]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge commit '78986c0' into tmp-3.0-master-merge
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38
39 #include "ospfd/ospfd.h"
40 #include "ospfd/ospf_network.h"
41 #include "ospfd/ospf_interface.h"
42 #include "ospfd/ospf_ism.h"
43 #include "ospfd/ospf_asbr.h"
44 #include "ospfd/ospf_lsa.h"
45 #include "ospfd/ospf_lsdb.h"
46 #include "ospfd/ospf_neighbor.h"
47 #include "ospfd/ospf_nsm.h"
48 #include "ospfd/ospf_packet.h"
49 #include "ospfd/ospf_spf.h"
50 #include "ospfd/ospf_flood.h"
51 #include "ospfd/ospf_dump.h"
52
53 /*
54 * OSPF Fragmentation / fragmented writes
55 *
56 * ospfd can support writing fragmented packets, for cases where
57 * kernel will not fragment IP_HDRINCL and/or multicast destined
58 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
59 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
60 * flags fields, hence user-space fragmentation will not work.
61 * Only Linux is known to leave IP header unmolested.
62 * Further, fragmentation really should be done the kernel, which already
63 * supports it, and which avoids nasty IP ID state problems.
64 *
65 * Fragmentation of OSPF packets can be required on networks with router
66 * with many many interfaces active in one area, or on networks with links
67 * with low MTUs.
68 */
69 #ifdef GNU_LINUX
70 #define WANT_OSPF_WRITE_FRAGMENT
71 #endif
72
73 /* Packet Type String. */
74 const struct message ospf_packet_type_str[] = {
75 {OSPF_MSG_HELLO, "Hello"},
76 {OSPF_MSG_DB_DESC, "Database Description"},
77 {OSPF_MSG_LS_REQ, "Link State Request"},
78 {OSPF_MSG_LS_UPD, "Link State Update"},
79 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
80 {0}};
81
82 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
83 particular types, offset is the "type" field of a packet. */
84 static const u_int16_t ospf_packet_minlen[] = {
85 0,
86 OSPF_HELLO_MIN_SIZE,
87 OSPF_DB_DESC_MIN_SIZE,
88 OSPF_LS_REQ_MIN_SIZE,
89 OSPF_LS_UPD_MIN_SIZE,
90 OSPF_LS_ACK_MIN_SIZE,
91 };
92
93 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
94 types, offset is the "LSA type" field. */
95 static const u_int16_t ospf_lsa_minlen[] = {
96 0,
97 OSPF_ROUTER_LSA_MIN_SIZE,
98 OSPF_NETWORK_LSA_MIN_SIZE,
99 OSPF_SUMMARY_LSA_MIN_SIZE,
100 OSPF_SUMMARY_LSA_MIN_SIZE,
101 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
102 0,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 0,
106 0,
107 0,
108 };
109
110 /* for ospf_check_auth() */
111 static int ospf_check_sum(struct ospf_header *);
112
113 /* OSPF authentication checking function */
114 static int ospf_auth_type(struct ospf_interface *oi)
115 {
116 int auth_type;
117
118 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
119 auth_type = oi->area->auth_type;
120 else
121 auth_type = OSPF_IF_PARAM(oi, auth_type);
122
123 /* Handle case where MD5 key list is not configured aka Cisco */
124 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
125 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
126 return OSPF_AUTH_NULL;
127
128 return auth_type;
129 }
130
131 struct ospf_packet *ospf_packet_new(size_t size)
132 {
133 struct ospf_packet *new;
134
135 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
136 new->s = stream_new(size);
137
138 return new;
139 }
140
141 void ospf_packet_free(struct ospf_packet *op)
142 {
143 if (op->s)
144 stream_free(op->s);
145
146 XFREE(MTYPE_OSPF_PACKET, op);
147
148 op = NULL;
149 }
150
151 struct ospf_fifo *ospf_fifo_new()
152 {
153 struct ospf_fifo *new;
154
155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
157 }
158
159 /* Add new packet to fifo. */
160 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
161 {
162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
166
167 fifo->tail = op;
168
169 fifo->count++;
170 }
171
172 /* Add new packet to head of fifo. */
173 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
174 {
175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
183 }
184
185 /* Delete first packet from fifo. */
186 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
187 {
188 struct ospf_packet *op;
189
190 op = fifo->head;
191
192 if (op) {
193 fifo->head = op->next;
194
195 if (fifo->head == NULL)
196 fifo->tail = NULL;
197
198 fifo->count--;
199 }
200
201 return op;
202 }
203
204 /* Return first fifo entry. */
205 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
206 {
207 return fifo->head;
208 }
209
210 /* Flush ospf packet fifo. */
211 void ospf_fifo_flush(struct ospf_fifo *fifo)
212 {
213 struct ospf_packet *op;
214 struct ospf_packet *next;
215
216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
222 }
223
224 /* Free ospf packet fifo. */
225 void ospf_fifo_free(struct ospf_fifo *fifo)
226 {
227 ospf_fifo_flush(fifo);
228
229 XFREE(MTYPE_OSPF_FIFO, fifo);
230 }
231
232 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
233 {
234 if (!oi->obuf) {
235 zlog_err(
236 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
237 "destination %s) called with NULL obuf, ignoring "
238 "(please report this bug)!\n",
239 IF_NAME(oi), oi->state,
240 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
241 lookup_msg(ospf_packet_type_str,
242 stream_getc_from(op->s, 1), NULL),
243 inet_ntoa(op->dst));
244 return;
245 }
246
247 /* Add packet to end of queue. */
248 ospf_fifo_push(oi->obuf, op);
249
250 /* Debug of packet fifo*/
251 /* ospf_fifo_debug (oi->obuf); */
252 }
253
254 static void ospf_packet_add_top(struct ospf_interface *oi,
255 struct ospf_packet *op)
256 {
257 if (!oi->obuf) {
258 zlog_err(
259 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
260 "destination %s) called with NULL obuf, ignoring "
261 "(please report this bug)!\n",
262 IF_NAME(oi), oi->state,
263 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
264 lookup_msg(ospf_packet_type_str,
265 stream_getc_from(op->s, 1), NULL),
266 inet_ntoa(op->dst));
267 return;
268 }
269
270 /* Add packet to head of queue. */
271 ospf_fifo_push_head(oi->obuf, op);
272
273 /* Debug of packet fifo*/
274 /* ospf_fifo_debug (oi->obuf); */
275 }
276
277 void ospf_packet_delete(struct ospf_interface *oi)
278 {
279 struct ospf_packet *op;
280
281 op = ospf_fifo_pop(oi->obuf);
282
283 if (op)
284 ospf_packet_free(op);
285 }
286
287 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
288 {
289 struct ospf_packet *new;
290
291 if (stream_get_endp(op->s) != op->length)
292 /* XXX size_t */
293 zlog_warn(
294 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
295 (u_long)STREAM_SIZE(op->s), op->length);
296
297 /* Reserve space for MD5 authentication that may be added later. */
298 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
299 stream_copy(new->s, op->s);
300
301 new->dst = op->dst;
302 new->length = op->length;
303
304 return new;
305 }
306
307 /* XXX inline */
308 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
309 {
310 int auth = 0;
311
312 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
313 auth = OSPF_AUTH_MD5_SIZE;
314
315 return auth;
316 }
317
318 static unsigned int ospf_packet_max(struct ospf_interface *oi)
319 {
320 int max;
321
322 max = oi->ifp->mtu - ospf_packet_authspace(oi);
323
324 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
325
326 return max;
327 }
328
329
330 static int ospf_check_md5_digest(struct ospf_interface *oi,
331 struct ospf_header *ospfh)
332 {
333 MD5_CTX ctx;
334 unsigned char digest[OSPF_AUTH_MD5_SIZE];
335 struct crypt_key *ck;
336 struct ospf_neighbor *nbr;
337 u_int16_t length = ntohs(ospfh->length);
338
339 /* Get secret key. */
340 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
341 ospfh->u.crypt.key_id);
342 if (ck == NULL) {
343 zlog_warn("interface %s: ospf_check_md5 no key %d", IF_NAME(oi),
344 ospfh->u.crypt.key_id);
345 return 0;
346 }
347
348 /* check crypto seqnum. */
349 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
350
351 if (nbr
352 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
353 zlog_warn(
354 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
355 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
356 ntohl(nbr->crypt_seqnum));
357 return 0;
358 }
359
360 /* Generate a digest for the ospf packet - their digest + our digest. */
361 memset(&ctx, 0, sizeof(ctx));
362 MD5Init(&ctx);
363 MD5Update(&ctx, ospfh, length);
364 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
365 MD5Final(digest, &ctx);
366
367 /* compare the two */
368 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
369 zlog_warn("interface %s: ospf_check_md5 checksum mismatch",
370 IF_NAME(oi));
371 return 0;
372 }
373
374 /* save neighbor's crypt_seqnum */
375 if (nbr)
376 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
377 return 1;
378 }
379
380 /* This function is called from ospf_write(), it will detect the
381 authentication scheme and if it is MD5, it will change the sequence
382 and update the MD5 digest. */
383 static int ospf_make_md5_digest(struct ospf_interface *oi,
384 struct ospf_packet *op)
385 {
386 struct ospf_header *ospfh;
387 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
388 MD5_CTX ctx;
389 void *ibuf;
390 u_int32_t t;
391 struct crypt_key *ck;
392 const u_int8_t *auth_key;
393
394 ibuf = STREAM_DATA(op->s);
395 ospfh = (struct ospf_header *)ibuf;
396
397 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
398 return 0;
399
400 /* We do this here so when we dup a packet, we don't have to
401 waste CPU rewriting other headers.
402
403 Note that quagga_time /deliberately/ is not used here */
404 t = (time(NULL) & 0xFFFFFFFF);
405 if (t > oi->crypt_seqnum)
406 oi->crypt_seqnum = t;
407 else
408 oi->crypt_seqnum++;
409
410 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
411
412 /* Get MD5 Authentication key from auth_key list. */
413 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
414 auth_key = (const u_int8_t *)digest;
415 else {
416 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
417 auth_key = ck->auth_key;
418 }
419
420 /* Generate a digest for the entire packet + our secret key. */
421 memset(&ctx, 0, sizeof(ctx));
422 MD5Init(&ctx);
423 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
424 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 MD5Final(digest, &ctx);
426
427 /* Append md5 digest to the end of the stream. */
428 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
429
430 /* We do *NOT* increment the OSPF header length. */
431 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
432
433 if (stream_get_endp(op->s) != op->length)
434 /* XXX size_t */
435 zlog_warn(
436 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
437 (u_long)stream_get_endp(op->s), op->length);
438
439 return OSPF_AUTH_MD5_SIZE;
440 }
441
442
443 static int ospf_ls_req_timer(struct thread *thread)
444 {
445 struct ospf_neighbor *nbr;
446
447 nbr = THREAD_ARG(thread);
448 nbr->t_ls_req = NULL;
449
450 /* Send Link State Request. */
451 if (ospf_ls_request_count(nbr))
452 ospf_ls_req_send(nbr);
453
454 /* Set Link State Request retransmission timer. */
455 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
456
457 return 0;
458 }
459
460 void ospf_ls_req_event(struct ospf_neighbor *nbr)
461 {
462 if (nbr->t_ls_req) {
463 thread_cancel(nbr->t_ls_req);
464 nbr->t_ls_req = NULL;
465 }
466 nbr->t_ls_req = NULL;
467 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
468 }
469
470 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
471 ospf_neighbor.c */
472 int ospf_ls_upd_timer(struct thread *thread)
473 {
474 struct ospf_neighbor *nbr;
475
476 nbr = THREAD_ARG(thread);
477 nbr->t_ls_upd = NULL;
478
479 /* Send Link State Update. */
480 if (ospf_ls_retransmit_count(nbr) > 0) {
481 struct list *update;
482 struct ospf_lsdb *lsdb;
483 int i;
484 int retransmit_interval;
485
486 retransmit_interval =
487 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
488
489 lsdb = &nbr->ls_rxmt;
490 update = list_new();
491
492 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
493 struct route_table *table = lsdb->type[i].db;
494 struct route_node *rn;
495
496 for (rn = route_top(table); rn; rn = route_next(rn)) {
497 struct ospf_lsa *lsa;
498
499 if ((lsa = rn->info) != NULL) {
500 /* Don't retransmit an LSA if we
501 received it within
502 the last RxmtInterval seconds - this
503 is to allow the
504 neighbour a chance to acknowledge the
505 LSA as it may
506 have ben just received before the
507 retransmit timer
508 fired. This is a small tweak to what
509 is in the RFC,
510 but it will cut out out a lot of
511 retransmit traffic
512 - MAG */
513 if (monotime_since(&lsa->tv_recv, NULL)
514 >= retransmit_interval * 1000000LL)
515 listnode_add(update, rn->info);
516 }
517 }
518 }
519
520 if (listcount(update) > 0)
521 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT);
522 list_delete(update);
523 }
524
525 /* Set LS Update retransmission timer. */
526 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
527
528 return 0;
529 }
530
531 int ospf_ls_ack_timer(struct thread *thread)
532 {
533 struct ospf_interface *oi;
534
535 oi = THREAD_ARG(thread);
536 oi->t_ls_ack = NULL;
537
538 /* Send Link State Acknowledgment. */
539 if (listcount(oi->ls_ack) > 0)
540 ospf_ls_ack_send_delayed(oi);
541
542 /* Set LS Ack timer. */
543 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
544
545 return 0;
546 }
547
548 #ifdef WANT_OSPF_WRITE_FRAGMENT
549 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
550 struct msghdr *msg, unsigned int maxdatasize,
551 unsigned int mtu, int flags, u_char type)
552 {
553 #define OSPF_WRITE_FRAG_SHIFT 3
554 u_int16_t offset;
555 struct iovec *iovp;
556 int ret;
557
558 assert(op->length == stream_get_endp(op->s));
559 assert(msg->msg_iovlen == 2);
560
561 /* we can but try.
562 *
563 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
564 * well as the IP_MF flag, making this all quite pointless.
565 *
566 * However, for a system on which IP_MF is left alone, and ip_id left
567 * alone or else which sets same ip_id for each fragment this might
568 * work, eg linux.
569 *
570 * XXX-TODO: It would be much nicer to have the kernel's use their
571 * existing fragmentation support to do this for us. Bugs/RFEs need to
572 * be raised against the various kernels.
