]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #11523 from pguibert6WIND/bgp_no_retain
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56 #include "ospfd/ospf_zebra.h"
57 #include "ospfd/ospf_gr.h"
58
59 /*
60 * OSPF Fragmentation / fragmented writes
61 *
62 * ospfd can support writing fragmented packets, for cases where
63 * kernel will not fragment IP_HDRINCL and/or multicast destined
64 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
65 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
66 * flags fields, hence user-space fragmentation will not work.
67 * Only Linux is known to leave IP header unmolested.
68 * Further, fragmentation really should be done the kernel, which already
69 * supports it, and which avoids nasty IP ID state problems.
70 *
71 * Fragmentation of OSPF packets can be required on networks with router
72 * with many many interfaces active in one area, or on networks with links
73 * with low MTUs.
74 */
75 #ifdef GNU_LINUX
76 #define WANT_OSPF_WRITE_FRAGMENT
77 #endif
78
79 /* Packet Type String. */
80 const struct message ospf_packet_type_str[] = {
81 {OSPF_MSG_HELLO, "Hello"},
82 {OSPF_MSG_DB_DESC, "Database Description"},
83 {OSPF_MSG_LS_REQ, "Link State Request"},
84 {OSPF_MSG_LS_UPD, "Link State Update"},
85 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
86 {0}};
87
88 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
89 particular types, offset is the "type" field of a packet. */
90 static const uint16_t ospf_packet_minlen[] = {
91 0,
92 OSPF_HELLO_MIN_SIZE,
93 OSPF_DB_DESC_MIN_SIZE,
94 OSPF_LS_REQ_MIN_SIZE,
95 OSPF_LS_UPD_MIN_SIZE,
96 OSPF_LS_ACK_MIN_SIZE,
97 };
98
99 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
100 types, offset is the "LSA type" field. */
101 static const uint16_t ospf_lsa_minlen[] = {
102 0, /* OSPF_UNKNOWN_LSA */
103 OSPF_ROUTER_LSA_MIN_SIZE, /* OSPF_ROUTER_LSA */
104 OSPF_NETWORK_LSA_MIN_SIZE, /* OSPF_NETWORK_LSA */
105 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_SUMMARY_LSA */
106 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_ASBR_SUMMARY_LSA */
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_EXTERNAL_LSA */
108 0, /* Unsupported, OSPF_GROUP_MEMBER_LSA */
109 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_NSSA_LSA */
110 0, /* Unsupported, OSPF_EXTERNAL_ATTRIBURES_LSA */
111 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_LINK_LSA */
112 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AREA_LSA */
113 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AS_LSA */
114 };
115
116 /* for ospf_check_auth() */
117 static int ospf_check_sum(struct ospf_header *);
118
119 /* OSPF authentication checking function */
120 static int ospf_auth_type(struct ospf_interface *oi)
121 {
122 int auth_type;
123
124 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
125 auth_type = oi->area->auth_type;
126 else
127 auth_type = OSPF_IF_PARAM(oi, auth_type);
128
129 /* Handle case where MD5 key list is not configured aka Cisco */
130 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
131 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
132 return OSPF_AUTH_NULL;
133
134 return auth_type;
135 }
136
137 static struct ospf_packet *ospf_packet_new(size_t size)
138 {
139 struct ospf_packet *new;
140
141 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
142 new->s = stream_new(size);
143
144 return new;
145 }
146
147 void ospf_packet_free(struct ospf_packet *op)
148 {
149 if (op->s)
150 stream_free(op->s);
151
152 XFREE(MTYPE_OSPF_PACKET, op);
153 }
154
155 struct ospf_fifo *ospf_fifo_new(void)
156 {
157 struct ospf_fifo *new;
158
159 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
160 return new;
161 }
162
163 /* Add new packet to fifo. */
164 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
165 {
166 if (fifo->tail)
167 fifo->tail->next = op;
168 else
169 fifo->head = op;
170
171 fifo->tail = op;
172
173 fifo->count++;
174 }
175
176 /* Add new packet to head of fifo. */
177 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
178 {
179 op->next = fifo->head;
180
181 if (fifo->tail == NULL)
182 fifo->tail = op;
183
184 fifo->head = op;
185
186 fifo->count++;
187 }
188
189 /* Delete first packet from fifo. */
190 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
191 {
192 struct ospf_packet *op;
193
194 op = fifo->head;
195
196 if (op) {
197 fifo->head = op->next;
198
199 if (fifo->head == NULL)
200 fifo->tail = NULL;
201
202 fifo->count--;
203 }
204
205 return op;
206 }
207
208 /* Return first fifo entry. */
209 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
210 {
211 return fifo->head;
212 }
213
214 /* Flush ospf packet fifo. */
215 void ospf_fifo_flush(struct ospf_fifo *fifo)
216 {
217 struct ospf_packet *op;
218 struct ospf_packet *next;
219
220 for (op = fifo->head; op; op = next) {
221 next = op->next;
222 ospf_packet_free(op);
223 }
224 fifo->head = fifo->tail = NULL;
225 fifo->count = 0;
226 }
227
228 /* Free ospf packet fifo. */
229 void ospf_fifo_free(struct ospf_fifo *fifo)
230 {
231 ospf_fifo_flush(fifo);
232
233 XFREE(MTYPE_OSPF_FIFO, fifo);
234 }
235
236 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
237 {
238 /* Add packet to end of queue. */
239 ospf_fifo_push(oi->obuf, op);
240
241 /* Debug of packet fifo*/
242 /* ospf_fifo_debug (oi->obuf); */
243 }
244
245 static void ospf_packet_add_top(struct ospf_interface *oi,
246 struct ospf_packet *op)
247 {
248 /* Add packet to head of queue. */
249 ospf_fifo_push_head(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_delete(struct ospf_interface *oi)
256 {
257 struct ospf_packet *op;
258
259 op = ospf_fifo_pop(oi->obuf);
260
261 if (op)
262 ospf_packet_free(op);
263 }
264
265 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
266 {
267 struct ospf_packet *new;
268
269 if (stream_get_endp(op->s) != op->length)
270 /* XXX size_t */
271 zlog_debug(
272 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
273 (unsigned long)STREAM_SIZE(op->s), op->length);
274
275 /* Reserve space for MD5 authentication that may be added later. */
276 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
277 stream_copy(new->s, op->s);
278
279 new->dst = op->dst;
280 new->length = op->length;
281
282 return new;
283 }
284
285 /* XXX inline */
286 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
287 {
288 int auth = 0;
289
290 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
291 auth = OSPF_AUTH_MD5_SIZE;
292
293 return auth;
294 }
295
296 static unsigned int ospf_packet_max(struct ospf_interface *oi)
297 {
298 int max;
299
300 max = oi->ifp->mtu - ospf_packet_authspace(oi);
301
302 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
303
304 return max;
305 }
306
307
308 static int ospf_check_md5_digest(struct ospf_interface *oi,
309 struct ospf_header *ospfh)
310 {
311 #ifdef CRYPTO_OPENSSL
312 EVP_MD_CTX *ctx;
313 #elif CRYPTO_INTERNAL
314 MD5_CTX ctx;
315 #endif
316 unsigned char digest[OSPF_AUTH_MD5_SIZE];
317 struct crypt_key *ck;
318 struct ospf_neighbor *nbr;
319 uint16_t length = ntohs(ospfh->length);
320
321 /* Get secret key. */
322 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
323 ospfh->u.crypt.key_id);
324 if (ck == NULL) {
325 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
326 IF_NAME(oi), ospfh->u.crypt.key_id);
327 return 0;
328 }
329
330 /* check crypto seqnum. */
331 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
332
333 if (nbr
334 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
335 flog_warn(
336 EC_OSPF_MD5,
337 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
338 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
339 ntohl(nbr->crypt_seqnum));
340 return 0;
341 }
342
343 /* Generate a digest for the ospf packet - their digest + our digest. */
344 #ifdef CRYPTO_OPENSSL
345 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
346 ctx = EVP_MD_CTX_new();
347 EVP_DigestInit(ctx, EVP_md5());
348 EVP_DigestUpdate(ctx, ospfh, length);
349 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
350 EVP_DigestFinal(ctx, digest, &md5_size);
351 EVP_MD_CTX_free(ctx);
352 #elif CRYPTO_INTERNAL
353 memset(&ctx, 0, sizeof(ctx));
354 MD5Init(&ctx);
355 MD5Update(&ctx, ospfh, length);
356 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
357 MD5Final(digest, &ctx);
358 #endif
359
360 /* compare the two */
361 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
362 flog_warn(EC_OSPF_MD5,
363 "interface %s: ospf_check_md5 checksum mismatch",
364 IF_NAME(oi));
365 return 0;
366 }
367
368 /* save neighbor's crypt_seqnum */
369 if (nbr)
370 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
371 return 1;
372 }
373
374 /* This function is called from ospf_write(), it will detect the
375 authentication scheme and if it is MD5, it will change the sequence
376 and update the MD5 digest. */
377 static int ospf_make_md5_digest(struct ospf_interface *oi,
378 struct ospf_packet *op)
379 {
380 struct ospf_header *ospfh;
381 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
382 #ifdef CRYPTO_OPENSSL
383 EVP_MD_CTX *ctx;
384 #elif CRYPTO_INTERNAL
385 MD5_CTX ctx;
386 #endif
387 void *ibuf;
388 uint32_t t;
389 struct crypt_key *ck;
390 const uint8_t *auth_key;
391
392 ibuf = STREAM_DATA(op->s);
393 ospfh = (struct ospf_header *)ibuf;
394
395 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
396 return 0;
397
398 /* We do this here so when we dup a packet, we don't have to
399 waste CPU rewriting other headers.
400
401 Note that frr_time /deliberately/ is not used here */
402 t = (time(NULL) & 0xFFFFFFFF);
403 if (t > oi->crypt_seqnum)
404 oi->crypt_seqnum = t;
405 else
406 oi->crypt_seqnum++;
407
408 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
409
410 /* Get MD5 Authentication key from auth_key list. */
411 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
412 auth_key = (const uint8_t *)digest;
413 else {
414 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
415 auth_key = ck->auth_key;
416 }
417
418 /* Generate a digest for the entire packet + our secret key. */
419 #ifdef CRYPTO_OPENSSL
420 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
421 ctx = EVP_MD_CTX_new();
422 EVP_DigestInit(ctx, EVP_md5());
423 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
424 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 EVP_DigestFinal(ctx, digest, &md5_size);
426 EVP_MD_CTX_free(ctx);
427 #elif CRYPTO_INTERNAL
428 memset(&ctx, 0, sizeof(ctx));
429 MD5Init(&ctx);
430 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
431 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
432 MD5Final(digest, &ctx);
433 #endif
434
435 /* Append md5 digest to the end of the stream. */
436 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
437
438 /* We do *NOT* increment the OSPF header length. */
439 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
440
441 if (stream_get_endp(op->s) != op->length)
442 /* XXX size_t */
443 flog_warn(
444 EC_OSPF_MD5,
445 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
446 (unsigned long)stream_get_endp(op->s), op->length);
447
448 return OSPF_AUTH_MD5_SIZE;
449 }
450
451
452 static void ospf_ls_req_timer(struct thread *thread)
453 {
454 struct ospf_neighbor *nbr;
455
456 nbr = THREAD_ARG(thread);
457 nbr->t_ls_req = NULL;
458
459 /* Send Link State Request. */
460 if (ospf_ls_request_count(nbr))
461 ospf_ls_req_send(nbr);
462
463 /* Set Link State Request retransmission timer. */
464 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
465 }
466
467 void ospf_ls_req_event(struct ospf_neighbor *nbr)
468 {
469 THREAD_OFF(nbr->t_ls_req);
470 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
471 }
472
473 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
474 ospf_neighbor.c */
475 void ospf_ls_upd_timer(struct thread *thread)
476 {
477 struct ospf_neighbor *nbr;
478
479 nbr = THREAD_ARG(thread);
480 nbr->t_ls_upd = NULL;
481
482 /* Send Link State Update. */
483 if (ospf_ls_retransmit_count(nbr) > 0) {
484 struct list *update;
485 struct ospf_lsdb *lsdb;
486 int i;
487 int retransmit_interval;
488
489 retransmit_interval =
490 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
491
492 lsdb = &nbr->ls_rxmt;
493 update = list_new();
494
495 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
496 struct route_table *table = lsdb->type[i].db;
497 struct route_node *rn;
498
499 for (rn = route_top(table); rn; rn = route_next(rn)) {
500 struct ospf_lsa *lsa;
501
502 if ((lsa = rn->info) != NULL) {
503 /* Don't retransmit an LSA if we
504 received it within
505 the last RxmtInterval seconds - this
506 is to allow the
507 neighbour a chance to acknowledge the
508 LSA as it may
509 have ben just received before the
510 retransmit timer
511 fired. This is a small tweak to what
512 is in the RFC,
513 but it will cut out out a lot of
514 retransmit traffic
515 - MAG */
516 if (monotime_since(&lsa->tv_recv, NULL)
517 >= retransmit_interval * 1000000LL)
518 listnode_add(update, rn->info);
519 }
520 }
521 }
522
523 if (listcount(update) > 0)
524 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
525 0);
526 list_delete(&update);
527 }
528
529 /* Set LS Update retransmission timer. */
530 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
531 }
532
533 void ospf_ls_ack_timer(struct thread *thread)
534 {
535 struct ospf_interface *oi;
536
537 oi = THREAD_ARG(thread);
538 oi->t_ls_ack = NULL;
539
540 /* Send Link State Acknowledgment. */
541 if (listcount(oi->ls_ack) > 0)
542 ospf_ls_ack_send_delayed(oi);
543
544 /* Set LS Ack timer. */
545 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
546 }
547
548 #ifdef WANT_OSPF_WRITE_FRAGMENT
549 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
550 struct msghdr *msg, unsigned int maxdatasize,
551 unsigned int mtu, int flags, uint8_t type)
552 {
553 #define OSPF_WRITE_FRAG_SHIFT 3
554 uint16_t offset;
555 struct iovec *iovp;
556 int ret;
557
558 assert(op->length == stream_get_endp(op->s));
559 assert(msg->msg_iovlen == 2);
560
561 /* we can but try.
562 *
563 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
564 * well as the IP_MF flag, making this all quite pointless.
565 *
566 * However, for a system on which IP_MF is left alone, and ip_id left
567 * alone or else which sets same ip_id for each fragment this might
568 * work, eg linux.
569 *
570 * XXX-TODO: It would be much nicer to have the kernel's use their
571 * existing fragmentation support to do this for us. Bugs/RFEs need to
572 * be raised against the various kernels.
