interval. */
922 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
923 flog_warn(EC_OSPF_PACKET,
924 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
925 &ospfh->router_id,
926 OSPF_IF_PARAM(oi, v_wait),
927 ntohl(hello->dead_interval));
928 return;
929 }
930
931 /* Compare Hello Interval - ignored if fast-hellos are set. */
932 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
933 if (OSPF_IF_PARAM(oi, v_hello)
934 != ntohs(hello->hello_interval)) {
935 flog_warn(
936 EC_OSPF_PACKET,
937 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
938 &ospfh->router_id,
939 OSPF_IF_PARAM(oi, v_hello),
940 ntohs(hello->hello_interval));
941 return;
942 }
943 }
944
945 if (IS_DEBUG_OSPF_EVENT)
946 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
947 &ospfh->router_id,
948 ospf_options_dump(hello->options),
949 ospf_vrf_id_to_name(oi->ospf->vrf_id));
950
951 /* Compare options. */
952 #define REJECT_IF_TBIT_ON 1 /* XXX */
953 #ifdef REJECT_IF_TBIT_ON
954 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
955 /*
956 * This router does not support non-zero TOS.
957 * Drop this Hello packet not to establish neighbor
958 * relationship.
959 */
960 flog_warn(EC_OSPF_PACKET,
961 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
962 &ospfh->router_id);
963 return;
964 }
965 #endif /* REJECT_IF_TBIT_ON */
966
967 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
968 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
969 /*
970 * This router does know the correct usage of O-bit
971 * the bit should be set in DD packet only.
972 */
973 flog_warn(EC_OSPF_PACKET,
974 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
975 &ospfh->router_id);
976 #ifdef STRICT_OBIT_USAGE_CHECK
977 return; /* Reject this packet. */
978 #else /* STRICT_OBIT_USAGE_CHECK */
979 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
980 #endif /* STRICT_OBIT_USAGE_CHECK */
981 }
982
983 /* new for NSSA is to ensure that NP is on and E is off */
984
985 if (oi->area->external_routing == OSPF_AREA_NSSA) {
986 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
987 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
988 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
989 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
990 flog_warn(
991 EC_OSPF_PACKET,
992 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
993 &ospfh->router_id, OPTIONS(oi),
994 hello->options);
995 return;
996 }
997 if (IS_DEBUG_OSPF_NSSA)
998 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
999 &ospfh->router_id);
1000 } else
1001 /* The setting of the E-bit found in the Hello Packet's Options
1002 field must match this area's ExternalRoutingCapability A
1003 mismatch causes processing to stop and the packet to be
1004 dropped. The setting of the rest of the bits in the Hello
1005 Packet's Options field should be ignored. */
1006 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1007 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1008 flog_warn(
1009 EC_OSPF_PACKET,
1010 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
1011 &ospfh->router_id, OPTIONS(oi),
1012 hello->options);
1013 return;
1014 }
1015
1016 /* get neighbour struct */
1017 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1018
1019 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1020 assert(nbr);
1021
1022 old_state = nbr->state;
1023
1024 /* Add event to thread. */
1025 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1026
1027 /* RFC2328 Section 9.5.1
1028 If the router is not eligible to become Designated Router,
1029 (snip) It must also send an Hello Packet in reply to an
1030 Hello Packet received from any eligible neighbor (other than
1031 the current Designated Router and Backup Designated Router). */
1032 if (oi->type == OSPF_IFTYPE_NBMA)
1033 if (PRIORITY(oi) == 0 && hello->priority > 0
1034 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1035 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1036 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1037 ospf_hello_reply_timer,
1038 OSPF_HELLO_REPLY_DELAY);
1039
1040 /* on NBMA network type, it happens to receive bidirectional Hello
1041 packet
1042 without advance 1-Way Received event.
1043 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1044 if (oi->type == OSPF_IFTYPE_NBMA
1045 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1046 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1047 nbr->priority = hello->priority;
1048 nbr->d_router = hello->d_router;
1049 nbr->bd_router = hello->bd_router;
1050 return;
1051 }
1052
1053 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1054 size - OSPF_HELLO_MIN_SIZE)) {
1055 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1056 nbr->options |= hello->options;
1057 } else {
1058 /* If the router is DR_OTHER, RESTARTER will not wait
1059 * until it receives the hello from it if it receives
1060 * from DR and BDR.
1061 * So, helper might receives ONW_WAY hello from
1062 * RESTARTER. So not allowing to change the state if it
1063 * receives one_way hellow when it acts as HELPER for
1064 * that specific neighbor.
1065 */
1066 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1067 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1068 /* Set neighbor information. */
1069 nbr->priority = hello->priority;
1070 nbr->d_router = hello->d_router;
1071 nbr->bd_router = hello->bd_router;
1072 return;
1073 }
1074
1075 /* If neighbor itself declares DR and no BDR exists,
1076 cause event BackupSeen */
1077 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1078 if (hello->bd_router.s_addr == INADDR_ANY
1079 && oi->state == ISM_Waiting)
1080 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1081
1082 /* neighbor itself declares BDR. */
1083 if (oi->state == ISM_Waiting
1084 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1085 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1086
1087 /* had not previously. */
1088 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1089 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1090 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1091 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1092 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1093
1094 /* had not previously. */
1095 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1096 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1097 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1098 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1099 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1100
1101 /* Neighbor priority check. */
1102 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1103 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1104
1105 /* Set neighbor information. */
1106 nbr->priority = hello->priority;
1107 nbr->d_router = hello->d_router;
1108 nbr->bd_router = hello->bd_router;
1109 }
1110
1111 /* Save DD flags/options/Seqnum received. */
1112 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1113 struct ospf_db_desc *dd)
1114 {
1115 nbr->last_recv.flags = dd->flags;
1116 nbr->last_recv.options = dd->options;
1117 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1118 }
1119
1120 /* Process rest of DD packet. */
1121 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1122 struct ospf_neighbor *nbr,
1123 struct ospf_db_desc *dd, uint16_t size)
1124 {
1125 struct ospf_lsa *new, *find;
1126 struct lsa_header *lsah;
1127
1128 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1129 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1130 size -= OSPF_LSA_HEADER_SIZE) {
1131 lsah = (struct lsa_header *)stream_pnt(s);
1132 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1133
1134 /* Unknown LS type. */
1135 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1136 flog_warn(EC_OSPF_PACKET,
1137 "Packet [DD:RECV]: Unknown LS type %d.",
1138 lsah->type);
1139 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1140 return;
1141 }
1142
1143 if (IS_OPAQUE_LSA(lsah->type)
1144 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1145 flog_warn(EC_OSPF_PACKET,
1146 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1147 lsah->type, &lsah->id);
1148 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1149 return;
1150 }
1151
1152 switch (lsah->type) {
1153 case OSPF_AS_EXTERNAL_LSA:
1154 case OSPF_OPAQUE_AS_LSA:
1155 /* Check for stub area. Reject if AS-External from stub
1156 but
1157 allow if from NSSA. */
1158 if (oi->area->external_routing == OSPF_AREA_STUB) {
1159 flog_warn(
1160 EC_OSPF_PACKET,
1161 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1162 lsah->type, &lsah->id,
1163 (oi->area->external_routing
1164 == OSPF_AREA_STUB)
1165 ? "STUB"
1166 : "NSSA");
1167 OSPF_NSM_EVENT_SCHEDULE(nbr,
1168 NSM_SeqNumberMismatch);
1169 return;
1170 }
1171 break;
1172 default:
1173 break;
1174 }
1175
1176 /* Create LS-request object. */
1177 new = ospf_ls_request_new(lsah);
1178
1179 /* Lookup received LSA, then add LS request list. */
1180 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1181
1182 /* ospf_lsa_more_recent is fine with NULL pointers */
1183 switch (ospf_lsa_more_recent(find, new)) {
1184 case -1:
1185 /* Neighbour has a more recent LSA, we must request it
1186 */
1187 ospf_ls_request_add(nbr, new);
1188 /* fallthru */
1189 case 0:
1190 /* If we have a copy of this LSA, it's either less
1191 * recent
1192 * and we're requesting it from neighbour (the case
1193 * above), or
1194 * it's as recent and we both have same copy (this
1195 * case).
1196 *
1197 * In neither of these two cases is there any point in
1198 * describing our copy of the LSA to the neighbour in a
1199 * DB-Summary packet, if we're still intending to do so.
1200 *
1201 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1202 * backward compatible optimisation to OSPF DB Exchange
1203 * /
1204 * DB Description process implemented here.
1205 */
1206 if (find)
1207 ospf_lsdb_delete(&nbr->db_sum, find);
1208 ospf_lsa_discard(new);
1209 break;
1210 default:
1211 /* We have the more recent copy, nothing specific to do:
1212 * - no need to request neighbours stale copy
1213 * - must leave DB summary list copy alone
1214 */
1215 if (IS_DEBUG_OSPF_EVENT)
1216 zlog_debug(
1217 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1218 lsah->type, &lsah->id);
1219 ospf_lsa_discard(new);
1220 }
1221 }
1222
1223 /* Master */
1224 if (IS_SET_DD_MS(nbr->dd_flags)) {
1225 nbr->dd_seqnum++;
1226
1227 /* Both sides have no More, then we're done with Exchange */
1228 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1229 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1230 else
1231 ospf_db_desc_send(nbr);
1232 }
1233 /* Slave */
1234 else {
1235 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1236
1237 /* Send DD packet in reply.
1238 *
1239 * Must be done to acknowledge the Master's DD, regardless of
1240 * whether we have more LSAs ourselves to describe.
1241 *
1242 * This function will clear the 'More' bit, if after this DD
1243 * we have no more LSAs to describe to the master..
1244 */
1245 ospf_db_desc_send(nbr);
1246
1247 /* Slave can raise ExchangeDone now, if master is also done */
1248 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1249 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1250 }
1251
1252 /* Save received neighbor values from DD. */
1253 ospf_db_desc_save_current(nbr, dd);
1254
1255 if (!nbr->t_ls_req)
1256 ospf_ls_req_send(nbr);
1257 }
1258
1259 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1260 struct ospf_neighbor *nbr)
1261 {
1262 /* Is DD duplicated? */
1263 if (dd->options == nbr->last_recv.options
1264 && dd->flags == nbr->last_recv.flags
1265 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1266 return 1;
1267
1268 return 0;
1269 }
1270
1271 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1272 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1273 struct stream *s, struct ospf_interface *oi,
1274 uint16_t size)
1275 {
1276 struct ospf_db_desc *dd;
1277 struct ospf_neighbor *nbr;
1278
1279 /* Increment statistics. */
1280 oi->db_desc_in++;
1281
1282 dd = (struct ospf_db_desc *)stream_pnt(s);
1283
1284 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1285 if (nbr == NULL) {
1286 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1287 &ospfh->router_id);
1288 return;
1289 }
1290
1291 /* Check MTU. */
1292 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1293 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1294 flog_warn(
1295 EC_OSPF_PACKET,
1296 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1297 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
1298 oi->ifp->mtu);
1299 return;
1300 }
1301
1302 /*
1303 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1304 * not
1305 * required. In fact at least JunOS sends DD packets with P bit clear.
1306 * Until proper solution is developped, this hack should help.
1307 *
1308 * Update: According to the RFCs, N bit is specified /only/ for Hello
1309 * options, unfortunately its use in DD options is not specified. Hence
1310 * some
1311 * implementations follow E-bit semantics and set it in DD options, and
1312 * some
1313 * treat it as unspecified and hence follow the directive "default for
1314 * options is clear", ie unset.
1315 *
1316 * Reset the flag, as ospfd follows E-bit semantics.
1317 */
1318 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1319 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1320 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1321 if (IS_DEBUG_OSPF_EVENT)
1322 zlog_debug(
1323 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1324 &nbr->router_id);
1325 SET_FLAG(dd->options, OSPF_OPTION_NP);
1326 }
1327
1328 #ifdef REJECT_IF_TBIT_ON
1329 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1330 /*
1331 * In Hello protocol, optional capability must have checked
1332 * to prevent this T-bit enabled router be my neighbor.
1333 */
1334 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1335 &nbr->router_id);
1336 return;
1337 }
1338 #endif /* REJECT_IF_TBIT_ON */
1339
1340 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1341 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1342 /*
1343 * This node is not configured to handle O-bit, for now.
1344 * Clear it to ignore unsupported capability proposed by
1345 * neighbor.