573 */
574
575 /* set More Frag */
576 iph->ip_off |= IP_MF;
577
578 /* ip frag offset is expressed in units of 8byte words */
579 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
580
581 iovp = &msg->msg_iov[1];
582
583 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
584 > maxdatasize) {
585 /* data length of this frag is to next offset value */
586 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
587 iph->ip_len = iovp->iov_len + sizeof(struct ip);
588 assert(iph->ip_len <= mtu);
589
590 sockopt_iphdrincl_swab_htosys(iph);
591
592 ret = sendmsg(fd, msg, flags);
593
594 sockopt_iphdrincl_swab_systoh(iph);
595
596 if (ret < 0)
597 zlog_warn(
598 "*** ospf_write_frags: sendmsg failed to %s,"
599 " id %d, off %d, len %d, mtu %u failed with %s",
600 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
601 iph->ip_len, mtu, safe_strerror(errno));
602
603 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
604 zlog_debug(
605 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
606 iph->ip_id, iph->ip_off, iph->ip_len,
607 inet_ntoa(iph->ip_dst));
608 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
609 zlog_debug(
610 "-----------------IP Header Dump----------------------");
611 ospf_ip_header_dump(iph);
612 zlog_debug(
613 "-----------------------------------------------------");
614 }
615 }
616
617 iph->ip_off += offset;
618 stream_forward_getp(op->s, iovp->iov_len);
619 iovp->iov_base = STREAM_PNT(op->s);
620 }
621
622 /* setup for final fragment */
623 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
624 iph->ip_len = iovp->iov_len + sizeof(struct ip);
625 iph->ip_off &= (~IP_MF);
626 }
627 #endif /* WANT_OSPF_WRITE_FRAGMENT */
628
629 static int ospf_write(struct thread *thread)
630 {
631 struct ospf *ospf = THREAD_ARG(thread);
632 struct ospf_interface *oi;
633 struct ospf_interface *last_serviced_oi = NULL;
634 struct ospf_packet *op;
635 struct sockaddr_in sa_dst;
636 struct ip iph;
637 struct msghdr msg;
638 struct iovec iov[2];
639 u_char type;
640 int ret;
641 int flags = 0;
642 struct listnode *node;
643 #ifdef WANT_OSPF_WRITE_FRAGMENT
644 static u_int16_t ipid = 0;
645 u_int16_t maxdatasize;
646 #endif /* WANT_OSPF_WRITE_FRAGMENT */
647 /* $FRR indent$ */
648 /* clang-format off */
649 #define OSPF_WRITE_IPHL_SHIFT 2
650 int pkt_count = 0;
651
652 ospf->t_write = NULL;
653
654 node = listhead(ospf->oi_write_q);
655 assert(node);
656 oi = listgetdata(node);
657 assert(oi);
658
659 #ifdef WANT_OSPF_WRITE_FRAGMENT
660 /* seed ipid static with low order bits of time */
661 if (ipid == 0)
662 ipid = (time(NULL) & 0xffff);
663 #endif /* WANT_OSPF_WRITE_FRAGMENT */
664
665 while ((pkt_count < ospf->write_oi_count) && oi
666 && (last_serviced_oi != oi)) {
667 /* If there is only packet in the queue, the oi is removed from
668 write-q, so fix up the last interface that was serviced */
669 if (last_serviced_oi == NULL) {
670 last_serviced_oi = oi;
671 }
672 pkt_count++;
673 #ifdef WANT_OSPF_WRITE_FRAGMENT
674 /* convenience - max OSPF data per packet */
675 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
676 #endif /* WANT_OSPF_WRITE_FRAGMENT */
677 /* Get one packet from queue. */
678 op = ospf_fifo_head(oi->obuf);
679 assert(op);
680 assert(op->length >= OSPF_HEADER_SIZE);
681
682 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
683 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
684 ospf_if_ipmulticast(ospf, oi->address,
685 oi->ifp->ifindex);
686
687 /* Rewrite the md5 signature & update the seq */
688 ospf_make_md5_digest(oi, op);
689
690 /* Retrieve OSPF packet type. */
691 stream_set_getp(op->s, 1);
692 type = stream_getc(op->s);
693
694 /* reset get pointer */
695 stream_set_getp(op->s, 0);
696
697 memset(&iph, 0, sizeof(struct ip));
698 memset(&sa_dst, 0, sizeof(sa_dst));
699
700 sa_dst.sin_family = AF_INET;
701 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
702 sa_dst.sin_len = sizeof(sa_dst);
703 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
704 sa_dst.sin_addr = op->dst;
705 sa_dst.sin_port = htons(0);
706
707 /* Set DONTROUTE flag if dst is unicast. */
708 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
709 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
710 flags = MSG_DONTROUTE;
711
712 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
713 /* it'd be very strange for header to not be 4byte-word aligned
714 * but.. */
715 if (sizeof(struct ip)
716 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
717 iph.ip_hl++; /* we presume sizeof struct ip cant
718 overflow ip_hl.. */
719
720 iph.ip_v = IPVERSION;
721 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
722 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
723
724 #if defined(__DragonFly__)
725 /*
726 * DragonFly's raw socket expects ip_len/ip_off in network byte
727 * order.
728 */
729 iph.ip_len = htons(iph.ip_len);
730 #endif
731
732 #ifdef WANT_OSPF_WRITE_FRAGMENT
733 /* XXX-MT: not thread-safe at all..
734 * XXX: this presumes this is only programme sending OSPF
735 * packets
736 * otherwise, no guarantee ipid will be unique
737 */
738 iph.ip_id = ++ipid;
739 #endif /* WANT_OSPF_WRITE_FRAGMENT */
740
741 iph.ip_off = 0;
742 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
743 iph.ip_ttl = OSPF_VL_IP_TTL;
744 else
745 iph.ip_ttl = OSPF_IP_TTL;
746 iph.ip_p = IPPROTO_OSPFIGP;
747 iph.ip_sum = 0;
748 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
749 iph.ip_dst.s_addr = op->dst.s_addr;
750
751 memset(&msg, 0, sizeof(msg));
752 msg.msg_name = (caddr_t)&sa_dst;
753 msg.msg_namelen = sizeof(sa_dst);
754 msg.msg_iov = iov;
755 msg.msg_iovlen = 2;
756 iov[0].iov_base = (char *)&iph;
757 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
758 iov[1].iov_base = STREAM_PNT(op->s);
759 iov[1].iov_len = op->length;
760
761 /* Sadly we can not rely on kernels to fragment packets because of either
762 * IP_HDRINCL and/or multicast destination being set.
763 */
764 #ifdef WANT_OSPF_WRITE_FRAGMENT
765 if (op->length > maxdatasize)
766 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
767 oi->ifp->mtu, flags, type);
768 #endif /* WANT_OSPF_WRITE_FRAGMENT */
769
770 /* send final fragment (could be first) */
771 sockopt_iphdrincl_swab_htosys(&iph);
772 ret = sendmsg(ospf->fd, &msg, flags);
773 sockopt_iphdrincl_swab_systoh(&iph);
774 if (IS_DEBUG_OSPF_EVENT)
775 zlog_debug(
776 "ospf_write to %s, "
777 "id %d, off %d, len %d, interface %s, mtu %u:",
778 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
779 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
780
781 if (ret < 0)
782 zlog_warn(
783 "*** sendmsg in ospf_write failed to %s, "
784 "id %d, off %d, len %d, interface %s, mtu %u: %s",
785 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
786 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
787 safe_strerror(errno));
788
789 /* Show debug sending packet. */
790 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
791 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
792 zlog_debug(
793 "-----------------------------------------------------");
794 ospf_ip_header_dump(&iph);
795 stream_set_getp(op->s, 0);
796 ospf_packet_dump(op->s);
797 }
798
799 zlog_debug("%s sent to [%s] via [%s].",
800 lookup_msg(ospf_packet_type_str, type, NULL),
801 inet_ntoa(op->dst), IF_NAME(oi));
802
803 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
804 zlog_debug(
805 "-----------------------------------------------------");
806 }
807
808 /* Now delete packet from queue. */
809 ospf_packet_delete(oi);
810
811 /* Move this interface to the tail of write_q to
812 serve everyone in a round robin fashion */
813 list_delete_node(ospf->oi_write_q, node);
814 if (ospf_fifo_head(oi->obuf) == NULL) {
815 oi->on_write_q = 0;
816 last_serviced_oi = NULL;
817 oi = NULL;
818 } else {
819 listnode_add(ospf->oi_write_q, oi);
820 }
821
822 /* Setup to service from the head of the queue again */
823 if (!list_isempty(ospf->oi_write_q)) {
824 node = listhead(ospf->oi_write_q);
825 assert(node);
826 oi = listgetdata(node);
827 assert(oi);
828 }
829 }
830
831 /* If packets still remain in queue, call write thread. */
832 if (!list_isempty(ospf->oi_write_q)) {
833 ospf->t_write = NULL;
834 thread_add_write(master, ospf_write, ospf, ospf->fd,
835 &ospf->t_write);
836 }
837
838 return 0;
839 }
840
841 /* OSPF Hello message read -- RFC2328 Section 10.5. */
842 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
843 struct stream *s, struct ospf_interface *oi, int size)
844 {
845 struct ospf_hello *hello;
846 struct ospf_neighbor *nbr;
847 int old_state;
848 struct prefix p;
849
850 /* increment statistics. */
851 oi->hello_in++;
852
853 hello = (struct ospf_hello *)STREAM_PNT(s);
854
855 /* If Hello is myself, silently discard. */
856 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
857 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
858 zlog_debug(
859 "ospf_header[%s/%s]: selforiginated, "
860 "dropping.",
861 lookup_msg(ospf_packet_type_str, ospfh->type,
862 NULL),
863 inet_ntoa(iph->ip_src));
864 }
865 return;
866 }
867
868 /* get neighbor prefix. */
869 p.family = AF_INET;
870 p.prefixlen = ip_masklen(hello->network_mask);
871 p.u.prefix4 = iph->ip_src;
872
873 /* Compare network mask. */
874 /* Checking is ignored for Point-to-Point and Virtual link. */
875 if (oi->type != OSPF_IFTYPE_POINTOPOINT
876 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
877 if (oi->address->prefixlen != p.prefixlen) {
878 zlog_warn(
879 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
880 inet_ntoa(ospfh->router_id), IF_NAME(oi),
881 (int)oi->address->prefixlen, (int)p.prefixlen);
882 return;
883 }
884
885 /* Compare Router Dead Interval. */
886 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
887 zlog_warn(
888 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
889 "(expected %u, but received %u).",
890 inet_ntoa(ospfh->router_id), OSPF_IF_PARAM(oi, v_wait),
891 ntohl(hello->dead_interval));
892 return;
893 }
894
895 /* Compare Hello Interval - ignored if fast-hellos are set. */
896 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
897 if (OSPF_IF_PARAM(oi, v_hello)
898 != ntohs(hello->hello_interval)) {
899 zlog_warn(
900 "Packet %s [Hello:RECV]: HelloInterval mismatch "
901 "(expected %u, but received %u).",
902 inet_ntoa(ospfh->router_id),
903 OSPF_IF_PARAM(oi, v_hello),
904 ntohs(hello->hello_interval));
905 return;
906 }
907 }
908
909 if (IS_DEBUG_OSPF_EVENT)
910 zlog_debug("Packet %s [Hello:RECV]: Options %s",
911 inet_ntoa(ospfh->router_id),
912 ospf_options_dump(hello->options));
913
914 /* Compare options. */
915 #define REJECT_IF_TBIT_ON 1 /* XXX */
916 #ifdef REJECT_IF_TBIT_ON
917 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
918 /*
919 * This router does not support non-zero TOS.
920 * Drop this Hello packet not to establish neighbor
921 * relationship.
922 */
923 zlog_warn("Packet %s [Hello:RECV]: T-bit on, drop it.",
924 inet_ntoa(ospfh->router_id));
925 return;
926 }
927 #endif /* REJECT_IF_TBIT_ON */
928
929 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
930 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
931 /*
932 * This router does know the correct usage of O-bit
933 * the bit should be set in DD packet only.
934 */
935 zlog_warn("Packet %s [Hello:RECV]: O-bit abuse?",
936 inet_ntoa(ospfh->router_id));
937 #ifdef STRICT_OBIT_USAGE_CHECK
938 return; /* Reject this packet. */
939 #else /* STRICT_OBIT_USAGE_CHECK */
940 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
941 #endif /* STRICT_OBIT_USAGE_CHECK */
942 }
943
944 /* new for NSSA is to ensure that NP is on and E is off */
945
946 if (oi->area->external_routing == OSPF_AREA_NSSA) {
947 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
948 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
949 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
950 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
951 zlog_warn(
952 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
953 inet_ntoa(ospfh->router_id), OPTIONS(oi),
954 hello->options);
955 return;
956 }
957 if (IS_DEBUG_OSPF_NSSA)
958 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
959 inet_ntoa(ospfh->router_id));
960 } else
961 /* The setting of the E-bit found in the Hello Packet's Options
962 field must match this area's ExternalRoutingCapability A
963 mismatch causes processing to stop and the packet to be
964 dropped. The setting of the rest of the bits in the Hello
965 Packet's Options field should be ignored. */
966 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
967 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
968 zlog_warn(
969 "Packet %s [Hello:RECV]: my options: %x, his options %x",
970 inet_ntoa(ospfh->router_id), OPTIONS(oi),
971 hello->options);
972 return;
973 }
974
975 /* get neighbour struct */
976 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
977
978 /* neighbour must be valid, ospf_nbr_get creates if none existed */
979 assert(nbr);
980
981 old_state = nbr->state;
982
983 /* Add event to thread. */
984 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
985
986 /* RFC2328 Section 9.5.1
987 If the router is not eligible to become Designated Router,
988 (snip) It must also send an Hello Packet in reply to an
989 Hello Packet received from any eligible neighbor (other than
990 the current Designated Router and Backup Designated Router). */
991 if (oi->type == OSPF_IFTYPE_NBMA)
992 if (PRIORITY(oi) == 0 && hello->priority > 0
993 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
994 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
995 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
996 ospf_hello_reply_timer,
997 OSPF_HELLO_REPLY_DELAY);
998
999 /* on NBMA network type, it happens to receive bidirectional Hello
1000 packet
1001 without advance 1-Way Received event.
