]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ospfd: Do not turn on write thread unless we have something in it
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56
57 /*
58 * OSPF Fragmentation / fragmented writes
59 *
60 * ospfd can support writing fragmented packets, for cases where
61 * kernel will not fragment IP_HDRINCL and/or multicast destined
62 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
63 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
64 * flags fields, hence user-space fragmentation will not work.
65 * Only Linux is known to leave IP header unmolested.
66 * Further, fragmentation really should be done the kernel, which already
67 * supports it, and which avoids nasty IP ID state problems.
68 *
69 * Fragmentation of OSPF packets can be required on networks with router
70 * with many many interfaces active in one area, or on networks with links
71 * with low MTUs.
72 */
73 #ifdef GNU_LINUX
74 #define WANT_OSPF_WRITE_FRAGMENT
75 #endif
76
77 /* Packet Type String. */
78 const struct message ospf_packet_type_str[] = {
79 {OSPF_MSG_HELLO, "Hello"},
80 {OSPF_MSG_DB_DESC, "Database Description"},
81 {OSPF_MSG_LS_REQ, "Link State Request"},
82 {OSPF_MSG_LS_UPD, "Link State Update"},
83 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
84 {0}};
85
86 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
87 particular types, offset is the "type" field of a packet. */
88 static const uint16_t ospf_packet_minlen[] = {
89 0,
90 OSPF_HELLO_MIN_SIZE,
91 OSPF_DB_DESC_MIN_SIZE,
92 OSPF_LS_REQ_MIN_SIZE,
93 OSPF_LS_UPD_MIN_SIZE,
94 OSPF_LS_ACK_MIN_SIZE,
95 };
96
97 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
98 types, offset is the "LSA type" field. */
99 static const uint16_t ospf_lsa_minlen[] = {
100 0,
101 OSPF_ROUTER_LSA_MIN_SIZE,
102 OSPF_NETWORK_LSA_MIN_SIZE,
103 OSPF_SUMMARY_LSA_MIN_SIZE,
104 OSPF_SUMMARY_LSA_MIN_SIZE,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 0,
110 0,
111 0,
112 };
113
114 /* for ospf_check_auth() */
115 static int ospf_check_sum(struct ospf_header *);
116
117 /* OSPF authentication checking function */
118 static int ospf_auth_type(struct ospf_interface *oi)
119 {
120 int auth_type;
121
122 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
123 auth_type = oi->area->auth_type;
124 else
125 auth_type = OSPF_IF_PARAM(oi, auth_type);
126
127 /* Handle case where MD5 key list is not configured aka Cisco */
128 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
129 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
130 return OSPF_AUTH_NULL;
131
132 return auth_type;
133 }
134
135 struct ospf_packet *ospf_packet_new(size_t size)
136 {
137 struct ospf_packet *new;
138
139 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
140 new->s = stream_new(size);
141
142 return new;
143 }
144
145 void ospf_packet_free(struct ospf_packet *op)
146 {
147 if (op->s)
148 stream_free(op->s);
149
150 XFREE(MTYPE_OSPF_PACKET, op);
151 }
152
153 struct ospf_fifo *ospf_fifo_new(void)
154 {
155 struct ospf_fifo *new;
156
157 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
158 return new;
159 }
160
161 /* Add new packet to fifo. */
162 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
163 {
164 if (fifo->tail)
165 fifo->tail->next = op;
166 else
167 fifo->head = op;
168
169 fifo->tail = op;
170
171 fifo->count++;
172 }
173
174 /* Add new packet to head of fifo. */
175 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
176 {
177 op->next = fifo->head;
178
179 if (fifo->tail == NULL)
180 fifo->tail = op;
181
182 fifo->head = op;
183
184 fifo->count++;
185 }
186
187 /* Delete first packet from fifo. */
188 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
189 {
190 struct ospf_packet *op;
191
192 op = fifo->head;
193
194 if (op) {
195 fifo->head = op->next;
196
197 if (fifo->head == NULL)
198 fifo->tail = NULL;
199
200 fifo->count--;
201 }
202
203 return op;
204 }
205
206 /* Return first fifo entry. */
207 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
208 {
209 return fifo->head;
210 }
211
212 /* Flush ospf packet fifo. */
213 void ospf_fifo_flush(struct ospf_fifo *fifo)
214 {
215 struct ospf_packet *op;
216 struct ospf_packet *next;
217
218 for (op = fifo->head; op; op = next) {
219 next = op->next;
220 ospf_packet_free(op);
221 }
222 fifo->head = fifo->tail = NULL;
223 fifo->count = 0;
224 }
225
226 /* Free ospf packet fifo. */
227 void ospf_fifo_free(struct ospf_fifo *fifo)
228 {
229 ospf_fifo_flush(fifo);
230
231 XFREE(MTYPE_OSPF_FIFO, fifo);
232 }
233
234 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
235 {
236 if (!oi->obuf) {
237 flog_err(
238 EC_OSPF_PKT_PROCESS,
239 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
240 "destination %s) called with NULL obuf, ignoring "
241 "(please report this bug)!\n",
242 IF_NAME(oi), oi->state,
243 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
244 lookup_msg(ospf_packet_type_str,
245 stream_getc_from(op->s, 1), NULL),
246 inet_ntoa(op->dst));
247 return;
248 }
249
250 /* Add packet to end of queue. */
251 ospf_fifo_push(oi->obuf, op);
252
253 /* Debug of packet fifo*/
254 /* ospf_fifo_debug (oi->obuf); */
255 }
256
257 static void ospf_packet_add_top(struct ospf_interface *oi,
258 struct ospf_packet *op)
259 {
260 if (!oi->obuf) {
261 flog_err(
262 EC_OSPF_PKT_PROCESS,
263 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
264 "destination %s) called with NULL obuf, ignoring "
265 "(please report this bug)!\n",
266 IF_NAME(oi), oi->state,
267 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
268 lookup_msg(ospf_packet_type_str,
269 stream_getc_from(op->s, 1), NULL),
270 inet_ntoa(op->dst));
271 return;
272 }
273
274 /* Add packet to head of queue. */
275 ospf_fifo_push_head(oi->obuf, op);
276
277 /* Debug of packet fifo*/
278 /* ospf_fifo_debug (oi->obuf); */
279 }
280
281 void ospf_packet_delete(struct ospf_interface *oi)
282 {
283 struct ospf_packet *op;
284
285 op = ospf_fifo_pop(oi->obuf);
286
287 if (op)
288 ospf_packet_free(op);
289 }
290
291 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
292 {
293 struct ospf_packet *new;
294
295 if (stream_get_endp(op->s) != op->length)
296 /* XXX size_t */
297 zlog_debug(
298 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
299 (unsigned long)STREAM_SIZE(op->s), op->length);
300
301 /* Reserve space for MD5 authentication that may be added later. */
302 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
303 stream_copy(new->s, op->s);
304
305 new->dst = op->dst;
306 new->length = op->length;
307
308 return new;
309 }
310
311 /* XXX inline */
312 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
313 {
314 int auth = 0;
315
316 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
317 auth = OSPF_AUTH_MD5_SIZE;
318
319 return auth;
320 }
321
322 static unsigned int ospf_packet_max(struct ospf_interface *oi)
323 {
324 int max;
325
326 max = oi->ifp->mtu - ospf_packet_authspace(oi);
327
328 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
329
330 return max;
331 }
332
333
334 static int ospf_check_md5_digest(struct ospf_interface *oi,
335 struct ospf_header *ospfh)
336 {
337 #ifdef CRYPTO_OPENSSL
338 EVP_MD_CTX *ctx;
339 #elif CRYPTO_INTERNAL
340 MD5_CTX ctx;
341 #endif