1346 */
1347 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1348 }
1349
1350 /* Add event to thread. */
1351 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1352
1353 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1354 zlog_info(
1355 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
1356 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
1357 &nbr->router_id,
1358 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1359 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1360
1361 /* Process DD packet by neighbor status. */
1362 switch (nbr->state) {
1363 case NSM_Down:
1364 case NSM_Attempt:
1365 case NSM_TwoWay:
1366 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1367 zlog_info(
1368 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1369 &nbr->router_id,
1370 lookup_msg(ospf_nsm_state_msg, nbr->state,
1371 NULL));
1372 break;
1373 case NSM_Init:
1374 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1375 /* If the new state is ExStart, the processing of the current
1376 packet should then continue in this new state by falling
1377 through to case ExStart below. */
1378 if (nbr->state != NSM_ExStart)
1379 break;
1380 /* fallthru */
1381 case NSM_ExStart:
1382 /* Initial DBD */
1383 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1384 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1385 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1386 > 0) {
1387 /* We're Slave---obey */
1388 if (CHECK_FLAG(oi->ospf->config,
1389 OSPF_LOG_ADJACENCY_DETAIL))
1390 zlog_info(
1391 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1392 &nbr->router_id);
1393
1394 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1395
1396 /* Reset I/MS */
1397 UNSET_FLAG(nbr->dd_flags,
1398 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1399 } else {
1400 /* We're Master, ignore the initial DBD from
1401 * Slave */
1402 if (CHECK_FLAG(oi->ospf->config,
1403 OSPF_LOG_ADJACENCY_DETAIL))
1404 zlog_info(
1405 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1406 &nbr->router_id);
1407 break;
1408 }
1409 }
1410 /* Ack from the Slave */
1411 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1412 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1413 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1414 < 0) {
1415 zlog_info(
1416 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1417 &nbr->router_id);
1418 /* Reset I, leaving MS */
1419 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1420 } else {
1421 flog_warn(EC_OSPF_PACKET,
1422 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1423 &nbr->router_id);
1424 break;
1425 }
1426
1427 /* This is where the real Options are saved */
1428 nbr->options = dd->options;
1429
1430 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1431 if (IS_DEBUG_OSPF_EVENT)
1432 zlog_debug(
1433 "Neighbor[%pI4] is %sOpaque-capable.",
1434 &nbr->router_id,
1435 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1436 ? ""
1437 : "NOT ");
1438
1439 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1440 && IPV4_ADDR_SAME(&DR(oi),
1441 &nbr->address.u.prefix4)) {
1442 flog_warn(
1443 EC_OSPF_PACKET,
1444 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1445 &nbr->router_id);
1446 /* This situation is undesirable, but not a real
1447 * error. */
1448 }
1449 }
1450
1451 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1452
1453 /* continue processing rest of packet. */
1454 ospf_db_desc_proc(s, oi, nbr, dd, size);
1455 break;
1456 case NSM_Exchange:
1457 if (ospf_db_desc_is_dup(dd, nbr)) {
1458 if (IS_SET_DD_MS(nbr->dd_flags))
1459 /* Master: discard duplicated DD packet. */
1460 zlog_info(
1461 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1462 &nbr->router_id);
1463 else
1464 /* Slave: cause to retransmit the last Database
1465 Description. */
1466 {
1467 zlog_info(
1468 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1469 &nbr->router_id);
1470 ospf_db_desc_resend(nbr);
1471 }
1472 break;
1473 }
1474
1475 /* Otherwise DD packet should be checked. */
1476 /* Check Master/Slave bit mismatch */
1477 if (IS_SET_DD_MS(dd->flags)
1478 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1479 flog_warn(EC_OSPF_PACKET,
1480 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1481 &nbr->router_id);
1482 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1483 if (IS_DEBUG_OSPF_EVENT)
1484 zlog_debug(
1485 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1486 dd->flags, nbr->dd_flags);
1487 break;
1488 }
1489
1490 /* Check initialize bit is set. */
1491 if (IS_SET_DD_I(dd->flags)) {
1492 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1493 &nbr->router_id);
1494 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1495 break;
1496 }
1497
1498 /* Check DD Options. */
1499 if (dd->options != nbr->options) {
1500 flog_warn(EC_OSPF_PACKET,
1501 "Packet[DD]: Neighbor %pI4 options mismatch.",
1502 &nbr->router_id);
1503 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1504 break;
1505 }
1506
1507 /* Check DD sequence number. */
1508 if ((IS_SET_DD_MS(nbr->dd_flags)
1509 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1510 || (!IS_SET_DD_MS(nbr->dd_flags)
1511 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1512 flog_warn(
1513 EC_OSPF_PACKET,
1514 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1515 &nbr->router_id);
1516 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1517 break;
1518 }
1519
1520 /* Continue processing rest of packet. */
1521 ospf_db_desc_proc(s, oi, nbr, dd, size);
1522 break;
1523 case NSM_Loading:
1524 case NSM_Full:
1525 if (ospf_db_desc_is_dup(dd, nbr)) {
1526 if (IS_SET_DD_MS(nbr->dd_flags)) {
1527 /* Master should discard duplicate DD packet. */
1528 zlog_info(
1529 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1530 &nbr->router_id);
1531 break;
1532 } else {
1533 if (monotime_since(&nbr->last_send_ts, NULL)
1534 < nbr->v_inactivity * 1000000LL) {
1535 /* In states Loading and Full the slave
1536 must resend
1537 its last Database Description packet
1538 in response to
1539 duplicate Database Description
1540 packets received
1541 from the master. For this reason the
1542 slave must
1543 wait RouterDeadInterval seconds
1544 before freeing the
1545 last Database Description packet.
1546 Reception of a
1547 Database Description packet from the
1548 master after
1549 this interval will generate a
1550 SeqNumberMismatch
1551 neighbor event. RFC2328 Section 10.8
1552 */
1553 ospf_db_desc_resend(nbr);
1554 break;
1555 }
1556 }
1557 }
1558
1559 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1560 break;
1561 default:
1562 flog_warn(EC_OSPF_PACKET,
1563 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1564 &nbr->router_id, nbr->state);
1565 break;
1566 }
1567 }
1568
1569 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1570
1571 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1572 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1573 struct stream *s, struct ospf_interface *oi,
1574 uint16_t size)
1575 {
1576 struct ospf_neighbor *nbr;
1577 uint32_t ls_type;
1578 struct in_addr ls_id;
1579 struct in_addr adv_router;
1580 struct ospf_lsa *find;
1581 struct list *ls_upd;
1582 unsigned int length;
1583
1584 /* Increment statistics. */
1585 oi->ls_req_in++;
1586
1587 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1588 if (nbr == NULL) {
1589 flog_warn(EC_OSPF_PACKET,
1590 "Link State Request: Unknown Neighbor %pI4",
1591 &ospfh->router_id);
1592 return;
1593 }
1594
1595 /* Add event to thread. */
1596 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1597
1598 /* Neighbor State should be Exchange or later. */
1599 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1600 && nbr->state != NSM_Full) {
1601 flog_warn(
1602 EC_OSPF_PACKET,
1603 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1604 &ospfh->router_id,
1605 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1606 return;
1607 }
1608
1609 /* Send Link State Update for ALL requested LSAs. */
1610 ls_upd = list_new();
1611 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1612
1613 while (size >= OSPF_LSA_KEY_SIZE) {
1614 /* Get one slice of Link State Request. */
1615 ls_type = stream_getl(s);
1616 ls_id.s_addr = stream_get_ipv4(s);
1617 adv_router.s_addr = stream_get_ipv4(s);
1618
1619 /* Verify LSA type. */
1620 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1621 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1622 list_delete(&ls_upd);
1623 return;
1624 }
1625
1626 /* Search proper LSA in LSDB. */
1627 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1628 adv_router);
1629 if (find == NULL) {
1630 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1631 list_delete(&ls_upd);
1632 return;
1633 }
1634
1635 /* Packet overflows MTU size, send immediately. */
1636 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1637 if (oi->type == OSPF_IFTYPE_NBMA)
1638 ospf_ls_upd_send(nbr, ls_upd,
1639 OSPF_SEND_PACKET_DIRECT, 0);
1640 else
1641 ospf_ls_upd_send(nbr, ls_upd,
1642 OSPF_SEND_PACKET_INDIRECT, 0);
1643
1644 /* Only remove list contents. Keep ls_upd. */
1645 list_delete_all_node(ls_upd);
1646
1647 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1648 }
1649
1650 /* Append LSA to update list. */
1651 listnode_add(ls_upd, find);
1652 length += ntohs(find->data->length);
1653
1654 size -= OSPF_LSA_KEY_SIZE;
1655 }
1656
1657 /* Send rest of Link State Update. */
1658 if (listcount(ls_upd) > 0) {
1659 if (oi->type == OSPF_IFTYPE_NBMA)
1660 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1661 0);
1662 else
1663 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1664 0);
1665
1666 list_delete(&ls_upd);
1667 } else
1668 list_delete(&ls_upd);
1669 }
1670
1671 /* Get the list of LSAs from Link State Update packet.
1672 And process some validation -- RFC2328 Section 13. (1)-(2). */
1673 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1674 struct stream *s,
1675 struct ospf_interface *oi, size_t size)
1676 {
1677 uint16_t count, sum;
1678 uint32_t length;
1679 struct lsa_header *lsah;
1680 struct ospf_lsa *lsa;
1681 struct list *lsas;
1682
1683 lsas = list_new();
1684
1685 count = stream_getl(s);
1686 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1687
1688 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1689 size -= length, stream_forward_getp(s, length), count--) {
1690 lsah = (struct lsa_header *)stream_pnt(s);
1691 length = ntohs(lsah->length);
1692
1693 if (length > size) {
1694 flog_warn(
1695 EC_OSPF_PACKET,
1696 "Link State Update: LSA length exceeds packet size.");
1697 break;
1698 }
1699
1700 /* Validate the LSA's LS checksum. */
1701 sum = lsah->checksum;
1702 if (!ospf_lsa_checksum_valid(lsah)) {
1703 /* (bug #685) more details in a one-line message make it
1704 * possible
1705 * to identify problem source on the one hand and to
1706 * have a better
1707 * chance to compress repeated messages in syslog on the
1708 * other */
1709 flog_warn(
1710 EC_OSPF_PACKET,
1711 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1712 sum, lsah->checksum, &lsah->id,
1713 &nbr->src, &nbr->router_id,
1714 &lsah->adv_router);
1715 continue;
1716 }
1717
1718 /* Examine the LSA's LS type. */
1719 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1720 flog_warn(EC_OSPF_PACKET,
1721 "Link State Update: Unknown LS type %d",
1722 lsah->type);
1723 continue;
1724 }
1725
1726 /*
1727 * What if the received LSA's age is greater than MaxAge?
1728 * Treat it as a MaxAge case -- endo.
1729 */
1730 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1731 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1732
1733 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1734 #ifdef STRICT_OBIT_USAGE_CHECK
1735 if ((IS_OPAQUE_LSA(lsah->type)
1736 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1737 || (!IS_OPAQUE_LSA(lsah->type)
1738 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1739 /*
1740 * This neighbor must know the exact usage of
1741 * O-bit;
1742 * the bit will be set in Type-9,10,11 LSAs
1743 * only.
1744 */
1745 flog_warn(EC_OSPF_PACKET,
1746 "LSA[Type%d:%pI4]: O-bit abuse?",
1747 lsah->type, &lsah->id);
1748 continue;
1749 }
1750 #endif /* STRICT_OBIT_USAGE_CHECK */
1751
1752 /* Do not take in AS External Opaque-LSAs if we are a
1753 * stub. */
1754 if (lsah->type == OSPF_OPAQUE_AS_LSA
1755 && nbr->oi->area->external_routing
1756 != OSPF_AREA_DEFAULT) {
1757 if (IS_DEBUG_OSPF_EVENT)
1758 zlog_debug(
1759 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
1760 lsah->type,
1761 &lsah->id);
1762 continue;
1763 }
1764 } else if (IS_OPAQUE_LSA(lsah->type)) {
1765 flog_warn(EC_OSPF_PACKET,
1766 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1767 lsah->type, &lsah->id);
1768 continue;
1769 }
1770
1771 /* Create OSPF LSA instance. */
1772 lsa = ospf_lsa_new_and_data(length);
1773
1774 lsa->vrf_id = oi->ospf->vrf_id;
1775 /* We may wish to put some error checking if type NSSA comes in
1776 and area not in NSSA mode */
1777 switch (lsah->type) {
1778 case OSPF_AS_EXTERNAL_LSA:
1779 case OSPF_OPAQUE_AS_LSA:
1780 lsa->area = NULL;
1781 break;
1782 case OSPF_OPAQUE_LINK_LSA:
1783 lsa->oi = oi; /* Remember incoming interface for
1784 flooding control. */
1785 /* Fallthrough */
1786 default:
1787 lsa->area = oi->area;
1788 break;
1789 }
1790
1791 memcpy(lsa->data, lsah, length);
1792
1793 if (IS_DEBUG_OSPF_EVENT)
1794 zlog_debug(
1795 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1796 lsa->data->type, &lsa->data->id,
1797 (void *)lsa);
1798 listnode_add(lsas, lsa);
1799 }
1800
1801 return lsas;
1802 }
1803
1804 /* Cleanup Update list. */
1805 static void ospf_upd_list_clean(struct list *lsas)
1806 {
1807 struct listnode *node, *nnode;
1808 struct ospf_lsa *lsa;
1809
1810 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1811 ospf_lsa_discard(lsa);
1812
1813 list_delete(&lsas);
1814 }
1815
1816 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1817 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1818 struct ospf_header *ospfh, struct stream *s,
1819 struct ospf_interface *oi, uint16_t size)
1820 {
1821 struct ospf_neighbor *nbr;
1822 struct list *lsas;
1823 struct listnode *node, *nnode;
1824 struct ospf_lsa *lsa = NULL;
1825 /* unsigned long ls_req_found = 0; */
1826
1827 /* Dis-assemble the stream, update each entry, re-encapsulate for
1828 * flooding */
1829
1830 /* Increment statistics. */
1831 oi->ls_upd_in++;
1832
1833 /* Check neighbor. */
1834 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1835 if (nbr == NULL) {
1836 flog_warn(EC_OSPF_PACKET,
1837 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1838 &ospfh->router_id, IF_NAME(oi));
1839 return;
1840 }
1841
1842 /* Add event to thread. */
1843 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1844
1845 /* Check neighbor state. */
1846 if (nbr->state < NSM_Exchange) {
1847 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1848 zlog_debug(
1849 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1850 &ospfh->router_id,
1851 lookup_msg(ospf_nsm_state_msg, nbr->state,
1852 NULL));
1853 return;
1854 }
1855
1856 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1857 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1858 * of section 13.