1002 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1003 if (oi->type == OSPF_IFTYPE_NBMA
1004 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1005 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1006 nbr->priority = hello->priority;
1007 nbr->d_router = hello->d_router;
1008 nbr->bd_router = hello->bd_router;
1009 return;
1010 }
1011
1012 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1013 size - OSPF_HELLO_MIN_SIZE)) {
1014 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1015 nbr->options |= hello->options;
1016 } else {
1017 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1018 /* Set neighbor information. */
1019 nbr->priority = hello->priority;
1020 nbr->d_router = hello->d_router;
1021 nbr->bd_router = hello->bd_router;
1022 return;
1023 }
1024
1025 /* If neighbor itself declares DR and no BDR exists,
1026 cause event BackupSeen */
1027 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1028 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1029 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1030
1031 /* neighbor itself declares BDR. */
1032 if (oi->state == ISM_Waiting
1033 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1034 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1035
1036 /* had not previously. */
1037 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1038 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1039 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1040 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1041 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1042
1043 /* had not previously. */
1044 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1045 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1046 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1047 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1048 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1049
1050 /* Neighbor priority check. */
1051 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1052 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1053
1054 /* Set neighbor information. */
1055 nbr->priority = hello->priority;
1056 nbr->d_router = hello->d_router;
1057 nbr->bd_router = hello->bd_router;
1058 }
1059
1060 /* Save DD flags/options/Seqnum received. */
1061 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1062 struct ospf_db_desc *dd)
1063 {
1064 nbr->last_recv.flags = dd->flags;
1065 nbr->last_recv.options = dd->options;
1066 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1067 }
1068
1069 /* Process rest of DD packet. */
1070 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1071 struct ospf_neighbor *nbr,
1072 struct ospf_db_desc *dd, u_int16_t size)
1073 {
1074 struct ospf_lsa *new, *find;
1075 struct lsa_header *lsah;
1076
1077 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1078 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1079 size -= OSPF_LSA_HEADER_SIZE) {
1080 lsah = (struct lsa_header *)STREAM_PNT(s);
1081 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1082
1083 /* Unknown LS type. */
1084 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1085 zlog_warn("Packet [DD:RECV]: Unknown LS type %d.",
1086 lsah->type);
1087 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1088 return;
1089 }
1090
1091 if (IS_OPAQUE_LSA(lsah->type)
1092 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1093 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1094 lsah->type, inet_ntoa(lsah->id));
1095 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1096 return;
1097 }
1098
1099 switch (lsah->type) {
1100 case OSPF_AS_EXTERNAL_LSA:
1101 case OSPF_OPAQUE_AS_LSA:
1102 /* Check for stub area. Reject if AS-External from stub
1103 but
1104 allow if from NSSA. */
1105 if (oi->area->external_routing == OSPF_AREA_STUB) {
1106 zlog_warn(
1107 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1108 lsah->type, inet_ntoa(lsah->id),
1109 (oi->area->external_routing
1110 == OSPF_AREA_STUB)
1111 ? "STUB"
1112 : "NSSA");
1113 OSPF_NSM_EVENT_SCHEDULE(nbr,
1114 NSM_SeqNumberMismatch);
1115 return;
1116 }
1117 break;
1118 default:
1119 break;
1120 }
1121
1122 /* Create LS-request object. */
1123 new = ospf_ls_request_new(lsah);
1124
1125 /* Lookup received LSA, then add LS request list. */
1126 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1127
1128 /* ospf_lsa_more_recent is fine with NULL pointers */
1129 switch (ospf_lsa_more_recent(find, new)) {
1130 case -1:
1131 /* Neighbour has a more recent LSA, we must request it
1132 */
1133 ospf_ls_request_add(nbr, new);
1134 /* fallthru */
1135 case 0:
1136 /* If we have a copy of this LSA, it's either less
1137 * recent
1138 * and we're requesting it from neighbour (the case
1139 * above), or
1140 * it's as recent and we both have same copy (this
1141 * case).
1142 *
1143 * In neither of these two cases is there any point in
1144 * describing our copy of the LSA to the neighbour in a
1145 * DB-Summary packet, if we're still intending to do so.
1146 *
1147 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1148 * backward compatible optimisation to OSPF DB Exchange
1149 * /
1150 * DB Description process implemented here.
1151 */
1152 if (find)
1153 ospf_lsdb_delete(&nbr->db_sum, find);
1154 ospf_lsa_discard(new);
1155 break;
1156 default:
1157 /* We have the more recent copy, nothing specific to do:
1158 * - no need to request neighbours stale copy
1159 * - must leave DB summary list copy alone
1160 */
1161 if (IS_DEBUG_OSPF_EVENT)
1162 zlog_debug(
1163 "Packet [DD:RECV]: LSA received Type %d, "
1164 "ID %s is not recent.",
1165 lsah->type, inet_ntoa(lsah->id));
1166 ospf_lsa_discard(new);
1167 }
1168 }
1169
1170 /* Master */
1171 if (IS_SET_DD_MS(nbr->dd_flags)) {
1172 nbr->dd_seqnum++;
1173
1174 /* Both sides have no More, then we're done with Exchange */
1175 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1176 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1177 else
1178 ospf_db_desc_send(nbr);
1179 }
1180 /* Slave */
1181 else {
1182 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1183
1184 /* Send DD packet in reply.
1185 *
1186 * Must be done to acknowledge the Master's DD, regardless of
1187 * whether we have more LSAs ourselves to describe.
1188 *
1189 * This function will clear the 'More' bit, if after this DD
1190 * we have no more LSAs to describe to the master..
1191 */
1192 ospf_db_desc_send(nbr);
1193
1194 /* Slave can raise ExchangeDone now, if master is also done */
1195 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1196 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1197 }
1198
1199 /* Save received neighbor values from DD. */
1200 ospf_db_desc_save_current(nbr, dd);
1201
1202 if (!nbr->t_ls_req)
1203 ospf_ls_req_send(nbr);
1204 }
1205
1206 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1207 struct ospf_neighbor *nbr)
1208 {
1209 /* Is DD duplicated? */
1210 if (dd->options == nbr->last_recv.options
1211 && dd->flags == nbr->last_recv.flags
1212 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1213 return 1;
1214
1215 return 0;
1216 }
1217
1218 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1219 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1220 struct stream *s, struct ospf_interface *oi,
1221 u_int16_t size)
1222 {
1223 struct ospf_db_desc *dd;
1224 struct ospf_neighbor *nbr;
1225
1226 /* Increment statistics. */
1227 oi->db_desc_in++;
1228
1229 dd = (struct ospf_db_desc *)STREAM_PNT(s);
1230
1231 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1232 if (nbr == NULL) {
1233 zlog_warn("Packet[DD]: Unknown Neighbor %s",
1234 inet_ntoa(ospfh->router_id));
1235 return;
1236 }
1237
1238 /* Check MTU. */
1239 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1240 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1241 zlog_warn(
1242 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1243 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1244 oi->ifp->mtu);
1245 return;
1246 }
1247
1248 /*
1249 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1250 * not
1251 * required. In fact at least JunOS sends DD packets with P bit clear.
1252 * Until proper solution is developped, this hack should help.
1253 *
1254 * Update: According to the RFCs, N bit is specified /only/ for Hello
1255 * options, unfortunately its use in DD options is not specified. Hence
1256 * some
1257 * implementations follow E-bit semantics and set it in DD options, and
1258 * some
1259 * treat it as unspecified and hence follow the directive "default for
1260 * options is clear", ie unset.
1261 *
1262 * Reset the flag, as ospfd follows E-bit semantics.
1263 */
1264 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1265 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1266 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1267 if (IS_DEBUG_OSPF_EVENT)
1268 zlog_debug(
1269 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1270 inet_ntoa(nbr->router_id));
1271 SET_FLAG(dd->options, OSPF_OPTION_NP);
1272 }
1273
1274 #ifdef REJECT_IF_TBIT_ON
1275 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1276 /*
1277 * In Hello protocol, optional capability must have checked
1278 * to prevent this T-bit enabled router be my neighbor.
1279 */
1280 zlog_warn("Packet[DD]: Neighbor %s: T-bit on?",
1281 inet_ntoa(nbr->router_id));
1282 return;
1283 }
1284 #endif /* REJECT_IF_TBIT_ON */
1285
1286 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1287 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1288 /*
1289 * This node is not configured to handle O-bit, for now.
1290 * Clear it to ignore unsupported capability proposed by
1291 * neighbor.
1292 */
1293 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1294 }
1295
1296 /* Add event to thread. */
1297 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1298
1299 /* Process DD packet by neighbor status. */
1300 switch (nbr->state) {
1301 case NSM_Down:
1302 case NSM_Attempt:
1303 case NSM_TwoWay:
1304 zlog_warn(
1305 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1306 inet_ntoa(nbr->router_id),
1307 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1308 break;
1309 case NSM_Init:
1310 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1311 /* If the new state is ExStart, the processing of the current
1312 packet should then continue in this new state by falling
1313 through to case ExStart below. */
1314 if (nbr->state != NSM_ExStart)
1315 break;
1316 /* fallthru */
1317 case NSM_ExStart:
1318 /* Initial DBD */
1319 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1320 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1321 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1322 > 0) {
1323 /* We're Slave---obey */
1324 zlog_info(
1325 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1326 inet_ntoa(nbr->router_id));
1327 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1328
1329 /* Reset I/MS */
1330 UNSET_FLAG(nbr->dd_flags,
1331 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1332 } else {
1333 /* We're Master, ignore the initial DBD from
1334 * Slave */
1335 zlog_info(
1336 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1337 "ignoring.",
1338 inet_ntoa(nbr->router_id));
1339 break;
1340 }
1341 }
1342 /* Ack from the Slave */
1343 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1344 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1345 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1346 < 0) {
1347 zlog_info(
1348 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1349 inet_ntoa(nbr->router_id));
1350 /* Reset I, leaving MS */
1351 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1352 } else {
1353 zlog_warn("Packet[DD]: Neighbor %s Negotiation fails.",
1354 inet_ntoa(nbr->router_id));
1355 break;
1356 }
1357
1358 /* This is where the real Options are saved */
1359 nbr->options = dd->options;
1360
1361 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1362 if (IS_DEBUG_OSPF_EVENT)
1363 zlog_debug(
1364 "Neighbor[%s] is %sOpaque-capable.",
1365 inet_ntoa(nbr->router_id),
1366 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1367 ? ""
1368 : "NOT ");
1369
1370 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1371 && IPV4_ADDR_SAME(&DR(oi),
1372 &nbr->address.u.prefix4)) {
1373 zlog_warn(
1374 "DR-neighbor[%s] is NOT opaque-capable; "
1375 "Opaque-LSAs cannot be reliably advertised "
1376 "in this network.",
1377 inet_ntoa(nbr->router_id));
1378 /* This situation is undesirable, but not a real
1379 * error. */
1380 }
1381 }
1382
1383 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1384
1385 /* continue processing rest of packet. */
1386 ospf_db_desc_proc(s, oi, nbr, dd, size);
1387 break;
1388 case NSM_Exchange:
1389 if (ospf_db_desc_is_dup(dd, nbr)) {
1390 if (IS_SET_DD_MS(nbr->dd_flags))
1391 /* Master: discard duplicated DD packet. */
1392 zlog_info(
1393 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1394 inet_ntoa(nbr->router_id));
1395 else
1396 /* Slave: cause to retransmit the last Database
1397 Description. */
1398 {
1399 zlog_info(
1400 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1401 inet_ntoa(nbr->router_id));
1402 ospf_db_desc_resend(nbr);
1403 }
1404 break;
1405 }
1406
1407 /* Otherwise DD packet should be checked. */
1408 /* Check Master/Slave bit mismatch */
1409 if (IS_SET_DD_MS(dd->flags)
1410 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1411 zlog_warn("Packet[DD]: Neighbor %s MS-bit mismatch.",
1412 inet_ntoa(nbr->router_id));
1413 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1414 if (IS_DEBUG_OSPF_EVENT)
1415 zlog_debug(
1416 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1417 dd->flags, nbr->dd_flags);
1418 break;
1419 }
1420
1421 /* Check initialize bit is set. */
1422 if (IS_SET_DD_I(dd->flags)) {
1423 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1424 inet_ntoa(nbr->router_id));
1425 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1426 break;
1427 }
1428
1429 /* Check DD Options. */
1430 if (dd->options != nbr->options) {
1431 #ifdef ORIGINAL_CODING
1432 /* Save the new options for debugging */
1433 nbr->options = dd->options;
1434 #endif /* ORIGINAL_CODING */
1435 zlog_warn("Packet[DD]: Neighbor %s options mismatch.",
1436 inet_ntoa(nbr->router_id));
1437 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1438 break;
1439 }
1440
1441 /* Check DD sequence number. */
1442 if ((IS_SET_DD_MS(nbr->dd_flags)
1443 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1444 || (!IS_SET_DD_MS(nbr->dd_flags)
1445 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1446 zlog_warn(
1447 "Packet[DD]: Neighbor %s sequence number mismatch.",
1448 inet_ntoa(nbr->router_id));
1449 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1450 break;
1451 }
1452
1453 /* Continue processing rest of packet. */
1454 ospf_db_desc_proc(s, oi, nbr, dd, size);
1455 break;
1456 case NSM_Loading:
1457 case NSM_Full:
1458 if (ospf_db_desc_is_dup(dd, nbr)) {
1459 if (IS_SET_DD_MS(nbr->dd_flags)) {
1460 /* Master should discard duplicate DD packet. */
1461 zlog_info(
1462 "Packet[DD]: Neighbor %s duplicated, "
1463 "packet discarded.",
1464 inet_ntoa(nbr->router_id));
1465 break;
1466 } else {
1467 if (monotime_since(&nbr->last_send_ts, NULL)
1468 < nbr->v_inactivity * 1000000LL) {
1469 /* In states Loading and Full the slave
1470 must resend
1471 its last Database Description packet
1472 in response to
1473 duplicate Database Description
1474 packets received
1475 from the master. For this reason the
1476 slave must
1477 wait RouterDeadInterval seconds
1478 before freeing the
1479 last Database Description packet.
1480 Reception of a
1481 Database Description packet from the
1482 master after
1483 this interval will generate a
1484 SeqNumberMismatch
1485 neighbor event. RFC2328 Section 10.8
1486 */
1487 ospf_db_desc_resend(nbr);
1488 break;
1489 }
1490 }
1491 }
1492
1493 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1494 break;
1495 default:
1496 zlog_warn("Packet[DD]: Neighbor %s NSM illegal status %u.",
1497 inet_ntoa(nbr->router_id), nbr->state);
1498 break;
1499 }
1500 }
1501
1502 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1503
1504 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1505 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1506 struct stream *s, struct ospf_interface *oi,
1507 u_int16_t size)
1508 {
1509 struct ospf_neighbor *nbr;
1510 u_int32_t ls_type;
1511 struct in_addr ls_id;
1512 struct in_addr adv_router;
1513 struct ospf_lsa *find;
1514 struct list *ls_upd;
1515 unsigned int length;
1516
1517 /* Increment statistics. */
1518 oi->ls_req_in++;
1519
1520 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1521 if (nbr == NULL) {
1522 zlog_warn("Link State Request: Unknown Neighbor %s.",
1523 inet_ntoa(ospfh->router_id));
1524 return;
1525 }
1526
1527 /* Add event to thread. */
1528 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1529
1530 /* Neighbor State should be Exchange or later. */
1531 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1532 && nbr->state != NSM_Full) {
1533 zlog_warn(
1534 "Link State Request received from %s: "
1535 "Neighbor state is %s, packet discarded.",
1536 inet_ntoa(ospfh->router_id),
1537 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1538 return;
1539 }
1540
1541 /* Send Link State Update for ALL requested LSAs. */
1542 ls_upd = list_new();
1543 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1544
1545 while (size >= OSPF_LSA_KEY_SIZE) {
1546 /* Get one slice of Link State Request. */
1547 ls_type = stream_getl(s);
1548 ls_id.s_addr = stream_get_ipv4(s);
1549 adv_router.s_addr = stream_get_ipv4(s);
1550
1551 /* Verify LSA type. */
1552 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1553 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1554 list_delete(ls_upd);
1555 return;
1556 }
1557
1558 /* Search proper LSA in LSDB. */
1559 find = ospf_lsa_lookup(oi->area, ls_type, ls_id, adv_router);
1560 if (find == NULL) {
1561 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1562 list_delete(ls_upd);
1563 return;
1564 }
1565
1566 /* Packet overflows MTU size, send immediately. */
1567 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1568 if (oi->type == OSPF_IFTYPE_NBMA)
1569 ospf_ls_upd_send(nbr, ls_upd,
1570 OSPF_SEND_PACKET_DIRECT);
1571 else
1572 ospf_ls_upd_send(nbr, ls_upd,
1573 OSPF_SEND_PACKET_INDIRECT);
1574
1575 /* Only remove list contents. Keep ls_upd. */
1576 list_delete_all_node(ls_upd);
1577
1578 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1579 }
1580
1581 /* Append LSA to update list. */
1582 listnode_add(ls_upd, find);
1583 length += ntohs(find->data->length);
1584
1585 size -= OSPF_LSA_KEY_SIZE;
1586 }
1587
1588 /* Send rest of Link State Update. */
1589 if (listcount(ls_upd) > 0) {
1590 if (oi->type == OSPF_IFTYPE_NBMA)
1591 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT);
1592 else
1593 ospf_ls_upd_send(nbr, ls_upd,
1594 OSPF_SEND_PACKET_INDIRECT);
1595
1596 list_delete(ls_upd);
1597 } else
1598 list_free(ls_upd);
1599 }
1600
1601 /* Get the list of LSAs from Link State Update packet.