573 */
574
575 /* set More Frag */
576 iph->ip_off |= IP_MF;
577
578 /* ip frag offset is expressed in units of 8byte words */
579 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
580
581 iovp = &msg->msg_iov[1];
582
583 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
584 > maxdatasize) {
585 /* data length of this frag is to next offset value */
586 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
587 iph->ip_len = iovp->iov_len + sizeof(struct ip);
588 assert(iph->ip_len <= mtu);
589
590 sockopt_iphdrincl_swab_htosys(iph);
591
592 ret = sendmsg(fd, msg, flags);
593
594 sockopt_iphdrincl_swab_systoh(iph);
595
596 if (ret < 0)
597 flog_err(
598 EC_LIB_SOCKET,
599 "*** ospf_write_frags: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
600 &iph->ip_dst, iph->ip_id, iph->ip_off,
601 iph->ip_len, mtu, safe_strerror(errno));
602
603 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
604 zlog_debug(
605 "ospf_write_frags: sent id %d, off %d, len %d to %pI4",
606 iph->ip_id, iph->ip_off, iph->ip_len,
607 &iph->ip_dst);
608 }
609
610 iph->ip_off += offset;
611 stream_forward_getp(op->s, iovp->iov_len);
612 iovp->iov_base = stream_pnt(op->s);
613 }
614
615 /* setup for final fragment */
616 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
617 iph->ip_len = iovp->iov_len + sizeof(struct ip);
618 iph->ip_off &= (~IP_MF);
619 }
620 #endif /* WANT_OSPF_WRITE_FRAGMENT */
621
622 static void ospf_write(struct thread *thread)
623 {
624 struct ospf *ospf = THREAD_ARG(thread);
625 struct ospf_interface *oi;
626 struct ospf_interface *last_serviced_oi = NULL;
627 struct ospf_packet *op;
628 struct sockaddr_in sa_dst;
629 struct ip iph;
630 struct msghdr msg;
631 struct iovec iov[2];
632 uint8_t type;
633 int ret;
634 int flags = 0;
635 struct listnode *node;
636 #ifdef WANT_OSPF_WRITE_FRAGMENT
637 static uint16_t ipid = 0;
638 uint16_t maxdatasize;
639 #endif /* WANT_OSPF_WRITE_FRAGMENT */
640 #define OSPF_WRITE_IPHL_SHIFT 2
641 int pkt_count = 0;
642
643 #ifdef GNU_LINUX
644 unsigned char cmsgbuf[64] = {};
645 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
646 struct in_pktinfo *pi;
647 #endif
648
649 if (ospf->fd < 0 || ospf->oi_running == 0) {
650 if (IS_DEBUG_OSPF_EVENT)
651 zlog_debug(
652 "ospf_write failed to send, fd %d, instance %u",
653 ospf->fd, ospf->oi_running);
654 return;
655 }
656
657 node = listhead(ospf->oi_write_q);
658 assert(node);
659 oi = listgetdata(node);
660
661 #ifdef WANT_OSPF_WRITE_FRAGMENT
662 /* seed ipid static with low order bits of time */
663 if (ipid == 0)
664 ipid = (time(NULL) & 0xffff);
665 #endif /* WANT_OSPF_WRITE_FRAGMENT */
666
667 while ((pkt_count < ospf->write_oi_count) && oi
668 && (last_serviced_oi != oi)) {
669 /* If there is only packet in the queue, the oi is removed from
670 write-q, so fix up the last interface that was serviced */
671 if (last_serviced_oi == NULL) {
672 last_serviced_oi = oi;
673 }
674 pkt_count++;
675 #ifdef WANT_OSPF_WRITE_FRAGMENT
676 /* convenience - max OSPF data per packet */
677 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
678 #endif /* WANT_OSPF_WRITE_FRAGMENT */
679 /* Get one packet from queue. */
680 op = ospf_fifo_head(oi->obuf);
681 assert(op);
682 assert(op->length >= OSPF_HEADER_SIZE);
683
684 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
685 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
686 ospf_if_ipmulticast(ospf, oi->address,
687 oi->ifp->ifindex);
688
689 /* Rewrite the md5 signature & update the seq */
690 ospf_make_md5_digest(oi, op);
691
692 /* Retrieve OSPF packet type. */
693 stream_set_getp(op->s, 1);
694 type = stream_getc(op->s);
695
696 /* reset get pointer */
697 stream_set_getp(op->s, 0);
698
699 memset(&iph, 0, sizeof(iph));
700 memset(&sa_dst, 0, sizeof(sa_dst));
701
702 sa_dst.sin_family = AF_INET;
703 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
704 sa_dst.sin_len = sizeof(sa_dst);
705 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
706 sa_dst.sin_addr = op->dst;
707 sa_dst.sin_port = htons(0);
708
709 /* Set DONTROUTE flag if dst is unicast. */
710 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
711 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
712 flags = MSG_DONTROUTE;
713
714 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
715 /* it'd be very strange for header to not be 4byte-word aligned
716 * but.. */
717 if (sizeof(struct ip)
718 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
719 iph.ip_hl++; /* we presume sizeof(struct ip) cant
720 overflow ip_hl.. */
721
722 iph.ip_v = IPVERSION;
723 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
724 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
725
726 #if defined(__DragonFly__)
727 /*
728 * DragonFly's raw socket expects ip_len/ip_off in network byte
729 * order.
730 */
731 iph.ip_len = htons(iph.ip_len);
732 #endif
733
734 #ifdef WANT_OSPF_WRITE_FRAGMENT
735 /* XXX-MT: not thread-safe at all..
736 * XXX: this presumes this is only programme sending OSPF
737 * packets
738 * otherwise, no guarantee ipid will be unique
739 */
740 iph.ip_id = ++ipid;
741 #endif /* WANT_OSPF_WRITE_FRAGMENT */
742
743 iph.ip_off = 0;
744 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
745 iph.ip_ttl = OSPF_VL_IP_TTL;
746 else
747 iph.ip_ttl = OSPF_IP_TTL;
748 iph.ip_p = IPPROTO_OSPFIGP;
749 iph.ip_sum = 0;
750 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
751 iph.ip_dst.s_addr = op->dst.s_addr;
752
753 memset(&msg, 0, sizeof(msg));
754 msg.msg_name = (caddr_t)&sa_dst;
755 msg.msg_namelen = sizeof(sa_dst);
756 msg.msg_iov = iov;
757 msg.msg_iovlen = 2;
758
759 iov[0].iov_base = (char *)&iph;
760 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
761 iov[1].iov_base = stream_pnt(op->s);
762 iov[1].iov_len = op->length;
763
764 #ifdef GNU_LINUX
765 msg.msg_control = (caddr_t)cm;
766 cm->cmsg_level = SOL_IP;
767 cm->cmsg_type = IP_PKTINFO;
768 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
769 pi = (struct in_pktinfo *)CMSG_DATA(cm);
770 pi->ipi_ifindex = oi->ifp->ifindex;
771
772 msg.msg_controllen = cm->cmsg_len;
773 #endif
774
775 /* Sadly we can not rely on kernels to fragment packets
776 * because of either IP_HDRINCL and/or multicast
777 * destination being set.
778 */
779
780 #ifdef WANT_OSPF_WRITE_FRAGMENT
781 if (op->length > maxdatasize)
782 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
783 oi->ifp->mtu, flags, type);
784 #endif /* WANT_OSPF_WRITE_FRAGMENT */
785
786 /* send final fragment (could be first) */
787 sockopt_iphdrincl_swab_htosys(&iph);
788 ret = sendmsg(ospf->fd, &msg, flags);
789 sockopt_iphdrincl_swab_systoh(&iph);
790 if (IS_DEBUG_OSPF_EVENT)
791 zlog_debug(
792 "ospf_write to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
793 &iph.ip_dst, iph.ip_id, iph.ip_off,
794 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
795
796 /* sendmsg will return EPERM if firewall is blocking sending.
797 * This is a normal situation when 'ip nhrp map multicast xxx'
798 * is being used to send multicast packets to DMVPN peers. In
799 * that case the original message is blocked with iptables rule
800 * causing the EPERM result
801 */
802 if (ret < 0 && errno != EPERM)
803 flog_err(
804 EC_LIB_SOCKET,
805 "*** sendmsg in ospf_write failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
806 &iph.ip_dst, iph.ip_id, iph.ip_off,
807 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
808 safe_strerror(errno));
809
810 /* Show debug sending packet. */
811 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
812 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
813 zlog_debug(
814 "-----------------------------------------------------");
815 stream_set_getp(op->s, 0);
816 ospf_packet_dump(op->s);
817 }
818
819 zlog_debug("%s sent to [%pI4] via [%s].",
820 lookup_msg(ospf_packet_type_str, type, NULL),
821 &op->dst, IF_NAME(oi));
822
823 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
824 zlog_debug(
825 "-----------------------------------------------------");
826 }
827
828 switch (type) {
829 case OSPF_MSG_HELLO:
830 oi->hello_out++;
831 break;
832 case OSPF_MSG_DB_DESC:
833 oi->db_desc_out++;
834 break;
835 case OSPF_MSG_LS_REQ:
836 oi->ls_req_out++;
837 break;
838 case OSPF_MSG_LS_UPD:
839 oi->ls_upd_out++;
840 break;
841 case OSPF_MSG_LS_ACK:
842 oi->ls_ack_out++;
843 break;
844 default:
845 break;
846 }
847
848 /* Now delete packet from queue. */
849 ospf_packet_delete(oi);
850
851 /* Move this interface to the tail of write_q to
852 serve everyone in a round robin fashion */
853 list_delete_node(ospf->oi_write_q, node);
854 if (ospf_fifo_head(oi->obuf) == NULL) {
855 oi->on_write_q = 0;
856 last_serviced_oi = NULL;
857 oi = NULL;
858 } else {
859 listnode_add(ospf->oi_write_q, oi);
860 }
861
862 /* Setup to service from the head of the queue again */
863 if (!list_isempty(ospf->oi_write_q)) {
864 node = listhead(ospf->oi_write_q);
865 oi = listgetdata(node);
866 }
867 }
868
869 /* If packets still remain in queue, call write thread. */
870 if (!list_isempty(ospf->oi_write_q))
871 thread_add_write(master, ospf_write, ospf, ospf->fd,
872 &ospf->t_write);
873 }
874
875 /* OSPF Hello message read -- RFC2328 Section 10.5. */
876 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
877 struct stream *s, struct ospf_interface *oi, int size)
878 {
879 struct ospf_hello *hello;
880 struct ospf_neighbor *nbr;
881 int old_state;
882 struct prefix p;
883
884 /* increment statistics. */
885 oi->hello_in++;
886
887 hello = (struct ospf_hello *)stream_pnt(s);
888
889 /* If Hello is myself, silently discard. */
890 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
891 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
892 zlog_debug(
893 "ospf_header[%s/%pI4]: selforiginated, dropping.",
894 lookup_msg(ospf_packet_type_str, ospfh->type,
895 NULL),
896 &iph->ip_src);
897 }
898 return;
899 }
900
901 /* get neighbor prefix. */
902 p.family = AF_INET;
903 p.prefixlen = ip_masklen(hello->network_mask);
904 p.u.prefix4 = iph->ip_src;
905
906 /* Compare network mask. */
907 /* Checking is ignored for Point-to-Point and Virtual link. */
908 /* Checking is also ignored for Point-to-Multipoint with /32 prefix */
909 if (oi->type != OSPF_IFTYPE_POINTOPOINT
910 && oi->type != OSPF_IFTYPE_VIRTUALLINK
911 && !(oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
912 && oi->address->prefixlen == IPV4_MAX_BITLEN))
913 if (oi->address->prefixlen != p.prefixlen) {
914 flog_warn(
915 EC_OSPF_PACKET,
916 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
917 &ospfh->router_id, IF_NAME(oi),
918 (int)oi->address->prefixlen, (int)p.prefixlen);
919 return;
920 }
921
922 /* Compare Router Dead Interval. */
923 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
924 flog_warn(EC_OSPF_PACKET,
925 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
926 &ospfh->router_id,
927 OSPF_IF_PARAM(oi, v_wait),
928 ntohl(hello->dead_interval));
929 return;
930 }
931
932 /* Compare Hello Interval - ignored if fast-hellos are set. */
933 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
934 if (OSPF_IF_PARAM(oi, v_hello)
935 != ntohs(hello->hello_interval)) {
936 flog_warn(
937 EC_OSPF_PACKET,
938 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
939 &ospfh->router_id,
940 OSPF_IF_PARAM(oi, v_hello),
941 ntohs(hello->hello_interval));
942 return;
943 }
944 }
945
946 if (IS_DEBUG_OSPF_EVENT)
947 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
948 &ospfh->router_id,
949 ospf_options_dump(hello->options),
950 ospf_vrf_id_to_name(oi->ospf->vrf_id));
951
952 /* Compare options. */
953 #define REJECT_IF_TBIT_ON 1 /* XXX */
954 #ifdef REJECT_IF_TBIT_ON
955 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
956 /*
957 * This router does not support non-zero TOS.
958 * Drop this Hello packet not to establish neighbor
959 * relationship.
960 */
961 flog_warn(EC_OSPF_PACKET,
962 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
963 &ospfh->router_id);
964 return;
965 }
966 #endif /* REJECT_IF_TBIT_ON */
967
968 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
969 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
970 /*
971 * This router does know the correct usage of O-bit
972 * the bit should be set in DD packet only.
973 */
974 flog_warn(EC_OSPF_PACKET,
975 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
976 &ospfh->router_id);
977 #ifdef STRICT_OBIT_USAGE_CHECK
978 return; /* Reject this packet. */
979 #else /* STRICT_OBIT_USAGE_CHECK */
980 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
981 #endif /* STRICT_OBIT_USAGE_CHECK */
982 }
983
984 /* new for NSSA is to ensure that NP is on and E is off */
985
986 if (oi->area->external_routing == OSPF_AREA_NSSA) {
987 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
988 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
989 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
990 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
991 flog_warn(
992 EC_OSPF_PACKET,
993 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
994 &ospfh->router_id, OPTIONS(oi),
995 hello->options);
996 return;
997 }
998 if (IS_DEBUG_OSPF_NSSA)
999 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
1000 &ospfh->router_id);
1001 } else
1002 /* The setting of the E-bit found in the Hello Packet's Options
1003 field must match this area's ExternalRoutingCapability A
1004 mismatch causes processing to stop and the packet to be
1005 dropped. The setting of the rest of the bits in the Hello
1006 Packet's Options field should be ignored. */
1007 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1008 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1009 flog_warn(
1010 EC_OSPF_PACKET,
1011 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
1012 &ospfh->router_id, OPTIONS(oi),
1013 hello->options);
1014 return;
1015 }
1016
1017 /* get neighbour struct */
1018 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1019
1020 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1021 assert(nbr);
1022
1023 old_state = nbr->state;
1024
1025 /* Add event to thread. */
1026 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_HelloReceived);
1027
1028 /* RFC2328 Section 9.5.1
1029 If the router is not eligible to become Designated Router,
1030 (snip) It must also send an Hello Packet in reply to an
1031 Hello Packet received from any eligible neighbor (other than
1032 the current Designated Router and Backup Designated Router). */
1033 if (oi->type == OSPF_IFTYPE_NBMA)
1034 if (PRIORITY(oi) == 0 && hello->priority > 0
1035 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1036 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1037 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1038 ospf_hello_reply_timer,
1039 OSPF_HELLO_REPLY_DELAY);
1040
1041 /* on NBMA network type, it happens to receive bidirectional Hello
1042 packet
1043 without advance 1-Way Received event.
1044 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1045 if (oi->type == OSPF_IFTYPE_NBMA
1046 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1047 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1048 nbr->priority = hello->priority;
1049 nbr->d_router = hello->d_router;
1050 nbr->bd_router = hello->bd_router;
1051 return;
1052 }
1053
1054 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1055 size - OSPF_HELLO_MIN_SIZE)) {
1056 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1057 nbr->options |= hello->options;
1058 } else {
1059 /* If the router is DR_OTHER, RESTARTER will not wait
1060 * until it receives the hello from it if it receives
1061 * from DR and BDR.
1062 * So, helper might receives ONW_WAY hello from
1063 * RESTARTER. So not allowing to change the state if it
1064 * receives one_way hellow when it acts as HELPER for
1065 * that specific neighbor.
1066 */
1067 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1068 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1069 /* Set neighbor information. */
1070 nbr->priority = hello->priority;
1071 nbr->d_router = hello->d_router;
1072 nbr->bd_router = hello->bd_router;
1073 return;
1074 }
1075
1076 if (OSPF_GR_IS_ACTIVE_HELPER(nbr)) {
1077 /* As per the GR Conformance Test Case 7.2. Section 3
1078 * "Also, if X was the Designated Router on network segment S
1079 * when the helping relationship began, Y maintains X as the
1080 * Designated Router until the helping relationship is
1081 * terminated."
1082 * When I am helper for this neighbor, I should not trigger the
1083 * ISM Events. Also Intentionally not setting the priority and
1084 * other fields so that when the neighbor exits the Grace
1085 * period, it can handle if there is any change before GR and
1086 * after GR. */
1087 if (IS_DEBUG_OSPF_GR)
1088 zlog_debug(
1089 "%s, Neighbor is under GR Restart, hence ignoring the ISM Events",
1090 __PRETTY_FUNCTION__);
1091 } else {
1092 /* If neighbor itself declares DR and no BDR exists,
1093 cause event BackupSeen */
1094 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1095 if (hello->bd_router.s_addr == INADDR_ANY
1096 && oi->state == ISM_Waiting)
1097 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1098
1099 /* neighbor itself declares BDR. */
1100 if (oi->state == ISM_Waiting
1101 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1102 &hello->bd_router))
1103 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1104
1105 /* had not previously. */
1106 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1107 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1108 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1109 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1110 &nbr->d_router)))
1111 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1112
1113 /* had not previously. */
1114 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1115 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1116 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4,
1117 &hello->bd_router)
1118 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1119 &nbr->bd_router)))
1120 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1121
1122 /* Neighbor priority check. */
1123 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1124 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1125 }
1126
1127 /* Set neighbor information. */
1128 nbr->priority = hello->priority;
1129 nbr->d_router = hello->d_router;
1130 nbr->bd_router = hello->bd_router;
1131
1132 /*
1133 * RFC 3623 - Section 2:
1134 * "If the restarting router determines that it was the Designated
1135 * Router on a given segment prior to the restart, it elects
1136 * itself as the Designated Router again. The restarting router
1137 * knows that it was the Designated Router if, while the
1138 * associated interface is in Waiting state, a Hello packet is
1139 * received from a neighbor listing the router as the Designated
1140 * Router".