342 unsigned char digest[OSPF_AUTH_MD5_SIZE];
343 struct crypt_key *ck;
344 struct ospf_neighbor *nbr;
345 uint16_t length = ntohs(ospfh->length);
346
347 /* Get secret key. */
348 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
349 ospfh->u.crypt.key_id);
350 if (ck == NULL) {
351 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
352 IF_NAME(oi), ospfh->u.crypt.key_id);
353 return 0;
354 }
355
356 /* check crypto seqnum. */
357 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
358
359 if (nbr
360 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
361 flog_warn(
362 EC_OSPF_MD5,
363 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
364 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
365 ntohl(nbr->crypt_seqnum));
366 return 0;
367 }
368
369 /* Generate a digest for the ospf packet - their digest + our digest. */
370 #ifdef CRYPTO_OPENSSL
371 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
372 ctx = EVP_MD_CTX_new();
373 EVP_DigestInit(ctx, EVP_md5());
374 EVP_DigestUpdate(ctx, ospfh, length);
375 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
376 EVP_DigestFinal(ctx, digest, &md5_size);
377 EVP_MD_CTX_free(ctx);
378 #elif CRYPTO_INTERNAL
379 memset(&ctx, 0, sizeof(ctx));
380 MD5Init(&ctx);
381 MD5Update(&ctx, ospfh, length);
382 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
383 MD5Final(digest, &ctx);
384 #endif
385
386 /* compare the two */
387 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
388 flog_warn(EC_OSPF_MD5,
389 "interface %s: ospf_check_md5 checksum mismatch",
390 IF_NAME(oi));
391 return 0;
392 }
393
394 /* save neighbor's crypt_seqnum */
395 if (nbr)
396 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
397 return 1;
398 }
399
400 /* This function is called from ospf_write(), it will detect the
401 authentication scheme and if it is MD5, it will change the sequence
402 and update the MD5 digest. */
403 static int ospf_make_md5_digest(struct ospf_interface *oi,
404 struct ospf_packet *op)
405 {
406 struct ospf_header *ospfh;
407 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
408 #ifdef CRYPTO_OPENSSL
409 EVP_MD_CTX *ctx;
410 #elif CRYPTO_INTERNAL
411 MD5_CTX ctx;
412 #endif
413 void *ibuf;
414 uint32_t t;
415 struct crypt_key *ck;
416 const uint8_t *auth_key;
417
418 ibuf = STREAM_DATA(op->s);
419 ospfh = (struct ospf_header *)ibuf;
420
421 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
422 return 0;
423
424 /* We do this here so when we dup a packet, we don't have to
425 waste CPU rewriting other headers.
426
427 Note that quagga_time /deliberately/ is not used here */
428 t = (time(NULL) & 0xFFFFFFFF);
429 if (t > oi->crypt_seqnum)
430 oi->crypt_seqnum = t;
431 else
432 oi->crypt_seqnum++;
433
434 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
435
436 /* Get MD5 Authentication key from auth_key list. */
437 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
438 auth_key = (const uint8_t *)digest;
439 else {
440 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
441 auth_key = ck->auth_key;
442 }
443
444 /* Generate a digest for the entire packet + our secret key. */
445 #ifdef CRYPTO_OPENSSL
446 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
447 ctx = EVP_MD_CTX_new();
448 EVP_DigestInit(ctx, EVP_md5());
449 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
450 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
451 EVP_DigestFinal(ctx, digest, &md5_size);
452 EVP_MD_CTX_free(ctx);
453 #elif CRYPTO_INTERNAL
454 memset(&ctx, 0, sizeof(ctx));
455 MD5Init(&ctx);
456 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
457 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
458 MD5Final(digest, &ctx);
459 #endif
460
461 /* Append md5 digest to the end of the stream. */
462 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
463
464 /* We do *NOT* increment the OSPF header length. */
465 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
466
467 if (stream_get_endp(op->s) != op->length)
468 /* XXX size_t */
469 flog_warn(
470 EC_OSPF_MD5,
471 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
472 (unsigned long)stream_get_endp(op->s), op->length);
473
474 return OSPF_AUTH_MD5_SIZE;
475 }
476
477
478 static int ospf_ls_req_timer(struct thread *thread)
479 {
480 struct ospf_neighbor *nbr;
481
482 nbr = THREAD_ARG(thread);
483 nbr->t_ls_req = NULL;
484
485 /* Send Link State Request. */
486 if (ospf_ls_request_count(nbr))
487 ospf_ls_req_send(nbr);
488
489 /* Set Link State Request retransmission timer. */
490 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
491
492 return 0;
493 }
494
495 void ospf_ls_req_event(struct ospf_neighbor *nbr)
496 {
497 if (nbr->t_ls_req) {
498 thread_cancel(nbr->t_ls_req);
499 nbr->t_ls_req = NULL;
500 }
501 nbr->t_ls_req = NULL;
502 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
503 }
504
505 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
506 ospf_neighbor.c */
507 int ospf_ls_upd_timer(struct thread *thread)
508 {
509 struct ospf_neighbor *nbr;
510
511 nbr = THREAD_ARG(thread);
512 nbr->t_ls_upd = NULL;
513
514 /* Send Link State Update. */
515 if (ospf_ls_retransmit_count(nbr) > 0) {
516 struct list *update;
517 struct ospf_lsdb *lsdb;
518 int i;
519 int retransmit_interval;
520
521 retransmit_interval =
522 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
523
524 lsdb = &nbr->ls_rxmt;
525 update = list_new();
526
527 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
528 struct route_table *table = lsdb->type[i].db;
529 struct route_node *rn;
530
531 for (rn = route_top(table); rn; rn = route_next(rn)) {
532 struct ospf_lsa *lsa;
533
534 if ((lsa = rn->info) != NULL) {
535 /* Don't retransmit an LSA if we
536 received it within
537 the last RxmtInterval seconds - this
538 is to allow the
539 neighbour a chance to acknowledge the
540 LSA as it may
541 have ben just received before the
542 retransmit timer
543 fired. This is a small tweak to what
544 is in the RFC,
545 but it will cut out out a lot of
546 retransmit traffic
547 - MAG */
548 if (monotime_since(&lsa->tv_recv, NULL)
549 >= retransmit_interval * 1000000LL)
550 listnode_add(update, rn->info);
551 }
552 }
553 }
554
555 if (listcount(update) > 0)
556 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
557 0);
558 list_delete(&update);
559 }
560
561 /* Set LS Update retransmission timer. */
562 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
563
564 return 0;
565 }
566
567 int ospf_ls_ack_timer(struct thread *thread)
568 {
569 struct ospf_interface *oi;
570
571 oi = THREAD_ARG(thread);
572 oi->t_ls_ack = NULL;
573
574 /* Send Link State Acknowledgment. */
575 if (listcount(oi->ls_ack) > 0)
576 ospf_ls_ack_send_delayed(oi);
577
578 /* Set LS Ack timer. */
579 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
580
581 return 0;
582 }
583
584 #ifdef WANT_OSPF_WRITE_FRAGMENT
585 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
586 struct msghdr *msg, unsigned int maxdatasize,
587 unsigned int mtu, int flags, uint8_t type)
588 {
589 #define OSPF_WRITE_FRAG_SHIFT 3
590 uint16_t offset;
591 struct iovec *iovp;
592 int ret;
593
594 assert(op->length == stream_get_endp(op->s));
595 assert(msg->msg_iovlen == 2);
596
597 /* we can but try.