1602 And process some validation -- RFC2328 Section 13. (1)-(2). */
1603 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1604 struct stream *s,
1605 struct ospf_interface *oi, size_t size)
1606 {
1607 u_int16_t count, sum;
1608 u_int32_t length;
1609 struct lsa_header *lsah;
1610 struct ospf_lsa *lsa;
1611 struct list *lsas;
1612
1613 lsas = list_new();
1614
1615 count = stream_getl(s);
1616 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1617
1618 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1619 size -= length, stream_forward_getp(s, length), count--) {
1620 lsah = (struct lsa_header *)STREAM_PNT(s);
1621 length = ntohs(lsah->length);
1622
1623 if (length > size) {
1624 zlog_warn(
1625 "Link State Update: LSA length exceeds packet size.");
1626 break;
1627 }
1628
1629 /* Validate the LSA's LS checksum. */
1630 sum = lsah->checksum;
1631 if (!ospf_lsa_checksum_valid(lsah)) {
1632 /* (bug #685) more details in a one-line message make it
1633 * possible
1634 * to identify problem source on the one hand and to
1635 * have a better
1636 * chance to compress repeated messages in syslog on the
1637 * other */
1638 zlog_warn(
1639 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1640 sum, lsah->checksum, inet_ntoa(lsah->id),
1641 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1642 inet_ntoa(lsah->adv_router));
1643 continue;
1644 }
1645
1646 /* Examine the LSA's LS type. */
1647 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1648 zlog_warn("Link State Update: Unknown LS type %d",
1649 lsah->type);
1650 continue;
1651 }
1652
1653 /*
1654 * What if the received LSA's age is greater than MaxAge?
1655 * Treat it as a MaxAge case -- endo.
1656 */
1657 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1658 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1659
1660 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1661 #ifdef STRICT_OBIT_USAGE_CHECK
1662 if ((IS_OPAQUE_LSA(lsah->type)
1663 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1664 || (!IS_OPAQUE_LSA(lsah->type)
1665 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1666 /*
1667 * This neighbor must know the exact usage of
1668 * O-bit;
1669 * the bit will be set in Type-9,10,11 LSAs
1670 * only.
1671 */
1672 zlog_warn("LSA[Type%d:%s]: O-bit abuse?",
1673 lsah->type, inet_ntoa(lsah->id));
1674 continue;
1675 }
1676 #endif /* STRICT_OBIT_USAGE_CHECK */
1677
1678 /* Do not take in AS External Opaque-LSAs if we are a
1679 * stub. */
1680 if (lsah->type == OSPF_OPAQUE_AS_LSA
1681 && nbr->oi->area->external_routing
1682 != OSPF_AREA_DEFAULT) {
1683 if (IS_DEBUG_OSPF_EVENT)
1684 zlog_debug(
1685 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1686 lsah->type,
1687 inet_ntoa(lsah->id));
1688 continue;
1689 }
1690 } else if (IS_OPAQUE_LSA(lsah->type)) {
1691 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1692 lsah->type, inet_ntoa(lsah->id));
1693 continue;
1694 }
1695
1696 /* Create OSPF LSA instance. */
1697 lsa = ospf_lsa_new();
1698
1699 /* We may wish to put some error checking if type NSSA comes in
1700 and area not in NSSA mode */
1701 switch (lsah->type) {
1702 case OSPF_AS_EXTERNAL_LSA:
1703 case OSPF_OPAQUE_AS_LSA:
1704 lsa->area = NULL;
1705 break;
1706 case OSPF_OPAQUE_LINK_LSA:
1707 lsa->oi = oi; /* Remember incoming interface for
1708 flooding control. */
1709 /* Fallthrough */
1710 default:
1711 lsa->area = oi->area;
1712 break;
1713 }
1714
1715 lsa->data = ospf_lsa_data_new(length);
1716 memcpy(lsa->data, lsah, length);
1717
1718 if (IS_DEBUG_OSPF_EVENT)
1719 zlog_debug(
1720 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1721 lsa->data->type, inet_ntoa(lsa->data->id),
1722 (void *)lsa);
1723 listnode_add(lsas, lsa);
1724 }
1725
1726 return lsas;
1727 }
1728
1729 /* Cleanup Update list. */
1730 static void ospf_upd_list_clean(struct list *lsas)
1731 {
1732 struct listnode *node, *nnode;
1733 struct ospf_lsa *lsa;
1734
1735 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1736 ospf_lsa_discard(lsa);
1737
1738 list_delete(lsas);
1739 }
1740
1741 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1742 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1743 struct ospf_header *ospfh, struct stream *s,
1744 struct ospf_interface *oi, u_int16_t size)
1745 {
1746 struct ospf_neighbor *nbr;
1747 struct list *lsas;
1748 struct listnode *node, *nnode;
1749 struct ospf_lsa *lsa = NULL;
1750 /* unsigned long ls_req_found = 0; */
1751
1752 /* Dis-assemble the stream, update each entry, re-encapsulate for
1753 * flooding */
1754
1755 /* Increment statistics. */
1756 oi->ls_upd_in++;
1757
1758 /* Check neighbor. */
1759 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1760 if (nbr == NULL) {
1761 zlog_warn("Link State Update: Unknown Neighbor %s on int: %s",
1762 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1763 return;
1764 }
1765
1766 /* Add event to thread. */
1767 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1768
1769 /* Check neighbor state. */
1770 if (nbr->state < NSM_Exchange) {
1771 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1772 zlog_debug(
1773 "Link State Update: "
1774 "Neighbor[%s] state %s is less than Exchange",
1775 inet_ntoa(ospfh->router_id),
1776 lookup_msg(ospf_nsm_state_msg, nbr->state,
1777 NULL));
1778 return;
1779 }
1780
1781 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1782 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1783 * of section 13.
1784 */
1785 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1786
1787 #define DISCARD_LSA(L, N) \
1788 { \
1789 if (IS_DEBUG_OSPF_EVENT) \
1790 zlog_debug( \
1791 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1792 " Type-%d", \
1793 N, (void *)lsa, (int)lsa->data->type); \
1794 ospf_lsa_discard(L); \
1795 continue; \
1796 }
1797
1798 /* Process each LSA received in the one packet.
1799 *
1800 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1801 * text below are from the steps in RFC 2328, Section 13.
1802 */
1803 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1804 struct ospf_lsa *ls_ret, *current;
1805 int ret = 1;
1806
1807 if (IS_DEBUG_OSPF_NSSA) {
1808 char buf1[INET_ADDRSTRLEN];
1809 char buf2[INET_ADDRSTRLEN];
1810 char buf3[INET_ADDRSTRLEN];
1811
1812 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1813 lsa->data->type,
1814 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1815 INET_ADDRSTRLEN),
1816 inet_ntop(AF_INET, &lsa->data->id, buf2,
1817 INET_ADDRSTRLEN),
1818 inet_ntop(AF_INET, &lsa->data->adv_router,
1819 buf3, INET_ADDRSTRLEN));
1820 }
1821
1822 listnode_delete(lsas,
1823 lsa); /* We don't need it in list anymore */
1824
1825 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1826 */
1827
1828 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1829
1830 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1831 */
1832
1833 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1834 */
1835
1836 /* Do take in Type-7's if we are an NSSA */
1837
1838 /* If we are also an ABR, later translate them to a Type-5
1839 * packet */
1840
1841 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1842 translate them to a separate Type-5 packet. */
1843
1844 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1845 /* Reject from STUB or NSSA */
1846 if (nbr->oi->area->external_routing
1847 != OSPF_AREA_DEFAULT) {
1848 if (IS_DEBUG_OSPF_NSSA)
1849 zlog_debug(
1850 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1851 DISCARD_LSA(lsa, 1);
1852 }
1853
1854 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1855 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1856 if (IS_DEBUG_OSPF_NSSA)
1857 zlog_debug(
1858 "Incoming NSSA LSA Discarded: Not NSSA Area");
1859 DISCARD_LSA(lsa, 2);
1860 }
1861
1862 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1863 if (lsa->data->type == OSPF_ROUTER_LSA)
1864 if (!IPV4_ADDR_SAME(&lsa->data->id,
1865 &lsa->data->adv_router)) {
1866 char buf1[INET_ADDRSTRLEN];
1867 char buf2[INET_ADDRSTRLEN];
1868 char buf3[INET_ADDRSTRLEN];
1869
1870 zlog_err(
1871 "Incoming Router-LSA from %s with "
1872 "Adv-ID[%s] != LS-ID[%s]",
1873 inet_ntop(AF_INET, &ospfh->router_id,
1874 buf1, INET_ADDRSTRLEN),
1875 inet_ntop(AF_INET, &lsa->data->id, buf2,
1876 INET_ADDRSTRLEN),
1877 inet_ntop(AF_INET,
1878 &lsa->data->adv_router, buf3,
1879 INET_ADDRSTRLEN));
1880 zlog_err(
1881 "OSPF domain compromised by attack or corruption. "
1882 "Verify correct operation of -ALL- OSPF routers.");
1883 DISCARD_LSA(lsa, 0);
1884 }
1885
1886 /* Find the LSA in the current database. */
1887
1888 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1889
1890 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1891 currently
1892 no instance of the LSA in the router's link state database,
1893 and none of router's neighbors are in states Exchange or
1894 Loading,
1895 then take the following actions: */
1896
1897 if (IS_LSA_MAXAGE(lsa) && !current
1898 && ospf_check_nbr_status(oi->ospf)) {
1899 /* (4a) Response Link State Acknowledgment. */
1900 ospf_ls_ack_send(nbr, lsa);
1901
1902 /* (4b) Discard LSA. */
1903 if (IS_DEBUG_OSPF(lsa, LSA)) {
1904 zlog_debug(
1905 "Link State Update[%s]: LS age is equal to MaxAge.",
1906 dump_lsa_key(lsa));
1907 }
1908 DISCARD_LSA(lsa, 3);
1909 }
1910
1911 if (IS_OPAQUE_LSA(lsa->data->type)
1912 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1913 &oi->ospf->router_id)) {
1914 /*
1915 * Even if initial flushing seems to be completed, there
1916 * might
1917 * be a case that self-originated LSA with MaxAge still
1918 * remain
1919 * in the routing domain.
1920 * Just send an LSAck message to cease retransmission.
1921 */
1922 if (IS_LSA_MAXAGE(lsa)) {
1923 zlog_warn("LSA[%s]: Boomerang effect?",
1924 dump_lsa_key(lsa));
1925 ospf_ls_ack_send(nbr, lsa);
1926 ospf_lsa_discard(lsa);
1927
1928 if (current != NULL && !IS_LSA_MAXAGE(current))
1929 ospf_opaque_lsa_refresh_schedule(
1930 current);
1931 continue;
1932 }
1933
1934 /*
1935 * If an instance of self-originated Opaque-LSA is not
1936 * found
1937 * in the LSDB, there are some possible cases here.
1938 *
1939 * 1) This node lost opaque-capability after restart.
1940 * 2) Else, a part of opaque-type is no more supported.
1941 * 3) Else, a part of opaque-id is no more supported.
1942 *
1943 * Anyway, it is still this node's responsibility to
1944 * flush it.
1945 * Otherwise, the LSA instance remains in the routing
1946 * domain
1947 * until its age reaches to MaxAge.
1948 */
1949 /* XXX: We should deal with this for *ALL* LSAs, not
1950 * just opaque */
1951 if (current == NULL) {
1952 if (IS_DEBUG_OSPF_EVENT)
1953 zlog_debug(
1954 "LSA[%s]: Previously originated Opaque-LSA,"
1955 "not found in the LSDB.",
1956 dump_lsa_key(lsa));
1957
1958 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
1959
1960 ospf_opaque_self_originated_lsa_received(nbr,
1961 lsa);
1962 ospf_ls_ack_send(nbr, lsa);
1963
1964 continue;
1965 }
1966 }
1967
1968 /* It might be happen that received LSA is self-originated
1969 * network LSA, but
1970 * router ID is changed. So, we should check if LSA is a
1971 * network-LSA whose
1972 * Link State ID is one of the router's own IP interface
1973 * addresses but whose
1974 * Advertising Router is not equal to the router's own Router ID
1975 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
1976 * flushed.
1977 */
1978
1979 if (lsa->data->type == OSPF_NETWORK_LSA) {
1980 struct listnode *oinode, *oinnode;
1981 struct ospf_interface *out_if;
1982 int Flag = 0;
1983
1984 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
1985 oinnode, out_if)) {
1986 if (out_if == NULL)
1987 break;
1988
1989 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
1990 &lsa->data->id))
1991 && (!(IPV4_ADDR_SAME(
1992 &oi->ospf->router_id,
1993 &lsa->data->adv_router)))) {
1994 if (out_if->network_lsa_self) {
1995 ospf_lsa_flush_area(
1996 lsa, out_if->area);
1997 if (IS_DEBUG_OSPF_EVENT)
1998 zlog_debug(
1999 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2000 (void *)lsa,
2001 (int)lsa->data
2002 ->type);
2003 ospf_lsa_discard(lsa);
2004 Flag = 1;
2005 }
2006 break;
2007 }
2008 }
2009 if (Flag)
2010 continue;
2011 }
2012
2013 /* (5) Find the instance of this LSA that is currently contained
2014 in the router's link state database. If there is no
2015 database copy, or the received LSA is more recent than
2016 the database copy the following steps must be performed.
2017 (The sub steps from RFC 2328 section 13 step (5) will be
2018 performed in
2019 ospf_flood() ) */
2020
2021 if (current == NULL
2022 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2023 /* Actual flooding procedure. */
2024 if (ospf_flood(oi->ospf, nbr, current, lsa)
2025 < 0) /* Trap NSSA later. */
2026 DISCARD_LSA(lsa, 4);
2027 continue;
2028 }
2029
2030 /* (6) Else, If there is an instance of the LSA on the sending
2031 neighbor's Link state request list, an error has occurred in
2032 the Database Exchange process. In this case, restart the
2033 Database Exchange process by generating the neighbor event
2034 BadLSReq for the sending neighbor and stop processing the
2035 Link State Update packet. */
2036
2037 if (ospf_ls_request_lookup(nbr, lsa)) {
2038 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2039 zlog_warn(
2040 "LSA[%s] instance exists on Link state request list",
2041 dump_lsa_key(lsa));
2042
2043 /* Clean list of LSAs. */
2044 ospf_upd_list_clean(lsas);
2045 /* this lsa is not on lsas list already. */
2046 ospf_lsa_discard(lsa);
2047 return;
2048 }
2049
2050 /* If the received LSA is the same instance as the database copy
2051 (i.e., neither one is more recent) the following two steps
2052 should be performed: */
2053
2054 if (ret == 0) {
2055 /* If the LSA is listed in the Link state retransmission
2056 list
2057 for the receiving adjacency, the router itself is
2058 expecting
2059 an acknowledgment for this LSA. The router should
2060 treat the
2061 received LSA as an acknowledgment by removing the LSA
2062 from
2063 the Link state retransmission list. This is termed
2064 an
2065 "implied acknowledgment". */
2066
2067 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2068
2069 if (ls_ret != NULL) {
2070 ospf_ls_retransmit_delete(nbr, ls_ret);
2071
2072 /* Delayed acknowledgment sent if advertisement
2073 received
2074 from Designated Router, otherwise do nothing.