1859 */
1860 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1861
1862 if (lsas == NULL)
1863 return;
1864 #define DISCARD_LSA(L, N) \
1865 { \
1866 if (IS_DEBUG_OSPF_EVENT) \
1867 zlog_debug( \
1868 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1869 " Type-%d", \
1870 N, (void *)lsa, (int)lsa->data->type); \
1871 ospf_lsa_discard(L); \
1872 continue; \
1873 }
1874
1875 /* Process each LSA received in the one packet.
1876 *
1877 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1878 * text below are from the steps in RFC 2328, Section 13.
1879 */
1880 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1881 struct ospf_lsa *ls_ret, *current;
1882 int ret = 1;
1883
1884 if (IS_DEBUG_OSPF_NSSA) {
1885 char buf1[INET_ADDRSTRLEN];
1886 char buf2[INET_ADDRSTRLEN];
1887 char buf3[INET_ADDRSTRLEN];
1888
1889 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1890 lsa->data->type,
1891 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1892 INET_ADDRSTRLEN),
1893 inet_ntop(AF_INET, &lsa->data->id, buf2,
1894 INET_ADDRSTRLEN),
1895 inet_ntop(AF_INET, &lsa->data->adv_router,
1896 buf3, INET_ADDRSTRLEN));
1897 }
1898
1899 listnode_delete(lsas,
1900 lsa); /* We don't need it in list anymore */
1901
1902 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1903 */
1904
1905 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1906
1907 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1908 */
1909
1910 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1911 */
1912
1913 /* Do take in Type-7's if we are an NSSA */
1914
1915 /* If we are also an ABR, later translate them to a Type-5
1916 * packet */
1917
1918 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1919 translate them to a separate Type-5 packet. */
1920
1921 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1922 /* Reject from STUB or NSSA */
1923 if (nbr->oi->area->external_routing
1924 != OSPF_AREA_DEFAULT) {
1925 if (IS_DEBUG_OSPF_NSSA)
1926 zlog_debug(
1927 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1928 DISCARD_LSA(lsa, 1);
1929 }
1930
1931 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1932 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1933 if (IS_DEBUG_OSPF_NSSA)
1934 zlog_debug(
1935 "Incoming NSSA LSA Discarded: Not NSSA Area");
1936 DISCARD_LSA(lsa, 2);
1937 }
1938
1939 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1940 if (lsa->data->type == OSPF_ROUTER_LSA)
1941 if (!IPV4_ADDR_SAME(&lsa->data->id,
1942 &lsa->data->adv_router)) {
1943 char buf1[INET_ADDRSTRLEN];
1944 char buf2[INET_ADDRSTRLEN];
1945 char buf3[INET_ADDRSTRLEN];
1946
1947 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1948 "Incoming Router-LSA from %s with Adv-ID[%s] != LS-ID[%s]",
1949 inet_ntop(AF_INET, &ospfh->router_id,
1950 buf1, INET_ADDRSTRLEN),
1951 inet_ntop(AF_INET, &lsa->data->id,
1952 buf2, INET_ADDRSTRLEN),
1953 inet_ntop(AF_INET,
1954 &lsa->data->adv_router, buf3,
1955 INET_ADDRSTRLEN));
1956 flog_err(
1957 EC_OSPF_DOMAIN_CORRUPT,
1958 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
1959 DISCARD_LSA(lsa, 0);
1960 }
1961
1962 /* Find the LSA in the current database. */
1963
1964 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1965
1966 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1967 currently
1968 no instance of the LSA in the router's link state database,
1969 and none of router's neighbors are in states Exchange or
1970 Loading,
1971 then take the following actions: */
1972
1973 if (IS_LSA_MAXAGE(lsa) && !current
1974 && ospf_check_nbr_status(oi->ospf)) {
1975 /* (4a) Response Link State Acknowledgment. */
1976 ospf_ls_ack_send(nbr, lsa);
1977
1978 /* (4b) Discard LSA. */
1979 if (IS_DEBUG_OSPF(lsa, LSA)) {
1980 zlog_debug(
1981 "Link State Update[%s]: LS age is equal to MaxAge.",
1982 dump_lsa_key(lsa));
1983 }
1984 DISCARD_LSA(lsa, 3);
1985 }
1986
1987 if (IS_OPAQUE_LSA(lsa->data->type)
1988 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1989 &oi->ospf->router_id)) {
1990 /*
1991 * Even if initial flushing seems to be completed, there
1992 * might
1993 * be a case that self-originated LSA with MaxAge still
1994 * remain
1995 * in the routing domain.
1996 * Just send an LSAck message to cease retransmission.
1997 */
1998 if (IS_LSA_MAXAGE(lsa)) {
1999 zlog_info("LSA[%s]: Boomerang effect?",
2000 dump_lsa_key(lsa));
2001 ospf_ls_ack_send(nbr, lsa);
2002 ospf_lsa_discard(lsa);
2003
2004 if (current != NULL && !IS_LSA_MAXAGE(current))
2005 ospf_opaque_lsa_refresh_schedule(
2006 current);
2007 continue;
2008 }
2009
2010 /*
2011 * If an instance of self-originated Opaque-LSA is not
2012 * found
2013 * in the LSDB, there are some possible cases here.
2014 *
2015 * 1) This node lost opaque-capability after restart.
2016 * 2) Else, a part of opaque-type is no more supported.
2017 * 3) Else, a part of opaque-id is no more supported.
2018 *
2019 * Anyway, it is still this node's responsibility to
2020 * flush it.
2021 * Otherwise, the LSA instance remains in the routing
2022 * domain
2023 * until its age reaches to MaxAge.
2024 */
2025 /* XXX: We should deal with this for *ALL* LSAs, not
2026 * just opaque */
2027 if (current == NULL) {
2028 if (IS_DEBUG_OSPF_EVENT)
2029 zlog_debug(
2030 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
2031 dump_lsa_key(lsa));
2032
2033 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2034
2035 ospf_ls_ack_send(nbr, lsa);
2036
2037 ospf_opaque_self_originated_lsa_received(nbr,
2038 lsa);
2039 continue;
2040 }
2041 }
2042
2043 /* It might be happen that received LSA is self-originated
2044 * network LSA, but
2045 * router ID is changed. So, we should check if LSA is a
2046 * network-LSA whose
2047 * Link State ID is one of the router's own IP interface
2048 * addresses but whose
2049 * Advertising Router is not equal to the router's own Router ID
2050 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2051 * flushed.
2052 */
2053
2054 if (lsa->data->type == OSPF_NETWORK_LSA) {
2055 struct listnode *oinode, *oinnode;
2056 struct ospf_interface *out_if;
2057 int Flag = 0;
2058
2059 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2060 oinnode, out_if)) {
2061 if (out_if == NULL)
2062 break;
2063
2064 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2065 &lsa->data->id))
2066 && (!(IPV4_ADDR_SAME(
2067 &oi->ospf->router_id,
2068 &lsa->data->adv_router)))) {
2069 if (out_if->network_lsa_self) {
2070 ospf_lsa_flush_area(
2071 lsa, out_if->area);
2072 if (IS_DEBUG_OSPF_EVENT)
2073 zlog_debug(
2074 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2075 (void *)lsa,
2076 (int)lsa->data
2077 ->type);
2078 ospf_lsa_discard(lsa);
2079 Flag = 1;
2080 }
2081 break;
2082 }
2083 }
2084 if (Flag)
2085 continue;
2086 }
2087
2088 /* (5) Find the instance of this LSA that is currently contained
2089 in the router's link state database. If there is no
2090 database copy, or the received LSA is more recent than
2091 the database copy the following steps must be performed.
2092 (The sub steps from RFC 2328 section 13 step (5) will be
2093 performed in
2094 ospf_flood() ) */
2095
2096 if (current == NULL
2097 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2098 /* CVE-2017-3224 */
2099 if (current && (lsa->data->ls_seqnum ==
2100 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2101 && !IS_LSA_MAXAGE(lsa))) {
2102 zlog_debug(
2103 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2104 dump_lsa_key(lsa));
2105
2106 DISCARD_LSA(lsa, 4);
2107 }
2108
2109 /* Actual flooding procedure. */
2110 if (ospf_flood(oi->ospf, nbr, current, lsa)
2111 < 0) /* Trap NSSA later. */
2112 DISCARD_LSA(lsa, 5);
2113 continue;
2114 }
2115
2116 /* (6) Else, If there is an instance of the LSA on the sending
2117 neighbor's Link state request list, an error has occurred in
2118 the Database Exchange process. In this case, restart the
2119 Database Exchange process by generating the neighbor event
2120 BadLSReq for the sending neighbor and stop processing the
2121 Link State Update packet. */
2122
2123 if (ospf_ls_request_lookup(nbr, lsa)) {
2124 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2125 flog_warn(
2126 EC_OSPF_PACKET,
2127 "LSA[%s] instance exists on Link state request list",
2128 dump_lsa_key(lsa));
2129
2130 /* Clean list of LSAs. */
2131 ospf_upd_list_clean(lsas);
2132 /* this lsa is not on lsas list already. */
2133 ospf_lsa_discard(lsa);
2134 return;
2135 }
2136
2137 /* If the received LSA is the same instance as the database copy
2138 (i.e., neither one is more recent) the following two steps
2139 should be performed: */
2140
2141 if (ret == 0) {
2142 /* If the LSA is listed in the Link state retransmission
2143 list
2144 for the receiving adjacency, the router itself is
2145 expecting
2146 an acknowledgment for this LSA. The router should
2147 treat the
2148 received LSA as an acknowledgment by removing the LSA
2149 from
2150 the Link state retransmission list. This is termed
2151 an
2152 "implied acknowledgment". */
2153
2154 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2155
2156 if (ls_ret != NULL) {
2157 ospf_ls_retransmit_delete(nbr, ls_ret);
2158
2159 /* Delayed acknowledgment sent if advertisement
2160 received
2161 from Designated Router, otherwise do nothing.