598 *
599 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
600 * well as the IP_MF flag, making this all quite pointless.
601 *
602 * However, for a system on which IP_MF is left alone, and ip_id left
603 * alone or else which sets same ip_id for each fragment this might
604 * work, eg linux.
605 *
606 * XXX-TODO: It would be much nicer to have the kernel's use their
607 * existing fragmentation support to do this for us. Bugs/RFEs need to
608 * be raised against the various kernels.
609 */
610
611 /* set More Frag */
612 iph->ip_off |= IP_MF;
613
614 /* ip frag offset is expressed in units of 8byte words */
615 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
616
617 iovp = &msg->msg_iov[1];
618
619 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
620 > maxdatasize) {
621 /* data length of this frag is to next offset value */
622 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
623 iph->ip_len = iovp->iov_len + sizeof(struct ip);
624 assert(iph->ip_len <= mtu);
625
626 sockopt_iphdrincl_swab_htosys(iph);
627
628 ret = sendmsg(fd, msg, flags);
629
630 sockopt_iphdrincl_swab_systoh(iph);
631
632 if (ret < 0)
633 flog_err(
634 EC_LIB_SOCKET,
635 "*** ospf_write_frags: sendmsg failed to %s,"
636 " id %d, off %d, len %d, mtu %u failed with %s",
637 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
638 iph->ip_len, mtu, safe_strerror(errno));
639
640 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
641 zlog_debug(
642 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
643 iph->ip_id, iph->ip_off, iph->ip_len,
644 inet_ntoa(iph->ip_dst));
645 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
646 zlog_debug(
647 "-----------------IP Header Dump----------------------");
648 ospf_ip_header_dump(iph);
649 zlog_debug(
650 "-----------------------------------------------------");
651 }
652 }
653
654 iph->ip_off += offset;
655 stream_forward_getp(op->s, iovp->iov_len);
656 iovp->iov_base = stream_pnt(op->s);
657 }
658
659 /* setup for final fragment */
660 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
661 iph->ip_len = iovp->iov_len + sizeof(struct ip);
662 iph->ip_off &= (~IP_MF);
663 }
664 #endif /* WANT_OSPF_WRITE_FRAGMENT */
665
666 static int ospf_write(struct thread *thread)
667 {
668 struct ospf *ospf = THREAD_ARG(thread);
669 struct ospf_interface *oi;
670 struct ospf_interface *last_serviced_oi = NULL;
671 struct ospf_packet *op;
672 struct sockaddr_in sa_dst;
673 struct ip iph;
674 struct msghdr msg;
675 struct iovec iov[2];
676 uint8_t type;
677 int ret;
678 int flags = 0;
679 struct listnode *node;
680 #ifdef WANT_OSPF_WRITE_FRAGMENT
681 static uint16_t ipid = 0;
682 uint16_t maxdatasize;
683 #endif /* WANT_OSPF_WRITE_FRAGMENT */
684 #define OSPF_WRITE_IPHL_SHIFT 2
685 int pkt_count = 0;
686
687 #ifdef GNU_LINUX
688 unsigned char cmsgbuf[64] = {};
689 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
690 struct in_pktinfo *pi;
691 #endif
692
693 if (ospf->fd < 0 || ospf->oi_running == 0) {
694 if (IS_DEBUG_OSPF_EVENT)
695 zlog_debug(
696 "ospf_write failed to send, fd %d, instance %u"
697 ,ospf->fd, ospf->oi_running);
698 return -1;
699 }
700
701 node = listhead(ospf->oi_write_q);
702 assert(node);
703 oi = listgetdata(node);
704
705 #ifdef WANT_OSPF_WRITE_FRAGMENT
706 /* seed ipid static with low order bits of time */
707 if (ipid == 0)
708 ipid = (time(NULL) & 0xffff);
709 #endif /* WANT_OSPF_WRITE_FRAGMENT */
710
711 while ((pkt_count < ospf->write_oi_count) && oi
712 && (last_serviced_oi != oi)) {
713 /* If there is only packet in the queue, the oi is removed from
714 write-q, so fix up the last interface that was serviced */
715 if (last_serviced_oi == NULL) {
716 last_serviced_oi = oi;
717 }
718 pkt_count++;
719 #ifdef WANT_OSPF_WRITE_FRAGMENT
720 /* convenience - max OSPF data per packet */
721 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
722 #endif /* WANT_OSPF_WRITE_FRAGMENT */
723 /* Get one packet from queue. */
724 op = ospf_fifo_head(oi->obuf);
725 assert(op);
726 assert(op->length >= OSPF_HEADER_SIZE);
727
728 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
729 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
730 ospf_if_ipmulticast(ospf, oi->address,
731 oi->ifp->ifindex);
732
733 /* Rewrite the md5 signature & update the seq */
734 ospf_make_md5_digest(oi, op);
735
736 /* Retrieve OSPF packet type. */
737 stream_set_getp(op->s, 1);
738 type = stream_getc(op->s);
739
740 /* reset get pointer */
741 stream_set_getp(op->s, 0);
742
743 memset(&iph, 0, sizeof(struct ip));
744 memset(&sa_dst, 0, sizeof(sa_dst));
745
746 sa_dst.sin_family = AF_INET;
747 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
748 sa_dst.sin_len = sizeof(sa_dst);
749 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
750 sa_dst.sin_addr = op->dst;
751 sa_dst.sin_port = htons(0);
752
753 /* Set DONTROUTE flag if dst is unicast. */
754 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
755 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
756 flags = MSG_DONTROUTE;
757
758 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
759 /* it'd be very strange for header to not be 4byte-word aligned
760 * but.. */
761 if (sizeof(struct ip)
762 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
763 iph.ip_hl++; /* we presume sizeof struct ip cant
764 overflow ip_hl.. */
765
766 iph.ip_v = IPVERSION;
767 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
768 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
769
770 #if defined(__DragonFly__)
771 /*
772 * DragonFly's raw socket expects ip_len/ip_off in network byte
773 * order.
774 */
775 iph.ip_len = htons(iph.ip_len);
776 #endif
777
778 #ifdef WANT_OSPF_WRITE_FRAGMENT
779 /* XXX-MT: not thread-safe at all..