2075 */
2076 if (oi->state == ISM_Backup)
2077 if (NBR_IS_DR(nbr))
2078 listnode_add(
2079 oi->ls_ack,
2080 ospf_lsa_lock(lsa));
2081
2082 DISCARD_LSA(lsa, 5);
2083 } else
2084 /* Acknowledge the receipt of the LSA by sending a
2085 Link State Acknowledgment packet back out the
2086 receiving
2087 interface. */
2088 {
2089 ospf_ls_ack_send(nbr, lsa);
2090 DISCARD_LSA(lsa, 6);
2091 }
2092 }
2093
2094 /* The database copy is more recent. If the database copy
2095 has LS age equal to MaxAge and LS sequence number equal to
2096 MaxSequenceNumber, simply discard the received LSA without
2097 acknowledging it. (In this case, the LSA's LS sequence number
2098 is
2099 wrapping, and the MaxSequenceNumber LSA must be completely
2100 flushed before any new LSA instance can be introduced). */
2101
2102 else if (ret > 0) /* Database copy is more recent */
2103 {
2104 if (IS_LSA_MAXAGE(current)
2105 && current->data->ls_seqnum
2106 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2107 DISCARD_LSA(lsa, 7);
2108 }
2109 /* Otherwise, as long as the database copy has not been
2110 sent in a
2111 Link State Update within the last MinLSArrival
2112 seconds, send the
2113 database copy back to the sending neighbor,
2114 encapsulated within
2115 a Link State Update Packet. The Link State Update
2116 Packet should
2117 be sent directly to the neighbor. In so doing, do not
2118 put the
2119 database copy of the LSA on the neighbor's link state
2120 retransmission list, and do not acknowledge the
2121 received (less
2122 recent) LSA instance. */
2123 else {
2124 if (monotime_since(&current->tv_orig, NULL)
2125 >= ospf->min_ls_arrival * 1000LL)
2126 /* Trap NSSA type later.*/
2127 ospf_ls_upd_send_lsa(
2128 nbr, current,
2129 OSPF_SEND_PACKET_DIRECT);
2130 DISCARD_LSA(lsa, 8);
2131 }
2132 }
2133 }
2134 #undef DISCARD_LSA
2135
2136 assert(listcount(lsas) == 0);
2137 list_delete(lsas);
2138 }
2139
2140 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2141 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2142 struct stream *s, struct ospf_interface *oi,
2143 u_int16_t size)
2144 {
2145 struct ospf_neighbor *nbr;
2146
2147 /* increment statistics. */
2148 oi->ls_ack_in++;
2149
2150 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2151 if (nbr == NULL) {
2152 zlog_warn("Link State Acknowledgment: Unknown Neighbor %s.",
2153 inet_ntoa(ospfh->router_id));
2154 return;
2155 }
2156
2157 /* Add event to thread. */
2158 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2159
2160 if (nbr->state < NSM_Exchange) {
2161 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2162 zlog_debug(
2163 "Link State Acknowledgment: "
2164 "Neighbor[%s] state %s is less than Exchange",
2165 inet_ntoa(ospfh->router_id),
2166 lookup_msg(ospf_nsm_state_msg, nbr->state,
2167 NULL));
2168 return;
2169 }
2170
2171 while (size >= OSPF_LSA_HEADER_SIZE) {
2172 struct ospf_lsa *lsa, *lsr;
2173
2174 lsa = ospf_lsa_new();
2175 lsa->data = (struct lsa_header *)STREAM_PNT(s);
2176
2177 /* lsah = (struct lsa_header *) STREAM_PNT (s); */
2178 size -= OSPF_LSA_HEADER_SIZE;
2179 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2180
2181 if (lsa->data->type < OSPF_MIN_LSA
2182 || lsa->data->type >= OSPF_MAX_LSA) {
2183 lsa->data = NULL;
2184 ospf_lsa_discard(lsa);
2185 continue;
2186 }
2187
2188 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2189
2190 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2191 ospf_ls_retransmit_delete(nbr, lsr);
2192
2193 lsa->data = NULL;
2194 ospf_lsa_discard(lsa);
2195 }
2196
2197 return;
2198 }
2199
2200 static struct stream *ospf_recv_packet(int fd, struct interface **ifp,
2201 struct stream *ibuf)
2202 {
2203 int ret;
2204 struct ip *iph;
2205 u_int16_t ip_len;
2206 ifindex_t ifindex = 0;
2207 struct iovec iov;
2208 /* Header and data both require alignment. */
2209 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2210 struct msghdr msgh;
2211
2212 memset(&msgh, 0, sizeof(struct msghdr));
2213 msgh.msg_iov = &iov;
2214 msgh.msg_iovlen = 1;
2215 msgh.msg_control = (caddr_t)buff;
2216 msgh.msg_controllen = sizeof(buff);
2217
2218 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2219 if (ret < 0) {
2220 zlog_warn("stream_recvmsg failed: %s", safe_strerror(errno));
2221 return NULL;
2222 }
2223 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2224 {
2225 zlog_warn(
2226 "ospf_recv_packet: discarding runt packet of length %d "
2227 "(ip header size is %u)",
2228 ret, (u_int)sizeof(iph));
2229 return NULL;
2230 }
2231
2232 /* Note that there should not be alignment problems with this assignment
2233 because this is at the beginning of the stream data buffer. */
2234 iph = (struct ip *)STREAM_DATA(ibuf);
2235 sockopt_iphdrincl_swab_systoh(iph);
2236
2237 ip_len = iph->ip_len;
2238
2239 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2240 /*
2241 * Kernel network code touches incoming IP header parameters,
2242 * before protocol specific processing.
2243 *
2244 * 1) Convert byteorder to host representation.
2245 * --> ip_len, ip_id, ip_off
2246 *
2247 * 2) Adjust ip_len to strip IP header size!
2248 * --> If user process receives entire IP packet via RAW
2249 * socket, it must consider adding IP header size to
2250 * the "ip_len" field of "ip" structure.
2251 *
2252 * For more details, see <netinet/ip_input.c>.
2253 */
2254 ip_len = ip_len + (iph->ip_hl << 2);
2255 #endif
2256
2257 #if defined(__DragonFly__)
2258 /*
2259 * in DragonFly's raw socket, ip_len/ip_off are read
2260 * in network byte order.
2261 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2262 */
2263 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2264 #endif
2265
2266 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2267
2268 *ifp = if_lookup_by_index(ifindex, VRF_DEFAULT);
2269
2270 if (ret != ip_len) {
2271 zlog_warn(
2272 "ospf_recv_packet read length mismatch: ip_len is %d, "
2273 "but recvmsg returned %d",
2274 ip_len, ret);
2275 return NULL;
2276 }
2277
2278 return ibuf;
2279 }
2280
2281 static struct ospf_interface *
2282 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2283 struct ip *iph, struct ospf_header *ospfh)
2284 {
2285 struct ospf_interface *rcv_oi;
2286 struct ospf_vl_data *vl_data;
2287 struct ospf_area *vl_area;
2288 struct listnode *node;
2289
2290 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2291 || !OSPF_IS_AREA_BACKBONE(ospfh))
2292 return NULL;
2293
2294 /* look for local OSPF interface matching the destination
2295 * to determine Area ID. We presume therefore the destination address
2296 * is unique, or at least (for "unnumbered" links), not used in other
2297 * areas
2298 */
2299 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2300 == NULL)
2301 return NULL;
2302
2303 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2304 vl_area =
2305 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2306 if (!vl_area)
2307 continue;
2308
2309 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2310 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2311 if (IS_DEBUG_OSPF_EVENT)
2312 zlog_debug("associating packet with %s",
2313 IF_NAME(vl_data->vl_oi));
2314 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2315 if (IS_DEBUG_OSPF_EVENT)
2316 zlog_debug(
2317 "This VL is not up yet, sorry");
2318 return NULL;
2319 }
2320
2321 return vl_data->vl_oi;
2322 }
2323 }
2324
2325 if (IS_DEBUG_OSPF_EVENT)
2326 zlog_debug("couldn't find any VL to associate the packet with");
2327
2328 return NULL;
2329 }
2330
2331 static int ospf_check_area_id(struct ospf_interface *oi,
2332 struct ospf_header *ospfh)
2333 {
2334 /* Check match the Area ID of the receiving interface. */
2335 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2336 return 1;
2337
2338 return 0;
2339 }
2340
2341 /* Unbound socket will accept any Raw IP packets if proto is matched.
2342 To prevent it, compare src IP address and i/f address with masking
2343 i/f network mask. */
2344 static int ospf_check_network_mask(struct ospf_interface *oi,
2345 struct in_addr ip_src)
2346 {
2347 struct in_addr mask, me, him;
2348
2349 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2350 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2351 return 1;
2352
2353 masklen2ip(oi->address->prefixlen, &mask);
2354
2355 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2356 him.s_addr = ip_src.s_addr & mask.s_addr;
2357
2358 if (IPV4_ADDR_SAME(&me, &him))
2359 return 1;
2360
2361 return 0;
2362 }
2363
2364 /* Return 1, if the packet is properly authenticated and checksummed,
2365 0 otherwise. In particular, check that AuType header field is valid and
2366 matches the locally configured AuType, and that D.5 requirements are met. */
2367 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2368 {
2369 struct crypt_key *ck;
2370 u_int16_t iface_auth_type;
2371 u_int16_t pkt_auth_type = ntohs(ospfh->auth_type);
2372
2373 switch (pkt_auth_type) {
2374 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2375 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2376 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2377 zlog_warn(
2378 "interface %s: auth-type mismatch, local %s, rcvd Null",
2379 IF_NAME(oi),
2380 lookup_msg(ospf_auth_type_str,
2381 iface_auth_type, NULL));
2382 return 0;
2383 }
2384 if (!ospf_check_sum(ospfh)) {
2385 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2386 zlog_warn(
2387 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2388 IF_NAME(oi),
2389 inet_ntoa(ospfh->router_id));
2390 return 0;
2391 }
2392 return 1;
2393 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2394 if (OSPF_AUTH_SIMPLE
2395 != (iface_auth_type = ospf_auth_type(oi))) {
2396 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2397 zlog_warn(
2398 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2399 IF_NAME(oi),
2400 lookup_msg(ospf_auth_type_str,
2401 iface_auth_type, NULL));
2402 return 0;
2403 }
2404 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2405 OSPF_AUTH_SIMPLE_SIZE)) {
2406 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2407 zlog_warn("interface %s: Simple auth failed",
2408 IF_NAME(oi));
2409 return 0;
2410 }
2411 if (!ospf_check_sum(ospfh)) {
2412 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2413 zlog_warn(
2414 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2415 IF_NAME(oi),
2416 inet_ntoa(ospfh->router_id));
2417 return 0;
2418 }
2419 return 1;
2420 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2421 if (OSPF_AUTH_CRYPTOGRAPHIC
2422 != (iface_auth_type = ospf_auth_type(oi))) {
2423 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2424 zlog_warn(
2425 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2426 IF_NAME(oi),
2427 lookup_msg(ospf_auth_type_str,
2428 iface_auth_type, NULL));
2429 return 0;
2430 }
2431 if (ospfh->checksum) {
2432 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2433 zlog_warn(
2434 "interface %s: OSPF header checksum is not 0",
2435 IF_NAME(oi));
2436 return 0;
2437 }
2438 /* only MD5 crypto method can pass ospf_packet_examin() */
2439 if (
2440 NULL == (ck = listgetdata(listtail(
2441 OSPF_IF_PARAM(oi, auth_crypt))))
2442 || ospfh->u.crypt.key_id != ck->key_id ||
2443 /* Condition above uses the last key ID on the list,
2444 which is
2445 different from what ospf_crypt_key_lookup() does. A
2446 bug? */
2447 !ospf_check_md5_digest(oi, ospfh)) {
2448 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2449 zlog_warn("interface %s: MD5 auth failed",
2450 IF_NAME(oi));
2451 return 0;
2452 }
2453 return 1;
2454 default:
2455 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2456 zlog_warn(
2457 "interface %s: invalid packet auth-type (%02x)",
2458 IF_NAME(oi), pkt_auth_type);
2459 return 0;
2460 }
2461 }
2462
2463 static int ospf_check_sum(struct ospf_header *ospfh)
2464 {
2465 u_int32_t ret;
2466 u_int16_t sum;
2467
2468 /* clear auth_data for checksum. */
2469 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2470
2471 /* keep checksum and clear. */
2472 sum = ospfh->checksum;
2473 memset(&ospfh->checksum, 0, sizeof(u_int16_t));
2474
2475 /* calculate checksum. */
2476 ret = in_cksum(ospfh, ntohs(ospfh->length));
2477
2478 if (ret != sum) {
2479 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2480 ret, sum);
2481 return 0;
2482 }
2483
2484 return 1;
2485 }
2486
2487 /* Verify, that given link/TOS records are properly sized/aligned and match
2488 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2489 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2490 u_int16_t linkbytes,
2491 const u_int16_t num_links)
2492 {
2493 unsigned counted_links = 0, thislinklen;
2494
2495 while (linkbytes) {
2496 thislinklen =
2497 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2498 if (thislinklen > linkbytes) {
2499 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2500 zlog_debug("%s: length error in link block #%u",
2501 __func__, counted_links);
2502 return MSG_NG;
2503 }
2504 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2505 linkbytes -= thislinklen;
2506 counted_links++;
2507 }
2508 if (counted_links != num_links) {
2509 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2510 zlog_debug("%s: %u link blocks declared, %u present",
2511 __func__, num_links, counted_links);
2512 return MSG_NG;
2513 }
2514 return MSG_OK;
2515 }
2516
2517 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2518 minimum length constraint). */
2519 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const u_int16_t lsalen,
2520 const u_char headeronly)
2521 {
2522 unsigned ret;
2523 struct router_lsa *rlsa;
2524 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2525 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2526 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2527 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2528 lookup_msg(ospf_lsa_type_msg, lsah->type,
2529 NULL));
2530 return MSG_NG;
2531 }
2532 switch (lsah->type) {
2533 case OSPF_ROUTER_LSA:
2534 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2535 * (12+)-byte link blocks */
2536 if (headeronly) {
2537 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2538 - OSPF_ROUTER_LSA_MIN_SIZE)
2539 % 4
2540 ? MSG_NG
2541 : MSG_OK;
2542 break;
2543 }
2544 rlsa = (struct router_lsa *)lsah;
2545 ret = ospf_router_lsa_links_examin(
2546 (struct router_lsa_link *)rlsa->link,
2547 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2548 header, "flags",
2549 0, "# links" */
2550 ntohs(rlsa->links) /* 16 bits */
2551 );
2552 break;