2162 */
2163 if (oi->state == ISM_Backup)
2164 if (NBR_IS_DR(nbr))
2165 listnode_add(
2166 oi->ls_ack,
2167 ospf_lsa_lock(lsa));
2168
2169 DISCARD_LSA(lsa, 6);
2170 } else
2171 /* Acknowledge the receipt of the LSA by sending a
2172 Link State Acknowledgment packet back out the
2173 receiving
2174 interface. */
2175 {
2176 ospf_ls_ack_send(nbr, lsa);
2177 DISCARD_LSA(lsa, 7);
2178 }
2179 }
2180
2181 /* The database copy is more recent. If the database copy
2182 has LS age equal to MaxAge and LS sequence number equal to
2183 MaxSequenceNumber, simply discard the received LSA without
2184 acknowledging it. (In this case, the LSA's LS sequence number
2185 is
2186 wrapping, and the MaxSequenceNumber LSA must be completely
2187 flushed before any new LSA instance can be introduced). */
2188
2189 else if (ret > 0) /* Database copy is more recent */
2190 {
2191 if (IS_LSA_MAXAGE(current)
2192 && current->data->ls_seqnum
2193 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2194 DISCARD_LSA(lsa, 8);
2195 }
2196 /* Otherwise, as long as the database copy has not been
2197 sent in a
2198 Link State Update within the last MinLSArrival
2199 seconds, send the
2200 database copy back to the sending neighbor,
2201 encapsulated within
2202 a Link State Update Packet. The Link State Update
2203 Packet should
2204 be sent directly to the neighbor. In so doing, do not
2205 put the
2206 database copy of the LSA on the neighbor's link state
2207 retransmission list, and do not acknowledge the
2208 received (less
2209 recent) LSA instance. */
2210 else {
2211 if (monotime_since(&current->tv_orig, NULL)
2212 >= ospf->min_ls_arrival * 1000LL)
2213 /* Trap NSSA type later.*/
2214 ospf_ls_upd_send_lsa(
2215 nbr, current,
2216 OSPF_SEND_PACKET_DIRECT);
2217 DISCARD_LSA(lsa, 9);
2218 }
2219 }
2220 }
2221 #undef DISCARD_LSA
2222
2223 assert(listcount(lsas) == 0);
2224 list_delete(&lsas);
2225 }
2226
2227 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2228 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2229 struct stream *s, struct ospf_interface *oi,
2230 uint16_t size)
2231 {
2232 struct ospf_neighbor *nbr;
2233
2234 /* increment statistics. */
2235 oi->ls_ack_in++;
2236
2237 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2238 if (nbr == NULL) {
2239 flog_warn(EC_OSPF_PACKET,
2240 "Link State Acknowledgment: Unknown Neighbor %pI4",
2241 &ospfh->router_id);
2242 return;
2243 }
2244
2245 /* Add event to thread. */
2246 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2247
2248 if (nbr->state < NSM_Exchange) {
2249 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2250 zlog_debug(
2251 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2252 &ospfh->router_id,
2253 lookup_msg(ospf_nsm_state_msg, nbr->state,
2254 NULL));
2255 return;
2256 }
2257
2258 while (size >= OSPF_LSA_HEADER_SIZE) {
2259 struct ospf_lsa *lsa, *lsr;
2260
2261 lsa = ospf_lsa_new();
2262 lsa->data = (struct lsa_header *)stream_pnt(s);
2263 lsa->vrf_id = oi->ospf->vrf_id;
2264
2265 /* lsah = (struct lsa_header *) stream_pnt (s); */
2266 size -= OSPF_LSA_HEADER_SIZE;
2267 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2268
2269 if (lsa->data->type < OSPF_MIN_LSA
2270 || lsa->data->type >= OSPF_MAX_LSA) {
2271 lsa->data = NULL;
2272 ospf_lsa_discard(lsa);
2273 continue;
2274 }
2275
2276 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2277
2278 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2279 ospf_ls_retransmit_delete(nbr, lsr);
2280
2281 lsa->data = NULL;
2282 ospf_lsa_discard(lsa);
2283 }
2284
2285 return;
2286 }
2287
2288 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2289 struct interface **ifp,
2290 struct stream *ibuf)
2291 {
2292 int ret;
2293 struct ip *iph;
2294 uint16_t ip_len;
2295 ifindex_t ifindex = 0;
2296 struct iovec iov;
2297 /* Header and data both require alignment. */
2298 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2299 struct msghdr msgh;
2300
2301 memset(&msgh, 0, sizeof(struct msghdr));
2302 msgh.msg_iov = &iov;
2303 msgh.msg_iovlen = 1;
2304 msgh.msg_control = (caddr_t)buff;
2305 msgh.msg_controllen = sizeof(buff);
2306
2307 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2308 OSPF_MAX_PACKET_SIZE + 1);
2309 if (ret < 0) {
2310 if (errno != EAGAIN && errno != EWOULDBLOCK)
2311 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2312 safe_strerror(errno));
2313 return NULL;
2314 }
2315 if ((unsigned int)ret < sizeof(struct ip)) {
2316 flog_warn(
2317 EC_OSPF_PACKET,
2318 "ospf_recv_packet: discarding runt packet of length %d (ip header size is %u)",
2319 ret, (unsigned int)sizeof(iph));
2320 return NULL;
2321 }
2322
2323 /* Note that there should not be alignment problems with this assignment
2324 because this is at the beginning of the stream data buffer. */
2325 iph = (struct ip *)STREAM_DATA(ibuf);
2326 sockopt_iphdrincl_swab_systoh(iph);
2327
2328 ip_len = iph->ip_len;
2329
2330 #if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
2331 /*
2332 * Kernel network code touches incoming IP header parameters,
2333 * before protocol specific processing.
2334 *
2335 * 1) Convert byteorder to host representation.
2336 * --> ip_len, ip_id, ip_off
2337 *
2338 * 2) Adjust ip_len to strip IP header size!
2339 * --> If user process receives entire IP packet via RAW
2340 * socket, it must consider adding IP header size to
2341 * the "ip_len" field of "ip" structure.
2342 *
2343 * For more details, see <netinet/ip_input.c>.
2344 */
2345 ip_len = ip_len + (iph->ip_hl << 2);
2346 #endif
2347
2348 #if defined(__DragonFly__)
2349 /*
2350 * in DragonFly's raw socket, ip_len/ip_off are read
2351 * in network byte order.
2352 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2353 */
2354 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2355 #endif
2356
2357 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2358
2359 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2360
2361 if (ret != ip_len) {
2362 flog_warn(
2363 EC_OSPF_PACKET,
2364 "ospf_recv_packet read length mismatch: ip_len is %d, but recvmsg returned %d",
2365 ip_len, ret);
2366 return NULL;
2367 }
2368
2369 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2370 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2371 ospf_get_name(ospf), ifindex,
2372 *ifp ? (*ifp)->name : "Unknown");
2373 return ibuf;
2374 }
2375
2376 static struct ospf_interface *
2377 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2378 struct ip *iph, struct ospf_header *ospfh)
2379 {
2380 struct ospf_interface *rcv_oi;
2381 struct ospf_vl_data *vl_data;
2382 struct ospf_area *vl_area;
2383 struct listnode *node;
2384
2385 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2386 || !OSPF_IS_AREA_BACKBONE(ospfh))
2387 return NULL;
2388
2389 /* look for local OSPF interface matching the destination
2390 * to determine Area ID. We presume therefore the destination address
2391 * is unique, or at least (for "unnumbered" links), not used in other
2392 * areas
2393 */
2394 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2395 == NULL)
2396 return NULL;
2397
2398 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2399 vl_area =
2400 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2401 if (!vl_area)
2402 continue;
2403
2404 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2405 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2406 if (IS_DEBUG_OSPF_EVENT)
2407 zlog_debug("associating packet with %s",
2408 IF_NAME(vl_data->vl_oi));
2409 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2410 if (IS_DEBUG_OSPF_EVENT)
2411 zlog_debug(
2412 "This VL is not up yet, sorry");
2413 return NULL;
2414 }
2415
2416 return vl_data->vl_oi;
2417 }
2418 }
2419
2420 if (IS_DEBUG_OSPF_EVENT)
2421 zlog_debug("couldn't find any VL to associate the packet with");
2422
2423 return NULL;
2424 }
2425
2426 static int ospf_check_area_id(struct ospf_interface *oi,
2427 struct ospf_header *ospfh)
2428 {
2429 /* Check match the Area ID of the receiving interface. */
2430 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2431 return 1;
2432
2433 return 0;
2434 }
2435
2436 /* Unbound socket will accept any Raw IP packets if proto is matched.
2437 To prevent it, compare src IP address and i/f address with masking
2438 i/f network mask. */
2439 static int ospf_check_network_mask(struct ospf_interface *oi,
2440 struct in_addr ip_src)
2441 {
2442 struct in_addr mask, me, him;
2443
2444 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2445 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2446 return 1;
2447
2448 masklen2ip(oi->address->prefixlen, &mask);
2449
2450 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2451 him.s_addr = ip_src.s_addr & mask.s_addr;
2452
2453 if (IPV4_ADDR_SAME(&me, &him))
2454 return 1;
2455
2456 return 0;
2457 }
2458
2459 /* Return 1, if the packet is properly authenticated and checksummed,
2460 0 otherwise. In particular, check that AuType header field is valid and
2461 matches the locally configured AuType, and that D.5 requirements are met. */
2462 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2463 {
2464 struct crypt_key *ck;
2465 uint16_t iface_auth_type;
2466 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2467
2468 switch (pkt_auth_type) {
2469 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2470 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2471 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2472 flog_warn(
2473 EC_OSPF_PACKET,
2474 "interface %s: auth-type mismatch, local %s, rcvd Null",
2475 IF_NAME(oi),
2476 lookup_msg(ospf_auth_type_str,
2477 iface_auth_type, NULL));
2478 return 0;
2479 }
2480 if (!ospf_check_sum(ospfh)) {
2481 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2482 flog_warn(
2483 EC_OSPF_PACKET,
2484 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
2485 IF_NAME(oi),
2486 &ospfh->router_id);
2487 return 0;
2488 }
2489 return 1;
2490 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2491 if (OSPF_AUTH_SIMPLE
2492 != (iface_auth_type = ospf_auth_type(oi))) {
2493 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2494 flog_warn(
2495 EC_OSPF_PACKET,
2496 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2497 IF_NAME(oi),
2498 lookup_msg(ospf_auth_type_str,
2499 iface_auth_type, NULL));
2500 return 0;
2501 }
2502 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2503 OSPF_AUTH_SIMPLE_SIZE)) {
2504 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2505 flog_warn(EC_OSPF_PACKET,
2506 "interface %s: Simple auth failed",
2507 IF_NAME(oi));
2508 return 0;
2509 }
2510 if (!ospf_check_sum(ospfh)) {
2511 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2512 flog_warn(
2513 EC_OSPF_PACKET,
2514 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
2515 IF_NAME(oi),
2516 &ospfh->router_id);
2517 return 0;
2518 }
2519 return 1;
2520 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2521 if (OSPF_AUTH_CRYPTOGRAPHIC
2522 != (iface_auth_type = ospf_auth_type(oi))) {
2523 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2524 flog_warn(
2525 EC_OSPF_PACKET,
2526 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2527 IF_NAME(oi),
2528 lookup_msg(ospf_auth_type_str,
2529 iface_auth_type, NULL));
2530 return 0;
2531 }
2532 if (ospfh->checksum) {
2533 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2534 flog_warn(
2535 EC_OSPF_PACKET,
2536 "interface %s: OSPF header checksum is not 0",
2537 IF_NAME(oi));
2538 return 0;
2539 }
2540 /* only MD5 crypto method can pass ospf_packet_examin() */
2541 if (NULL == (ck = listgetdata(
2542 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2543 || ospfh->u.crypt.key_id != ck->key_id ||
2544 /* Condition above uses the last key ID on the list,
2545 which is
2546 different from what ospf_crypt_key_lookup() does. A
2547 bug? */
2548 !ospf_check_md5_digest(oi, ospfh)) {
2549 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2550 flog_warn(EC_OSPF_MD5,
2551 "interface %s: MD5 auth failed",
2552 IF_NAME(oi));
2553 return 0;
2554 }
2555 return 1;
2556 default:
2557 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2558 flog_warn(
2559 EC_OSPF_PACKET,
2560 "interface %s: invalid packet auth-type (%02x)",
2561 IF_NAME(oi), pkt_auth_type);
2562 return 0;
2563 }
2564 }
2565
2566 static int ospf_check_sum(struct ospf_header *ospfh)
2567 {
2568 uint32_t ret;
2569 uint16_t sum;
2570
2571 /* clear auth_data for checksum. */
2572 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2573
2574 /* keep checksum and clear. */
2575 sum = ospfh->checksum;
2576 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2577
2578 /* calculate checksum. */
2579 ret = in_cksum(ospfh, ntohs(ospfh->length));
2580
2581 if (ret != sum) {
2582 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2583 ret, sum);
2584 return 0;
2585 }
2586
2587 return 1;
2588 }
2589
2590 /* Verify, that given link/TOS records are properly sized/aligned and match
2591 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2592 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2593 uint16_t linkbytes,
2594 const uint16_t num_links)
2595 {
2596 unsigned counted_links = 0, thislinklen;
2597
2598 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
2599 thislinklen =
2600 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2601 if (thislinklen > linkbytes) {
2602 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2603 zlog_debug("%s: length error in link block #%u",
2604 __func__, counted_links);
2605 return MSG_NG;
2606 }
2607 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2608 linkbytes -= thislinklen;
2609 counted_links++;
2610 }
2611 if (counted_links != num_links) {
2612 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2613 zlog_debug("%s: %u link blocks declared, %u present",