780 * XXX: this presumes this is only programme sending OSPF
781 * packets
782 * otherwise, no guarantee ipid will be unique
783 */
784 iph.ip_id = ++ipid;
785 #endif /* WANT_OSPF_WRITE_FRAGMENT */
786
787 iph.ip_off = 0;
788 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
789 iph.ip_ttl = OSPF_VL_IP_TTL;
790 else
791 iph.ip_ttl = OSPF_IP_TTL;
792 iph.ip_p = IPPROTO_OSPFIGP;
793 iph.ip_sum = 0;
794 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
795 iph.ip_dst.s_addr = op->dst.s_addr;
796
797 memset(&msg, 0, sizeof(msg));
798 msg.msg_name = (caddr_t)&sa_dst;
799 msg.msg_namelen = sizeof(sa_dst);
800 msg.msg_iov = iov;
801 msg.msg_iovlen = 2;
802
803 iov[0].iov_base = (char *)&iph;
804 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
805 iov[1].iov_base = stream_pnt(op->s);
806 iov[1].iov_len = op->length;
807
808 #ifdef GNU_LINUX
809 msg.msg_control = (caddr_t)cm;
810 cm->cmsg_level = SOL_IP;
811 cm->cmsg_type = IP_PKTINFO;
812 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
813 pi = (struct in_pktinfo *)CMSG_DATA(cm);
814 pi->ipi_ifindex = oi->ifp->ifindex;
815
816 msg.msg_controllen = cm->cmsg_len;
817 #endif
818
819 /* Sadly we can not rely on kernels to fragment packets
820 * because of either IP_HDRINCL and/or multicast
821 * destination being set.
822 */
823
824 #ifdef WANT_OSPF_WRITE_FRAGMENT
825 if (op->length > maxdatasize)
826 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
827 oi->ifp->mtu, flags, type);
828 #endif /* WANT_OSPF_WRITE_FRAGMENT */
829
830 /* send final fragment (could be first) */
831 sockopt_iphdrincl_swab_htosys(&iph);
832 ret = sendmsg(ospf->fd, &msg, flags);
833 sockopt_iphdrincl_swab_systoh(&iph);
834 if (IS_DEBUG_OSPF_EVENT)
835 zlog_debug(
836 "ospf_write to %s, "
837 "id %d, off %d, len %d, interface %s, mtu %u:",
838 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
839 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
840
841 if (ret < 0)
842 flog_err(
843 EC_LIB_SOCKET,
844 "*** sendmsg in ospf_write failed to %s, "
845 "id %d, off %d, len %d, interface %s, mtu %u: %s",
846 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
847 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
848 safe_strerror(errno));
849
850 /* Show debug sending packet. */
851 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
852 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
853 zlog_debug(
854 "-----------------------------------------------------");
855 ospf_ip_header_dump(&iph);
856 stream_set_getp(op->s, 0);
857 ospf_packet_dump(op->s);
858 }
859
860 zlog_debug("%s sent to [%s] via [%s].",
861 lookup_msg(ospf_packet_type_str, type, NULL),
862 inet_ntoa(op->dst), IF_NAME(oi));
863
864 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
865 zlog_debug(
866 "-----------------------------------------------------");
867 }
868
869 switch (type) {
870 case OSPF_MSG_HELLO:
871 oi->hello_out++;
872 break;
873 case OSPF_MSG_DB_DESC:
874 oi->db_desc_out++;
875 break;
876 case OSPF_MSG_LS_REQ:
877 oi->ls_req_out++;
878 break;
879 case OSPF_MSG_LS_UPD:
880 oi->ls_upd_out++;
881 break;
882 case OSPF_MSG_LS_ACK:
883 oi->ls_ack_out++;
884 break;
885 default:
886 break;
887 }
888
889 /* Now delete packet from queue. */
890 ospf_packet_delete(oi);
891
892 /* Move this interface to the tail of write_q to
893 serve everyone in a round robin fashion */
894 list_delete_node(ospf->oi_write_q, node);
895 if (ospf_fifo_head(oi->obuf) == NULL) {
896 oi->on_write_q = 0;
897 last_serviced_oi = NULL;
898 oi = NULL;
899 } else {
900 listnode_add(ospf->oi_write_q, oi);
901 }
902
903 /* Setup to service from the head of the queue again */
904 if (!list_isempty(ospf->oi_write_q)) {
905 node = listhead(ospf->oi_write_q);
906 oi = listgetdata(node);
907 }
908 }
909
910 /* If packets still remain in queue, call write thread. */
911 if (!list_isempty(ospf->oi_write_q))
912 thread_add_write(master, ospf_write, ospf, ospf->fd,
913 &ospf->t_write);
914
915 return 0;
916 }
917
918 /* OSPF Hello message read -- RFC2328 Section 10.5. */
919 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
920 struct stream *s, struct ospf_interface *oi, int size)
921 {
922 struct ospf_hello *hello;
923 struct ospf_neighbor *nbr;
924 int old_state;
925 struct prefix p;
926
927 /* increment statistics. */
928 oi->hello_in++;
929
930 hello = (struct ospf_hello *)stream_pnt(s);
931
932 /* If Hello is myself, silently discard. */
933 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
934 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
935 zlog_debug(
936 "ospf_header[%s/%s]: selforiginated, "
937 "dropping.",
938 lookup_msg(ospf_packet_type_str, ospfh->type,
939 NULL),
940 inet_ntoa(iph->ip_src));
941 }
942 return;
943 }
944
945 /* get neighbor prefix. */
946 p.family = AF_INET;
947 p.prefixlen = ip_masklen(hello->network_mask);
948 p.u.prefix4 = iph->ip_src;
949
950 /* Compare network mask. */
951 /* Checking is ignored for Point-to-Point and Virtual link. */
952 if (oi->type != OSPF_IFTYPE_POINTOPOINT
953 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
954 if (oi->address->prefixlen != p.prefixlen) {
955 flog_warn(
956 EC_OSPF_PACKET,
957 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
958 inet_ntoa(ospfh->router_id), IF_NAME(oi),
959 (int)oi->address->prefixlen, (int)p.prefixlen);
960 return;
961 }
962
963 /* Compare Router Dead Interval. */
964 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
965 flog_warn(EC_OSPF_PACKET,
966 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
967 "(expected %u, but received %u).",
968 inet_ntoa(ospfh->router_id),
969 OSPF_IF_PARAM(oi, v_wait),
970 ntohl(hello->dead_interval));
971 return;
972 }
973
974 /* Compare Hello Interval - ignored if fast-hellos are set. */
975 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
976 if (OSPF_IF_PARAM(oi, v_hello)
977 != ntohs(hello->hello_interval)) {
978 flog_warn(
979 EC_OSPF_PACKET,
980 "Packet %s [Hello:RECV]: HelloInterval mismatch "
981 "(expected %u, but received %u).",
982 inet_ntoa(ospfh->router_id),
983 OSPF_IF_PARAM(oi, v_hello),
984 ntohs(hello->hello_interval));
985 return;
986 }
987 }
988
989 if (IS_DEBUG_OSPF_EVENT)
990 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
991 inet_ntoa(ospfh->router_id),
992 ospf_options_dump(hello->options),
993 ospf_vrf_id_to_name(oi->ospf->vrf_id));
994
995 /* Compare options. */
996 #define REJECT_IF_TBIT_ON 1 /* XXX */
997 #ifdef REJECT_IF_TBIT_ON
998 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
999 /*
1000 * This router does not support non-zero TOS.
1001 * Drop this Hello packet not to establish neighbor
1002 * relationship.