2553 case OSPF_AS_EXTERNAL_LSA:
2554 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2555 * blocks */
2556 case OSPF_AS_NSSA_LSA:
2557 /* RFC3101 C, idem */
2558 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2559 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2560 % 12
2561 ? MSG_NG
2562 : MSG_OK;
2563 break;
2564 /* Following LSA types are considered OK length-wise as soon as their
2565 * minimum
2566 * length constraint is met and length of the whole LSA is a multiple of
2567 * 4
2568 * (basic LSA header size is already a multiple of 4). */
2569 case OSPF_NETWORK_LSA:
2570 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2571 case OSPF_SUMMARY_LSA:
2572 case OSPF_ASBR_SUMMARY_LSA:
2573 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2574 * blocks */
2575 case OSPF_OPAQUE_LINK_LSA:
2576 case OSPF_OPAQUE_AREA_LSA:
2577 case OSPF_OPAQUE_AS_LSA:
2578 /* RFC5250 A.2, "some number of octets (of application-specific
2579 * data) padded to 32-bit alignment." This is considered
2580 * equivalent
2581 * to 4-byte alignment of all other LSA types, see
2582 * OSPF-ALIGNMENT.txt
2583 * file for the detailed analysis of this passage. */
2584 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2585 break;
2586 default:
2587 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2588 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2589 lsah->type);
2590 return MSG_NG;
2591 }
2592 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2593 zlog_debug("%s: alignment error in %s", __func__,
2594 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2595 return ret;
2596 }
2597
2598 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2599 includes verification of LSA blocks length/alignment and dispatching
2600 of deeper-level checks. */
2601 static unsigned
2602 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2603 size_t length, const u_char headeronly,
2604 /* When declared_num_lsas is not 0, compare it to the real
2605 number of LSAs
2606 and treat the difference as an error. */
2607 const u_int32_t declared_num_lsas)
2608 {
2609 u_int32_t counted_lsas = 0;
2610
2611 while (length) {
2612 u_int16_t lsalen;
2613 if (length < OSPF_LSA_HEADER_SIZE) {
2614 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2615 zlog_debug(
2616 "%s: undersized (%zu B) trailing (#%u) LSA header",
2617 __func__, length, counted_lsas);
2618 return MSG_NG;
2619 }
2620 /* save on ntohs() calls here and in the LSA validator */
2621 lsalen = ntohs(lsah->length);
2622 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2623 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2624 zlog_debug(
2625 "%s: malformed LSA header #%u, declared length is %u B",
2626 __func__, counted_lsas, lsalen);
2627 return MSG_NG;
2628 }
2629 if (headeronly) {
2630 /* less checks here and in ospf_lsa_examin() */
2631 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2632 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2633 zlog_debug(
2634 "%s: malformed header-only LSA #%u",
2635 __func__, counted_lsas);
2636 return MSG_NG;
2637 }
2638 lsah = (struct lsa_header *)((caddr_t)lsah
2639 + OSPF_LSA_HEADER_SIZE);
2640 length -= OSPF_LSA_HEADER_SIZE;
2641 } else {
2642 /* make sure the input buffer is deep enough before
2643 * further checks */
2644 if (lsalen > length) {
2645 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2646 zlog_debug(
2647 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2648 __func__, counted_lsas, lsalen,
2649 length);
2650 return MSG_NG;
2651 }
2652 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2653 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2654 zlog_debug("%s: malformed LSA #%u",
2655 __func__, counted_lsas);
2656 return MSG_NG;
2657 }
2658 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2659 length -= lsalen;
2660 }
2661 counted_lsas++;
2662 }
2663
2664 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2665 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2666 zlog_debug(
2667 "%s: #LSAs declared (%u) does not match actual (%u)",
2668 __func__, declared_num_lsas, counted_lsas);
2669 return MSG_NG;
2670 }
2671 return MSG_OK;
2672 }
2673
2674 /* Verify a complete OSPF packet for proper sizing/alignment. */
2675 static unsigned ospf_packet_examin(struct ospf_header *oh,
2676 const unsigned bytesonwire)
2677 {
2678 u_int16_t bytesdeclared, bytesauth;
2679 unsigned ret;
2680 struct ospf_ls_update *lsupd;
2681
2682 /* Length, 1st approximation. */
2683 if (bytesonwire < OSPF_HEADER_SIZE) {
2684 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2685 zlog_debug("%s: undersized (%u B) packet", __func__,
2686 bytesonwire);
2687 return MSG_NG;
2688 }
2689 /* Now it is safe to access header fields. Performing length check,
2690 * allow
2691 * for possible extra bytes of crypto auth/padding, which are not
2692 * counted
2693 * in the OSPF header "length" field. */
2694 if (oh->version != OSPF_VERSION) {
2695 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2696 zlog_debug("%s: invalid (%u) protocol version",
2697 __func__, oh->version);
2698 return MSG_NG;
2699 }
2700 bytesdeclared = ntohs(oh->length);
2701 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2702 bytesauth = 0;
2703 else {
2704 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2705 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2706 zlog_debug(
2707 "%s: unsupported crypto auth length (%u B)",
2708 __func__, oh->u.crypt.auth_data_len);
2709 return MSG_NG;
2710 }
2711 bytesauth = OSPF_AUTH_MD5_SIZE;
2712 }
2713 if (bytesdeclared + bytesauth > bytesonwire) {
2714 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2715 zlog_debug(
2716 "%s: packet length error (%u real, %u+%u declared)",
2717 __func__, bytesonwire, bytesdeclared,
2718 bytesauth);
2719 return MSG_NG;
2720 }
2721 /* Length, 2nd approximation. The type-specific constraint is checked
2722 against declared length, not amount of bytes on wire. */
2723 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2724 && bytesdeclared
2725 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2726 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2727 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2728 bytesdeclared,
2729 lookup_msg(ospf_packet_type_str, oh->type,
2730 NULL));
2731 return MSG_NG;
2732 }
2733 switch (oh->type) {
2734 case OSPF_MSG_HELLO:
2735 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2736 followed
2737 by N>=0 router-IDs. */
2738 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2739 % 4
2740 ? MSG_NG
2741 : MSG_OK;
2742 break;
2743 case OSPF_MSG_DB_DESC:
2744 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2745 followed
2746 by N>=0 header-only LSAs. */
2747 ret = ospf_lsaseq_examin(
2748 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2749 + OSPF_DB_DESC_MIN_SIZE),
2750 bytesdeclared - OSPF_HEADER_SIZE
2751 - OSPF_DB_DESC_MIN_SIZE,
2752 1, /* header-only LSAs */
2753 0);
2754 break;
2755 case OSPF_MSG_LS_REQ:
2756 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2757 * request blocks. */
2758 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2759 % OSPF_LSA_KEY_SIZE
2760 ? MSG_NG
2761 : MSG_OK;
2762 break;
2763 case OSPF_MSG_LS_UPD:
2764 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2765 followed
2766 by N>=0 full LSAs (with N declared beforehand). */
2767 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2768 + OSPF_HEADER_SIZE);
2769 ret = ospf_lsaseq_examin(
2770 (struct lsa_header *)((caddr_t)lsupd
2771 + OSPF_LS_UPD_MIN_SIZE),
2772 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2773 0, /* full LSAs */
2774 ntohl(lsupd->num_lsas) /* 32 bits */
2775 );
2776 break;
2777 case OSPF_MSG_LS_ACK:
2778 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2779 * LSAs. */
2780 ret = ospf_lsaseq_examin(
2781 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2782 + OSPF_LS_ACK_MIN_SIZE),
2783 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2784 1, /* header-only LSAs */
2785 0);
2786 break;
2787 default:
2788 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2789 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2790 oh->type);
2791 return MSG_NG;
2792 }
2793 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2794 zlog_debug("%s: malformed %s packet", __func__,
2795 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2796 return ret;
2797 }
2798
2799 /* OSPF Header verification. */
2800 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2801 struct ip *iph, struct ospf_header *ospfh)
2802 {
2803 /* Check Area ID. */
2804 if (!ospf_check_area_id(oi, ospfh)) {
2805 zlog_warn("interface %s: ospf_read invalid Area ID %s.",
2806 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2807 return -1;
2808 }
2809
2810 /* Check network mask, Silently discarded. */
2811 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2812 zlog_warn(
2813 "interface %s: ospf_read network address is not same [%s]",
2814 IF_NAME(oi), inet_ntoa(iph->ip_src));
2815 return -1;
2816 }
2817
2818 /* Check authentication. The function handles logging actions, where
2819 * required. */
2820 if (!ospf_check_auth(oi, ospfh))
2821 return -1;
2822
2823 return 0;
2824 }
2825
2826 /* Starting point of packet process function. */
2827 int ospf_read(struct thread *thread)
2828 {
2829 int ret;
2830 struct stream *ibuf;
2831 struct ospf *ospf;
2832 struct ospf_interface *oi;
2833 struct ip *iph;
2834 struct ospf_header *ospfh;
2835 u_int16_t length;
2836 struct interface *ifp;
2837 struct connected *c;
2838
2839 /* first of all get interface pointer. */
2840 ospf = THREAD_ARG(thread);
2841
2842 /* prepare for next packet. */
2843 ospf->t_read = NULL;
2844 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2845
2846 stream_reset(ospf->ibuf);
2847 if (!(ibuf = ospf_recv_packet(ospf->fd, &ifp, ospf->ibuf)))
2848 return -1;
2849 /* This raw packet is known to be at least as big as its IP header. */
2850
2851 /* Note that there should not be alignment problems with this assignment
2852 because this is at the beginning of the stream data buffer. */
2853 iph = (struct ip *)STREAM_DATA(ibuf);
2854 /* Note that sockopt_iphdrincl_swab_systoh was called in
2855 * ospf_recv_packet. */
2856
2857 if (ifp == NULL) {
2858 /* Handle cases where the platform does not support retrieving
2859 the ifindex,
2860 and also platforms (such as Solaris 8) that claim to support
2861 ifindex
2862 retrieval but do not. */
2863 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2864 VRF_DEFAULT);
2865 if (c)
2866 ifp = c->ifp;
2867 if (ifp == NULL)
2868 return 0;
2869 }
2870
2871 /* IP Header dump. */
2872 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2873 ospf_ip_header_dump(iph);
2874
2875 /* Self-originated packet should be discarded silently. */
2876 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2877 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2878 zlog_debug(
2879 "ospf_read[%s]: Dropping self-originated packet",
2880 inet_ntoa(iph->ip_src));
2881 }
2882 return 0;
2883 }
2884
2885 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2886 by ospf_recv_packet() to be correct). */
2887 stream_forward_getp(ibuf, iph->ip_hl * 4);
2888
2889 ospfh = (struct ospf_header *)STREAM_PNT(ibuf);
2890 if (MSG_OK
2891 != ospf_packet_examin(
2892 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2893 return -1;
2894 /* Now it is safe to access all fields of OSPF packet header. */
2895
2896 /* associate packet with ospf interface */
2897 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2898
2899 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2900 only
2901 after the passive/backbone/other checks below are passed. These
2902 checks
2903 in turn access the fields of unverified "ospfh" structure for their
2904 own
2905 purposes and must remain very accurate in doing this. */
2906
2907 /* If incoming interface is passive one, ignore it. */
2908 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
2909 char buf[3][INET_ADDRSTRLEN];
2910
2911 if (IS_DEBUG_OSPF_EVENT)
2912 zlog_debug(
2913 "ignoring packet from router %s sent to %s, "
2914 "received on a passive interface, %s",
2915 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
2916 sizeof(buf[0])),
2917 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2918 sizeof(buf[1])),
2919 inet_ntop(AF_INET, &oi->address->u.prefix4,
2920 buf[2], sizeof(buf[2])));
2921
2922 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
2923 /* Try to fix multicast membership.
2924 * Some OS:es may have problems in this area,
2925 * make sure it is removed.
2926 */
2927 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2928 ospf_if_set_multicast(oi);
2929 }
2930 return 0;
2931 }
2932
2933
2934 /* if no local ospf_interface,
2935 * or header area is backbone but ospf_interface is not
2936 * check for VLINK interface
2937 */
2938 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
2939 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
2940 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
2941 == NULL) {
2942 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
2943 zlog_debug(
2944 "Packet from [%s] received on link %s"
2945 " but no ospf_interface",
2946 inet_ntoa(iph->ip_src), ifp->name);
2947 return 0;
2948 }
2949 }
2950
2951 /* else it must be a local ospf interface, check it was received on
2952 * correct link
2953 */
2954 else if (oi->ifp != ifp) {
2955 if (IS_DEBUG_OSPF_EVENT)
2956 zlog_warn("Packet from [%s] received on wrong link %s",
2957 inet_ntoa(iph->ip_src), ifp->name);
2958 return 0;
2959 } else if (oi->state == ISM_Down) {
2960 char buf[2][INET_ADDRSTRLEN];
2961 zlog_warn(
2962 "Ignoring packet from %s to %s received on interface that is "
2963 "down [%s]; interface flags are %s",
2964 inet_ntop(AF_INET, &iph->ip_src, buf[0],
2965 sizeof(buf[0])),
2966 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2967 sizeof(buf[1])),
2968 ifp->name, if_flag_dump(ifp->flags));
2969 /* Fix multicast memberships? */
2970 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
2971 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2972 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
2973 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
2974 if (oi->multicast_memberships)
2975 ospf_if_set_multicast(oi);
2976 return 0;
2977 }
2978
2979 /*
2980 * If the received packet is destined for AllDRouters, the packet
2981 * should be accepted only if the received ospf interface state is
2982 * either DR or Backup -- endo.