2614 __func__, num_links, counted_links);
2615 return MSG_NG;
2616 }
2617 return MSG_OK;
2618 }
2619
2620 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2621 minimum length constraint). */
2622 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2623 const uint8_t headeronly)
2624 {
2625 unsigned ret;
2626 struct router_lsa *rlsa;
2627 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2628 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2629 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2630 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2631 lookup_msg(ospf_lsa_type_msg, lsah->type,
2632 NULL));
2633 return MSG_NG;
2634 }
2635 switch (lsah->type) {
2636 case OSPF_ROUTER_LSA: {
2637 /*
2638 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2639 * (12+)-byte link blocks
2640 */
2641 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2642 - OSPF_ROUTER_LSA_MIN_SIZE;
2643
2644 /*
2645 * LSA link blocks are variable length but always multiples of
2646 * 4; basic sanity check
2647 */
2648 if (linkbytes_len % 4 != 0)
2649 return MSG_NG;
2650
2651 if (headeronly)
2652 return MSG_OK;
2653
2654 rlsa = (struct router_lsa *)lsah;
2655
2656 ret = ospf_router_lsa_links_examin(
2657 (struct router_lsa_link *)rlsa->link,
2658 linkbytes_len,
2659 ntohs(rlsa->links));
2660 break;
2661 }
2662 case OSPF_AS_EXTERNAL_LSA:
2663 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2664 * blocks */
2665 case OSPF_AS_NSSA_LSA:
2666 /* RFC3101 C, idem */
2667 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2668 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2669 % 12
2670 ? MSG_NG
2671 : MSG_OK;
2672 break;
2673 /* Following LSA types are considered OK length-wise as soon as their
2674 * minimum
2675 * length constraint is met and length of the whole LSA is a multiple of
2676 * 4
2677 * (basic LSA header size is already a multiple of 4). */
2678 case OSPF_NETWORK_LSA:
2679 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2680 case OSPF_SUMMARY_LSA:
2681 case OSPF_ASBR_SUMMARY_LSA:
2682 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2683 * blocks */
2684 case OSPF_OPAQUE_LINK_LSA:
2685 case OSPF_OPAQUE_AREA_LSA:
2686 case OSPF_OPAQUE_AS_LSA:
2687 /* RFC5250 A.2, "some number of octets (of application-specific
2688 * data) padded to 32-bit alignment." This is considered
2689 * equivalent
2690 * to 4-byte alignment of all other LSA types, see
2691 * OSPF-ALIGNMENT.txt
2692 * file for the detailed analysis of this passage. */
2693 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2694 break;
2695 default:
2696 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2697 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2698 lsah->type);
2699 return MSG_NG;
2700 }
2701 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2702 zlog_debug("%s: alignment error in %s", __func__,
2703 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2704 return ret;
2705 }
2706
2707 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2708 includes verification of LSA blocks length/alignment and dispatching
2709 of deeper-level checks. */
2710 static unsigned
2711 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2712 size_t length, const uint8_t headeronly,
2713 /* When declared_num_lsas is not 0, compare it to the real
2714 number of LSAs
2715 and treat the difference as an error. */
2716 const uint32_t declared_num_lsas)
2717 {
2718 uint32_t counted_lsas = 0;
2719
2720 while (length) {
2721 uint16_t lsalen;
2722 if (length < OSPF_LSA_HEADER_SIZE) {
2723 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2724 zlog_debug(
2725 "%s: undersized (%zu B) trailing (#%u) LSA header",
2726 __func__, length, counted_lsas);
2727 return MSG_NG;
2728 }
2729 /* save on ntohs() calls here and in the LSA validator */
2730 lsalen = ntohs(lsah->length);
2731 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2732 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2733 zlog_debug(
2734 "%s: malformed LSA header #%u, declared length is %u B",
2735 __func__, counted_lsas, lsalen);
2736 return MSG_NG;
2737 }
2738 if (headeronly) {
2739 /* less checks here and in ospf_lsa_examin() */
2740 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2741 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2742 zlog_debug(
2743 "%s: malformed header-only LSA #%u",
2744 __func__, counted_lsas);
2745 return MSG_NG;
2746 }
2747 lsah = (struct lsa_header *)((caddr_t)lsah
2748 + OSPF_LSA_HEADER_SIZE);
2749 length -= OSPF_LSA_HEADER_SIZE;
2750 } else {
2751 /* make sure the input buffer is deep enough before
2752 * further checks */
2753 if (lsalen > length) {
2754 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2755 zlog_debug(
2756 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2757 __func__, counted_lsas, lsalen,
2758 length);
2759 return MSG_NG;
2760 }
2761 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2762 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2763 zlog_debug("%s: malformed LSA #%u",
2764 __func__, counted_lsas);
2765 return MSG_NG;
2766 }
2767 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2768 length -= lsalen;
2769 }
2770 counted_lsas++;
2771 }
2772
2773 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2774 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2775 zlog_debug(
2776 "%s: #LSAs declared (%u) does not match actual (%u)",
2777 __func__, declared_num_lsas, counted_lsas);
2778 return MSG_NG;
2779 }
2780 return MSG_OK;
2781 }
2782
2783 /* Verify a complete OSPF packet for proper sizing/alignment. */
2784 static unsigned ospf_packet_examin(struct ospf_header *oh,
2785 const unsigned bytesonwire)
2786 {
2787 uint16_t bytesdeclared, bytesauth;
2788 unsigned ret;
2789 struct ospf_ls_update *lsupd;
2790
2791 /* Length, 1st approximation. */
2792 if (bytesonwire < OSPF_HEADER_SIZE) {
2793 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2794 zlog_debug("%s: undersized (%u B) packet", __func__,
2795 bytesonwire);
2796 return MSG_NG;
2797 }
2798 /* Now it is safe to access header fields. Performing length check,
2799 * allow
2800 * for possible extra bytes of crypto auth/padding, which are not
2801 * counted
2802 * in the OSPF header "length" field. */
2803 if (oh->version != OSPF_VERSION) {
2804 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2805 zlog_debug("%s: invalid (%u) protocol version",
2806 __func__, oh->version);
2807 return MSG_NG;
2808 }
2809 bytesdeclared = ntohs(oh->length);
2810 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2811 bytesauth = 0;
2812 else {
2813 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2814 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2815 zlog_debug(
2816 "%s: unsupported crypto auth length (%u B)",
2817 __func__, oh->u.crypt.auth_data_len);
2818 return MSG_NG;
2819 }
2820 bytesauth = OSPF_AUTH_MD5_SIZE;
2821 }
2822 if (bytesdeclared + bytesauth > bytesonwire) {
2823 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2824 zlog_debug(
2825 "%s: packet length error (%u real, %u+%u declared)",
2826 __func__, bytesonwire, bytesdeclared,
2827 bytesauth);
2828 return MSG_NG;
2829 }
2830 /* Length, 2nd approximation. The type-specific constraint is checked
2831 against declared length, not amount of bytes on wire. */
2832 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2833 && bytesdeclared
2834 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2835 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2836 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2837 bytesdeclared,
2838 lookup_msg(ospf_packet_type_str, oh->type,
2839 NULL));
2840 return MSG_NG;
2841 }
2842 switch (oh->type) {
2843 case OSPF_MSG_HELLO:
2844 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2845 followed
2846 by N>=0 router-IDs. */
2847 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2848 % 4
2849 ? MSG_NG
2850 : MSG_OK;
2851 break;
2852 case OSPF_MSG_DB_DESC:
2853 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2854 followed
2855 by N>=0 header-only LSAs. */
2856 ret = ospf_lsaseq_examin(
2857 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2858 + OSPF_DB_DESC_MIN_SIZE),
2859 bytesdeclared - OSPF_HEADER_SIZE
2860 - OSPF_DB_DESC_MIN_SIZE,
2861 1, /* header-only LSAs */
2862 0);
2863 break;
2864 case OSPF_MSG_LS_REQ:
2865 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2866 * request blocks. */
2867 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2868 % OSPF_LSA_KEY_SIZE
2869 ? MSG_NG
2870 : MSG_OK;
2871 break;
2872 case OSPF_MSG_LS_UPD:
2873 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2874 followed
2875 by N>=0 full LSAs (with N declared beforehand). */
2876 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2877 + OSPF_HEADER_SIZE);
2878 ret = ospf_lsaseq_examin(
2879 (struct lsa_header *)((caddr_t)lsupd
2880 + OSPF_LS_UPD_MIN_SIZE),
2881 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2882 0, /* full LSAs */
2883 ntohl(lsupd->num_lsas) /* 32 bits */
2884 );
2885 break;
2886 case OSPF_MSG_LS_ACK:
2887 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2888 * LSAs. */
2889 ret = ospf_lsaseq_examin(
2890 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2891 + OSPF_LS_ACK_MIN_SIZE),
2892 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2893 1, /* header-only LSAs */
2894 0);
2895 break;
2896 default:
2897 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2898 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2899 oh->type);
2900 return MSG_NG;
2901 }
2902 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2903 zlog_debug("%s: malformed %s packet", __func__,
2904 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2905 return ret;
2906 }
2907
2908 /* OSPF Header verification. */
2909 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2910 struct ip *iph, struct ospf_header *ospfh)
2911 {
2912 /* Check Area ID. */
2913 if (!ospf_check_area_id(oi, ospfh)) {
2914 flog_warn(EC_OSPF_PACKET,
2915 "interface %s: ospf_read invalid Area ID %pI4",
2916 IF_NAME(oi), &ospfh->area_id);
2917 return -1;
2918 }
2919
2920 /* Check network mask, Silently discarded. */
2921 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2922 flog_warn(
2923 EC_OSPF_PACKET,
2924 "interface %s: ospf_read network address is not same [%pI4]",
2925 IF_NAME(oi), &iph->ip_src);
2926 return -1;
2927 }
2928
2929 /* Check authentication. The function handles logging actions, where
2930 * required. */
2931 if (!ospf_check_auth(oi, ospfh))
2932 return -1;
2933
2934 return 0;
2935 }
2936
2937 enum ospf_read_return_enum {
2938 OSPF_READ_ERROR,
2939 OSPF_READ_CONTINUE,
2940 };
2941
2942 static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
2943 {
2944 int ret;
2945 struct stream *ibuf;
2946 struct ospf_interface *oi;
2947 struct ip *iph;
2948 struct ospf_header *ospfh;
2949 uint16_t length;
2950 struct connected *c;
2951 struct interface *ifp = NULL;
2952
2953 stream_reset(ospf->ibuf);
2954 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2955 if (ibuf == NULL)
2956 return OSPF_READ_ERROR;
2957
2958 /*
2959 * This raw packet is known to be at least as big as its
2960 * IP header. Note that there should not be alignment problems with
2961 * this assignment because this is at the beginning of the
2962 * stream data buffer.
2963 */
2964 iph = (struct ip *)STREAM_DATA(ibuf);
2965 /*
2966 * Note that sockopt_iphdrincl_swab_systoh was called in
2967 * ospf_recv_packet.
2968 */
2969 if (ifp == NULL) {
2970 /*
2971 * Handle cases where the platform does not support
2972 * retrieving the ifindex, and also platforms (such as
2973 * Solaris 8) that claim to support ifindex retrieval but do
2974 * not.
2975 */
2976 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2977 ospf->vrf_id);
2978 if (c)
2979 ifp = c->ifp;
2980 if (ifp == NULL) {
2981 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2982 zlog_debug(
2983 "%s: Unable to determine incoming interface from: %pI4(%s)",
2984 __func__, &iph->ip_src,
2985 ospf_get_name(ospf));
2986 return OSPF_READ_CONTINUE;
2987 }
2988 }
2989
2990 /* Self-originated packet should be discarded silently. */
2991 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2992 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2993 zlog_debug(
2994 "ospf_read[%pI4]: Dropping self-originated packet",
2995 &iph->ip_src);
2996 }
2997 return OSPF_READ_CONTINUE;
2998 }
2999
3000 /* Check that we have enough for an IP header */
3001 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3002 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3003 flog_warn(
3004 EC_OSPF_PACKET,
3005 "Rx'd IP packet with OSPF protocol number but no payload");
3006 } else {
3007 flog_warn(
3008 EC_OSPF_PACKET,
3009 "IP header length field claims header is %u bytes, but we only have %zu",
3010 (unsigned int)(iph->ip_hl << 2),
3011 STREAM_READABLE(ibuf));
3012 }
3013
3014 return OSPF_READ_ERROR;
3015 }
3016 stream_forward_getp(ibuf, iph->ip_hl << 2);
3017
3018 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3019 if (MSG_OK
3020 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3021 - stream_get_getp(ibuf)))
3022 return OSPF_READ_CONTINUE;
3023 /* Now it is safe to access all fields of OSPF packet header. */
3024
3025 /* associate packet with ospf interface */
3026 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3027
3028 /*
3029 * ospf_verify_header() relies on a valid "oi" and thus can be called
3030 * only after the passive/backbone/other checks below are passed.
3031 * These checks in turn access the fields of unverified "ospfh"
3032 * structure for their own purposes and must remain very accurate
3033 * in doing this.