1003 */
1004 flog_warn(EC_OSPF_PACKET,
1005 "Packet %s [Hello:RECV]: T-bit on, drop it.",
1006 inet_ntoa(ospfh->router_id));
1007 return;
1008 }
1009 #endif /* REJECT_IF_TBIT_ON */
1010
1011 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
1012 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
1013 /*
1014 * This router does know the correct usage of O-bit
1015 * the bit should be set in DD packet only.
1016 */
1017 flog_warn(EC_OSPF_PACKET,
1018 "Packet %s [Hello:RECV]: O-bit abuse?",
1019 inet_ntoa(ospfh->router_id));
1020 #ifdef STRICT_OBIT_USAGE_CHECK
1021 return; /* Reject this packet. */
1022 #else /* STRICT_OBIT_USAGE_CHECK */
1023 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
1024 #endif /* STRICT_OBIT_USAGE_CHECK */
1025 }
1026
1027 /* new for NSSA is to ensure that NP is on and E is off */
1028
1029 if (oi->area->external_routing == OSPF_AREA_NSSA) {
1030 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1031 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1032 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1033 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
1034 flog_warn(
1035 EC_OSPF_PACKET,
1036 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1037 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1038 hello->options);
1039 return;
1040 }
1041 if (IS_DEBUG_OSPF_NSSA)
1042 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1043 inet_ntoa(ospfh->router_id));
1044 } else
1045 /* The setting of the E-bit found in the Hello Packet's Options
1046 field must match this area's ExternalRoutingCapability A
1047 mismatch causes processing to stop and the packet to be
1048 dropped. The setting of the rest of the bits in the Hello
1049 Packet's Options field should be ignored. */
1050 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1051 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1052 flog_warn(
1053 EC_OSPF_PACKET,
1054 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1055 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1056 hello->options);
1057 return;
1058 }
1059
1060 /* get neighbour struct */
1061 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1062
1063 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1064 assert(nbr);
1065
1066 old_state = nbr->state;
1067
1068 /* Add event to thread. */
1069 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1070
1071 /* RFC2328 Section 9.5.1
1072 If the router is not eligible to become Designated Router,
1073 (snip) It must also send an Hello Packet in reply to an
1074 Hello Packet received from any eligible neighbor (other than
1075 the current Designated Router and Backup Designated Router). */
1076 if (oi->type == OSPF_IFTYPE_NBMA)
1077 if (PRIORITY(oi) == 0 && hello->priority > 0
1078 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1079 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1080 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1081 ospf_hello_reply_timer,
1082 OSPF_HELLO_REPLY_DELAY);
1083
1084 /* on NBMA network type, it happens to receive bidirectional Hello
1085 packet
1086 without advance 1-Way Received event.
1087 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1088 if (oi->type == OSPF_IFTYPE_NBMA
1089 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1090 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1091 nbr->priority = hello->priority;
1092 nbr->d_router = hello->d_router;
1093 nbr->bd_router = hello->bd_router;
1094 return;
1095 }
1096
1097 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1098 size - OSPF_HELLO_MIN_SIZE)) {
1099 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1100 nbr->options |= hello->options;
1101 } else {
1102 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1103 /* Set neighbor information. */
1104 nbr->priority = hello->priority;
1105 nbr->d_router = hello->d_router;
1106 nbr->bd_router = hello->bd_router;
1107 return;
1108 }
1109
1110 /* If neighbor itself declares DR and no BDR exists,
1111 cause event BackupSeen */
1112 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1113 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1114 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1115
1116 /* neighbor itself declares BDR. */
1117 if (oi->state == ISM_Waiting
1118 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1119 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1120
1121 /* had not previously. */
1122 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1123 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1124 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1125 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1126 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1127
1128 /* had not previously. */
1129 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1130 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1131 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1132 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1133 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1134
1135 /* Neighbor priority check. */
1136 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1137 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1138
1139 /* Set neighbor information. */
1140 nbr->priority = hello->priority;
1141 nbr->d_router = hello->d_router;
1142 nbr->bd_router = hello->bd_router;
1143 }
1144
1145 /* Save DD flags/options/Seqnum received. */
1146 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1147 struct ospf_db_desc *dd)
1148 {
1149 nbr->last_recv.flags = dd->flags;
1150 nbr->last_recv.options = dd->options;
1151 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1152 }
1153
1154 /* Process rest of DD packet. */
1155 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1156 struct ospf_neighbor *nbr,
1157 struct ospf_db_desc *dd, uint16_t size)
1158 {
1159 struct ospf_lsa *new, *find;
1160 struct lsa_header *lsah;
1161
1162 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1163 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1164 size -= OSPF_LSA_HEADER_SIZE) {
1165 lsah = (struct lsa_header *)stream_pnt(s);
1166 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1167
1168 /* Unknown LS type. */
1169 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1170 flog_warn(EC_OSPF_PACKET,
1171 "Packet [DD:RECV]: Unknown LS type %d.",
1172 lsah->type);
1173 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1174 return;
1175 }
1176
1177 if (IS_OPAQUE_LSA(lsah->type)
1178 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1179 flog_warn(EC_OSPF_PACKET,
1180 "LSA[Type%d:%s]: Opaque capability mismatch?",
1181 lsah->type, inet_ntoa(lsah->id));
1182 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1183 return;
1184 }
1185
1186 switch (lsah->type) {
1187 case OSPF_AS_EXTERNAL_LSA:
1188 case OSPF_OPAQUE_AS_LSA:
1189 /* Check for stub area. Reject if AS-External from stub
1190 but
1191 allow if from NSSA. */
1192 if (oi->area->external_routing == OSPF_AREA_STUB) {
1193 flog_warn(
1194 EC_OSPF_PACKET,
1195 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1196 lsah->type, inet_ntoa(lsah->id),
1197 (oi->area->external_routing
1198 == OSPF_AREA_STUB)
1199 ? "STUB"
1200 : "NSSA");
1201 OSPF_NSM_EVENT_SCHEDULE(nbr,
1202 NSM_SeqNumberMismatch);
1203 return;
1204 }
1205 break;
1206 default:
1207 break;
1208 }
1209
1210 /* Create LS-request object. */
1211 new = ospf_ls_request_new(lsah);
1212
1213 /* Lookup received LSA, then add LS request list. */
1214 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1215
1216 /* ospf_lsa_more_recent is fine with NULL pointers */
1217 switch (ospf_lsa_more_recent(find, new)) {
1218 case -1:
1219 /* Neighbour has a more recent LSA, we must request it
1220 */
1221 ospf_ls_request_add(nbr, new);
1222 /* fallthru */
1223 case 0:
1224 /* If we have a copy of this LSA, it's either less
1225 * recent
1226 * and we're requesting it from neighbour (the case
1227 * above), or
1228 * it's as recent and we both have same copy (this
1229 * case).
1230 *
1231 * In neither of these two cases is there any point in
1232 * describing our copy of the LSA to the neighbour in a
1233 * DB-Summary packet, if we're still intending to do so.
1234 *
1235 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1236 * backward compatible optimisation to OSPF DB Exchange
1237 * /
1238 * DB Description process implemented here.