1141 */
1142 if (oi->area->ospf->gr_info.restart_in_progress
1143 && oi->state == ISM_Waiting
1144 && IPV4_ADDR_SAME(&hello->d_router, &oi->address->u.prefix4))
1145 DR(oi) = hello->d_router;
1146 }
1147
1148 /* Save DD flags/options/Seqnum received. */
1149 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1150 struct ospf_db_desc *dd)
1151 {
1152 nbr->last_recv.flags = dd->flags;
1153 nbr->last_recv.options = dd->options;
1154 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1155 }
1156
1157 /* Process rest of DD packet. */
1158 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1159 struct ospf_neighbor *nbr,
1160 struct ospf_db_desc *dd, uint16_t size)
1161 {
1162 struct ospf_lsa *new, *find;
1163 struct lsa_header *lsah;
1164
1165 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1166 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1167 size -= OSPF_LSA_HEADER_SIZE) {
1168 lsah = (struct lsa_header *)stream_pnt(s);
1169 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1170
1171 /* Unknown LS type. */
1172 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1173 flog_warn(EC_OSPF_PACKET,
1174 "Packet [DD:RECV]: Unknown LS type %d.",
1175 lsah->type);
1176 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1177 return;
1178 }
1179
1180 if (IS_OPAQUE_LSA(lsah->type)
1181 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1182 flog_warn(EC_OSPF_PACKET,
1183 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1184 lsah->type, &lsah->id);
1185 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1186 return;
1187 }
1188
1189 switch (lsah->type) {
1190 case OSPF_AS_EXTERNAL_LSA:
1191 case OSPF_OPAQUE_AS_LSA:
1192 /* Check for stub area. Reject if AS-External from stub
1193 but
1194 allow if from NSSA. */
1195 if (oi->area->external_routing == OSPF_AREA_STUB) {
1196 flog_warn(
1197 EC_OSPF_PACKET,
1198 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1199 lsah->type, &lsah->id,
1200 (oi->area->external_routing
1201 == OSPF_AREA_STUB)
1202 ? "STUB"
1203 : "NSSA");
1204 OSPF_NSM_EVENT_SCHEDULE(nbr,
1205 NSM_SeqNumberMismatch);
1206 return;
1207 }
1208 break;
1209 default:
1210 break;
1211 }
1212
1213 /* Create LS-request object. */
1214 new = ospf_ls_request_new(lsah);
1215
1216 /* Lookup received LSA, then add LS request list. */
1217 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1218
1219 /* ospf_lsa_more_recent is fine with NULL pointers */
1220 switch (ospf_lsa_more_recent(find, new)) {
1221 case -1:
1222 /* Neighbour has a more recent LSA, we must request it
1223 */
1224 ospf_ls_request_add(nbr, new);
1225 /* fallthru */
1226 case 0:
1227 /* If we have a copy of this LSA, it's either less
1228 * recent
1229 * and we're requesting it from neighbour (the case
1230 * above), or
1231 * it's as recent and we both have same copy (this
1232 * case).
1233 *
1234 * In neither of these two cases is there any point in
1235 * describing our copy of the LSA to the neighbour in a
1236 * DB-Summary packet, if we're still intending to do so.
1237 *
1238 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1239 * backward compatible optimisation to OSPF DB Exchange
1240 * /
1241 * DB Description process implemented here.
1242 */
1243 if (find)
1244 ospf_lsdb_delete(&nbr->db_sum, find);
1245 ospf_lsa_discard(new);
1246 break;
1247 default:
1248 /* We have the more recent copy, nothing specific to do:
1249 * - no need to request neighbours stale copy
1250 * - must leave DB summary list copy alone
1251 */
1252 if (IS_DEBUG_OSPF_EVENT)
1253 zlog_debug(
1254 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1255 lsah->type, &lsah->id);
1256 ospf_lsa_discard(new);
1257 }
1258 }
1259
1260 /* Master */
1261 if (IS_SET_DD_MS(nbr->dd_flags)) {
1262 nbr->dd_seqnum++;
1263
1264 /* Both sides have no More, then we're done with Exchange */
1265 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1266 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1267 else
1268 ospf_db_desc_send(nbr);
1269 }
1270 /* Slave */
1271 else {
1272 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1273
1274 /* Send DD packet in reply.
1275 *
1276 * Must be done to acknowledge the Master's DD, regardless of
1277 * whether we have more LSAs ourselves to describe.
1278 *
1279 * This function will clear the 'More' bit, if after this DD
1280 * we have no more LSAs to describe to the master..
1281 */
1282 ospf_db_desc_send(nbr);
1283
1284 /* Slave can raise ExchangeDone now, if master is also done */
1285 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1286 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1287 }
1288
1289 /* Save received neighbor values from DD. */
1290 ospf_db_desc_save_current(nbr, dd);
1291
1292 if (!nbr->t_ls_req)
1293 ospf_ls_req_send(nbr);
1294 }
1295
1296 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1297 struct ospf_neighbor *nbr)
1298 {
1299 /* Is DD duplicated? */
1300 if (dd->options == nbr->last_recv.options
1301 && dd->flags == nbr->last_recv.flags
1302 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1303 return 1;
1304
1305 return 0;
1306 }
1307
1308 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1309 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1310 struct stream *s, struct ospf_interface *oi,
1311 uint16_t size)
1312 {
1313 struct ospf_db_desc *dd;
1314 struct ospf_neighbor *nbr;
1315
1316 /* Increment statistics. */
1317 oi->db_desc_in++;
1318
1319 dd = (struct ospf_db_desc *)stream_pnt(s);
1320
1321 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1322 if (nbr == NULL) {
1323 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1324 &ospfh->router_id);
1325 return;
1326 }
1327
1328 /* Check MTU. */
1329 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1330 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1331 flog_warn(
1332 EC_OSPF_PACKET,
1333 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1334 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
1335 oi->ifp->mtu);
1336 return;
1337 }
1338
1339 /*
1340 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1341 * not
1342 * required. In fact at least JunOS sends DD packets with P bit clear.
1343 * Until proper solution is developped, this hack should help.
1344 *
1345 * Update: According to the RFCs, N bit is specified /only/ for Hello
1346 * options, unfortunately its use in DD options is not specified. Hence
1347 * some
1348 * implementations follow E-bit semantics and set it in DD options, and
1349 * some
1350 * treat it as unspecified and hence follow the directive "default for
1351 * options is clear", ie unset.
1352 *
1353 * Reset the flag, as ospfd follows E-bit semantics.
1354 */
1355 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1356 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1357 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1358 if (IS_DEBUG_OSPF_EVENT)
1359 zlog_debug(
1360 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1361 &nbr->router_id);
1362 SET_FLAG(dd->options, OSPF_OPTION_NP);
1363 }
1364
1365 #ifdef REJECT_IF_TBIT_ON
1366 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1367 /*
1368 * In Hello protocol, optional capability must have checked
1369 * to prevent this T-bit enabled router be my neighbor.
1370 */
1371 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1372 &nbr->router_id);
1373 return;
1374 }
1375 #endif /* REJECT_IF_TBIT_ON */
1376
1377 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1378 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1379 /*
1380 * This node is not configured to handle O-bit, for now.
1381 * Clear it to ignore unsupported capability proposed by
1382 * neighbor.
1383 */
1384 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1385 }
1386
1387 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1388 zlog_info(
1389 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
1390 ospf_get_name(oi->ospf), &nbr->router_id,
1391 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1392 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1393
1394 /* Process DD packet by neighbor status. */
1395 switch (nbr->state) {
1396 case NSM_Down:
1397 case NSM_Attempt:
1398 case NSM_TwoWay:
1399 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1400 zlog_info(
1401 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1402 &nbr->router_id,
1403 lookup_msg(ospf_nsm_state_msg, nbr->state,
1404 NULL));
1405 break;
1406 case NSM_Init:
1407 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1408 /* If the new state is ExStart, the processing of the current
1409 packet should then continue in this new state by falling
1410 through to case ExStart below. */
1411 if (nbr->state != NSM_ExStart)
1412 break;
1413 /* fallthru */
1414 case NSM_ExStart:
1415 /* Initial DBD */
1416 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1417 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1418 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1419 > 0) {
1420 /* We're Slave---obey */
1421 if (CHECK_FLAG(oi->ospf->config,
1422 OSPF_LOG_ADJACENCY_DETAIL))
1423 zlog_info(
1424 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1425 &nbr->router_id);
1426
1427 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1428
1429 /* Reset I/MS */
1430 UNSET_FLAG(nbr->dd_flags,
1431 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1432 } else {
1433 /* We're Master, ignore the initial DBD from
1434 * Slave */
1435 if (CHECK_FLAG(oi->ospf->config,
1436 OSPF_LOG_ADJACENCY_DETAIL))
1437 zlog_info(
1438 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1439 &nbr->router_id);
1440 break;
1441 }
1442 }
1443 /* Ack from the Slave */
1444 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1445 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1446 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1447 < 0) {
1448 zlog_info(
1449 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1450 &nbr->router_id);
1451 /* Reset I, leaving MS */
1452 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1453 } else {
1454 flog_warn(EC_OSPF_PACKET,
1455 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1456 &nbr->router_id);
1457 break;
1458 }
1459
1460 /* This is where the real Options are saved */
1461 nbr->options = dd->options;
1462
1463 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1464 if (IS_DEBUG_OSPF_EVENT)
1465 zlog_debug(
1466 "Neighbor[%pI4] is %sOpaque-capable.",
1467 &nbr->router_id,
1468 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1469 ? ""
1470 : "NOT ");
1471
1472 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1473 && IPV4_ADDR_SAME(&DR(oi),
1474 &nbr->address.u.prefix4)) {
1475 flog_warn(
1476 EC_OSPF_PACKET,
1477 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1478 &nbr->router_id);
1479 /* This situation is undesirable, but not a real
1480 * error. */
1481 }
1482 }
1483
1484 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1485
1486 /* continue processing rest of packet. */
1487 ospf_db_desc_proc(s, oi, nbr, dd, size);
1488 break;
1489 case NSM_Exchange:
1490 if (ospf_db_desc_is_dup(dd, nbr)) {
1491 if (IS_SET_DD_MS(nbr->dd_flags))
1492 /* Master: discard duplicated DD packet. */
1493 zlog_info(
1494 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1495 &nbr->router_id);
1496 else
1497 /* Slave: cause to retransmit the last Database
1498 Description. */
1499 {
1500 zlog_info(
1501 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1502 &nbr->router_id);
1503 ospf_db_desc_resend(nbr);
1504 }
1505 break;
1506 }
1507
1508 /* Otherwise DD packet should be checked. */
1509 /* Check Master/Slave bit mismatch */
1510 if (IS_SET_DD_MS(dd->flags)
1511 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1512 flog_warn(EC_OSPF_PACKET,
1513 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1514 &nbr->router_id);
1515 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1516 if (IS_DEBUG_OSPF_EVENT)
1517 zlog_debug(
1518 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1519 dd->flags, nbr->dd_flags);
1520 break;
1521 }
1522
1523 /* Check initialize bit is set. */
1524 if (IS_SET_DD_I(dd->flags)) {
1525 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1526 &nbr->router_id);
1527 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1528 break;
1529 }
1530
1531 /* Check DD Options. */
1532 if (dd->options != nbr->options) {
1533 flog_warn(EC_OSPF_PACKET,
1534 "Packet[DD]: Neighbor %pI4 options mismatch.",
1535 &nbr->router_id);
1536 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1537 break;
1538 }
1539
1540 /* Check DD sequence number. */
1541 if ((IS_SET_DD_MS(nbr->dd_flags)
1542 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1543 || (!IS_SET_DD_MS(nbr->dd_flags)
1544 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1545 flog_warn(
1546 EC_OSPF_PACKET,
1547 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1548 &nbr->router_id);
1549 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1550 break;
1551 }
1552
1553 /* Continue processing rest of packet. */
1554 ospf_db_desc_proc(s, oi, nbr, dd, size);
1555 break;
1556 case NSM_Loading:
1557 case NSM_Full:
1558 if (ospf_db_desc_is_dup(dd, nbr)) {
1559 if (IS_SET_DD_MS(nbr->dd_flags)) {
1560 /* Master should discard duplicate DD packet. */
1561 zlog_info(
1562 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1563 &nbr->router_id);
1564 break;
1565 } else {
1566 if (monotime_since(&nbr->last_send_ts, NULL)
1567 < nbr->v_inactivity * 1000000LL) {
1568 /* In states Loading and Full the slave
1569 must resend
1570 its last Database Description packet
1571 in response to
1572 duplicate Database Description
1573 packets received
1574 from the master. For this reason the
1575 slave must
1576 wait RouterDeadInterval seconds
1577 before freeing the
1578 last Database Description packet.
1579 Reception of a
1580 Database Description packet from the
1581 master after
1582 this interval will generate a
1583 SeqNumberMismatch
1584 neighbor event. RFC2328 Section 10.8
1585 */
1586 ospf_db_desc_resend(nbr);
1587 break;
1588 }
1589 }
1590 }
1591
1592 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1593 break;
1594 default:
1595 flog_warn(EC_OSPF_PACKET,
1596 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1597 &nbr->router_id, nbr->state);
1598 break;
1599 }
1600 }
1601
1602 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1603
1604 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1605 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1606 struct stream *s, struct ospf_interface *oi,
1607 uint16_t size)
1608 {
1609 struct ospf_neighbor *nbr;
1610 uint32_t ls_type;
1611 struct in_addr ls_id;
1612 struct in_addr adv_router;
1613 struct ospf_lsa *find;
1614 struct list *ls_upd;
1615 unsigned int length;
1616
1617 /* Increment statistics. */
1618 oi->ls_req_in++;
1619
1620 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1621 if (nbr == NULL) {
1622 flog_warn(EC_OSPF_PACKET,
1623 "Link State Request: Unknown Neighbor %pI4",
1624 &ospfh->router_id);
1625 return;
1626 }
1627
1628 /* Neighbor State should be Exchange or later. */
1629 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1630 && nbr->state != NSM_Full) {
1631 flog_warn(
1632 EC_OSPF_PACKET,
1633 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1634 &ospfh->router_id,
1635 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1636 return;
1637 }
1638
1639 /* Send Link State Update for ALL requested LSAs. */
1640 ls_upd = list_new();
1641 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1642
1643 while (size >= OSPF_LSA_KEY_SIZE) {
1644 /* Get one slice of Link State Request. */
1645 ls_type = stream_getl(s);
1646 ls_id.s_addr = stream_get_ipv4(s);
1647 adv_router.s_addr = stream_get_ipv4(s);
1648
1649 /* Verify LSA type. */
1650 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1651 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1652 list_delete(&ls_upd);
1653 return;
1654 }
1655
1656 /* Search proper LSA in LSDB. */
1657 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1658 adv_router);
1659 if (find == NULL) {
1660 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1661 list_delete(&ls_upd);
1662 return;
1663 }
1664
1665 /* Packet overflows MTU size, send immediately. */
1666 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1667 if (oi->type == OSPF_IFTYPE_NBMA)
1668 ospf_ls_upd_send(nbr, ls_upd,
1669 OSPF_SEND_PACKET_DIRECT, 0);
1670 else
1671 ospf_ls_upd_send(nbr, ls_upd,
1672 OSPF_SEND_PACKET_INDIRECT, 0);
1673
1674 /* Only remove list contents. Keep ls_upd. */
1675 list_delete_all_node(ls_upd);
1676
1677 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1678 }
1679
1680 /* Append LSA to update list. */
1681 listnode_add(ls_upd, find);
1682 length += ntohs(find->data->length);
1683
1684 size -= OSPF_LSA_KEY_SIZE;
1685 }
1686
1687 /* Send rest of Link State Update. */
1688 if (listcount(ls_upd) > 0) {
1689 if (oi->type == OSPF_IFTYPE_NBMA)
1690 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1691 0);
1692 else
1693 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1694 0);
1695
1696 list_delete(&ls_upd);
1697 } else
1698 list_delete(&ls_upd);
1699 }
1700
1701 /* Get the list of LSAs from Link State Update packet.