3034 */
3035
3036 /* If incoming interface is passive one, ignore it. */
3037 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3038 char buf[3][INET_ADDRSTRLEN];
3039
3040 if (IS_DEBUG_OSPF_EVENT)
3041 zlog_debug(
3042 "ignoring packet from router %s sent to %s, received on a passive interface, %s",
3043 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3044 sizeof(buf[0])),
3045 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3046 sizeof(buf[1])),
3047 inet_ntop(AF_INET, &oi->address->u.prefix4,
3048 buf[2], sizeof(buf[2])));
3049
3050 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3051 /* Try to fix multicast membership.
3052 * Some OS:es may have problems in this area,
3053 * make sure it is removed.
3054 */
3055 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3056 ospf_if_set_multicast(oi);
3057 }
3058 return OSPF_READ_CONTINUE;
3059 }
3060
3061
3062 /* if no local ospf_interface,
3063 * or header area is backbone but ospf_interface is not
3064 * check for VLINK interface
3065 */
3066 if ((oi == NULL)
3067 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3068 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3069 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3070 == NULL) {
3071 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3072 zlog_debug(
3073 "Packet from [%pI4] received on link %s but no ospf_interface",
3074 &iph->ip_src, ifp->name);
3075 return OSPF_READ_CONTINUE;
3076 }
3077 }
3078
3079 /*
3080 * else it must be a local ospf interface, check it was
3081 * received on correct link
3082 */
3083 else if (oi->ifp != ifp) {
3084 if (IS_DEBUG_OSPF_EVENT)
3085 flog_warn(EC_OSPF_PACKET,
3086 "Packet from [%pI4] received on wrong link %s",
3087 &iph->ip_src, ifp->name);
3088 return OSPF_READ_CONTINUE;
3089 } else if (oi->state == ISM_Down) {
3090 char buf[2][INET_ADDRSTRLEN];
3091
3092 flog_warn(
3093 EC_OSPF_PACKET,
3094 "Ignoring packet from %s to %s received on interface that is down [%s]; interface flags are %s",
3095 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3096 sizeof(buf[0])),
3097 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3098 sizeof(buf[1])),
3099 ifp->name, if_flag_dump(ifp->flags));
3100 /* Fix multicast memberships? */
3101 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3102 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3103 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3104 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3105 if (oi->multicast_memberships)
3106 ospf_if_set_multicast(oi);
3107 return OSPF_READ_CONTINUE;
3108 }
3109
3110 /*
3111 * If the received packet is destined for AllDRouters, the
3112 * packet should be accepted only if the received ospf
3113 * interface state is either DR or Backup -- endo.
3114 *
3115 * I wonder who endo is?
3116 */
3117 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3118 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3119 flog_warn(
3120 EC_OSPF_PACKET,
3121 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3122 &iph->ip_src, IF_NAME(oi),
3123 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3124 /* Try to fix multicast membership. */
3125 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3126 ospf_if_set_multicast(oi);
3127 return OSPF_READ_CONTINUE;
3128 }
3129
3130 /* Verify more OSPF header fields. */
3131 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3132 if (ret < 0) {
3133 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3134 zlog_debug(
3135 "ospf_read[%pI4]: Header check failed, dropping.",
3136 &iph->ip_src);
3137 return OSPF_READ_CONTINUE;
3138 }
3139
3140 /* Show debug receiving packet. */
3141 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3142 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3143 zlog_debug(
3144 "-----------------------------------------------------");
3145 ospf_packet_dump(ibuf);
3146 }
3147
3148 zlog_debug("%s received from [%pI4] via [%s]",
3149 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3150 &ospfh->router_id, IF_NAME(oi));
3151 zlog_debug(" src [%pI4],", &iph->ip_src);
3152 zlog_debug(" dst [%pI4]", &iph->ip_dst);
3153
3154 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3155 zlog_debug(
3156 "-----------------------------------------------------");
3157 }
3158
3159 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3160
3161 /* Adjust size to message length. */
3162 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3163
3164 /* Read rest of the packet and call each sort of packet routine.
3165 */
3166 switch (ospfh->type) {
3167 case OSPF_MSG_HELLO:
3168 ospf_hello(iph, ospfh, ibuf, oi, length);
3169 break;
3170 case OSPF_MSG_DB_DESC:
3171 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3172 break;
3173 case OSPF_MSG_LS_REQ:
3174 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3175 break;
3176 case OSPF_MSG_LS_UPD:
3177 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3178 break;
3179 case OSPF_MSG_LS_ACK:
3180 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3181 break;
3182 default:
3183 flog_warn(
3184 EC_OSPF_PACKET,
3185 "interface %s(%s): OSPF packet header type %d is illegal",
3186 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3187 break;
3188 }
3189
3190 return OSPF_READ_CONTINUE;
3191 }
3192
3193 /* Starting point of packet process function. */
3194 int ospf_read(struct thread *thread)
3195 {
3196 struct ospf *ospf;
3197 int32_t count = 0;
3198 enum ospf_read_return_enum ret;
3199
3200 /* first of all get interface pointer. */
3201 ospf = THREAD_ARG(thread);
3202
3203 /* prepare for next packet. */
3204 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3205
3206 while (count < ospf->write_oi_count) {
3207 count++;
3208 ret = ospf_read_helper(ospf);
3209 switch (ret) {
3210 case OSPF_READ_ERROR:
3211 return -1;
3212 case OSPF_READ_CONTINUE:
3213 break;
3214 }
3215 }
3216
3217 return 0;
3218 }
3219
3220 /* Make OSPF header. */
3221 static void ospf_make_header(int type, struct ospf_interface *oi,
3222 struct stream *s)
3223 {
3224 struct ospf_header *ospfh;
3225
3226 ospfh = (struct ospf_header *)STREAM_DATA(s);
3227
3228 ospfh->version = (uint8_t)OSPF_VERSION;
3229 ospfh->type = (uint8_t)type;
3230
3231 ospfh->router_id = oi->ospf->router_id;
3232
3233 ospfh->checksum = 0;
3234 ospfh->area_id = oi->area->area_id;
3235 ospfh->auth_type = htons(ospf_auth_type(oi));
3236
3237 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3238
3239 stream_forward_endp(s, OSPF_HEADER_SIZE);
3240 }
3241
3242 /* Make Authentication Data. */
3243 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3244 {
3245 struct crypt_key *ck;
3246
3247 switch (ospf_auth_type(oi)) {
3248 case OSPF_AUTH_NULL:
3249 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3250 */
3251 break;
3252 case OSPF_AUTH_SIMPLE:
3253 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3254 OSPF_AUTH_SIMPLE_SIZE);
3255 break;
3256 case OSPF_AUTH_CRYPTOGRAPHIC:
3257 /* If key is not set, then set 0. */
3258 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3259 ospfh->u.crypt.zero = 0;
3260 ospfh->u.crypt.key_id = 0;
3261 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3262 } else {
3263 ck = listgetdata(
3264 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3265 ospfh->u.crypt.zero = 0;
3266 ospfh->u.crypt.key_id = ck->key_id;
3267 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3268 }
3269 /* note: the seq is done in ospf_make_md5_digest() */
3270 break;
3271 default:
3272 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3273 */
3274 break;
3275 }
3276
3277 return 0;
3278 }
3279
3280 /* Fill rest of OSPF header. */
3281 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3282 uint16_t length)
3283 {
3284 struct ospf_header *ospfh;
3285
3286 ospfh = (struct ospf_header *)STREAM_DATA(s);
3287
3288 /* Fill length. */
3289 ospfh->length = htons(length);
3290
3291 /* Calculate checksum. */
3292 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3293 ospfh->checksum = in_cksum(ospfh, length);
3294 else
3295 ospfh->checksum = 0;
3296
3297 /* Add Authentication Data. */
3298 ospf_make_auth(oi, ospfh);
3299 }
3300
3301 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3302 {
3303 struct ospf_neighbor *nbr;
3304 struct route_node *rn;
3305 uint16_t length = OSPF_HELLO_MIN_SIZE;
3306 struct in_addr mask;
3307 unsigned long p;
3308 int flag = 0;
3309
3310 /* Set netmask of interface. */
3311 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3312 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3313 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3314 masklen2ip(oi->address->prefixlen, &mask);
3315 else
3316 memset((char *)&mask, 0, sizeof(struct in_addr));
3317 stream_put_ipv4(s, mask.s_addr);
3318
3319 /* Set Hello Interval. */
3320 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3321 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3322 else
3323 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3324
3325 if (IS_DEBUG_OSPF_EVENT)
3326 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3327 IF_NAME(oi));
3328
3329 /* Set Options. */
3330 stream_putc(s, OPTIONS(oi));
3331
3332 /* Set Router Priority. */
3333 stream_putc(s, PRIORITY(oi));
3334
3335 /* Set Router Dead Interval. */
3336 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3337
3338 /* Set Designated Router. */
3339 stream_put_ipv4(s, DR(oi).s_addr);
3340
3341 p = stream_get_endp(s);
3342
3343 /* Set Backup Designated Router. */
3344 stream_put_ipv4(s, BDR(oi).s_addr);
3345
3346 /* Add neighbor seen. */
3347 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3348 if ((nbr = rn->info))
3349 if (nbr->router_id.s_addr
3350 != INADDR_ANY) /* Ignore 0.0.0.0 node. */
3351 if (nbr->state
3352 != NSM_Attempt) /* Ignore Down neighbor. */
3353 if (nbr->state
3354 != NSM_Down) /* This is myself for
3355 DR election. */
3356 if (!IPV4_ADDR_SAME(
3357 &nbr->router_id,
3358 &oi->ospf->router_id)) {
3359 /* Check neighbor is
3360 * sane? */
3361 if (nbr->d_router.s_addr
3362 != INADDR_ANY
3363 && IPV4_ADDR_SAME(
3364 &nbr->d_router,
3365 &oi->address
3366 ->u
3367 .prefix4)
3368 && IPV4_ADDR_SAME(
3369 &nbr->bd_router,
3370 &oi->address
3371 ->u
3372 .prefix4))
3373 flag = 1;
3374
3375 /* Hello packet overflows interface MTU. */
3376 if (length + sizeof(uint32_t)
3377 > ospf_packet_max(oi)) {
3378 flog_err(
3379 EC_OSPF_LARGE_HELLO,
3380 "Oversized Hello packet! Larger than MTU. Not sending it out");
3381 return 0;
3382 }
3383
3384 stream_put_ipv4(
3385 s,
3386 nbr->router_id
3387 .s_addr);
3388 length += 4;
3389 }
3390
3391 /* Let neighbor generate BackupSeen. */
3392 if (flag == 1)
3393 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3394
3395 return length;
3396 }
3397
3398 static int ospf_make_db_desc(struct ospf_interface *oi,
3399 struct ospf_neighbor *nbr, struct stream *s)
3400 {
3401 struct ospf_lsa *lsa;
3402 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3403 uint8_t options;
3404 unsigned long pp;
3405 int i;
3406 struct ospf_lsdb *lsdb;
3407
3408 /* Set Interface MTU. */
3409 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3410 stream_putw(s, 0);
3411 else
3412 stream_putw(s, oi->ifp->mtu);
3413
3414 /* Set Options. */
3415 options = OPTIONS(oi);
3416 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3417 SET_FLAG(options, OSPF_OPTION_O);
3418 stream_putc(s, options);
3419
3420 /* DD flags */
3421 pp = stream_get_endp(s);
3422 stream_putc(s, nbr->dd_flags);
3423
3424 /* Set DD Sequence Number. */
3425 stream_putl(s, nbr->dd_seqnum);
3426
3427 /* shortcut unneeded walk of (empty) summary LSDBs */
3428 if (ospf_db_summary_isempty(nbr))
3429 goto empty;
3430
3431 /* Describe LSA Header from Database Summary List. */
3432 lsdb = &nbr->db_sum;
3433
3434 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3435 struct route_table *table = lsdb->type[i].db;
3436 struct route_node *rn;
3437
3438 for (rn = route_top(table); rn; rn = route_next(rn))
3439 if ((lsa = rn->info) != NULL) {
3440 if (IS_OPAQUE_LSA(lsa->data->type)
3441 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3442 /* Suppress advertising
3443 * opaque-information. */
3444 /* Remove LSA from DB summary list. */
3445 ospf_lsdb_delete(lsdb, lsa);
3446 continue;
3447 }
3448
3449 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3450 struct lsa_header *lsah;
3451 uint16_t ls_age;
3452
3453 /* DD packet overflows interface MTU. */
3454 if (length + OSPF_LSA_HEADER_SIZE
3455 > ospf_packet_max(oi))
3456 break;
3457
3458 /* Keep pointer to LS age. */
3459 lsah = (struct lsa_header
3460 *)(STREAM_DATA(s)
3461 + stream_get_endp(
3462 s));
3463
3464 /* Proceed stream pointer. */
3465 stream_put(s, lsa->data,
3466 OSPF_LSA_HEADER_SIZE);
3467 length += OSPF_LSA_HEADER_SIZE;
3468
3469 /* Set LS age. */
3470 ls_age = LS_AGE(lsa);
3471 lsah->ls_age = htons(ls_age);
3472 }
3473
3474 /* Remove LSA from DB summary list. */
3475 ospf_lsdb_delete(lsdb, lsa);
3476 }
3477 }
3478
3479 /* Update 'More' bit */
3480 if (ospf_db_summary_isempty(nbr)) {
3481 empty:
3482 if (nbr->state >= NSM_Exchange) {
3483 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3484 /* Rewrite DD flags */
3485 stream_putc_at(s, pp, nbr->dd_flags);
3486 } else {
3487 assert(IS_SET_DD_M(nbr->dd_flags));
3488 }
3489 }
3490 return length;
3491 }
3492
3493 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3494 unsigned long delta, struct ospf_neighbor *nbr,
3495 struct ospf_lsa *lsa)
3496 {
3497 struct ospf_interface *oi;
3498
3499 oi = nbr->oi;
3500
3501 /* LS Request packet overflows interface MTU
3502 * delta is just number of bytes required for 1 LS Req
3503 * ospf_packet_max will return the number of bytes can
3504 * be accomodated without ospf header. So length+delta
3505 * can be compared to ospf_packet_max
3506 * to check if it can fit another lsreq in the same packet.