1239 */
1240 if (find)
1241 ospf_lsdb_delete(&nbr->db_sum, find);
1242 ospf_lsa_discard(new);
1243 break;
1244 default:
1245 /* We have the more recent copy, nothing specific to do:
1246 * - no need to request neighbours stale copy
1247 * - must leave DB summary list copy alone
1248 */
1249 if (IS_DEBUG_OSPF_EVENT)
1250 zlog_debug(
1251 "Packet [DD:RECV]: LSA received Type %d, "
1252 "ID %s is not recent.",
1253 lsah->type, inet_ntoa(lsah->id));
1254 ospf_lsa_discard(new);
1255 }
1256 }
1257
1258 /* Master */
1259 if (IS_SET_DD_MS(nbr->dd_flags)) {
1260 nbr->dd_seqnum++;
1261
1262 /* Both sides have no More, then we're done with Exchange */
1263 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1264 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1265 else
1266 ospf_db_desc_send(nbr);
1267 }
1268 /* Slave */
1269 else {
1270 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1271
1272 /* Send DD packet in reply.
1273 *
1274 * Must be done to acknowledge the Master's DD, regardless of
1275 * whether we have more LSAs ourselves to describe.
1276 *
1277 * This function will clear the 'More' bit, if after this DD
1278 * we have no more LSAs to describe to the master..
1279 */
1280 ospf_db_desc_send(nbr);
1281
1282 /* Slave can raise ExchangeDone now, if master is also done */
1283 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1284 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1285 }
1286
1287 /* Save received neighbor values from DD. */
1288 ospf_db_desc_save_current(nbr, dd);
1289
1290 if (!nbr->t_ls_req)
1291 ospf_ls_req_send(nbr);
1292 }
1293
1294 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1295 struct ospf_neighbor *nbr)
1296 {
1297 /* Is DD duplicated? */
1298 if (dd->options == nbr->last_recv.options
1299 && dd->flags == nbr->last_recv.flags
1300 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1301 return 1;
1302
1303 return 0;
1304 }
1305
1306 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1307 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1308 struct stream *s, struct ospf_interface *oi,
1309 uint16_t size)
1310 {
1311 struct ospf_db_desc *dd;
1312 struct ospf_neighbor *nbr;
1313
1314 /* Increment statistics. */
1315 oi->db_desc_in++;
1316
1317 dd = (struct ospf_db_desc *)stream_pnt(s);
1318
1319 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1320 if (nbr == NULL) {
1321 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
1322 inet_ntoa(ospfh->router_id));
1323 return;
1324 }
1325
1326 /* Check MTU. */
1327 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1328 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1329 flog_warn(
1330 EC_OSPF_PACKET,
1331 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1332 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1333 oi->ifp->mtu);
1334 return;
1335 }
1336
1337 /*
1338 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1339 * not
1340 * required. In fact at least JunOS sends DD packets with P bit clear.
1341 * Until proper solution is developped, this hack should help.
1342 *
1343 * Update: According to the RFCs, N bit is specified /only/ for Hello
1344 * options, unfortunately its use in DD options is not specified. Hence
1345 * some
1346 * implementations follow E-bit semantics and set it in DD options, and
1347 * some
1348 * treat it as unspecified and hence follow the directive "default for
1349 * options is clear", ie unset.
1350 *
1351 * Reset the flag, as ospfd follows E-bit semantics.
1352 */
1353 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1354 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1355 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1356 if (IS_DEBUG_OSPF_EVENT)
1357 zlog_debug(
1358 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1359 inet_ntoa(nbr->router_id));
1360 SET_FLAG(dd->options, OSPF_OPTION_NP);
1361 }
1362
1363 #ifdef REJECT_IF_TBIT_ON
1364 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1365 /*
1366 * In Hello protocol, optional capability must have checked
1367 * to prevent this T-bit enabled router be my neighbor.
1368 */
1369 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
1370 inet_ntoa(nbr->router_id));
1371 return;
1372 }
1373 #endif /* REJECT_IF_TBIT_ON */
1374
1375 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1376 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1377 /*
1378 * This node is not configured to handle O-bit, for now.
1379 * Clear it to ignore unsupported capability proposed by
1380 * neighbor.
1381 */
1382 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1383 }
1384
1385 /* Add event to thread. */
1386 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1387
1388 /* Process DD packet by neighbor status. */
1389 switch (nbr->state) {
1390 case NSM_Down:
1391 case NSM_Attempt:
1392 case NSM_TwoWay:
1393 flog_warn(
1394 EC_OSPF_PACKET,
1395 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1396 inet_ntoa(nbr->router_id),
1397 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1398 break;
1399 case NSM_Init:
1400 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1401 /* If the new state is ExStart, the processing of the current
1402 packet should then continue in this new state by falling
1403 through to case ExStart below. */
1404 if (nbr->state != NSM_ExStart)
1405 break;
1406 /* fallthru */
1407 case NSM_ExStart:
1408 /* Initial DBD */
1409 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1410 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1411 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1412 > 0) {
1413 /* We're Slave---obey */
1414 if (CHECK_FLAG(oi->ospf->config,
1415 OSPF_LOG_ADJACENCY_DETAIL))
1416 zlog_info(
1417 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1418 inet_ntoa(nbr->router_id));
1419
1420 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1421
1422 /* Reset I/MS */
1423 UNSET_FLAG(nbr->dd_flags,
1424 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1425 } else {
1426 /* We're Master, ignore the initial DBD from
1427 * Slave */
1428 if (CHECK_FLAG(oi->ospf->config,
1429 OSPF_LOG_ADJACENCY_DETAIL))
1430 zlog_info(
1431 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1432 "ignoring.",
1433 inet_ntoa(nbr->router_id));
1434 break;
1435 }
1436 }
1437 /* Ack from the Slave */
1438 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1439 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1440 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1441 < 0) {
1442 zlog_info(
1443 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1444 inet_ntoa(nbr->router_id));
1445 /* Reset I, leaving MS */
1446 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1447 } else {
1448 flog_warn(EC_OSPF_PACKET,
1449 "Packet[DD]: Neighbor %s Negotiation fails.",
1450 inet_ntoa(nbr->router_id));
1451 break;
1452 }
1453
1454 /* This is where the real Options are saved */
1455 nbr->options = dd->options;
1456
1457 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1458 if (IS_DEBUG_OSPF_EVENT)
1459 zlog_debug(
1460 "Neighbor[%s] is %sOpaque-capable.",
1461 inet_ntoa(nbr->router_id),