1702 And process some validation -- RFC2328 Section 13. (1)-(2). */
1703 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1704 struct stream *s,
1705 struct ospf_interface *oi, size_t size)
1706 {
1707 uint16_t count, sum;
1708 uint32_t length;
1709 struct lsa_header *lsah;
1710 struct ospf_lsa *lsa;
1711 struct list *lsas;
1712
1713 lsas = list_new();
1714
1715 count = stream_getl(s);
1716 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1717
1718 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1719 size -= length, stream_forward_getp(s, length), count--) {
1720 lsah = (struct lsa_header *)stream_pnt(s);
1721 length = ntohs(lsah->length);
1722
1723 if (length > size) {
1724 flog_warn(
1725 EC_OSPF_PACKET,
1726 "Link State Update: LSA length exceeds packet size.");
1727 break;
1728 }
1729
1730 /* Validate the LSA's LS checksum. */
1731 sum = lsah->checksum;
1732 if (!ospf_lsa_checksum_valid(lsah)) {
1733 /* (bug #685) more details in a one-line message make it
1734 * possible
1735 * to identify problem source on the one hand and to
1736 * have a better
1737 * chance to compress repeated messages in syslog on the
1738 * other */
1739 flog_warn(
1740 EC_OSPF_PACKET,
1741 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1742 sum, lsah->checksum, &lsah->id,
1743 &nbr->src, &nbr->router_id,
1744 &lsah->adv_router);
1745 continue;
1746 }
1747
1748 /* Examine the LSA's LS type. */
1749 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1750 flog_warn(EC_OSPF_PACKET,
1751 "Link State Update: Unknown LS type %d",
1752 lsah->type);
1753 continue;
1754 }
1755
1756 /*
1757 * What if the received LSA's age is greater than MaxAge?
1758 * Treat it as a MaxAge case -- endo.
1759 */
1760 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1761 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1762
1763 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1764 #ifdef STRICT_OBIT_USAGE_CHECK
1765 if ((IS_OPAQUE_LSA(lsah->type)
1766 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1767 || (!IS_OPAQUE_LSA(lsah->type)
1768 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1769 /*
1770 * This neighbor must know the exact usage of
1771 * O-bit;
1772 * the bit will be set in Type-9,10,11 LSAs
1773 * only.
1774 */
1775 flog_warn(EC_OSPF_PACKET,
1776 "LSA[Type%d:%pI4]: O-bit abuse?",
1777 lsah->type, &lsah->id);
1778 continue;
1779 }
1780 #endif /* STRICT_OBIT_USAGE_CHECK */
1781
1782 /* Do not take in AS External Opaque-LSAs if we are a
1783 * stub. */
1784 if (lsah->type == OSPF_OPAQUE_AS_LSA
1785 && nbr->oi->area->external_routing
1786 != OSPF_AREA_DEFAULT) {
1787 if (IS_DEBUG_OSPF_EVENT)
1788 zlog_debug(
1789 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
1790 lsah->type,
1791 &lsah->id);
1792 continue;
1793 }
1794 } else if (IS_OPAQUE_LSA(lsah->type)) {
1795 flog_warn(EC_OSPF_PACKET,
1796 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1797 lsah->type, &lsah->id);
1798 continue;
1799 }
1800
1801 /* Create OSPF LSA instance. */
1802 lsa = ospf_lsa_new_and_data(length);
1803
1804 lsa->vrf_id = oi->ospf->vrf_id;
1805 /* We may wish to put some error checking if type NSSA comes in
1806 and area not in NSSA mode */
1807 switch (lsah->type) {
1808 case OSPF_AS_EXTERNAL_LSA:
1809 case OSPF_OPAQUE_AS_LSA:
1810 lsa->area = NULL;
1811 break;
1812 case OSPF_OPAQUE_LINK_LSA:
1813 lsa->oi = oi; /* Remember incoming interface for
1814 flooding control. */
1815 /* Fallthrough */
1816 default:
1817 lsa->area = oi->area;
1818 break;
1819 }
1820
1821 memcpy(lsa->data, lsah, length);
1822
1823 if (IS_DEBUG_OSPF_EVENT)
1824 zlog_debug(
1825 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1826 lsa->data->type, &lsa->data->id,
1827 (void *)lsa);
1828 listnode_add(lsas, lsa);
1829 }
1830
1831 return lsas;
1832 }
1833
1834 /* Cleanup Update list. */
1835 static void ospf_upd_list_clean(struct list *lsas)
1836 {
1837 struct listnode *node, *nnode;
1838 struct ospf_lsa *lsa;
1839
1840 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1841 ospf_lsa_discard(lsa);
1842
1843 list_delete(&lsas);
1844 }
1845
1846 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1847 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1848 struct ospf_header *ospfh, struct stream *s,
1849 struct ospf_interface *oi, uint16_t size)
1850 {
1851 struct ospf_neighbor *nbr;
1852 struct list *lsas;
1853 struct listnode *node, *nnode;
1854 struct ospf_lsa *lsa = NULL;
1855 /* unsigned long ls_req_found = 0; */
1856
1857 /* Dis-assemble the stream, update each entry, re-encapsulate for
1858 * flooding */
1859
1860 /* Increment statistics. */
1861 oi->ls_upd_in++;
1862
1863 /* Check neighbor. */
1864 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1865 if (nbr == NULL) {
1866 flog_warn(EC_OSPF_PACKET,
1867 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1868 &ospfh->router_id, IF_NAME(oi));
1869 return;
1870 }
1871
1872 /* Check neighbor state. */
1873 if (nbr->state < NSM_Exchange) {
1874 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1875 zlog_debug(
1876 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1877 &ospfh->router_id,
1878 lookup_msg(ospf_nsm_state_msg, nbr->state,
1879 NULL));
1880 return;
1881 }
1882
1883 /* Get list of LSAs from Link State Update packet. - Also performs
1884 * Stages 1 (validate LSA checksum) and 2 (check for LSA consistent
1885 * type) of section 13.
1886 */
1887 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1888
1889 if (lsas == NULL)
1890 return;
1891 #define DISCARD_LSA(L, N) \
1892 { \
1893 if (IS_DEBUG_OSPF_EVENT) \
1894 zlog_debug( \
1895 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1896 " Type-%d", \
1897 N, (void *)lsa, (int)lsa->data->type); \
1898 ospf_lsa_discard(L); \
1899 continue; \
1900 }
1901
1902 /* Process each LSA received in the one packet.
1903 *
1904 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1905 * text below are from the steps in RFC 2328, Section 13.
1906 */
1907 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1908 struct ospf_lsa *ls_ret, *current;
1909 int ret = 1;
1910
1911 if (IS_DEBUG_OSPF(lsa, LSA))
1912 zlog_debug("LSA Type-%d from %pI4, ID: %pI4, ADV: %pI4",
1913 lsa->data->type, &ospfh->router_id,
1914 &lsa->data->id, &lsa->data->adv_router);
1915
1916 listnode_delete(lsas,
1917 lsa); /* We don't need it in list anymore */
1918
1919 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1920 */
1921
1922 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1923
1924 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1925 */
1926
1927 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1928 */
1929
1930 /* Do take in Type-7's if we are an NSSA */
1931
1932 /* If we are also an ABR, later translate them to a Type-5
1933 * packet */
1934
1935 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1936 translate them to a separate Type-5 packet. */
1937
1938 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1939 /* Reject from STUB or NSSA */
1940 if (nbr->oi->area->external_routing
1941 != OSPF_AREA_DEFAULT) {
1942 if (IS_DEBUG_OSPF_NSSA)
1943 zlog_debug(
1944 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1945 DISCARD_LSA(lsa, 1);
1946 }
1947
1948 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1949 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1950 if (IS_DEBUG_OSPF_NSSA)
1951 zlog_debug(
1952 "Incoming NSSA LSA Discarded: Not NSSA Area");
1953 DISCARD_LSA(lsa, 2);
1954 }
1955
1956 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1957 if (lsa->data->type == OSPF_ROUTER_LSA)
1958 if (!IPV4_ADDR_SAME(&lsa->data->id,
1959 &lsa->data->adv_router)) {
1960 flog_err(
1961 EC_OSPF_ROUTER_LSA_MISMATCH,
1962 "Incoming Router-LSA from %pI4 with Adv-ID[%pI4] != LS-ID[%pI4]",
1963 &ospfh->router_id, &lsa->data->id,
1964 &lsa->data->adv_router);
1965 flog_err(
1966 EC_OSPF_DOMAIN_CORRUPT,
1967 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
1968 DISCARD_LSA(lsa, 0);
1969 }
1970
1971 /* Find the LSA in the current database. */
1972
1973 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1974
1975 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1976 currently
1977 no instance of the LSA in the router's link state database,
1978 and none of router's neighbors are in states Exchange or
1979 Loading,
1980 then take the following actions: */
1981
1982 if (IS_LSA_MAXAGE(lsa) && !current
1983 && ospf_check_nbr_status(oi->ospf)) {
1984 /* (4a) Response Link State Acknowledgment. */
1985 ospf_ls_ack_send(nbr, lsa);
1986
1987 /* (4b) Discard LSA. */
1988 if (IS_DEBUG_OSPF(lsa, LSA)) {
1989 zlog_debug(
1990 "Link State Update[%s]: LS age is equal to MaxAge.",
1991 dump_lsa_key(lsa));
1992 }
1993 DISCARD_LSA(lsa, 3);
1994 }
1995
1996 if (IS_OPAQUE_LSA(lsa->data->type)
1997 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1998 &oi->ospf->router_id)) {
1999 /*
2000 * Even if initial flushing seems to be completed, there
2001 * might
2002 * be a case that self-originated LSA with MaxAge still
2003 * remain
2004 * in the routing domain.
2005 * Just send an LSAck message to cease retransmission.
2006 */
2007 if (IS_LSA_MAXAGE(lsa)) {
2008 zlog_info("LSA[%s]: Boomerang effect?",
2009 dump_lsa_key(lsa));
2010 ospf_ls_ack_send(nbr, lsa);
2011 ospf_lsa_discard(lsa);
2012
2013 if (current != NULL && !IS_LSA_MAXAGE(current))
2014 ospf_opaque_lsa_refresh_schedule(
2015 current);
2016 continue;
2017 }
2018
2019 /*
2020 * If an instance of self-originated Opaque-LSA is not
2021 * found
2022 * in the LSDB, there are some possible cases here.
2023 *
2024 * 1) This node lost opaque-capability after restart.
2025 * 2) Else, a part of opaque-type is no more supported.
2026 * 3) Else, a part of opaque-id is no more supported.
2027 *
2028 * Anyway, it is still this node's responsibility to
2029 * flush it.
2030 * Otherwise, the LSA instance remains in the routing
2031 * domain
2032 * until its age reaches to MaxAge.
2033 */
2034 /* XXX: We should deal with this for *ALL* LSAs, not
2035 * just opaque */
2036 if (current == NULL) {
2037 if (IS_DEBUG_OSPF_EVENT)
2038 zlog_debug(
2039 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
2040 dump_lsa_key(lsa));
2041
2042 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2043
2044 ospf_ls_ack_send(nbr, lsa);
2045
2046 if (!ospf->gr_info.restart_in_progress) {
2047 ospf_opaque_self_originated_lsa_received(
2048 nbr, lsa);
2049 continue;
2050 }
2051 }
2052 }
2053
2054 /* It might be happen that received LSA is self-originated
2055 * network LSA, but
2056 * router ID is changed. So, we should check if LSA is a
2057 * network-LSA whose
2058 * Link State ID is one of the router's own IP interface
2059 * addresses but whose
2060 * Advertising Router is not equal to the router's own Router ID
2061 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2062 * flushed.
2063 */
2064
2065 if (lsa->data->type == OSPF_NETWORK_LSA) {
2066 struct listnode *oinode, *oinnode;
2067 struct ospf_interface *out_if;
2068 int Flag = 0;
2069
2070 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2071 oinnode, out_if)) {
2072 if (out_if == NULL)
2073 break;
2074
2075 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2076 &lsa->data->id))
2077 && (!(IPV4_ADDR_SAME(
2078 &oi->ospf->router_id,
2079 &lsa->data->adv_router)))) {
2080 if (out_if->network_lsa_self) {
2081 ospf_lsa_flush_area(
2082 lsa, out_if->area);
2083 if (IS_DEBUG_OSPF_EVENT)
2084 zlog_debug(
2085 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2086 (void *)lsa,
2087 (int)lsa->data
2088 ->type);
2089 ospf_lsa_discard(lsa);
2090 Flag = 1;
2091 }
2092 break;
2093 }
2094 }
2095 if (Flag)
2096 continue;
2097 }
2098
2099 /* (5) Find the instance of this LSA that is currently contained
2100 in the router's link state database. If there is no
2101 database copy, or the received LSA is more recent than
2102 the database copy the following steps must be performed.
2103 (The sub steps from RFC 2328 section 13 step (5) will be
2104 performed in
2105 ospf_flood() ) */
2106
2107 if (current == NULL
2108 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2109 /* CVE-2017-3224 */
2110 if (current && (IS_LSA_MAX_SEQ(current))
2111 && (IS_LSA_MAX_SEQ(lsa)) && !IS_LSA_MAXAGE(lsa)) {
2112 zlog_debug(
2113 "Link State Update[%s]: has Max Seq and higher checksum but not MaxAge. Dropping it",
2114 dump_lsa_key(lsa));
2115
2116 DISCARD_LSA(lsa, 4);
2117 }
2118
2119 /* Actual flooding procedure. */
2120 if (ospf_flood(oi->ospf, nbr, current, lsa)
2121 < 0) /* Trap NSSA later. */
2122 DISCARD_LSA(lsa, 5);
2123 continue;
2124 }
2125
2126 /* (6) Else, If there is an instance of the LSA on the sending
2127 neighbor's Link state request list, an error has occurred in
2128 the Database Exchange process. In this case, restart the
2129 Database Exchange process by generating the neighbor event
2130 BadLSReq for the sending neighbor and stop processing the
2131 Link State Update packet. */
2132
2133 if (ospf_ls_request_lookup(nbr, lsa)) {
2134 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2135 flog_warn(
2136 EC_OSPF_PACKET,
2137 "LSA[%s] instance exists on Link state request list",
2138 dump_lsa_key(lsa));
2139
2140 /* Clean list of LSAs. */
2141 ospf_upd_list_clean(lsas);
2142 /* this lsa is not on lsas list already. */
2143 ospf_lsa_discard(lsa);
2144 return;
2145 }
2146
2147 /* If the received LSA is the same instance as the database copy
2148 (i.e., neither one is more recent) the following two steps
2149 should be performed: */
2150
2151 if (ret == 0) {
2152 /* If the LSA is listed in the Link state retransmission
2153 list
2154 for the receiving adjacency, the router itself is
2155 expecting
2156 an acknowledgment for this LSA. The router should
2157 treat the
2158 received LSA as an acknowledgment by removing the LSA
2159 from
2160 the Link state retransmission list. This is termed
2161 an
2162 "implied acknowledgment". */
2163
2164 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2165
2166 if (ls_ret != NULL) {
2167 ospf_ls_retransmit_delete(nbr, ls_ret);
2168
2169 /* Delayed acknowledgment sent if advertisement
2170 received
2171 from Designated Router, otherwise do nothing.