3507 */
3508
3509 if (*length + delta > ospf_packet_max(oi))
3510 return 0;
3511
3512 stream_putl(s, lsa->data->type);
3513 stream_put_ipv4(s, lsa->data->id.s_addr);
3514 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3515
3516 ospf_lsa_unlock(&nbr->ls_req_last);
3517 nbr->ls_req_last = ospf_lsa_lock(lsa);
3518
3519 *length += 12;
3520 return 1;
3521 }
3522
3523 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3524 {
3525 struct ospf_lsa *lsa;
3526 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3527 unsigned long delta = 12;
3528 struct route_table *table;
3529 struct route_node *rn;
3530 int i;
3531 struct ospf_lsdb *lsdb;
3532
3533 lsdb = &nbr->ls_req;
3534
3535 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3536 table = lsdb->type[i].db;
3537 for (rn = route_top(table); rn; rn = route_next(rn))
3538 if ((lsa = (rn->info)) != NULL)
3539 if (ospf_make_ls_req_func(s, &length, delta,
3540 nbr, lsa)
3541 == 0) {
3542 route_unlock_node(rn);
3543 break;
3544 }
3545 }
3546 return length;
3547 }
3548
3549 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3550 {
3551 int age;
3552
3553 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3554
3555 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3556 }
3557
3558 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3559 struct stream *s)
3560 {
3561 struct ospf_lsa *lsa;
3562 struct listnode *node;
3563 uint16_t length = 0;
3564 unsigned int size_noauth;
3565 unsigned long delta = stream_get_endp(s);
3566 unsigned long pp;
3567 int count = 0;
3568
3569 if (IS_DEBUG_OSPF_EVENT)
3570 zlog_debug("ospf_make_ls_upd: Start");
3571
3572 pp = stream_get_endp(s);
3573 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3574 length += OSPF_LS_UPD_MIN_SIZE;
3575
3576 /* Calculate amount of packet usable for data. */
3577 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3578
3579 while ((node = listhead(update)) != NULL) {
3580 struct lsa_header *lsah;
3581 uint16_t ls_age;
3582
3583 if (IS_DEBUG_OSPF_EVENT)
3584 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3585 count);
3586
3587 lsa = listgetdata(node);
3588
3589 assert(lsa->data);
3590
3591 /* Will it fit? Minimum it has to fit atleast one */
3592 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3593 (count > 0))
3594 break;
3595
3596 /* Keep pointer to LS age. */
3597 lsah = (struct lsa_header *)(STREAM_DATA(s)
3598 + stream_get_endp(s));
3599
3600 /* Put LSA to Link State Request. */
3601 stream_put(s, lsa->data, ntohs(lsa->data->length));
3602
3603 /* Set LS age. */
3604 /* each hop must increment an lsa_age by transmit_delay
3605 of OSPF interface */
3606 ls_age = ls_age_increment(lsa,
3607 OSPF_IF_PARAM(oi, transmit_delay));
3608 lsah->ls_age = htons(ls_age);
3609
3610 length += ntohs(lsa->data->length);
3611 count++;
3612
3613 list_delete_node(update, node);
3614 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3615 }
3616
3617 /* Now set #LSAs. */
3618 stream_putl_at(s, pp, count);
3619
3620 if (IS_DEBUG_OSPF_EVENT)
3621 zlog_debug("ospf_make_ls_upd: Stop");
3622 return length;
3623 }
3624
3625 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3626 struct stream *s)
3627 {
3628 struct listnode *node, *nnode;
3629 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3630 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3631 struct ospf_lsa *lsa;
3632
3633 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3634 assert(lsa);
3635
3636 /* LS Ack packet overflows interface MTU
3637 * delta is just number of bytes required for
3638 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3639 * the number of bytes can be accomodated without
3640 * ospf header. So length+delta can be compared
3641 * against ospf_packet_max to check if it can fit
3642 * another ls header in the same packet.
3643 */
3644 if ((length + delta) > ospf_packet_max(oi))
3645 break;
3646
3647 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3648 length += OSPF_LSA_HEADER_SIZE;
3649
3650 listnode_delete(ack, lsa);
3651 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3652 }
3653
3654 return length;
3655 }
3656
3657 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3658 {
3659 struct ospf_packet *op;
3660 uint16_t length = OSPF_HEADER_SIZE;
3661
3662 op = ospf_packet_new(oi->ifp->mtu);
3663
3664 /* Prepare OSPF common header. */
3665 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3666
3667 /* Prepare OSPF Hello body. */
3668 length += ospf_make_hello(oi, op->s);
3669 if (length == OSPF_HEADER_SIZE) {
3670 /* Hello overshooting MTU */
3671 ospf_packet_free(op);
3672 return;
3673 }
3674
3675 /* Fill OSPF header. */
3676 ospf_fill_header(oi, op->s, length);
3677
3678 /* Set packet length. */
3679 op->length = length;
3680
3681 op->dst.s_addr = addr;
3682
3683 if (IS_DEBUG_OSPF_EVENT) {
3684 if (oi->ospf->vrf_id)
3685 zlog_debug(
3686 "%s: Hello Tx interface %s ospf vrf %s id %u",
3687 __func__, oi->ifp->name,
3688 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3689 oi->ospf->vrf_id);
3690 }
3691 /* Add packet to the top of the interface output queue, so that they
3692 * can't get delayed by things like long queues of LS Update packets
3693 */
3694 ospf_packet_add_top(oi, op);
3695
3696 /* Hook thread to write packet. */
3697 OSPF_ISM_WRITE_ON(oi->ospf);
3698 }
3699
3700 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3701 {
3702 struct ospf_interface *oi;
3703
3704 oi = nbr_nbma->oi;
3705 assert(oi);
3706
3707 /* If this is passive interface, do not send OSPF Hello. */
3708 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3709 return;
3710
3711 if (oi->type != OSPF_IFTYPE_NBMA)
3712 return;
3713
3714 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3715 return;
3716
3717 if (PRIORITY(oi) == 0)
3718 return;
3719
3720 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3721 && oi->state != ISM_Backup)
3722 return;
3723
3724 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3725 }
3726
3727 int ospf_poll_timer(struct thread *thread)
3728 {
3729 struct ospf_nbr_nbma *nbr_nbma;
3730
3731 nbr_nbma = THREAD_ARG(thread);
3732 nbr_nbma->t_poll = NULL;
3733
3734 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3735 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3736 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
3737
3738 ospf_poll_send(nbr_nbma);
3739
3740 if (nbr_nbma->v_poll > 0)
3741 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3742 nbr_nbma->v_poll);
3743
3744 return 0;
3745 }
3746
3747
3748 int ospf_hello_reply_timer(struct thread *thread)
3749 {
3750 struct ospf_neighbor *nbr;
3751
3752 nbr = THREAD_ARG(thread);
3753 nbr->t_hello_reply = NULL;
3754
3755 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3756 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3757 IF_NAME(nbr->oi), &nbr->router_id);
3758
3759 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3760
3761 return 0;
3762 }
3763
3764 /* Send OSPF Hello. */
3765 void ospf_hello_send(struct ospf_interface *oi)
3766 {
3767 /* If this is passive interface, do not send OSPF Hello. */
3768 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3769 return;
3770
3771 if (oi->type == OSPF_IFTYPE_NBMA) {
3772 struct ospf_neighbor *nbr;
3773 struct route_node *rn;
3774
3775 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3776 if ((nbr = rn->info))
3777 if (nbr != oi->nbr_self)
3778 if (nbr->state != NSM_Down) {
3779 /* RFC 2328 Section 9.5.1
3780 If the router is not
3781 eligible to become Designated
3782 Router,
3783 it must periodically send
3784 Hello Packets to both the
3785 Designated Router and the
3786 Backup Designated Router (if
3787 they
3788 exist). */
3789 if (PRIORITY(oi) == 0
3790 && IPV4_ADDR_CMP(
3791 &DR(oi),
3792 &nbr->address.u
3793 .prefix4)
3794 && IPV4_ADDR_CMP(
3795 &BDR(oi),
3796 &nbr->address.u
3797 .prefix4))
3798 continue;
3799
3800 /* If the router is eligible to
3801 become Designated Router, it
3802 must periodically send Hello
3803 Packets to all neighbors that
3804 are also eligible. In
3805 addition, if the router is
3806 itself the
3807 Designated Router or Backup
3808 Designated Router, it must
3809 also
3810 send periodic Hello Packets
3811 to all other neighbors. */
3812
3813 if (nbr->priority == 0
3814 && oi->state == ISM_DROther)
3815 continue;
3816 /* if oi->state == Waiting, send
3817 * hello to all neighbors */
3818 ospf_hello_send_sub(
3819 oi,
3820 nbr->address.u.prefix4
3821 .s_addr);
3822 }
3823 } else {
3824 /* Decide destination address. */
3825 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3826 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3827 else
3828 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3829 }
3830 }
3831
3832 /* Send OSPF Database Description. */
3833 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3834 {
3835 struct ospf_interface *oi;
3836 struct ospf_packet *op;
3837 uint16_t length = OSPF_HEADER_SIZE;
3838
3839 oi = nbr->oi;
3840 op = ospf_packet_new(oi->ifp->mtu);
3841
3842 /* Prepare OSPF common header. */
3843 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3844
3845 /* Prepare OSPF Database Description body. */
3846 length += ospf_make_db_desc(oi, nbr, op->s);
3847
3848 /* Fill OSPF header. */
3849 ospf_fill_header(oi, op->s, length);
3850
3851 /* Set packet length. */
3852 op->length = length;
3853
3854 /* Decide destination address. */
3855 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3856 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3857 else
3858 op->dst = nbr->address.u.prefix4;
3859
3860 /* Add packet to the interface output queue. */
3861 ospf_packet_add(oi, op);
3862
3863 /* Hook thread to write packet. */
3864 OSPF_ISM_WRITE_ON(oi->ospf);
3865
3866 /* Remove old DD packet, then copy new one and keep in neighbor
3867 * structure. */
3868 if (nbr->last_send)
3869 ospf_packet_free(nbr->last_send);
3870 nbr->last_send = ospf_packet_dup(op);
3871 monotime(&nbr->last_send_ts);
3872 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3873 zlog_info(
3874 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
3875 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3876 &nbr->router_id, nbr->dd_seqnum,
3877 nbr->dd_flags);
3878 }
3879
3880 /* Re-send Database Description. */
3881 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3882 {
3883 struct ospf_interface *oi;
3884
3885 oi = nbr->oi;
3886
3887 /* Add packet to the interface output queue. */
3888 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3889
3890 /* Hook thread to write packet. */
3891 OSPF_ISM_WRITE_ON(oi->ospf);
3892 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3893 zlog_info(
3894 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
3895 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3896 &nbr->router_id, nbr->dd_seqnum,
3897 nbr->dd_flags);
3898 }
3899
3900 /* Send Link State Request. */
3901 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3902 {
3903 struct ospf_interface *oi;
3904 struct ospf_packet *op;
3905 uint16_t length = OSPF_HEADER_SIZE;
3906
3907 oi = nbr->oi;
3908 op = ospf_packet_new(oi->ifp->mtu);
3909
3910 /* Prepare OSPF common header. */
3911 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3912
3913 /* Prepare OSPF Link State Request body. */
3914 length += ospf_make_ls_req(nbr, op->s);
3915 if (length == OSPF_HEADER_SIZE) {
3916 ospf_packet_free(op);
3917 return;
3918 }
3919
3920 /* Fill OSPF header. */
3921 ospf_fill_header(oi, op->s, length);
3922
3923 /* Set packet length. */
3924 op->length = length;
3925
3926 /* Decide destination address. */
3927 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3928 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3929 else
3930 op->dst = nbr->address.u.prefix4;
3931
3932 /* Add packet to the interface output queue. */
3933 ospf_packet_add(oi, op);
3934
3935 /* Hook thread to write packet. */
3936 OSPF_ISM_WRITE_ON(oi->ospf);
3937
3938 /* Add Link State Request Retransmission Timer. */
3939 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3940 }
3941
3942 /* Send Link State Update with an LSA. */
3943 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3944 int flag)
3945 {
3946 struct list *update;
3947
3948 update = list_new();
3949
3950 listnode_add(update, lsa);
3951
3952 /*ospf instance is going down, send self originated
3953 * MAXAGE LSA update to neighbors to remove from LSDB */
3954 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3955 ospf_ls_upd_send(nbr, update, flag, 1);
3956 else
3957 ospf_ls_upd_send(nbr, update, flag, 0);
3958
3959 list_delete(&update);
3960 }
3961
3962 /* Determine size for packet. Must be at least big enough to accomodate next
3963 * LSA on list, which may be bigger than MTU size.