1462 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1463 ? ""
1464 : "NOT ");
1465
1466 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1467 && IPV4_ADDR_SAME(&DR(oi),
1468 &nbr->address.u.prefix4)) {
1469 flog_warn(
1470 EC_OSPF_PACKET,
1471 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1472 inet_ntoa(nbr->router_id));
1473 /* This situation is undesirable, but not a real
1474 * error. */
1475 }
1476 }
1477
1478 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1479
1480 /* continue processing rest of packet. */
1481 ospf_db_desc_proc(s, oi, nbr, dd, size);
1482 break;
1483 case NSM_Exchange:
1484 if (ospf_db_desc_is_dup(dd, nbr)) {
1485 if (IS_SET_DD_MS(nbr->dd_flags))
1486 /* Master: discard duplicated DD packet. */
1487 zlog_info(
1488 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1489 inet_ntoa(nbr->router_id));
1490 else
1491 /* Slave: cause to retransmit the last Database
1492 Description. */
1493 {
1494 zlog_info(
1495 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1496 inet_ntoa(nbr->router_id));
1497 ospf_db_desc_resend(nbr);
1498 }
1499 break;
1500 }
1501
1502 /* Otherwise DD packet should be checked. */
1503 /* Check Master/Slave bit mismatch */
1504 if (IS_SET_DD_MS(dd->flags)
1505 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1506 flog_warn(EC_OSPF_PACKET,
1507 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1508 inet_ntoa(nbr->router_id));
1509 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1510 if (IS_DEBUG_OSPF_EVENT)
1511 zlog_debug(
1512 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1513 dd->flags, nbr->dd_flags);
1514 break;
1515 }
1516
1517 /* Check initialize bit is set. */
1518 if (IS_SET_DD_I(dd->flags)) {
1519 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1520 inet_ntoa(nbr->router_id));
1521 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1522 break;
1523 }
1524
1525 /* Check DD Options. */
1526 if (dd->options != nbr->options) {
1527 #ifdef ORIGINAL_CODING
1528 /* Save the new options for debugging */
1529 nbr->options = dd->options;
1530 #endif /* ORIGINAL_CODING */
1531 flog_warn(EC_OSPF_PACKET,
1532 "Packet[DD]: Neighbor %s options mismatch.",
1533 inet_ntoa(nbr->router_id));
1534 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1535 break;
1536 }
1537
1538 /* Check DD sequence number. */
1539 if ((IS_SET_DD_MS(nbr->dd_flags)
1540 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1541 || (!IS_SET_DD_MS(nbr->dd_flags)
1542 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1543 flog_warn(
1544 EC_OSPF_PACKET,
1545 "Packet[DD]: Neighbor %s sequence number mismatch.",
1546 inet_ntoa(nbr->router_id));
1547 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1548 break;
1549 }
1550
1551 /* Continue processing rest of packet. */
1552 ospf_db_desc_proc(s, oi, nbr, dd, size);
1553 break;
1554 case NSM_Loading:
1555 case NSM_Full:
1556 if (ospf_db_desc_is_dup(dd, nbr)) {
1557 if (IS_SET_DD_MS(nbr->dd_flags)) {
1558 /* Master should discard duplicate DD packet. */
1559 zlog_info(
1560 "Packet[DD]: Neighbor %s duplicated, "
1561 "packet discarded.",
1562 inet_ntoa(nbr->router_id));
1563 break;
1564 } else {
1565 if (monotime_since(&nbr->last_send_ts, NULL)
1566 < nbr->v_inactivity * 1000000LL) {
1567 /* In states Loading and Full the slave
1568 must resend
1569 its last Database Description packet
1570 in response to
1571 duplicate Database Description
1572 packets received
1573 from the master. For this reason the
1574 slave must
1575 wait RouterDeadInterval seconds
1576 before freeing the
1577 last Database Description packet.
1578 Reception of a
1579 Database Description packet from the
1580 master after
1581 this interval will generate a
1582 SeqNumberMismatch
1583 neighbor event. RFC2328 Section 10.8
1584 */
1585 ospf_db_desc_resend(nbr);
1586 break;
1587 }
1588 }
1589 }
1590
1591 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1592 break;
1593 default:
1594 flog_warn(EC_OSPF_PACKET,
1595 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1596 inet_ntoa(nbr->router_id), nbr->state);
1597 break;
1598 }
1599 }
1600
1601 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1602
1603 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1604 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1605 struct stream *s, struct ospf_interface *oi,
1606 uint16_t size)
1607 {
1608 struct ospf_neighbor *nbr;
1609 uint32_t ls_type;
1610 struct in_addr ls_id;
1611 struct in_addr adv_router;
1612 struct ospf_lsa *find;
1613 struct list *ls_upd;
1614 unsigned int length;
1615
1616 /* Increment statistics. */
1617 oi->ls_req_in++;
1618
1619 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1620 if (nbr == NULL) {
1621 flog_warn(EC_OSPF_PACKET,
1622 "Link State Request: Unknown Neighbor %s.",
1623 inet_ntoa(ospfh->router_id));
1624 return;
1625 }
1626
1627 /* Add event to thread. */
1628 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1629
1630 /* Neighbor State should be Exchange or later. */
1631 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1632 && nbr->state != NSM_Full) {
1633 flog_warn(
1634 EC_OSPF_PACKET,
1635 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1636 inet_ntoa(ospfh->router_id),
1637 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1638 return;
1639 }
1640
1641 /* Send Link State Update for ALL requested LSAs. */
1642 ls_upd = list_new();
1643 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1644
1645 while (size >= OSPF_LSA_KEY_SIZE) {
1646 /* Get one slice of Link State Request. */
1647 ls_type = stream_getl(s);
1648 ls_id.s_addr = stream_get_ipv4(s);
1649 adv_router.s_addr = stream_get_ipv4(s);
1650
1651 /* Verify LSA type. */
1652 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1653 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1654 list_delete(&ls_upd);
1655 return;
1656 }
1657
1658 /* Search proper LSA in LSDB. */
1659 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1660 adv_router);
1661 if (find == NULL) {
1662 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1663 list_delete(&ls_upd);
1664 return;
1665 }
1666
1667 /* Packet overflows MTU size, send immediately. */
1668 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1669 if (oi->type == OSPF_IFTYPE_NBMA)
1670 ospf_ls_upd_send(nbr, ls_upd,
1671 OSPF_SEND_PACKET_DIRECT, 0);
1672 else
1673 ospf_ls_upd_send(nbr, ls_upd,
1674 OSPF_SEND_PACKET_INDIRECT, 0);
1675
1676 /* Only remove list contents. Keep ls_upd. */
1677 list_delete_all_node(ls_upd);
1678
1679 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1680 }
1681
1682 /* Append LSA to update list. */
1683 listnode_add(ls_upd, find);
1684 length += ntohs(find->data->length);
1685
1686 size -= OSPF_LSA_KEY_SIZE;
1687 }
1688
1689 /* Send rest of Link State Update. */
1690 if (listcount(ls_upd) > 0) {
1691 if (oi->type == OSPF_IFTYPE_NBMA)
1692 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1693 0);
1694 else
1695 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1696 0);
1697
1698 list_delete(&ls_upd);
1699 } else
1700 list_delete(&ls_upd);
1701 }
1702
1703 /* Get the list of LSAs from Link State Update packet.