2983 */
2984 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
2985 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
2986 zlog_warn(
2987 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
2988 inet_ntoa(iph->ip_src), IF_NAME(oi),
2989 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
2990 /* Try to fix multicast membership. */
2991 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
2992 ospf_if_set_multicast(oi);
2993 return 0;
2994 }
2995
2996 /* Verify more OSPF header fields. */
2997 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
2998 if (ret < 0) {
2999 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3000 zlog_debug(
3001 "ospf_read[%s]: Header check failed, "
3002 "dropping.",
3003 inet_ntoa(iph->ip_src));
3004 return ret;
3005 }
3006
3007 /* Show debug receiving packet. */
3008 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3009 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3010 zlog_debug(
3011 "-----------------------------------------------------");
3012 ospf_packet_dump(ibuf);
3013 }
3014
3015 zlog_debug("%s received from [%s] via [%s]",
3016 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3017 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3018 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3019 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3020
3021 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3022 zlog_debug(
3023 "-----------------------------------------------------");
3024 }
3025
3026 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3027
3028 /* Adjust size to message length. */
3029 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3030
3031 /* Read rest of the packet and call each sort of packet routine. */
3032 switch (ospfh->type) {
3033 case OSPF_MSG_HELLO:
3034 ospf_hello(iph, ospfh, ibuf, oi, length);
3035 break;
3036 case OSPF_MSG_DB_DESC:
3037 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3038 break;
3039 case OSPF_MSG_LS_REQ:
3040 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3041 break;
3042 case OSPF_MSG_LS_UPD:
3043 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3044 break;
3045 case OSPF_MSG_LS_ACK:
3046 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3047 break;
3048 default:
3049 zlog_warn("interface %s: OSPF packet header type %d is illegal",
3050 IF_NAME(oi), ospfh->type);
3051 break;
3052 }
3053
3054 return 0;
3055 }
3056
3057 /* Make OSPF header. */
3058 static void ospf_make_header(int type, struct ospf_interface *oi,
3059 struct stream *s)
3060 {
3061 struct ospf_header *ospfh;
3062
3063 ospfh = (struct ospf_header *)STREAM_DATA(s);
3064
3065 ospfh->version = (u_char)OSPF_VERSION;
3066 ospfh->type = (u_char)type;
3067
3068 ospfh->router_id = oi->ospf->router_id;
3069
3070 ospfh->checksum = 0;
3071 ospfh->area_id = oi->area->area_id;
3072 ospfh->auth_type = htons(ospf_auth_type(oi));
3073
3074 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3075
3076 stream_forward_endp(s, OSPF_HEADER_SIZE);
3077 }
3078
3079 /* Make Authentication Data. */
3080 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3081 {
3082 struct crypt_key *ck;
3083
3084 switch (ospf_auth_type(oi)) {
3085 case OSPF_AUTH_NULL:
3086 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3087 */
3088 break;
3089 case OSPF_AUTH_SIMPLE:
3090 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3091 OSPF_AUTH_SIMPLE_SIZE);
3092 break;
3093 case OSPF_AUTH_CRYPTOGRAPHIC:
3094 /* If key is not set, then set 0. */
3095 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3096 ospfh->u.crypt.zero = 0;
3097 ospfh->u.crypt.key_id = 0;
3098 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3099 } else {
3100 ck = listgetdata(
3101 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3102 ospfh->u.crypt.zero = 0;
3103 ospfh->u.crypt.key_id = ck->key_id;
3104 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3105 }
3106 /* note: the seq is done in ospf_make_md5_digest() */
3107 break;
3108 default:
3109 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3110 */
3111 break;
3112 }
3113
3114 return 0;
3115 }
3116
3117 /* Fill rest of OSPF header. */
3118 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3119 u_int16_t length)
3120 {
3121 struct ospf_header *ospfh;
3122
3123 ospfh = (struct ospf_header *)STREAM_DATA(s);
3124
3125 /* Fill length. */
3126 ospfh->length = htons(length);
3127
3128 /* Calculate checksum. */
3129 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3130 ospfh->checksum = in_cksum(ospfh, length);
3131 else
3132 ospfh->checksum = 0;
3133
3134 /* Add Authentication Data. */
3135 ospf_make_auth(oi, ospfh);
3136 }
3137
3138 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3139 {
3140 struct ospf_neighbor *nbr;
3141 struct route_node *rn;
3142 u_int16_t length = OSPF_HELLO_MIN_SIZE;
3143 struct in_addr mask;
3144 unsigned long p;
3145 int flag = 0;
3146
3147 /* Set netmask of interface. */
3148 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3149 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3150 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3151 masklen2ip(oi->address->prefixlen, &mask);
3152 else
3153 memset((char *)&mask, 0, sizeof(struct in_addr));
3154 stream_put_ipv4(s, mask.s_addr);
3155
3156 /* Set Hello Interval. */
3157 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3158 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3159 else
3160 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3161
3162 if (IS_DEBUG_OSPF_EVENT)
3163 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3164 IF_NAME(oi));
3165
3166 /* Set Options. */
3167 stream_putc(s, OPTIONS(oi));
3168
3169 /* Set Router Priority. */
3170 stream_putc(s, PRIORITY(oi));
3171
3172 /* Set Router Dead Interval. */
3173 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3174
3175 /* Set Designated Router. */
3176 stream_put_ipv4(s, DR(oi).s_addr);
3177
3178 p = stream_get_endp(s);
3179
3180 /* Set Backup Designated Router. */
3181 stream_put_ipv4(s, BDR(oi).s_addr);
3182
3183 /* Add neighbor seen. */
3184 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3185 if ((nbr = rn->info))
3186 if (nbr->router_id.s_addr
3187 != 0) /* Ignore 0.0.0.0 node. */
3188 if (nbr->state
3189 != NSM_Attempt) /* Ignore Down neighbor. */
3190 if (nbr->state
3191 != NSM_Down) /* This is myself for
3192 DR election. */
3193 if (!IPV4_ADDR_SAME(
3194 &nbr->router_id,
3195 &oi->ospf->router_id)) {
3196 /* Check neighbor is
3197 * sane? */
3198 if (nbr->d_router.s_addr
3199 != 0
3200 && IPV4_ADDR_SAME(
3201 &nbr->d_router,
3202 &oi->address
3203 ->u
3204 .prefix4)
3205 && IPV4_ADDR_SAME(
3206 &nbr->bd_router,
3207 &oi->address
3208 ->u
3209 .prefix4))
3210 flag = 1;
3211
3212 stream_put_ipv4(
3213 s,
3214 nbr->router_id
3215 .s_addr);
3216 length += 4;
3217 }
3218
3219 /* Let neighbor generate BackupSeen. */
3220 if (flag == 1)
3221 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3222
3223 return length;
3224 }
3225
3226 static int ospf_make_db_desc(struct ospf_interface *oi,
3227 struct ospf_neighbor *nbr, struct stream *s)
3228 {
3229 struct ospf_lsa *lsa;
3230 u_int16_t length = OSPF_DB_DESC_MIN_SIZE;
3231 u_char options;
3232 unsigned long pp;
3233 int i;
3234 struct ospf_lsdb *lsdb;
3235
3236 /* Set Interface MTU. */
3237 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3238 stream_putw(s, 0);
3239 else
3240 stream_putw(s, oi->ifp->mtu);
3241
3242 /* Set Options. */
3243 options = OPTIONS(oi);
3244 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3245 SET_FLAG(options, OSPF_OPTION_O);
3246 stream_putc(s, options);
3247
3248 /* DD flags */
3249 pp = stream_get_endp(s);
3250 stream_putc(s, nbr->dd_flags);
3251
3252 /* Set DD Sequence Number. */
3253 stream_putl(s, nbr->dd_seqnum);
3254
3255 /* shortcut unneeded walk of (empty) summary LSDBs */
3256 if (ospf_db_summary_isempty(nbr))
3257 goto empty;
3258
3259 /* Describe LSA Header from Database Summary List. */
3260 lsdb = &nbr->db_sum;
3261
3262 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3263 struct route_table *table = lsdb->type[i].db;
3264 struct route_node *rn;
3265
3266 for (rn = route_top(table); rn; rn = route_next(rn))
3267 if ((lsa = rn->info) != NULL) {
3268 if (IS_OPAQUE_LSA(lsa->data->type)
3269 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3270 /* Suppress advertising
3271 * opaque-informations. */
3272 /* Remove LSA from DB summary list. */
3273 ospf_lsdb_delete(lsdb, lsa);
3274 continue;
3275 }
3276
3277 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3278 struct lsa_header *lsah;
3279 u_int16_t ls_age;
3280
3281 /* DD packet overflows interface MTU. */
3282 if (length + OSPF_LSA_HEADER_SIZE
3283 > ospf_packet_max(oi))
3284 break;
3285
3286 /* Keep pointer to LS age. */
3287 lsah = (struct lsa_header
3288 *)(STREAM_DATA(s)
3289 + stream_get_endp(
3290 s));
3291
3292 /* Proceed stream pointer. */
3293 stream_put(s, lsa->data,
3294 OSPF_LSA_HEADER_SIZE);
3295 length += OSPF_LSA_HEADER_SIZE;
3296
3297 /* Set LS age. */
3298 ls_age = LS_AGE(lsa);
3299 lsah->ls_age = htons(ls_age);
3300 }
3301
3302 /* Remove LSA from DB summary list. */
3303 ospf_lsdb_delete(lsdb, lsa);
3304 }
3305 }
3306
3307 /* Update 'More' bit */
3308 if (ospf_db_summary_isempty(nbr)) {
3309 empty:
3310 if (nbr->state >= NSM_Exchange) {
3311 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3312 /* Rewrite DD flags */
3313 stream_putc_at(s, pp, nbr->dd_flags);
3314 } else {
3315 assert(IS_SET_DD_M(nbr->dd_flags));
3316 }
3317 }
3318 return length;
3319 }
3320
3321 static int ospf_make_ls_req_func(struct stream *s, u_int16_t *length,
3322 unsigned long delta, struct ospf_neighbor *nbr,
3323 struct ospf_lsa *lsa)
3324 {
3325 struct ospf_interface *oi;
3326
3327 oi = nbr->oi;
3328
3329 /* LS Request packet overflows interface MTU. */
3330 if (*length + delta > ospf_packet_max(oi))
3331 return 0;
3332
3333 stream_putl(s, lsa->data->type);
3334 stream_put_ipv4(s, lsa->data->id.s_addr);
3335 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3336
3337 ospf_lsa_unlock(&nbr->ls_req_last);
3338 nbr->ls_req_last = ospf_lsa_lock(lsa);
3339
3340 *length += 12;
3341 return 1;
3342 }
3343
3344 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3345 {
3346 struct ospf_lsa *lsa;
3347 u_int16_t length = OSPF_LS_REQ_MIN_SIZE;
3348 unsigned long delta = stream_get_endp(s) + 12;
3349 struct route_table *table;
3350 struct route_node *rn;
3351 int i;
3352 struct ospf_lsdb *lsdb;
3353
3354 lsdb = &nbr->ls_req;
3355
3356 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3357 table = lsdb->type[i].db;
3358 for (rn = route_top(table); rn; rn = route_next(rn))
3359 if ((lsa = (rn->info)) != NULL)
3360 if (ospf_make_ls_req_func(s, &length, delta,
3361 nbr, lsa)
3362 == 0) {
3363 route_unlock_node(rn);
3364 break;
3365 }
3366 }
3367 return length;
3368 }
3369
3370 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3371 {
3372 int age;
3373
3374 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3375
3376 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3377 }
3378
3379 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3380 struct stream *s)
3381 {
3382 struct ospf_lsa *lsa;
3383 struct listnode *node;
3384 u_int16_t length = 0;
3385 unsigned int size_noauth;
3386 unsigned long delta = stream_get_endp(s);
3387 unsigned long pp;
3388 int count = 0;
3389
3390 if (IS_DEBUG_OSPF_EVENT)
3391 zlog_debug("ospf_make_ls_upd: Start");
3392
3393 pp = stream_get_endp(s);
3394 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3395 length += OSPF_LS_UPD_MIN_SIZE;
3396
3397 /* Calculate amount of packet usable for data. */
3398 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3399
3400 while ((node = listhead(update)) != NULL) {
3401 struct lsa_header *lsah;
3402 u_int16_t ls_age;
3403
3404 if (IS_DEBUG_OSPF_EVENT)
3405 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3406 count);
3407
3408 lsa = listgetdata(node);
3409
3410 assert(lsa->data);
3411
3412 /* Will it fit? */
3413 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3414 break;
3415
3416 /* Keep pointer to LS age. */
3417 lsah = (struct lsa_header *)(STREAM_DATA(s)
3418 + stream_get_endp(s));
3419
3420 /* Put LSA to Link State Request. */
3421 stream_put(s, lsa->data, ntohs(lsa->data->length));
3422
3423 /* Set LS age. */
3424 /* each hop must increment an lsa_age by transmit_delay
3425 of OSPF interface */
3426 ls_age = ls_age_increment(lsa,
3427 OSPF_IF_PARAM(oi, transmit_delay));
3428 lsah->ls_age = htons(ls_age);
3429
3430 length += ntohs(lsa->data->length);
3431 count++;
3432
3433 list_delete_node(update, node);
3434 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3435 }
3436
3437 /* Now set #LSAs. */
3438 stream_putl_at(s, pp, count);
3439
3440 if (IS_DEBUG_OSPF_EVENT)
3441 zlog_debug("ospf_make_ls_upd: Stop");
3442 return length;
3443 }
3444
3445 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3446 struct stream *s)
3447 {
3448 struct listnode *node, *nnode;
3449 u_int16_t length = OSPF_LS_ACK_MIN_SIZE;
3450 unsigned long delta = stream_get_endp(s) + 24;
3451 struct ospf_lsa *lsa;
3452
3453 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3454 assert(lsa);
3455
3456 if (length + delta > ospf_packet_max(oi))
3457 break;
3458
3459 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3460 length += OSPF_LSA_HEADER_SIZE;
3461
3462 listnode_delete(ack, lsa);
3463 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3464 }
3465
3466 return length;
3467 }
3468
3469 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3470 {
3471 struct ospf_packet *op;
3472 u_int16_t length = OSPF_HEADER_SIZE;
3473
3474 op = ospf_packet_new(oi->ifp->mtu);
3475
3476 /* Prepare OSPF common header. */
3477 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3478
3479 /* Prepare OSPF Hello body. */
3480 length += ospf_make_hello(oi, op->s);
3481
3482 /* Fill OSPF header. */
3483 ospf_fill_header(oi, op->s, length);
3484
3485 /* Set packet length. */
3486 op->length = length;
3487
3488 op->dst.s_addr = addr;
3489
3490 /* Add packet to the top of the interface output queue, so that they
3491 * can't get delayed by things like long queues of LS Update packets
3492 */
3493 ospf_packet_add_top(oi, op);
3494
3495 /* Hook thread to write packet. */
3496 OSPF_ISM_WRITE_ON(oi->ospf);
3497 }
3498
3499 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3500 {
3501 struct ospf_interface *oi;
3502
3503 oi = nbr_nbma->oi;
3504 assert(oi);
3505
3506 /* If this is passive interface, do not send OSPF Hello. */
3507 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3508 return;
3509
3510 if (oi->type != OSPF_IFTYPE_NBMA)
3511 return;
3512
3513 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3514 return;
3515
3516 if (PRIORITY(oi) == 0)
3517 return;
3518
3519 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3520 && oi->state != ISM_Backup)
3521 return;
3522
3523 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3524 }
3525
3526 int ospf_poll_timer(struct thread *thread)
3527 {
3528 struct ospf_nbr_nbma *nbr_nbma;
3529
3530 nbr_nbma = THREAD_ARG(thread);
3531 nbr_nbma->t_poll = NULL;
3532
3533 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3534 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3535 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3536
3537 ospf_poll_send(nbr_nbma);
3538
3539 if (nbr_nbma->v_poll > 0)
3540 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3541 nbr_nbma->v_poll);
3542
3543 return 0;
3544 }
3545
3546
3547 int ospf_hello_reply_timer(struct thread *thread)
3548 {
3549 struct ospf_neighbor *nbr;
3550
3551 nbr = THREAD_ARG(thread);
3552 nbr->t_hello_reply = NULL;
3553
3554 assert(nbr->oi);
3555
3556 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3557 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3558 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3559
3560 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3561
3562 return 0;
3563 }
3564