2172 */
2173 if (oi->state == ISM_Backup)
2174 if (NBR_IS_DR(nbr))
2175 listnode_add(
2176 oi->ls_ack,
2177 ospf_lsa_lock(lsa));
2178
2179 DISCARD_LSA(lsa, 6);
2180 } else
2181 /* Acknowledge the receipt of the LSA by sending a
2182 Link State Acknowledgment packet back out the
2183 receiving
2184 interface. */
2185 {
2186 ospf_ls_ack_send(nbr, lsa);
2187 DISCARD_LSA(lsa, 7);
2188 }
2189 }
2190
2191 /* The database copy is more recent. If the database copy
2192 has LS age equal to MaxAge and LS sequence number equal to
2193 MaxSequenceNumber, simply discard the received LSA without
2194 acknowledging it. (In this case, the LSA's LS sequence number
2195 is
2196 wrapping, and the MaxSequenceNumber LSA must be completely
2197 flushed before any new LSA instance can be introduced). */
2198
2199 else if (ret > 0) /* Database copy is more recent */
2200 {
2201 if (IS_LSA_MAXAGE(current)
2202 && current->data->ls_seqnum
2203 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2204 DISCARD_LSA(lsa, 8);
2205 }
2206 /* Otherwise, as long as the database copy has not been
2207 sent in a
2208 Link State Update within the last MinLSArrival
2209 seconds, send the
2210 database copy back to the sending neighbor,
2211 encapsulated within
2212 a Link State Update Packet. The Link State Update
2213 Packet should
2214 be sent directly to the neighbor. In so doing, do not
2215 put the
2216 database copy of the LSA on the neighbor's link state
2217 retransmission list, and do not acknowledge the
2218 received (less
2219 recent) LSA instance. */
2220 else {
2221 if (monotime_since(&current->tv_orig, NULL)
2222 >= ospf->min_ls_arrival * 1000LL)
2223 /* Trap NSSA type later.*/
2224 ospf_ls_upd_send_lsa(
2225 nbr, current,
2226 OSPF_SEND_PACKET_DIRECT);
2227 DISCARD_LSA(lsa, 9);
2228 }
2229 }
2230 }
2231 #undef DISCARD_LSA
2232
2233 assert(listcount(lsas) == 0);
2234 list_delete(&lsas);
2235
2236 if (ospf->gr_info.restart_in_progress)
2237 ospf_gr_check_lsdb_consistency(oi->ospf, oi->area);
2238 }
2239
2240 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2241 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2242 struct stream *s, struct ospf_interface *oi,
2243 uint16_t size)
2244 {
2245 struct ospf_neighbor *nbr;
2246
2247 /* increment statistics. */
2248 oi->ls_ack_in++;
2249
2250 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2251 if (nbr == NULL) {
2252 flog_warn(EC_OSPF_PACKET,
2253 "Link State Acknowledgment: Unknown Neighbor %pI4",
2254 &ospfh->router_id);
2255 return;
2256 }
2257
2258 if (nbr->state < NSM_Exchange) {
2259 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2260 zlog_debug(
2261 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2262 &ospfh->router_id,
2263 lookup_msg(ospf_nsm_state_msg, nbr->state,
2264 NULL));
2265 return;
2266 }
2267
2268 while (size >= OSPF_LSA_HEADER_SIZE) {
2269 struct ospf_lsa *lsa, *lsr;
2270
2271 lsa = ospf_lsa_new();
2272 lsa->data = (struct lsa_header *)stream_pnt(s);
2273 lsa->vrf_id = oi->ospf->vrf_id;
2274
2275 /* lsah = (struct lsa_header *) stream_pnt (s); */
2276 size -= OSPF_LSA_HEADER_SIZE;
2277 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2278
2279 if (lsa->data->type < OSPF_MIN_LSA
2280 || lsa->data->type >= OSPF_MAX_LSA) {
2281 lsa->data = NULL;
2282 ospf_lsa_discard(lsa);
2283 continue;
2284 }
2285
2286 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2287
2288 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0) {
2289 ospf_ls_retransmit_delete(nbr, lsr);
2290 ospf_check_and_gen_init_seq_lsa(oi, lsa);
2291 }
2292
2293 lsa->data = NULL;
2294 ospf_lsa_discard(lsa);
2295 }
2296
2297 return;
2298 }
2299
2300 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2301 struct interface **ifp,
2302 struct stream *ibuf)
2303 {
2304 int ret;
2305 struct ip *iph;
2306 uint16_t ip_len;
2307 ifindex_t ifindex = 0;
2308 struct iovec iov;
2309 /* Header and data both require alignment. */
2310 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2311 struct msghdr msgh;
2312
2313 memset(&msgh, 0, sizeof(msgh));
2314 msgh.msg_iov = &iov;
2315 msgh.msg_iovlen = 1;
2316 msgh.msg_control = (caddr_t)buff;
2317 msgh.msg_controllen = sizeof(buff);
2318
2319 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2320 OSPF_MAX_PACKET_SIZE + 1);
2321 if (ret < 0) {
2322 if (errno != EAGAIN && errno != EWOULDBLOCK)
2323 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2324 safe_strerror(errno));
2325 return NULL;
2326 }
2327 if ((unsigned int)ret < sizeof(struct ip)) {
2328 flog_warn(
2329 EC_OSPF_PACKET,
2330 "ospf_recv_packet: discarding runt packet of length %d (ip header size is %u)",
2331 ret, (unsigned int)sizeof(iph));
2332 return NULL;
2333 }
2334
2335 /* Note that there should not be alignment problems with this assignment
2336 because this is at the beginning of the stream data buffer. */
2337 iph = (struct ip *)STREAM_DATA(ibuf);
2338 sockopt_iphdrincl_swab_systoh(iph);
2339
2340 ip_len = iph->ip_len;
2341
2342 #if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
2343 /*
2344 * Kernel network code touches incoming IP header parameters,
2345 * before protocol specific processing.
2346 *
2347 * 1) Convert byteorder to host representation.
2348 * --> ip_len, ip_id, ip_off
2349 *
2350 * 2) Adjust ip_len to strip IP header size!
2351 * --> If user process receives entire IP packet via RAW
2352 * socket, it must consider adding IP header size to
2353 * the "ip_len" field of "ip" structure.
2354 *
2355 * For more details, see <netinet/ip_input.c>.
2356 */
2357 ip_len = ip_len + (iph->ip_hl << 2);
2358 #endif
2359
2360 #if defined(__DragonFly__)
2361 /*
2362 * in DragonFly's raw socket, ip_len/ip_off are read
2363 * in network byte order.
2364 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2365 */
2366 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2367 #endif
2368
2369 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2370
2371 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2372
2373 if (ret != ip_len) {
2374 flog_warn(
2375 EC_OSPF_PACKET,
2376 "ospf_recv_packet read length mismatch: ip_len is %d, but recvmsg returned %d",
2377 ip_len, ret);
2378 return NULL;
2379 }
2380
2381 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2382 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2383 ospf_get_name(ospf), ifindex,
2384 *ifp ? (*ifp)->name : "Unknown");
2385 return ibuf;
2386 }
2387
2388 static struct ospf_interface *
2389 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2390 struct ip *iph, struct ospf_header *ospfh)
2391 {
2392 struct ospf_interface *rcv_oi;
2393 struct ospf_vl_data *vl_data;
2394 struct ospf_area *vl_area;
2395 struct listnode *node;
2396
2397 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2398 || !OSPF_IS_AREA_BACKBONE(ospfh))
2399 return NULL;
2400
2401 /* look for local OSPF interface matching the destination
2402 * to determine Area ID. We presume therefore the destination address
2403 * is unique, or at least (for "unnumbered" links), not used in other
2404 * areas
2405 */
2406 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2407 == NULL)
2408 return NULL;
2409
2410 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2411 vl_area =
2412 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2413 if (!vl_area)
2414 continue;
2415
2416 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2417 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2418 if (IS_DEBUG_OSPF_EVENT)
2419 zlog_debug("associating packet with %s",
2420 IF_NAME(vl_data->vl_oi));
2421 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2422 if (IS_DEBUG_OSPF_EVENT)
2423 zlog_debug(
2424 "This VL is not up yet, sorry");
2425 return NULL;
2426 }
2427
2428 return vl_data->vl_oi;
2429 }
2430 }
2431
2432 if (IS_DEBUG_OSPF_EVENT)
2433 zlog_debug("couldn't find any VL to associate the packet with");
2434
2435 return NULL;
2436 }
2437
2438 static int ospf_check_area_id(struct ospf_interface *oi,
2439 struct ospf_header *ospfh)
2440 {
2441 /* Check match the Area ID of the receiving interface. */
2442 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2443 return 1;
2444
2445 return 0;
2446 }
2447
2448 /* Unbound socket will accept any Raw IP packets if proto is matched.
2449 To prevent it, compare src IP address and i/f address with masking
2450 i/f network mask. */
2451 static int ospf_check_network_mask(struct ospf_interface *oi,
2452 struct in_addr ip_src)
2453 {
2454 struct in_addr mask, me, him;
2455
2456 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2457 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2458 return 1;
2459
2460 /* Ignore mask check for max prefix length (32) */
2461 if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
2462 && oi->address->prefixlen == IPV4_MAX_BITLEN)
2463 return 1;
2464
2465 masklen2ip(oi->address->prefixlen, &mask);
2466
2467 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2468 him.s_addr = ip_src.s_addr & mask.s_addr;
2469
2470 if (IPV4_ADDR_SAME(&me, &him))
2471 return 1;
2472
2473 return 0;
2474 }
2475
2476 /* Return 1, if the packet is properly authenticated and checksummed,
2477 0 otherwise. In particular, check that AuType header field is valid and
2478 matches the locally configured AuType, and that D.5 requirements are met. */
2479 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2480 {
2481 struct crypt_key *ck;
2482 uint16_t iface_auth_type;
2483 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2484
2485 switch (pkt_auth_type) {
2486 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2487 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2488 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2489 flog_warn(
2490 EC_OSPF_PACKET,
2491 "interface %s: auth-type mismatch, local %s, rcvd Null",
2492 IF_NAME(oi),
2493 lookup_msg(ospf_auth_type_str,
2494 iface_auth_type, NULL));
2495 return 0;
2496 }
2497 if (!ospf_check_sum(ospfh)) {
2498 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2499 flog_warn(
2500 EC_OSPF_PACKET,
2501 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
2502 IF_NAME(oi),
2503 &ospfh->router_id);
2504 return 0;
2505 }
2506 return 1;
2507 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2508 if (OSPF_AUTH_SIMPLE
2509 != (iface_auth_type = ospf_auth_type(oi))) {
2510 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2511 flog_warn(
2512 EC_OSPF_PACKET,
2513 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2514 IF_NAME(oi),
2515 lookup_msg(ospf_auth_type_str,
2516 iface_auth_type, NULL));
2517 return 0;
2518 }
2519 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2520 OSPF_AUTH_SIMPLE_SIZE)) {
2521 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2522 flog_warn(EC_OSPF_PACKET,
2523 "interface %s: Simple auth failed",
2524 IF_NAME(oi));
2525 return 0;
2526 }
2527 if (!ospf_check_sum(ospfh)) {
2528 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2529 flog_warn(
2530 EC_OSPF_PACKET,
2531 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
2532 IF_NAME(oi),
2533 &ospfh->router_id);
2534 return 0;
2535 }
2536 return 1;
2537 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2538 if (OSPF_AUTH_CRYPTOGRAPHIC
2539 != (iface_auth_type = ospf_auth_type(oi))) {
2540 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2541 flog_warn(
2542 EC_OSPF_PACKET,
2543 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2544 IF_NAME(oi),
2545 lookup_msg(ospf_auth_type_str,
2546 iface_auth_type, NULL));
2547 return 0;
2548 }
2549 if (ospfh->checksum) {
2550 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2551 flog_warn(
2552 EC_OSPF_PACKET,
2553 "interface %s: OSPF header checksum is not 0",
2554 IF_NAME(oi));
2555 return 0;
2556 }
2557 /* only MD5 crypto method can pass ospf_packet_examin() */
2558 if (NULL == (ck = listgetdata(
2559 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2560 || ospfh->u.crypt.key_id != ck->key_id ||
2561 /* Condition above uses the last key ID on the list,
2562 which is
2563 different from what ospf_crypt_key_lookup() does. A
2564 bug? */
2565 !ospf_check_md5_digest(oi, ospfh)) {
2566 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2567 flog_warn(EC_OSPF_MD5,
2568 "interface %s: MD5 auth failed",
2569 IF_NAME(oi));
2570 return 0;
2571 }
2572 return 1;
2573 default:
2574 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2575 flog_warn(
2576 EC_OSPF_PACKET,
2577 "interface %s: invalid packet auth-type (%02x)",
2578 IF_NAME(oi), pkt_auth_type);
2579 return 0;
2580 }
2581 }
2582
2583 static int ospf_check_sum(struct ospf_header *ospfh)
2584 {
2585 uint32_t ret;
2586 uint16_t sum;
2587
2588 /* clear auth_data for checksum. */
2589 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2590
2591 /* keep checksum and clear. */
2592 sum = ospfh->checksum;
2593 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2594
2595 /* calculate checksum. */
2596 ret = in_cksum(ospfh, ntohs(ospfh->length));
2597
2598 if (ret != sum) {
2599 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2600 ret, sum);
2601 return 0;
2602 }
2603
2604 return 1;
2605 }
2606
2607 /* Verify, that given link/TOS records are properly sized/aligned and match
2608 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2609 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2610 uint16_t linkbytes,
2611 const uint16_t num_links)
2612 {
2613 unsigned counted_links = 0, thislinklen;
2614
2615 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
2616 thislinklen =
2617 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2618 if (thislinklen > linkbytes) {
2619 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2620 zlog_debug("%s: length error in link block #%u",
2621 __func__, counted_links);
2622 return MSG_NG;
2623 }
2624 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2625 linkbytes -= thislinklen;
2626 counted_links++;
2627 }
2628 if (counted_links != num_links) {
2629 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2630 zlog_debug("%s: %u link blocks declared, %u present",
2631 __func__, num_links, counted_links);
2632 return MSG_NG;
2633 }
2634 return MSG_OK;
2635 }
2636
2637 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2638 minimum length constraint). */
2639 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2640 const uint8_t headeronly)
2641 {
2642 unsigned ret;
2643 struct router_lsa *rlsa;
2644 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2645 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2646 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2647 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2648 lookup_msg(ospf_lsa_type_msg, lsah->type,
2649 NULL));
2650 return MSG_NG;
2651 }
2652 switch (lsah->type) {
2653 case OSPF_ROUTER_LSA: {
2654 /*
2655 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2656 * (12+)-byte link blocks
2657 */
2658 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2659 - OSPF_ROUTER_LSA_MIN_SIZE;
2660
2661 /*
2662 * LSA link blocks are variable length but always multiples of
2663 * 4; basic sanity check
2664 */
2665 if (linkbytes_len % 4 != 0)
2666 return MSG_NG;
2667
2668 if (headeronly)
2669 return MSG_OK;
2670
2671 rlsa = (struct router_lsa *)lsah;
2672
2673 ret = ospf_router_lsa_links_examin(
2674 (struct router_lsa_link *)rlsa->link,
2675 linkbytes_len,
2676 ntohs(rlsa->links));
2677 break;
2678 }
2679 case OSPF_AS_EXTERNAL_LSA:
2680 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2681 * blocks */
2682 case OSPF_AS_NSSA_LSA:
2683 /* RFC3101 C, idem */
2684 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2685 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2686 % 12
2687 ? MSG_NG
2688 : MSG_OK;
2689 break;
2690 /* Following LSA types are considered OK length-wise as soon as their
2691 * minimum
2692 * length constraint is met and length of the whole LSA is a multiple of
2693 * 4
2694 * (basic LSA header size is already a multiple of 4). */
2695 case OSPF_NETWORK_LSA:
2696 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2697 case OSPF_SUMMARY_LSA:
2698 case OSPF_ASBR_SUMMARY_LSA:
2699 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2700 * blocks */
2701 case OSPF_OPAQUE_LINK_LSA:
2702 case OSPF_OPAQUE_AREA_LSA:
2703 case OSPF_OPAQUE_AS_LSA:
2704 /* RFC5250 A.2, "some number of octets (of application-specific
2705 * data) padded to 32-bit alignment." This is considered
2706 * equivalent
2707 * to 4-byte alignment of all other LSA types, see
2708 * OSPF-ALIGNMENT.txt
2709 * file for the detailed analysis of this passage. */
2710 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2711 break;
2712 default:
2713 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2714 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2715 lsah->type);
2716 return MSG_NG;
2717 }
2718 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2719 zlog_debug("%s: alignment error in %s", __func__,
2720 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2721 return ret;
2722 }
2723
2724 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2725 includes verification of LSA blocks length/alignment and dispatching
2726 of deeper-level checks. */
2727 static unsigned
2728 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2729 size_t length, const uint8_t headeronly,
2730 /* When declared_num_lsas is not 0, compare it to the real
2731 number of LSAs
2732 and treat the difference as an error. */
2733 const uint32_t declared_num_lsas)
2734 {
2735 uint32_t counted_lsas = 0;
2736
2737 while (length) {
2738 uint16_t lsalen;
2739 if (length < OSPF_LSA_HEADER_SIZE) {
2740 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2741 zlog_debug(
2742 "%s: undersized (%zu B) trailing (#%u) LSA header",
2743 __func__, length, counted_lsas);
2744 return MSG_NG;
2745 }
2746 /* save on ntohs() calls here and in the LSA validator */
2747 lsalen = ntohs(lsah->length);
2748 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2749 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2750 zlog_debug(
2751 "%s: malformed LSA header #%u, declared length is %u B",
2752 __func__, counted_lsas, lsalen);
2753 return MSG_NG;
2754 }
2755 if (headeronly) {
2756 /* less checks here and in ospf_lsa_examin() */
2757 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2758 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2759 zlog_debug(
2760 "%s: malformed header-only LSA #%u",
2761 __func__, counted_lsas);
2762 return MSG_NG;
2763 }
2764 lsah = (struct lsa_header *)((caddr_t)lsah
2765 + OSPF_LSA_HEADER_SIZE);
2766 length -= OSPF_LSA_HEADER_SIZE;
2767 } else {
2768 /* make sure the input buffer is deep enough before
2769 * further checks */
2770 if (lsalen > length) {
2771 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2772 zlog_debug(
2773 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2774 __func__, counted_lsas, lsalen,
2775 length);
2776 return MSG_NG;
2777 }
2778 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2779 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2780 zlog_debug("%s: malformed LSA #%u",
2781 __func__, counted_lsas);
2782 return MSG_NG;
2783 }
2784 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2785 length -= lsalen;
2786 }
2787 counted_lsas++;
2788 }
2789
2790 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2791 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2792 zlog_debug(
2793 "%s: #LSAs declared (%u) does not match actual (%u)",
2794 __func__, declared_num_lsas, counted_lsas);
2795 return MSG_NG;
2796 }
2797 return MSG_OK;
2798 }
2799
2800 /* Verify a complete OSPF packet for proper sizing/alignment. */
2801 static unsigned ospf_packet_examin(struct ospf_header *oh,
2802 const unsigned bytesonwire)
2803 {
2804 uint16_t bytesdeclared, bytesauth;
2805 unsigned ret;
2806 struct ospf_ls_update *lsupd;
2807
2808 /* Length, 1st approximation. */
2809 if (bytesonwire < OSPF_HEADER_SIZE) {
2810 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2811 zlog_debug("%s: undersized (%u B) packet", __func__,
2812 bytesonwire);
2813 return MSG_NG;
2814 }
2815 /* Now it is safe to access header fields. Performing length check,
2816 * allow
2817 * for possible extra bytes of crypto auth/padding, which are not
2818 * counted
2819 * in the OSPF header "length" field. */
2820 if (oh->version != OSPF_VERSION) {
2821 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2822 zlog_debug("%s: invalid (%u) protocol version",
2823 __func__, oh->version);
2824 return MSG_NG;
2825 }
2826 bytesdeclared = ntohs(oh->length);
2827 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2828 bytesauth = 0;
2829 else {
2830 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2831 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2832 zlog_debug(
2833 "%s: unsupported crypto auth length (%u B)",
2834 __func__, oh->u.crypt.auth_data_len);
2835 return MSG_NG;
2836 }
2837 bytesauth = OSPF_AUTH_MD5_SIZE;
2838 }
2839 if (bytesdeclared + bytesauth > bytesonwire) {
2840 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2841 zlog_debug(
2842 "%s: packet length error (%u real, %u+%u declared)",
2843 __func__, bytesonwire, bytesdeclared,
2844 bytesauth);
2845 return MSG_NG;
2846 }
2847 /* Length, 2nd approximation. The type-specific constraint is checked
2848 against declared length, not amount of bytes on wire. */
2849 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2850 && bytesdeclared
2851 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2852 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2853 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2854 bytesdeclared,
2855 lookup_msg(ospf_packet_type_str, oh->type,
2856 NULL));
2857 return MSG_NG;
2858 }
2859 switch (oh->type) {
2860 case OSPF_MSG_HELLO:
2861 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2862 followed
2863 by N>=0 router-IDs. */
2864 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2865 % 4
2866 ? MSG_NG
2867 : MSG_OK;
2868 break;
2869 case OSPF_MSG_DB_DESC:
2870 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2871 followed
2872 by N>=0 header-only LSAs. */
2873 ret = ospf_lsaseq_examin(
2874 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2875 + OSPF_DB_DESC_MIN_SIZE),
2876 bytesdeclared - OSPF_HEADER_SIZE
2877 - OSPF_DB_DESC_MIN_SIZE,
2878 1, /* header-only LSAs */
2879 0);
2880 break;
2881 case OSPF_MSG_LS_REQ:
2882 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2883 * request blocks. */
2884 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2885 % OSPF_LSA_KEY_SIZE
2886 ? MSG_NG
2887 : MSG_OK;
2888 break;
2889 case OSPF_MSG_LS_UPD:
2890 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2891 followed
2892 by N>=0 full LSAs (with N declared beforehand). */
2893 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2894 + OSPF_HEADER_SIZE);
2895 ret = ospf_lsaseq_examin(
2896 (struct lsa_header *)((caddr_t)lsupd
2897 + OSPF_LS_UPD_MIN_SIZE),
2898 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2899 0, /* full LSAs */
2900 ntohl(lsupd->num_lsas) /* 32 bits */
2901 );
2902 break;
2903 case OSPF_MSG_LS_ACK:
2904 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2905 * LSAs. */
2906 ret = ospf_lsaseq_examin(
2907 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2908 + OSPF_LS_ACK_MIN_SIZE),
2909 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2910 1, /* header-only LSAs */
2911 0);
2912 break;
2913 default:
2914 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2915 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2916 oh->type);
2917 return MSG_NG;
2918 }
2919 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2920 zlog_debug("%s: malformed %s packet", __func__,
2921 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2922 return ret;
2923 }
2924
2925 /* OSPF Header verification. */
2926 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2927 struct ip *iph, struct ospf_header *ospfh)
2928 {
2929 /* Check Area ID. */
2930 if (!ospf_check_area_id(oi, ospfh)) {
2931 flog_warn(EC_OSPF_PACKET,
2932 "interface %s: ospf_read invalid Area ID %pI4",
2933 IF_NAME(oi), &ospfh->area_id);
2934 return -1;
2935 }
2936
2937 /* Check network mask, Silently discarded. */
2938 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2939 flog_warn(
2940 EC_OSPF_PACKET,
2941 "interface %s: ospf_read network address is not same [%pI4]",
2942 IF_NAME(oi), &iph->ip_src);
2943 return -1;
2944 }
2945
2946 /* Check authentication. The function handles logging actions, where
2947 * required. */
2948 if (!ospf_check_auth(oi, ospfh))
2949 return -1;
2950
2951 return 0;
2952 }
2953
2954 enum ospf_read_return_enum {
2955 OSPF_READ_ERROR,
2956 OSPF_READ_CONTINUE,
2957 };
2958
2959 static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
2960 {
2961 int ret;
2962 struct stream *ibuf;
2963 struct ospf_interface *oi;
2964 struct ip *iph;
2965 struct ospf_header *ospfh;
2966 uint16_t length;
2967 struct connected *c;
2968 struct interface *ifp = NULL;
2969
2970 stream_reset(ospf->ibuf);
2971 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2972 if (ibuf == NULL)
2973 return OSPF_READ_ERROR;
2974
2975 /*
2976 * This raw packet is known to be at least as big as its
2977 * IP header. Note that there should not be alignment problems with
2978 * this assignment because this is at the beginning of the
2979 * stream data buffer.
2980 */
2981 iph = (struct ip *)STREAM_DATA(ibuf);
2982 /*
2983 * Note that sockopt_iphdrincl_swab_systoh was called in
2984 * ospf_recv_packet.
2985 */
2986 if (ifp == NULL) {
2987 /*
2988 * Handle cases where the platform does not support
2989 * retrieving the ifindex, and also platforms (such as
2990 * Solaris 8) that claim to support ifindex retrieval but do
2991 * not.
2992 */
2993 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2994 ospf->vrf_id);
2995 if (c)
2996 ifp = c->ifp;
2997 if (ifp == NULL) {
2998 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2999 zlog_debug(
3000 "%s: Unable to determine incoming interface from: %pI4(%s)",
3001 __func__, &iph->ip_src,
3002 ospf_get_name(ospf));
3003 return OSPF_READ_CONTINUE;
3004 }
3005 }
3006
3007 if (ospf->vrf_id == VRF_DEFAULT && ospf->vrf_id != ifp->vrf->vrf_id) {
3008 /*
3009 * We may have a situation where l3mdev_accept == 1
3010 * let's just kindly drop the packet and move on.
3011 * ospf really really really does not like when
3012 * we receive the same packet multiple times.
3013 */
3014 return OSPF_READ_CONTINUE;
3015 }
3016
3017 /* Self-originated packet should be discarded silently. */
3018 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3019 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3020 zlog_debug(
3021 "ospf_read[%pI4]: Dropping self-originated packet",
3022 &iph->ip_src);
3023 }
3024 return OSPF_READ_CONTINUE;
3025 }
3026
3027 /* Check that we have enough for an IP header */
3028 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3029 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3030 flog_warn(
3031 EC_OSPF_PACKET,
3032 "Rx'd IP packet with OSPF protocol number but no payload");
3033 } else {
3034 flog_warn(
3035 EC_OSPF_PACKET,
3036 "IP header length field claims header is %u bytes, but we only have %zu",
3037 (unsigned int)(iph->ip_hl << 2),
3038 STREAM_READABLE(ibuf));
3039 }
3040
3041 return OSPF_READ_ERROR;
3042 }
3043 stream_forward_getp(ibuf, iph->ip_hl << 2);
3044
3045 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3046 if (MSG_OK
3047 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3048 - stream_get_getp(ibuf)))
3049 return OSPF_READ_CONTINUE;
3050 /* Now it is safe to access all fields of OSPF packet header. */
3051
3052 /* associate packet with ospf interface */
3053 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3054
3055 /*
3056 * ospf_verify_header() relies on a valid "oi" and thus can be called
3057 * only after the passive/backbone/other checks below are passed.
3058 * These checks in turn access the fields of unverified "ospfh"
3059 * structure for their own purposes and must remain very accurate
3060 * in doing this.
3061 */
3062
3063 /* If incoming interface is passive one, ignore it. */
3064 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3065 if (IS_DEBUG_OSPF_EVENT)
3066 zlog_debug(
3067 "ignoring packet from router %pI4 sent to %pI4, received on a passive interface, %pI4",
3068 &ospfh->router_id, &iph->ip_dst,
3069 &oi->address->u.prefix4);
3070
3071 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3072 /* Try to fix multicast membership.
3073 * Some OS:es may have problems in this area,
3074 * make sure it is removed.
3075 */
3076 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3077 ospf_if_set_multicast(oi);
3078 }
3079 return OSPF_READ_CONTINUE;
3080 }
3081
3082
3083 /* if no local ospf_interface,
3084 * or header area is backbone but ospf_interface is not
3085 * check for VLINK interface
3086 */
3087 if ((oi == NULL)
3088 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3089 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3090 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3091 == NULL) {
3092 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3093 zlog_debug(
3094 "Packet from [%pI4] received on link %s but no ospf_interface",
3095 &iph->ip_src, ifp->name);
3096 return OSPF_READ_CONTINUE;
3097 }
3098 }
3099
3100 /*
3101 * else it must be a local ospf interface, check it was
3102 * received on correct link
3103 */
3104 else if (oi->ifp != ifp) {
3105 if (IS_DEBUG_OSPF_EVENT)
3106 flog_warn(EC_OSPF_PACKET,
3107 "Packet from [%pI4] received on wrong link %s",
3108 &iph->ip_src, ifp->name);
3109 return OSPF_READ_CONTINUE;
3110 } else if (oi->state == ISM_Down) {
3111 flog_warn(
3112 EC_OSPF_PACKET,
3113 "Ignoring packet from %pI4 to %pI4 received on interface that is down [%s]; interface flags are %s",
3114 &iph->ip_src, &iph->ip_dst, ifp->name,
3115 if_flag_dump(ifp->flags));
3116 /* Fix multicast memberships? */
3117 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3118 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3119 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3120 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3121 if (oi->multicast_memberships)
3122 ospf_if_set_multicast(oi);
3123 return OSPF_READ_CONTINUE;
3124 }
3125
3126 /*
3127 * If the received packet is destined for AllDRouters, the
3128 * packet should be accepted only if the received ospf
3129 * interface state is either DR or Backup -- endo.
3130 *
3131 * I wonder who endo is?
3132 */
3133 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3134 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3135 flog_warn(
3136 EC_OSPF_PACKET,
3137 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3138 &iph->ip_src, IF_NAME(oi),
3139 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3140 /* Try to fix multicast membership. */
3141 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3142 ospf_if_set_multicast(oi);
3143 return OSPF_READ_CONTINUE;
3144 }
3145
3146 /* Verify more OSPF header fields. */
3147 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3148 if (ret < 0) {
3149 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3150 zlog_debug(
3151 "ospf_read[%pI4]: Header check failed, dropping.",
3152 &iph->ip_src);
3153 return OSPF_READ_CONTINUE;
3154 }
3155
3156 /* Show debug receiving packet. */
3157 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3158 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3159 zlog_debug(
3160 "-----------------------------------------------------");
3161 ospf_packet_dump(ibuf);
3162 }
3163
3164 zlog_debug("%s received from [%pI4] via [%s]",
3165 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3166 &ospfh->router_id, IF_NAME(oi));
3167 zlog_debug(" src [%pI4],", &iph->ip_src);
3168 zlog_debug(" dst [%pI4]", &iph->ip_dst);
3169
3170 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3171 zlog_debug(
3172 "-----------------------------------------------------");
3173 }
3174
3175 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3176
3177 /* Adjust size to message length. */
3178 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3179
3180 /* Read rest of the packet and call each sort of packet routine.