3964 *
3965 * Return pointer to new ospf_packet
3966 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3967 * on packet sizes (in which case offending LSA is deleted from update list)
3968 */
3969 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3970 struct ospf_interface *oi)
3971 {
3972 struct ospf_lsa *lsa;
3973 struct listnode *ln;
3974 size_t size;
3975 static char warned = 0;
3976
3977 lsa = listgetdata((ln = listhead(update)));
3978 assert(lsa->data);
3979
3980 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3981 > ospf_packet_max(oi)) {
3982 if (!warned) {
3983 flog_warn(
3984 EC_OSPF_LARGE_LSA,
3985 "ospf_ls_upd_packet_new: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'");
3986 warned = 1;
3987 }
3988
3989 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3990 zlog_debug(
3991 "ospf_ls_upd_packet_new: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
3992 &lsa->data->id,
3993 ntohs(lsa->data->length),
3994 &lsa->data->adv_router);
3995
3996 /*
3997 * Allocate just enough to fit this LSA only, to avoid including
3998 * other
3999 * LSAs in fragmented LSA Updates.
4000 */
4001 size = ntohs(lsa->data->length)
4002 + (oi->ifp->mtu - ospf_packet_max(oi))
4003 + OSPF_LS_UPD_MIN_SIZE;
4004 } else
4005 size = oi->ifp->mtu;
4006
4007 if (size > OSPF_MAX_PACKET_SIZE) {
4008 flog_warn(EC_OSPF_LARGE_LSA,
4009 "ospf_ls_upd_packet_new: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
4010 &lsa->data->id, ntohs(lsa->data->length),
4011 (long int)size);
4012 list_delete_node(update, ln);
4013 return NULL;
4014 }
4015
4016 /* IP header is built up separately by ospf_write(). This means, that we
4017 * must
4018 * reduce the "affordable" size just calculated by length of an IP
4019 * header.
4020 * This makes sure, that even if we manage to fill the payload with LSA
4021 * data
4022 * completely, the final packet (our data plus IP header) still fits
4023 * into
4024 * outgoing interface MTU. This correction isn't really meaningful for
4025 * an
4026 * oversized LSA, but for consistency the correction is done for both
4027 * cases.
4028 *
4029 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4030 */
4031 return ospf_packet_new(size - sizeof(struct ip));
4032 }
4033
4034 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4035 struct list *update, struct in_addr addr,
4036 int send_lsupd_now)
4037 {
4038 struct ospf_packet *op;
4039 uint16_t length = OSPF_HEADER_SIZE;
4040
4041 if (IS_DEBUG_OSPF_EVENT)
4042 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4043 IF_NAME(oi), &addr);
4044
4045 /* Check that we have really something to process */
4046 if (listcount(update) == 0)
4047 return;
4048
4049 op = ospf_ls_upd_packet_new(update, oi);
4050
4051 /* Prepare OSPF common header. */
4052 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4053
4054 /* Prepare OSPF Link State Update body.
4055 * Includes Type-7 translation.
4056 */
4057 length += ospf_make_ls_upd(oi, update, op->s);
4058
4059 /* Fill OSPF header. */
4060 ospf_fill_header(oi, op->s, length);
4061
4062 /* Set packet length. */
4063 op->length = length;
4064
4065 /* Decide destination address. */
4066 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4067 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4068 else
4069 op->dst.s_addr = addr.s_addr;
4070
4071 /* Add packet to the interface output queue. */
4072 ospf_packet_add(oi, op);
4073 /* Call ospf_write() right away to send ospf packets to neighbors */
4074 if (send_lsupd_now) {
4075 struct thread os_packet_thd;
4076
4077 os_packet_thd.arg = (void *)oi->ospf;
4078 if (oi->on_write_q == 0) {
4079 listnode_add(oi->ospf->oi_write_q, oi);
4080 oi->on_write_q = 1;
4081 }
4082 ospf_write(&os_packet_thd);
4083 /*
4084 * We are fake calling ospf_write with a fake
4085 * thread. Imagine that we have oi_a already
4086 * enqueued and we have turned on the write
4087 * thread(t_write).
4088 * Now this function calls this for oi_b
4089 * so the on_write_q has oi_a and oi_b on
4090 * it, ospf_write runs and clears the packets
4091 * for both oi_a and oi_b. Removing them from
4092 * the on_write_q. After this thread of execution
4093 * finishes we will execute the t_write thread
4094 * with nothing in the on_write_q causing an
4095 * assert. So just make sure that the t_write
4096 * is actually turned off.
4097 */
4098 if (list_isempty(oi->ospf->oi_write_q))
4099 OSPF_TIMER_OFF(oi->ospf->t_write);
4100 } else {
4101 /* Hook thread to write packet. */
4102 OSPF_ISM_WRITE_ON(oi->ospf);
4103 }
4104 }
4105
4106 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4107 {
4108 struct ospf_interface *oi = THREAD_ARG(thread);
4109 struct route_node *rn;
4110 struct route_node *rnext;
4111 struct list *update;
4112 char again = 0;
4113
4114 oi->t_ls_upd_event = NULL;
4115
4116 if (IS_DEBUG_OSPF_EVENT)
4117 zlog_debug("ospf_ls_upd_send_queue start");
4118
4119 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4120 rnext = route_next(rn);
4121
4122 if (rn->info == NULL)
4123 continue;
4124
4125 update = (struct list *)rn->info;
4126
4127 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4128
4129 /* list might not be empty. */
4130 if (listcount(update) == 0) {
4131 list_delete((struct list **)&rn->info);
4132 route_unlock_node(rn);
4133 } else
4134 again = 1;
4135 }
4136
4137 if (again != 0) {
4138 if (IS_DEBUG_OSPF_EVENT)
4139 zlog_debug(
4140 "ospf_ls_upd_send_queue: update lists not cleared, %d nodes to try again, raising new event",
4141 again);
4142 oi->t_ls_upd_event = NULL;
4143 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4144 &oi->t_ls_upd_event);
4145 }
4146
4147 if (IS_DEBUG_OSPF_EVENT)
4148 zlog_debug("ospf_ls_upd_send_queue stop");
4149
4150 return 0;
4151 }
4152
4153 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4154 int send_lsupd_now)
4155 {
4156 struct ospf_interface *oi;
4157 struct ospf_lsa *lsa;
4158 struct prefix_ipv4 p;
4159 struct route_node *rn;
4160 struct listnode *node;
4161
4162 oi = nbr->oi;
4163
4164 p.family = AF_INET;
4165 p.prefixlen = IPV4_MAX_BITLEN;
4166
4167 /* Decide destination address. */
4168 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4169 p.prefix = oi->vl_data->peer_addr;
4170 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4171 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4172 else if (flag == OSPF_SEND_PACKET_DIRECT)
4173 p.prefix = nbr->address.u.prefix4;
4174 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4175 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4176 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4177 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4178 else
4179 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4180
4181 if (oi->type == OSPF_IFTYPE_NBMA) {
4182 if (flag == OSPF_SEND_PACKET_INDIRECT)
4183 flog_warn(
4184 EC_OSPF_PACKET,
4185 "* LS-Update is directly sent on NBMA network.");
4186 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4187 flog_warn(EC_OSPF_PACKET,
4188 "* LS-Update is sent to myself.");
4189 }
4190
4191 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4192
4193 if (rn->info == NULL)
4194 rn->info = list_new();
4195 else
4196 route_unlock_node(rn);
4197
4198 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4199 listnode_add(rn->info,
4200 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4201 if (send_lsupd_now) {
4202 struct list *send_update_list;
4203 struct route_node *rnext;
4204
4205 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4206 rnext = route_next(rn);
4207
4208 if (rn->info == NULL)
4209 continue;
4210
4211 send_update_list = (struct list *)rn->info;
4212
4213 ospf_ls_upd_queue_send(oi, send_update_list,
4214 rn->p.u.prefix4, 1);
4215 }
4216 } else
4217 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4218 &oi->t_ls_upd_event);
4219 }
4220
4221 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4222 struct in_addr dst)
4223 {
4224 struct ospf_packet *op;
4225 uint16_t length = OSPF_HEADER_SIZE;
4226
4227 op = ospf_packet_new(oi->ifp->mtu);
4228
4229 /* Prepare OSPF common header. */
4230 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4231
4232 /* Prepare OSPF Link State Acknowledgment body. */
4233 length += ospf_make_ls_ack(oi, ack, op->s);
4234
4235 /* Fill OSPF header. */
4236 ospf_fill_header(oi, op->s, length);
4237
4238 /* Set packet length. */
4239 op->length = length;
4240
4241 /* Decide destination address. */
4242 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4243 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4244 else
4245 op->dst.s_addr = dst.s_addr;
4246
4247 /* Add packet to the interface output queue. */
4248 ospf_packet_add(oi, op);
4249
4250 /* Hook thread to write packet. */
4251 OSPF_ISM_WRITE_ON(oi->ospf);
4252 }
4253
4254 static int ospf_ls_ack_send_event(struct thread *thread)
4255 {
4256 struct ospf_interface *oi = THREAD_ARG(thread);
4257
4258 oi->t_ls_ack_direct = NULL;
4259
4260 while (listcount(oi->ls_ack_direct.ls_ack))
4261 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4262 oi->ls_ack_direct.dst);
4263
4264 return 0;
4265 }
4266
4267 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4268 {
4269 struct ospf_interface *oi = nbr->oi;
4270
4271 if (IS_GRACE_LSA(lsa)) {
4272 if (IS_DEBUG_OSPF_GR_HELPER)
4273 zlog_debug("%s, Sending GRACE ACK to Restarter.",
4274 __PRETTY_FUNCTION__);
4275 }
4276
4277 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4278 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4279
4280 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4281
4282 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4283 &oi->t_ls_ack_direct);
4284 }
4285
4286 /* Send Link State Acknowledgment delayed. */
4287 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4288 {
4289 struct in_addr dst;
4290
4291 /* Decide destination address. */
4292 /* RFC2328 Section 13.5 On non-broadcast
4293 networks, delayed Link State Acknowledgment packets must be
4294 unicast separately over each adjacency (i.e., neighbor whose
4295 state is >= Exchange). */
4296 if (oi->type == OSPF_IFTYPE_NBMA) {
4297 struct ospf_neighbor *nbr;
4298 struct route_node *rn;
4299
4300 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4301 if ((nbr = rn->info) != NULL)
4302 if (nbr != oi->nbr_self
4303 && nbr->state >= NSM_Exchange)
4304 while (listcount(oi->ls_ack))
4305 ospf_ls_ack_send_list(
4306 oi, oi->ls_ack,
4307 nbr->address.u.prefix4);
4308 return;
4309 }
4310 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4311 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4312 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4313 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4314 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4315 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4316 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4317 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4318 else
4319 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4320
4321 while (listcount(oi->ls_ack))
4322 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4323 }
4324
4325 /*
4326 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4327 * address. As a result, the kernel does not need to learn the interface
4328 * MAC of the OSPF neighbor. However, in our world, this will delay
4329 * convergence. Take the case when due to a link flap, all routes now
4330 * want to use an interface which was deemed to be costlier prior to this
4331 * event. For routes that will be installed, the missing MAC will have
4332 * punt-to-CPU set on them. This may overload the CPU control path that
4333 * can be avoided if the MAC was known apriori.
4334 */
4335 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4336 {
4337 if (!nbr || !nbr->oi->ospf->proactive_arp)
4338 return;
4339
4340 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
4341 }
FRRouting mirror