3565 /* Send OSPF Hello. */
3566 void ospf_hello_send(struct ospf_interface *oi)
3567 {
3568 /* If this is passive interface, do not send OSPF Hello. */
3569 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3570 return;
3571
3572 if (oi->type == OSPF_IFTYPE_NBMA) {
3573 struct ospf_neighbor *nbr;
3574 struct route_node *rn;
3575
3576 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3577 if ((nbr = rn->info))
3578 if (nbr != oi->nbr_self)
3579 if (nbr->state != NSM_Down) {
3580 /* RFC 2328 Section 9.5.1
3581 If the router is not
3582 eligible to become Designated
3583 Router,
3584 it must periodically send
3585 Hello Packets to both the
3586 Designated Router and the
3587 Backup Designated Router (if
3588 they
3589 exist). */
3590 if (PRIORITY(oi) == 0
3591 && IPV4_ADDR_CMP(
3592 &DR(oi),
3593 &nbr->address.u
3594 .prefix4)
3595 && IPV4_ADDR_CMP(
3596 &BDR(oi),
3597 &nbr->address.u
3598 .prefix4))
3599 continue;
3600
3601 /* If the router is eligible to
3602 become Designated Router, it
3603 must periodically send Hello
3604 Packets to all neighbors that
3605 are also eligible. In
3606 addition, if the router is
3607 itself the
3608 Designated Router or Backup
3609 Designated Router, it must
3610 also
3611 send periodic Hello Packets
3612 to all other neighbors. */
3613
3614 if (nbr->priority == 0
3615 && oi->state == ISM_DROther)
3616 continue;
3617 /* if oi->state == Waiting, send
3618 * hello to all neighbors */
3619 ospf_hello_send_sub(
3620 oi,
3621 nbr->address.u.prefix4
3622 .s_addr);
3623 }
3624 } else {
3625 /* Decide destination address. */
3626 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3627 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3628 else
3629 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3630 }
3631 }
3632
3633 /* Send OSPF Database Description. */
3634 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3635 {
3636 struct ospf_interface *oi;
3637 struct ospf_packet *op;
3638 u_int16_t length = OSPF_HEADER_SIZE;
3639
3640 oi = nbr->oi;
3641 op = ospf_packet_new(oi->ifp->mtu);
3642
3643 /* Prepare OSPF common header. */
3644 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3645
3646 /* Prepare OSPF Database Description body. */
3647 length += ospf_make_db_desc(oi, nbr, op->s);
3648
3649 /* Fill OSPF header. */
3650 ospf_fill_header(oi, op->s, length);
3651
3652 /* Set packet length. */
3653 op->length = length;
3654
3655 /* Decide destination address. */
3656 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3657 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3658 else
3659 op->dst = nbr->address.u.prefix4;
3660
3661 /* Add packet to the interface output queue. */
3662 ospf_packet_add(oi, op);
3663
3664 /* Hook thread to write packet. */
3665 OSPF_ISM_WRITE_ON(oi->ospf);
3666
3667 /* Remove old DD packet, then copy new one and keep in neighbor
3668 * structure. */
3669 if (nbr->last_send)
3670 ospf_packet_free(nbr->last_send);
3671 nbr->last_send = ospf_packet_dup(op);
3672 monotime(&nbr->last_send_ts);
3673 }
3674
3675 /* Re-send Database Description. */
3676 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3677 {
3678 struct ospf_interface *oi;
3679
3680 oi = nbr->oi;
3681
3682 /* Add packet to the interface output queue. */
3683 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3684
3685 /* Hook thread to write packet. */
3686 OSPF_ISM_WRITE_ON(oi->ospf);
3687 }
3688
3689 /* Send Link State Request. */
3690 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3691 {
3692 struct ospf_interface *oi;
3693 struct ospf_packet *op;
3694 u_int16_t length = OSPF_HEADER_SIZE;
3695
3696 oi = nbr->oi;
3697 op = ospf_packet_new(oi->ifp->mtu);
3698
3699 /* Prepare OSPF common header. */
3700 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3701
3702 /* Prepare OSPF Link State Request body. */
3703 length += ospf_make_ls_req(nbr, op->s);
3704 if (length == OSPF_HEADER_SIZE) {
3705 ospf_packet_free(op);
3706 return;
3707 }
3708
3709 /* Fill OSPF header. */
3710 ospf_fill_header(oi, op->s, length);
3711
3712 /* Set packet length. */
3713 op->length = length;
3714
3715 /* Decide destination address. */
3716 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3717 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3718 else
3719 op->dst = nbr->address.u.prefix4;
3720
3721 /* Add packet to the interface output queue. */
3722 ospf_packet_add(oi, op);
3723
3724 /* Hook thread to write packet. */
3725 OSPF_ISM_WRITE_ON(oi->ospf);
3726
3727 /* Add Link State Request Retransmission Timer. */
3728 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3729 }
3730
3731 /* Send Link State Update with an LSA. */
3732 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3733 int flag)
3734 {
3735 struct list *update;
3736
3737 update = list_new();
3738
3739 listnode_add(update, lsa);
3740 ospf_ls_upd_send(nbr, update, flag);
3741
3742 list_delete(update);
3743 }
3744
3745 /* Determine size for packet. Must be at least big enough to accomodate next
3746 * LSA on list, which may be bigger than MTU size.
3747 *
3748 * Return pointer to new ospf_packet
3749 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3750 * on packet sizes (in which case offending LSA is deleted from update list)
3751 */
3752 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3753 struct ospf_interface *oi)
3754 {
3755 struct ospf_lsa *lsa;
3756 struct listnode *ln;
3757 size_t size;
3758 static char warned = 0;
3759
3760 lsa = listgetdata((ln = listhead(update)));
3761 assert(lsa->data);
3762
3763 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3764 > ospf_packet_max(oi)) {
3765 if (!warned) {
3766 zlog_warn(
3767 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3768 "will need to fragment. Not optimal. Try divide up"
3769 " your network with areas. Use 'debug ospf packet send'"
3770 " to see details, or look at 'show ip ospf database ..'");
3771 warned = 1;
3772 }
3773
3774 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3775 zlog_debug(
3776 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3777 " %d bytes originated by %s, will be fragmented!",
3778 inet_ntoa(lsa->data->id),
3779 ntohs(lsa->data->length),
3780 inet_ntoa(lsa->data->adv_router));
3781
3782 /*
3783 * Allocate just enough to fit this LSA only, to avoid including
3784 * other
3785 * LSAs in fragmented LSA Updates.
3786 */
3787 size = ntohs(lsa->data->length)
3788 + (oi->ifp->mtu - ospf_packet_max(oi))
3789 + OSPF_LS_UPD_MIN_SIZE;
3790 } else
3791 size = oi->ifp->mtu;
3792
3793 if (size > OSPF_MAX_PACKET_SIZE) {
3794 zlog_warn(
3795 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3796 " %d bytes, packet size %ld, dropping it completely."
3797 " OSPF routing is broken!",
3798 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3799 (long int)size);
3800 list_delete_node(update, ln);
3801 return NULL;
3802 }
3803
3804 /* IP header is built up separately by ospf_write(). This means, that we
3805 * must
3806 * reduce the "affordable" size just calculated by length of an IP
3807 * header.
3808 * This makes sure, that even if we manage to fill the payload with LSA
3809 * data
3810 * completely, the final packet (our data plus IP header) still fits
3811 * into
3812 * outgoing interface MTU. This correction isn't really meaningful for
3813 * an
3814 * oversized LSA, but for consistency the correction is done for both
3815 * cases.
3816 *
3817 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3818 */
3819 return ospf_packet_new(size - sizeof(struct ip));
3820 }
3821
3822 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3823 struct list *update, struct in_addr addr)
3824 {
3825 struct ospf_packet *op;
3826 u_int16_t length = OSPF_HEADER_SIZE;
3827
3828 if (IS_DEBUG_OSPF_EVENT)
3829 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3830 IF_NAME(oi), inet_ntoa(addr));
3831
3832 op = ospf_ls_upd_packet_new(update, oi);
3833
3834 /* Prepare OSPF common header. */
3835 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3836
3837 /* Prepare OSPF Link State Update body.
3838 * Includes Type-7 translation.
3839 */
3840 length += ospf_make_ls_upd(oi, update, op->s);
3841
3842 /* Fill OSPF header. */
3843 ospf_fill_header(oi, op->s, length);
3844
3845 /* Set packet length. */
3846 op->length = length;
3847
3848 /* Decide destination address. */
3849 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3850 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3851 else
3852 op->dst.s_addr = addr.s_addr;
3853
3854 /* Add packet to the interface output queue. */
3855 ospf_packet_add(oi, op);
3856
3857 /* Hook thread to write packet. */
3858 OSPF_ISM_WRITE_ON(oi->ospf);
3859 }
3860
3861 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3862 {
3863 struct ospf_interface *oi = THREAD_ARG(thread);
3864 struct route_node *rn;
3865 struct route_node *rnext;
3866 struct list *update;
3867 char again = 0;
3868
3869 oi->t_ls_upd_event = NULL;
3870
3871 if (IS_DEBUG_OSPF_EVENT)
3872 zlog_debug("ospf_ls_upd_send_queue start");
3873
3874 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
3875 rnext = route_next(rn);
3876
3877 if (rn->info == NULL)
3878 continue;
3879
3880 update = (struct list *)rn->info;
3881
3882 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4);
3883
3884 /* list might not be empty. */
3885 if (listcount(update) == 0) {
3886 list_delete(rn->info);
3887 rn->info = NULL;
3888 route_unlock_node(rn);
3889 } else
3890 again = 1;
3891 }
3892
3893 if (again != 0) {
3894 if (IS_DEBUG_OSPF_EVENT)
3895 zlog_debug(
3896 "ospf_ls_upd_send_queue: update lists not cleared,"
3897 " %d nodes to try again, raising new event",
3898 again);
3899 oi->t_ls_upd_event = NULL;
3900 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
3901 &oi->t_ls_upd_event);
3902 }
3903
3904 if (IS_DEBUG_OSPF_EVENT)
3905 zlog_debug("ospf_ls_upd_send_queue stop");
3906
3907 return 0;
3908 }
3909
3910 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag)
3911 {
3912 struct ospf_interface *oi;
3913 struct ospf_lsa *lsa;
3914 struct prefix_ipv4 p;
3915 struct route_node *rn;
3916 struct listnode *node;
3917
3918 oi = nbr->oi;
3919
3920 p.family = AF_INET;
3921 p.prefixlen = IPV4_MAX_BITLEN;
3922
3923 /* Decide destination address. */
3924 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3925 p.prefix = oi->vl_data->peer_addr;
3926 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3927 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3928 else if (flag == OSPF_SEND_PACKET_DIRECT)
3929 p.prefix = nbr->address.u.prefix4;
3930 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
3931 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3932 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
3933 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3934 else
3935 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
3936
3937 if (oi->type == OSPF_IFTYPE_NBMA) {
3938 if (flag == OSPF_SEND_PACKET_INDIRECT)
3939 zlog_warn(
3940 "* LS-Update is directly sent on NBMA network.");
3941 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix.s_addr))
3942 zlog_warn("* LS-Update is sent to myself.");
3943 }
3944
3945 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
3946
3947 if (rn->info == NULL)
3948 rn->info = list_new();
3949 else
3950 route_unlock_node(rn);
3951
3952 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
3953 listnode_add(rn->info,
3954 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
3955
3956 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
3957 &oi->t_ls_upd_event);
3958 }
3959
3960 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
3961 struct in_addr dst)
3962 {
3963 struct ospf_packet *op;
3964 u_int16_t length = OSPF_HEADER_SIZE;
3965
3966 op = ospf_packet_new(oi->ifp->mtu);
3967
3968 /* Prepare OSPF common header. */
3969 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
3970
3971 /* Prepare OSPF Link State Acknowledgment body. */
3972 length += ospf_make_ls_ack(oi, ack, op->s);
3973
3974 /* Fill OSPF header. */
3975 ospf_fill_header(oi, op->s, length);
3976
3977 /* Set packet length. */
3978 op->length = length;
3979
3980 /* Decide destination address. */
3981 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3982 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3983 else
3984 op->dst.s_addr = dst.s_addr;
3985
3986 /* Add packet to the interface output queue. */
3987 ospf_packet_add(oi, op);
3988
3989 /* Hook thread to write packet. */
3990 OSPF_ISM_WRITE_ON(oi->ospf);
3991 }
3992
3993 static int ospf_ls_ack_send_event(struct thread *thread)
3994 {
3995 struct ospf_interface *oi = THREAD_ARG(thread);
3996
3997 oi->t_ls_ack_direct = NULL;
3998
3999 while (listcount(oi->ls_ack_direct.ls_ack))
4000 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4001 oi->ls_ack_direct.dst);
4002
4003 return 0;
4004 }
4005
4006 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4007 {
4008 struct ospf_interface *oi = nbr->oi;
4009
4010 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4011 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4012
4013 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4014
4015 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4016 &oi->t_ls_ack_direct);
4017 }
4018
4019 /* Send Link State Acknowledgment delayed. */
4020 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4021 {
4022 struct in_addr dst;
4023
4024 /* Decide destination address. */
4025 /* RFC2328 Section 13.5 On non-broadcast
4026 networks, delayed Link State Acknowledgment packets must be
4027 unicast separately over each adjacency (i.e., neighbor whose
4028 state is >= Exchange). */
4029 if (oi->type == OSPF_IFTYPE_NBMA) {
4030 struct ospf_neighbor *nbr;
4031 struct route_node *rn;
4032
4033 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4034 if ((nbr = rn->info) != NULL)
4035 if (nbr != oi->nbr_self
4036 && nbr->state >= NSM_Exchange)
4037 while (listcount(oi->ls_ack))
4038 ospf_ls_ack_send_list(
4039 oi, oi->ls_ack,
4040 nbr->address.u.prefix4);
4041 return;
4042 }
4043 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4044 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4045 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4046 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4047 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4048 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4049 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4050 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4051 else
4052 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4053
4054 while (listcount(oi->ls_ack))
4055 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4056 }
4057
4058 /*
4059 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4060 * address. As a result, the kernel does not need to learn the interface
4061 * MAC of the OSPF neighbor. However, in our world, this will delay
4062 * convergence. Take the case when due to a link flap, all routes now
4063 * want to use an interface which was deemed to be costlier prior to this
4064 * event. For routes that will be installed, the missing MAC will have
4065 * punt-to-CPU set on them. This may overload the CPU control path that
4066 * can be avoided if the MAC was known apriori.
4067 */
4068 #define OSPF_PING_NBR_STR_MAX (8 + 40 + 20)
4069 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4070 {
4071 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4072 char *str_ptr;
4073 int ret;
4074
4075 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4076 return;
4077
4078 str_ptr = strcpy(ping_nbr, "ping -c 1 -I ");
4079 str_ptr = strcat(str_ptr, nbr->oi->ifp->name);
4080 str_ptr = strcat(str_ptr, " ");
4081 str_ptr = strcat(str_ptr, inet_ntoa(nbr->address.u.prefix4));
4082 str_ptr = strcat(str_ptr, " > /dev/null 2>&1 &");
4083 ret = system(ping_nbr);
4084 if (IS_DEBUG_OSPF_EVENT)
4085 zlog_debug("Executed %s %s", ping_nbr,
4086 ((ret == 0) ? "successfully" : "but failed"));
4087 }
FRRouting mirror