3181 */
3182 switch (ospfh->type) {
3183 case OSPF_MSG_HELLO:
3184 ospf_hello(iph, ospfh, ibuf, oi, length);
3185 break;
3186 case OSPF_MSG_DB_DESC:
3187 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3188 break;
3189 case OSPF_MSG_LS_REQ:
3190 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3191 break;
3192 case OSPF_MSG_LS_UPD:
3193 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3194 break;
3195 case OSPF_MSG_LS_ACK:
3196 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3197 break;
3198 default:
3199 flog_warn(
3200 EC_OSPF_PACKET,
3201 "interface %s(%s): OSPF packet header type %d is illegal",
3202 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3203 break;
3204 }
3205
3206 return OSPF_READ_CONTINUE;
3207 }
3208
3209 /* Starting point of packet process function. */
3210 void ospf_read(struct thread *thread)
3211 {
3212 struct ospf *ospf;
3213 int32_t count = 0;
3214 enum ospf_read_return_enum ret;
3215
3216 /* first of all get interface pointer. */
3217 ospf = THREAD_ARG(thread);
3218
3219 /* prepare for next packet. */
3220 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3221
3222 while (count < ospf->write_oi_count) {
3223 count++;
3224 ret = ospf_read_helper(ospf);
3225 switch (ret) {
3226 case OSPF_READ_ERROR:
3227 return;
3228 case OSPF_READ_CONTINUE:
3229 break;
3230 }
3231 }
3232 }
3233
3234 /* Make OSPF header. */
3235 static void ospf_make_header(int type, struct ospf_interface *oi,
3236 struct stream *s)
3237 {
3238 struct ospf_header *ospfh;
3239
3240 ospfh = (struct ospf_header *)STREAM_DATA(s);
3241
3242 ospfh->version = (uint8_t)OSPF_VERSION;
3243 ospfh->type = (uint8_t)type;
3244
3245 ospfh->router_id = oi->ospf->router_id;
3246
3247 ospfh->checksum = 0;
3248 ospfh->area_id = oi->area->area_id;
3249 ospfh->auth_type = htons(ospf_auth_type(oi));
3250
3251 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3252
3253 stream_forward_endp(s, OSPF_HEADER_SIZE);
3254 }
3255
3256 /* Make Authentication Data. */
3257 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3258 {
3259 struct crypt_key *ck;
3260
3261 switch (ospf_auth_type(oi)) {
3262 case OSPF_AUTH_NULL:
3263 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3264 */
3265 break;
3266 case OSPF_AUTH_SIMPLE:
3267 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3268 OSPF_AUTH_SIMPLE_SIZE);
3269 break;
3270 case OSPF_AUTH_CRYPTOGRAPHIC:
3271 /* If key is not set, then set 0. */
3272 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3273 ospfh->u.crypt.zero = 0;
3274 ospfh->u.crypt.key_id = 0;
3275 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3276 } else {
3277 ck = listgetdata(
3278 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3279 ospfh->u.crypt.zero = 0;
3280 ospfh->u.crypt.key_id = ck->key_id;
3281 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3282 }
3283 /* note: the seq is done in ospf_make_md5_digest() */
3284 break;
3285 default:
3286 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3287 */
3288 break;
3289 }
3290
3291 return 0;
3292 }
3293
3294 /* Fill rest of OSPF header. */
3295 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3296 uint16_t length)
3297 {
3298 struct ospf_header *ospfh;
3299
3300 ospfh = (struct ospf_header *)STREAM_DATA(s);
3301
3302 /* Fill length. */
3303 ospfh->length = htons(length);
3304
3305 /* Calculate checksum. */
3306 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3307 ospfh->checksum = in_cksum(ospfh, length);
3308 else
3309 ospfh->checksum = 0;
3310
3311 /* Add Authentication Data. */
3312 ospf_make_auth(oi, ospfh);
3313 }
3314
3315 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3316 {
3317 struct ospf_neighbor *nbr;
3318 struct route_node *rn;
3319 uint16_t length = OSPF_HELLO_MIN_SIZE;
3320 struct in_addr mask;
3321 unsigned long p;
3322 int flag = 0;
3323
3324 /* Set netmask of interface. */
3325 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3326 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3327 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3328 masklen2ip(oi->address->prefixlen, &mask);
3329 else
3330 memset((char *)&mask, 0, sizeof(struct in_addr));
3331 stream_put_ipv4(s, mask.s_addr);
3332
3333 /* Set Hello Interval. */
3334 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3335 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3336 else
3337 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3338
3339 if (IS_DEBUG_OSPF_EVENT)
3340 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3341 IF_NAME(oi));
3342
3343 /* Set Options. */
3344 stream_putc(s, OPTIONS(oi));
3345
3346 /* Set Router Priority. */
3347 stream_putc(s, PRIORITY(oi));
3348
3349 /* Set Router Dead Interval. */
3350 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3351
3352 /* Set Designated Router. */
3353 stream_put_ipv4(s, DR(oi).s_addr);
3354
3355 p = stream_get_endp(s);
3356
3357 /* Set Backup Designated Router. */
3358 stream_put_ipv4(s, BDR(oi).s_addr);
3359
3360 /* Add neighbor seen. */
3361 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3362 if ((nbr = rn->info))
3363 if (nbr->router_id.s_addr
3364 != INADDR_ANY) /* Ignore 0.0.0.0 node. */
3365 if (nbr->state
3366 != NSM_Attempt) /* Ignore Down neighbor. */
3367 if (nbr->state
3368 != NSM_Down) /* This is myself for
3369 DR election. */
3370 if (!IPV4_ADDR_SAME(
3371 &nbr->router_id,
3372 &oi->ospf->router_id)) {
3373 /* Check neighbor is
3374 * sane? */
3375 if (nbr->d_router.s_addr
3376 != INADDR_ANY
3377 && IPV4_ADDR_SAME(
3378 &nbr->d_router,
3379 &oi->address
3380 ->u
3381 .prefix4)
3382 && IPV4_ADDR_SAME(
3383 &nbr->bd_router,
3384 &oi->address
3385 ->u
3386 .prefix4))
3387 flag = 1;
3388
3389 /* Hello packet overflows interface MTU. */
3390 if (length + sizeof(uint32_t)
3391 > ospf_packet_max(oi)) {
3392 flog_err(
3393 EC_OSPF_LARGE_HELLO,
3394 "Oversized Hello packet! Larger than MTU. Not sending it out");
3395 return 0;
3396 }
3397
3398 stream_put_ipv4(
3399 s,
3400 nbr->router_id
3401 .s_addr);
3402 length += 4;
3403 }
3404
3405 /* Let neighbor generate BackupSeen. */
3406 if (flag == 1)
3407 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3408
3409 return length;
3410 }
3411
3412 static int ospf_make_db_desc(struct ospf_interface *oi,
3413 struct ospf_neighbor *nbr, struct stream *s)
3414 {
3415 struct ospf_lsa *lsa;
3416 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3417 uint8_t options;
3418 unsigned long pp;
3419 int i;
3420 struct ospf_lsdb *lsdb;
3421
3422 /* Set Interface MTU. */
3423 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3424 stream_putw(s, 0);
3425 else
3426 stream_putw(s, oi->ifp->mtu);
3427
3428 /* Set Options. */
3429 options = OPTIONS(oi);
3430 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3431 SET_FLAG(options, OSPF_OPTION_O);
3432 stream_putc(s, options);
3433
3434 /* DD flags */
3435 pp = stream_get_endp(s);
3436 stream_putc(s, nbr->dd_flags);
3437
3438 /* Set DD Sequence Number. */
3439 stream_putl(s, nbr->dd_seqnum);
3440
3441 /* shortcut unneeded walk of (empty) summary LSDBs */
3442 if (ospf_db_summary_isempty(nbr))
3443 goto empty;
3444
3445 /* Describe LSA Header from Database Summary List. */
3446 lsdb = &nbr->db_sum;
3447
3448 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3449 struct route_table *table = lsdb->type[i].db;
3450 struct route_node *rn;
3451
3452 for (rn = route_top(table); rn; rn = route_next(rn))
3453 if ((lsa = rn->info) != NULL) {
3454 if (IS_OPAQUE_LSA(lsa->data->type)
3455 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3456 /* Suppress advertising
3457 * opaque-information. */
3458 /* Remove LSA from DB summary list. */
3459 ospf_lsdb_delete(lsdb, lsa);
3460 continue;
3461 }
3462
3463 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3464 struct lsa_header *lsah;
3465 uint16_t ls_age;
3466
3467 /* DD packet overflows interface MTU. */
3468 if (length + OSPF_LSA_HEADER_SIZE
3469 > ospf_packet_max(oi))
3470 break;
3471
3472 /* Keep pointer to LS age. */
3473 lsah = (struct lsa_header
3474 *)(STREAM_DATA(s)
3475 + stream_get_endp(
3476 s));
3477
3478 /* Proceed stream pointer. */
3479 stream_put(s, lsa->data,
3480 OSPF_LSA_HEADER_SIZE);
3481 length += OSPF_LSA_HEADER_SIZE;
3482
3483 /* Set LS age. */
3484 ls_age = LS_AGE(lsa);
3485 lsah->ls_age = htons(ls_age);
3486 }
3487
3488 /* Remove LSA from DB summary list. */
3489 ospf_lsdb_delete(lsdb, lsa);
3490 }
3491 }
3492
3493 /* Update 'More' bit */
3494 if (ospf_db_summary_isempty(nbr)) {
3495 empty:
3496 if (nbr->state >= NSM_Exchange) {
3497 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3498 /* Rewrite DD flags */
3499 stream_putc_at(s, pp, nbr->dd_flags);
3500 } else {
3501 assert(IS_SET_DD_M(nbr->dd_flags));
3502 }
3503 }
3504 return length;
3505 }
3506
3507 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3508 unsigned long delta, struct ospf_neighbor *nbr,
3509 struct ospf_lsa *lsa)
3510 {
3511 struct ospf_interface *oi;
3512
3513 oi = nbr->oi;
3514
3515 /* LS Request packet overflows interface MTU
3516 * delta is just number of bytes required for 1 LS Req
3517 * ospf_packet_max will return the number of bytes can
3518 * be accommodated without ospf header. So length+delta
3519 * can be compared to ospf_packet_max
3520 * to check if it can fit another lsreq in the same packet.
3521 */
3522
3523 if (*length + delta > ospf_packet_max(oi))
3524 return 0;
3525
3526 stream_putl(s, lsa->data->type);
3527 stream_put_ipv4(s, lsa->data->id.s_addr);
3528 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3529
3530 ospf_lsa_unlock(&nbr->ls_req_last);
3531 nbr->ls_req_last = ospf_lsa_lock(lsa);
3532
3533 *length += 12;
3534 return 1;
3535 }
3536
3537 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3538 {
3539 struct ospf_lsa *lsa;
3540 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3541 unsigned long delta = 12;
3542 struct route_table *table;
3543 struct route_node *rn;
3544 int i;
3545 struct ospf_lsdb *lsdb;
3546
3547 lsdb = &nbr->ls_req;
3548
3549 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3550 table = lsdb->type[i].db;
3551 for (rn = route_top(table); rn; rn = route_next(rn))
3552 if ((lsa = (rn->info)) != NULL)
3553 if (ospf_make_ls_req_func(s, &length, delta,
3554 nbr, lsa)
3555 == 0) {
3556 route_unlock_node(rn);
3557 break;
3558 }
3559 }
3560 return length;
3561 }
3562
3563 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3564 {
3565 int age;
3566
3567 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3568
3569 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3570 }
3571
3572 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3573 struct stream *s)
3574 {
3575 struct ospf_lsa *lsa;
3576 struct listnode *node;
3577 uint16_t length = 0;
3578 unsigned int size_noauth;
3579 unsigned long delta = stream_get_endp(s);
3580 unsigned long pp;
3581 int count = 0;
3582
3583 if (IS_DEBUG_OSPF_EVENT)
3584 zlog_debug("ospf_make_ls_upd: Start");
3585
3586 pp = stream_get_endp(s);
3587 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3588 length += OSPF_LS_UPD_MIN_SIZE;
3589
3590 /* Calculate amount of packet usable for data. */
3591 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3592
3593 while ((node = listhead(update)) != NULL) {
3594 struct lsa_header *lsah;
3595 uint16_t ls_age;
3596
3597 lsa = listgetdata(node);
3598 assert(lsa->data);
3599
3600 if (IS_DEBUG_OSPF_EVENT)
3601 zlog_debug("%s: List Iteration %d LSA[%s]", __func__,
3602 count, dump_lsa_key(lsa));
3603
3604 /* Will it fit? Minimum it has to fit at least one */
3605 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3606 (count > 0))
3607 break;
3608
3609 /* Keep pointer to LS age. */
3610 lsah = (struct lsa_header *)(STREAM_DATA(s)
3611 + stream_get_endp(s));
3612
3613 /* Put LSA to Link State Request. */
3614 stream_put(s, lsa->data, ntohs(lsa->data->length));
3615
3616 /* Set LS age. */
3617 /* each hop must increment an lsa_age by transmit_delay
3618 of OSPF interface */
3619 ls_age = ls_age_increment(lsa,
3620 OSPF_IF_PARAM(oi, transmit_delay));
3621 lsah->ls_age = htons(ls_age);
3622
3623 length += ntohs(lsa->data->length);
3624 count++;
3625
3626 list_delete_node(update, node);
3627 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3628 }
3629
3630 /* Now set #LSAs. */
3631 stream_putl_at(s, pp, count);
3632
3633 if (IS_DEBUG_OSPF_EVENT)
3634 zlog_debug("ospf_make_ls_upd: Stop");
3635 return length;
3636 }
3637
3638 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3639 struct stream *s)
3640 {
3641 struct listnode *node, *nnode;
3642 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3643 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3644 struct ospf_lsa *lsa;
3645
3646 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3647 assert(lsa);
3648
3649 /* LS Ack packet overflows interface MTU
3650 * delta is just number of bytes required for
3651 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3652 * the number of bytes can be accommodated without
3653 * ospf header. So length+delta can be compared
3654 * against ospf_packet_max to check if it can fit
3655 * another ls header in the same packet.
3656 */
3657 if ((length + delta) > ospf_packet_max(oi))
3658 break;
3659
3660 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3661 length += OSPF_LSA_HEADER_SIZE;
3662
3663 listnode_delete(ack, lsa);
3664 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3665 }
3666
3667 return length;
3668 }
3669
3670 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3671 {
3672 struct ospf_packet *op;
3673 uint16_t length = OSPF_HEADER_SIZE;
3674
3675 op = ospf_packet_new(oi->ifp->mtu);
3676
3677 /* Prepare OSPF common header. */
3678 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3679
3680 /* Prepare OSPF Hello body. */
3681 length += ospf_make_hello(oi, op->s);
3682 if (length == OSPF_HEADER_SIZE) {
3683 /* Hello overshooting MTU */
3684 ospf_packet_free(op);
3685 return;
3686 }
3687
3688 /* Fill OSPF header. */
3689 ospf_fill_header(oi, op->s, length);
3690
3691 /* Set packet length. */
3692 op->length = length;
3693
3694 op->dst.s_addr = addr;
3695
3696 if (IS_DEBUG_OSPF_EVENT) {
3697 if (oi->ospf->vrf_id)
3698 zlog_debug(
3699 "%s: Hello Tx interface %s ospf vrf %s id %u",
3700 __func__, oi->ifp->name,
3701 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3702 oi->ospf->vrf_id);
3703 }
3704 /* Add packet to the top of the interface output queue, so that they
3705 * can't get delayed by things like long queues of LS Update packets
3706 */
3707 ospf_packet_add_top(oi, op);
3708
3709 /* Hook thread to write packet. */
3710 OSPF_ISM_WRITE_ON(oi->ospf);
3711 }
3712
3713 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3714 {
3715 struct ospf_interface *oi;
3716
3717 oi = nbr_nbma->oi;
3718 assert(oi);
3719
3720 /* If this is passive interface, do not send OSPF Hello. */
3721 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3722 return;
3723
3724 if (oi->type != OSPF_IFTYPE_NBMA)
3725 return;
3726
3727 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3728 return;
3729
3730 if (PRIORITY(oi) == 0)
3731 return;
3732
3733 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3734 && oi->state != ISM_Backup)
3735 return;
3736
3737 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3738 }
3739
3740 void ospf_poll_timer(struct thread *thread)
3741 {
3742 struct ospf_nbr_nbma *nbr_nbma;
3743
3744 nbr_nbma = THREAD_ARG(thread);
3745 nbr_nbma->t_poll = NULL;
3746
3747 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3748 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3749 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
3750
3751 ospf_poll_send(nbr_nbma);
3752
3753 if (nbr_nbma->v_poll > 0)
3754 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3755 nbr_nbma->v_poll);
3756 }
3757
3758
3759 void ospf_hello_reply_timer(struct thread *thread)
3760 {
3761 struct ospf_neighbor *nbr;
3762
3763 nbr = THREAD_ARG(thread);
3764 nbr->t_hello_reply = NULL;
3765
3766 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3767 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3768 IF_NAME(nbr->oi), &nbr->router_id);
3769
3770 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3771 }
3772
3773 /* Send OSPF Hello. */
3774 void ospf_hello_send(struct ospf_interface *oi)
3775 {
3776 /* If this is passive interface, do not send OSPF Hello. */
3777 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3778 return;
3779
3780 if (oi->type == OSPF_IFTYPE_NBMA) {
3781 struct ospf_neighbor *nbr;
3782 struct route_node *rn;
3783
3784 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3785 if ((nbr = rn->info))
3786 if (nbr != oi->nbr_self)
3787 if (nbr->state != NSM_Down) {
3788 /* RFC 2328 Section 9.5.1
3789 If the router is not
3790 eligible to become Designated
3791 Router,
3792 it must periodically send
3793 Hello Packets to both the
3794 Designated Router and the
3795 Backup Designated Router (if
3796 they
3797 exist). */
3798 if (PRIORITY(oi) == 0
3799 && IPV4_ADDR_CMP(
3800 &DR(oi),
3801 &nbr->address.u
3802 .prefix4)
3803 && IPV4_ADDR_CMP(
3804 &BDR(oi),
3805 &nbr->address.u
3806 .prefix4))
3807 continue;
3808
3809 /* If the router is eligible to
3810 become Designated Router, it
3811 must periodically send Hello
3812 Packets to all neighbors that
3813 are also eligible. In
3814 addition, if the router is
3815 itself the
3816 Designated Router or Backup
3817 Designated Router, it must
3818 also
3819 send periodic Hello Packets
3820 to all other neighbors. */
3821
3822 if (nbr->priority == 0
3823 && oi->state == ISM_DROther)
3824 continue;
3825 /* if oi->state == Waiting, send
3826 * hello to all neighbors */
3827 ospf_hello_send_sub(
3828 oi,
3829 nbr->address.u.prefix4
3830 .s_addr);
3831 }
3832 } else {
3833 /* Decide destination address. */
3834 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3835 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3836 else
3837 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3838 }
3839 }
3840
3841 /* Send OSPF Database Description. */
3842 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3843 {
3844 struct ospf_interface *oi;
3845 struct ospf_packet *op;
3846 uint16_t length = OSPF_HEADER_SIZE;
3847
3848 oi = nbr->oi;
3849 op = ospf_packet_new(oi->ifp->mtu);
3850
3851 /* Prepare OSPF common header. */
3852 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3853
3854 /* Prepare OSPF Database Description body. */
3855 length += ospf_make_db_desc(oi, nbr, op->s);
3856
3857 /* Fill OSPF header. */
3858 ospf_fill_header(oi, op->s, length);
3859
3860 /* Set packet length. */
3861 op->length = length;
3862
3863 /* Decide destination address. */
3864 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3865 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3866 else
3867 op->dst = nbr->address.u.prefix4;
3868
3869 /* Add packet to the interface output queue. */
3870 ospf_packet_add(oi, op);
3871
3872 /* Hook thread to write packet. */
3873 OSPF_ISM_WRITE_ON(oi->ospf);
3874
3875 /* Remove old DD packet, then copy new one and keep in neighbor
3876 * structure. */
3877 if (nbr->last_send)
3878 ospf_packet_free(nbr->last_send);
3879 nbr->last_send = ospf_packet_dup(op);
3880 monotime(&nbr->last_send_ts);
3881 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3882 zlog_info(
3883 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
3884 ospf_get_name(oi->ospf), &nbr->router_id,
3885 nbr->dd_seqnum, nbr->dd_flags);
3886 }
3887
3888 /* Re-send Database Description. */
3889 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3890 {
3891 struct ospf_interface *oi;
3892
3893 oi = nbr->oi;
3894
3895 /* Add packet to the interface output queue. */
3896 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3897
3898 /* Hook thread to write packet. */
3899 OSPF_ISM_WRITE_ON(oi->ospf);
3900 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3901 zlog_info(
3902 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
3903 ospf_get_name(oi->ospf), &nbr->router_id,
3904 nbr->dd_seqnum, nbr->dd_flags);
3905 }
3906
3907 /* Send Link State Request. */
3908 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3909 {
3910 struct ospf_interface *oi;
3911 struct ospf_packet *op;
3912 uint16_t length = OSPF_HEADER_SIZE;
3913
3914 oi = nbr->oi;
3915 op = ospf_packet_new(oi->ifp->mtu);
3916
3917 /* Prepare OSPF common header. */
3918 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3919
3920 /* Prepare OSPF Link State Request body. */
3921 length += ospf_make_ls_req(nbr, op->s);
3922 if (length == OSPF_HEADER_SIZE) {
3923 ospf_packet_free(op);
3924 return;
3925 }
3926
3927 /* Fill OSPF header. */
3928 ospf_fill_header(oi, op->s, length);
3929
3930 /* Set packet length. */
3931 op->length = length;
3932
3933 /* Decide destination address. */
3934 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3935 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3936 else
3937 op->dst = nbr->address.u.prefix4;
3938
3939 /* Add packet to the interface output queue. */
3940 ospf_packet_add(oi, op);
3941
3942 /* Hook thread to write packet. */
3943 OSPF_ISM_WRITE_ON(oi->ospf);
3944
3945 /* Add Link State Request Retransmission Timer. */
3946 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3947 }
3948
3949 /* Send Link State Update with an LSA. */
3950 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3951 int flag)
3952 {
3953 struct list *update;
3954
3955 update = list_new();
3956
3957 listnode_add(update, lsa);
3958
3959 /*ospf instance is going down, send self originated
3960 * MAXAGE LSA update to neighbors to remove from LSDB */
3961 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3962 ospf_ls_upd_send(nbr, update, flag, 1);
3963 else
3964 ospf_ls_upd_send(nbr, update, flag, 0);
3965
3966 list_delete(&update);
3967 }
3968
3969 /* Determine size for packet. Must be at least big enough to accommodate next
3970 * LSA on list, which may be bigger than MTU size.
3971 *
3972 * Return pointer to new ospf_packet
3973 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3974 * on packet sizes (in which case offending LSA is deleted from update list)
3975 */
3976 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3977 struct ospf_interface *oi)
3978 {
3979 struct ospf_lsa *lsa;
3980 struct listnode *ln;
3981 size_t size;
3982 static char warned = 0;
3983
3984 lsa = listgetdata((ln = listhead(update)));
3985 assert(lsa->data);
3986
3987 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3988 > ospf_packet_max(oi)) {
3989 if (!warned) {
3990 flog_warn(
3991 EC_OSPF_LARGE_LSA,
3992 "ospf_ls_upd_packet_new: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'");
3993 warned = 1;
3994 }
3995
3996 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3997 zlog_debug(
3998 "ospf_ls_upd_packet_new: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
3999 &lsa->data->id,
4000 ntohs(lsa->data->length),
4001 &lsa->data->adv_router);
4002
4003 /*
4004 * Allocate just enough to fit this LSA only, to avoid including
4005 * other
4006 * LSAs in fragmented LSA Updates.
4007 */
4008 size = ntohs(lsa->data->length)
4009 + (oi->ifp->mtu - ospf_packet_max(oi))
4010 + OSPF_LS_UPD_MIN_SIZE;
4011 } else
4012 size = oi->ifp->mtu;
4013
4014 if (size > OSPF_MAX_PACKET_SIZE) {
4015 flog_warn(EC_OSPF_LARGE_LSA,
4016 "ospf_ls_upd_packet_new: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
4017 &lsa->data->id, ntohs(lsa->data->length),
4018 (long int)size);
4019 list_delete_node(update, ln);
4020 return NULL;
4021 }
4022
4023 /* IP header is built up separately by ospf_write(). This means, that we
4024 * must
4025 * reduce the "affordable" size just calculated by length of an IP
4026 * header.
4027 * This makes sure, that even if we manage to fill the payload with LSA
4028 * data
4029 * completely, the final packet (our data plus IP header) still fits
4030 * into
4031 * outgoing interface MTU. This correction isn't really meaningful for
4032 * an
4033 * oversized LSA, but for consistency the correction is done for both
4034 * cases.
4035 *
4036 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4037 */
4038 return ospf_packet_new(size - sizeof(struct ip));
4039 }
4040
4041 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4042 struct list *update, struct in_addr addr,
4043 int send_lsupd_now)
4044 {
4045 struct ospf_packet *op;
4046 uint16_t length = OSPF_HEADER_SIZE;
4047
4048 if (IS_DEBUG_OSPF_EVENT)
4049 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4050 IF_NAME(oi), &addr);
4051
4052 /* Check that we have really something to process */
4053 if (listcount(update) == 0)
4054 return;
4055
4056 op = ospf_ls_upd_packet_new(update, oi);
4057
4058 /* Prepare OSPF common header. */
4059 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4060
4061 /* Prepare OSPF Link State Update body.
4062 * Includes Type-7 translation.
4063 */
4064 length += ospf_make_ls_upd(oi, update, op->s);
4065
4066 /* Fill OSPF header. */
4067 ospf_fill_header(oi, op->s, length);
4068
4069 /* Set packet length. */
4070 op->length = length;
4071
4072 /* Decide destination address. */
4073 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4074 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4075 else
4076 op->dst.s_addr = addr.s_addr;
4077
4078 /* Add packet to the interface output queue. */
4079 ospf_packet_add(oi, op);
4080 /* Call ospf_write() right away to send ospf packets to neighbors */
4081 if (send_lsupd_now) {
4082 struct thread os_packet_thd;
4083
4084 os_packet_thd.arg = (void *)oi->ospf;
4085 if (oi->on_write_q == 0) {
4086 listnode_add(oi->ospf->oi_write_q, oi);
4087 oi->on_write_q = 1;
4088 }
4089 ospf_write(&os_packet_thd);
4090 /*
4091 * We are fake calling ospf_write with a fake
4092 * thread. Imagine that we have oi_a already
4093 * enqueued and we have turned on the write
4094 * thread(t_write).
4095 * Now this function calls this for oi_b
4096 * so the on_write_q has oi_a and oi_b on
4097 * it, ospf_write runs and clears the packets
4098 * for both oi_a and oi_b. Removing them from
4099 * the on_write_q. After this thread of execution
4100 * finishes we will execute the t_write thread
4101 * with nothing in the on_write_q causing an
4102 * assert. So just make sure that the t_write
4103 * is actually turned off.
4104 */
4105 if (list_isempty(oi->ospf->oi_write_q))
4106 THREAD_OFF(oi->ospf->t_write);
4107 } else {
4108 /* Hook thread to write packet. */
4109 OSPF_ISM_WRITE_ON(oi->ospf);
4110 }
4111 }
4112
4113 static void ospf_ls_upd_send_queue_event(struct thread *thread)
4114 {
4115 struct ospf_interface *oi = THREAD_ARG(thread);
4116 struct route_node *rn;
4117 struct route_node *rnext;
4118 struct list *update;
4119 char again = 0;
4120
4121 oi->t_ls_upd_event = NULL;
4122
4123 if (IS_DEBUG_OSPF_EVENT)
4124 zlog_debug("ospf_ls_upd_send_queue start");
4125
4126 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4127 rnext = route_next(rn);
4128
4129 if (rn->info == NULL)
4130 continue;
4131
4132 update = (struct list *)rn->info;
4133
4134 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4135
4136 /* list might not be empty. */
4137 if (listcount(update) == 0) {
4138 list_delete((struct list **)&rn->info);
4139 route_unlock_node(rn);
4140 } else
4141 again = 1;
4142 }
4143
4144 if (again != 0) {
4145 if (IS_DEBUG_OSPF_EVENT)
4146 zlog_debug(
4147 "ospf_ls_upd_send_queue: update lists not cleared, %d nodes to try again, raising new event",
4148 again);
4149 oi->t_ls_upd_event = NULL;
4150 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4151 &oi->t_ls_upd_event);
4152 }
4153
4154 if (IS_DEBUG_OSPF_EVENT)
4155 zlog_debug("ospf_ls_upd_send_queue stop");
4156 }
4157
4158 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4159 int send_lsupd_now)
4160 {
4161 struct ospf_interface *oi;
4162 struct ospf_lsa *lsa;
4163 struct prefix_ipv4 p;
4164 struct route_node *rn;
4165 struct listnode *node;
4166
4167 oi = nbr->oi;
4168
4169 p.family = AF_INET;
4170 p.prefixlen = IPV4_MAX_BITLEN;
4171
4172 /* Decide destination address. */
4173 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4174 p.prefix = oi->vl_data->peer_addr;
4175 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4176 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4177 else if (flag == OSPF_SEND_PACKET_DIRECT)
4178 p.prefix = nbr->address.u.prefix4;
4179 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4180 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4181 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4182 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4183 else
4184 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4185
4186 if (oi->type == OSPF_IFTYPE_NBMA) {
4187 if (flag == OSPF_SEND_PACKET_INDIRECT)
4188 flog_warn(
4189 EC_OSPF_PACKET,
4190 "* LS-Update is directly sent on NBMA network.");
4191 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4192 flog_warn(EC_OSPF_PACKET,
4193 "* LS-Update is sent to myself.");
4194 }
4195
4196 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4197
4198 if (rn->info == NULL)
4199 rn->info = list_new();
4200 else
4201 route_unlock_node(rn);
4202
4203 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4204 listnode_add(rn->info,
4205 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4206 if (send_lsupd_now) {
4207 struct list *send_update_list;
4208 struct route_node *rnext;
4209
4210 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4211 rnext = route_next(rn);
4212
4213 if (rn->info == NULL)
4214 continue;
4215
4216 send_update_list = (struct list *)rn->info;
4217
4218 ospf_ls_upd_queue_send(oi, send_update_list,
4219 rn->p.u.prefix4, 1);
4220 }
4221 } else
4222 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4223 &oi->t_ls_upd_event);
4224 }
4225
4226 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4227 struct in_addr dst)
4228 {
4229 struct ospf_packet *op;
4230 uint16_t length = OSPF_HEADER_SIZE;
4231
4232 op = ospf_packet_new(oi->ifp->mtu);
4233
4234 /* Prepare OSPF common header. */
4235 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4236
4237 /* Prepare OSPF Link State Acknowledgment body. */
4238 length += ospf_make_ls_ack(oi, ack, op->s);
4239
4240 /* Fill OSPF header. */
4241 ospf_fill_header(oi, op->s, length);
4242
4243 /* Set packet length. */
4244 op->length = length;
4245
4246 /* Decide destination address. */
4247 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4248 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4249 else
4250 op->dst.s_addr = dst.s_addr;
4251
4252 /* Add packet to the interface output queue. */
4253 ospf_packet_add(oi, op);
4254
4255 /* Hook thread to write packet. */
4256 OSPF_ISM_WRITE_ON(oi->ospf);
4257 }
4258
4259 static void ospf_ls_ack_send_event(struct thread *thread)
4260 {
4261 struct ospf_interface *oi = THREAD_ARG(thread);
4262
4263 oi->t_ls_ack_direct = NULL;
4264
4265 while (listcount(oi->ls_ack_direct.ls_ack))
4266 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4267 oi->ls_ack_direct.dst);
4268 }
4269
4270 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4271 {
4272 struct ospf_interface *oi = nbr->oi;
4273
4274 if (IS_GRACE_LSA(lsa)) {
4275 if (IS_DEBUG_OSPF_GR)
4276 zlog_debug("%s, Sending GRACE ACK to Restarter.",
4277 __func__);
4278 }
4279
4280 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4281 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4282
4283 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4284
4285 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4286 &oi->t_ls_ack_direct);
4287 }
4288
4289 /* Send Link State Acknowledgment delayed. */
4290 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4291 {
4292 struct in_addr dst;
4293
4294 /* Decide destination address. */
4295 /* RFC2328 Section 13.5 On non-broadcast
4296 networks, delayed Link State Acknowledgment packets must be
4297 unicast separately over each adjacency (i.e., neighbor whose
4298 state is >= Exchange). */
4299 if (oi->type == OSPF_IFTYPE_NBMA) {
4300 struct ospf_neighbor *nbr;
4301 struct route_node *rn;
4302
4303 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4304 if ((nbr = rn->info) != NULL)
4305 if (nbr != oi->nbr_self
4306 && nbr->state >= NSM_Exchange)
4307 while (listcount(oi->ls_ack))
4308 ospf_ls_ack_send_list(
4309 oi, oi->ls_ack,
4310 nbr->address.u.prefix4);
4311 return;
4312 }
4313 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4314 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4315 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4316 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4317 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4318 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4319 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4320 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4321 else
4322 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4323
4324 while (listcount(oi->ls_ack))
4325 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4326 }
4327
4328 /*
4329 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4330 * address. As a result, the kernel does not need to learn the interface
4331 * MAC of the OSPF neighbor. However, in our world, this will delay
4332 * convergence. Take the case when due to a link flap, all routes now
4333 * want to use an interface which was deemed to be costlier prior to this
4334 * event. For routes that will be installed, the missing MAC will have
4335 * punt-to-CPU set on them. This may overload the CPU control path that
4336 * can be avoided if the MAC was known apriori.
4337 */
4338 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4339 {
4340 if (!nbr || !nbr->oi->ospf->proactive_arp)
4341 return;
4342
4343 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
4344 }
FRRouting mirror