1704 And process some validation -- RFC2328 Section 13. (1)-(2). */
1705 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1706 struct stream *s,
1707 struct ospf_interface *oi, size_t size)
1708 {
1709 uint16_t count, sum;
1710 uint32_t length;
1711 struct lsa_header *lsah;
1712 struct ospf_lsa *lsa;
1713 struct list *lsas;
1714
1715 lsas = list_new();
1716
1717 count = stream_getl(s);
1718 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1719
1720 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1721 size -= length, stream_forward_getp(s, length), count--) {
1722 lsah = (struct lsa_header *)stream_pnt(s);
1723 length = ntohs(lsah->length);
1724
1725 if (length > size) {
1726 flog_warn(
1727 EC_OSPF_PACKET,
1728 "Link State Update: LSA length exceeds packet size.");
1729 break;
1730 }
1731
1732 /* Validate the LSA's LS checksum. */
1733 sum = lsah->checksum;
1734 if (!ospf_lsa_checksum_valid(lsah)) {
1735 /* (bug #685) more details in a one-line message make it
1736 * possible
1737 * to identify problem source on the one hand and to
1738 * have a better
1739 * chance to compress repeated messages in syslog on the
1740 * other */
1741 flog_warn(
1742 EC_OSPF_PACKET,
1743 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1744 sum, lsah->checksum, inet_ntoa(lsah->id),
1745 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1746 inet_ntoa(lsah->adv_router));
1747 continue;
1748 }
1749
1750 /* Examine the LSA's LS type. */
1751 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1752 flog_warn(EC_OSPF_PACKET,
1753 "Link State Update: Unknown LS type %d",
1754 lsah->type);
1755 continue;
1756 }
1757
1758 /*
1759 * What if the received LSA's age is greater than MaxAge?
1760 * Treat it as a MaxAge case -- endo.
1761 */
1762 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1763 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1764
1765 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1766 #ifdef STRICT_OBIT_USAGE_CHECK
1767 if ((IS_OPAQUE_LSA(lsah->type)
1768 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1769 || (!IS_OPAQUE_LSA(lsah->type)
1770 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1771 /*
1772 * This neighbor must know the exact usage of
1773 * O-bit;
1774 * the bit will be set in Type-9,10,11 LSAs
1775 * only.
1776 */
1777 flog_warn(EC_OSPF_PACKET,
1778 "LSA[Type%d:%s]: O-bit abuse?",
1779 lsah->type, inet_ntoa(lsah->id));
1780 continue;
1781 }
1782 #endif /* STRICT_OBIT_USAGE_CHECK */
1783
1784 /* Do not take in AS External Opaque-LSAs if we are a
1785 * stub. */
1786 if (lsah->type == OSPF_OPAQUE_AS_LSA
1787 && nbr->oi->area->external_routing
1788 != OSPF_AREA_DEFAULT) {
1789 if (IS_DEBUG_OSPF_EVENT)
1790 zlog_debug(
1791 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1792 lsah->type,
1793 inet_ntoa(lsah->id));
1794 continue;
1795 }
1796 } else if (IS_OPAQUE_LSA(lsah->type)) {
1797 flog_warn(EC_OSPF_PACKET,
1798 "LSA[Type%d:%s]: Opaque capability mismatch?",
1799 lsah->type, inet_ntoa(lsah->id));
1800 continue;
1801 }
1802
1803 /* Create OSPF LSA instance. */
1804 lsa = ospf_lsa_new_and_data(length);
1805
1806 lsa->vrf_id = oi->ospf->vrf_id;
1807 /* We may wish to put some error checking if type NSSA comes in
1808 and area not in NSSA mode */
1809 switch (lsah->type) {
1810 case OSPF_AS_EXTERNAL_LSA:
1811 case OSPF_OPAQUE_AS_LSA:
1812 lsa->area = NULL;
1813 break;
1814 case OSPF_OPAQUE_LINK_LSA:
1815 lsa->oi = oi; /* Remember incoming interface for
1816 flooding control. */
1817 /* Fallthrough */
1818 default:
1819 lsa->area = oi->area;
1820 break;
1821 }
1822
1823 memcpy(lsa->data, lsah, length);
1824
1825 if (IS_DEBUG_OSPF_EVENT)
1826 zlog_debug(
1827 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1828 lsa->data->type, inet_ntoa(lsa->data->id),
1829 (void *)lsa);
1830 listnode_add(lsas, lsa);
1831 }
1832
1833 return lsas;
1834 }
1835
1836 /* Cleanup Update list. */
1837 static void ospf_upd_list_clean(struct list *lsas)
1838 {
1839 struct listnode *node, *nnode;
1840 struct ospf_lsa *lsa;
1841
1842 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1843 ospf_lsa_discard(lsa);
1844
1845 list_delete(&lsas);
1846 }
1847
1848 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1849 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1850 struct ospf_header *ospfh, struct stream *s,
1851 struct ospf_interface *oi, uint16_t size)
1852 {
1853 struct ospf_neighbor *nbr;
1854 struct list *lsas;
1855 struct listnode *node, *nnode;
1856 struct ospf_lsa *lsa = NULL;
1857 /* unsigned long ls_req_found = 0; */
1858
1859 /* Dis-assemble the stream, update each entry, re-encapsulate for
1860 * flooding */
1861
1862 /* Increment statistics. */
1863 oi->ls_upd_in++;
1864
1865 /* Check neighbor. */
1866 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1867 if (nbr == NULL) {
1868 flog_warn(EC_OSPF_PACKET,
1869 "Link State Update: Unknown Neighbor %s on int: %s",
1870 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1871 return;
1872 }
1873
1874 /* Add event to thread. */
1875 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1876
1877 /* Check neighbor state. */
1878 if (nbr->state < NSM_Exchange) {
1879 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1880 zlog_debug(
1881 "Link State Update: "
1882 "Neighbor[%s] state %s is less than Exchange",
1883 inet_ntoa(ospfh->router_id),
1884 lookup_msg(ospf_nsm_state_msg, nbr->state,
1885 NULL));
1886 return;
1887 }
1888
1889 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1890 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1891 * of section 13.
1892 */
1893 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1894
1895 if (lsas == NULL)
1896 return;
1897 #define DISCARD_LSA(L, N) \
1898 { \
1899 if (IS_DEBUG_OSPF_EVENT) \
1900 zlog_debug( \
1901 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1902 " Type-%d", \
1903 N, (void *)lsa, (int)lsa->data->type); \
1904 ospf_lsa_discard(L); \
1905 continue; \
1906 }
1907
1908 /* Process each LSA received in the one packet.
1909 *
1910 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1911 * text below are from the steps in RFC 2328, Section 13.
1912 */
1913 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1914 struct ospf_lsa *ls_ret, *current;
1915 int ret = 1;
1916
1917 if (IS_DEBUG_OSPF_NSSA) {
1918 char buf1[INET_ADDRSTRLEN];
1919 char buf2[INET_ADDRSTRLEN];
1920 char buf3[INET_ADDRSTRLEN];
1921
1922 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1923 lsa->data->type,
1924 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1925 INET_ADDRSTRLEN),
1926 inet_ntop(AF_INET, &lsa->data->id, buf2,
1927 INET_ADDRSTRLEN),
1928 inet_ntop(AF_INET, &lsa->data->adv_router,
1929 buf3, INET_ADDRSTRLEN));
1930 }
1931
1932 listnode_delete(lsas,
1933 lsa); /* We don't need it in list anymore */
1934
1935 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1936 */
1937
1938 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1939
1940 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1941 */
1942
1943 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1944 */
1945
1946 /* Do take in Type-7's if we are an NSSA */
1947
1948 /* If we are also an ABR, later translate them to a Type-5
1949 * packet */
1950
1951 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1952 translate them to a separate Type-5 packet. */
1953
1954 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1955 /* Reject from STUB or NSSA */
1956 if (nbr->oi->area->external_routing
1957 != OSPF_AREA_DEFAULT) {
1958 if (IS_DEBUG_OSPF_NSSA)
1959 zlog_debug(
1960 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1961 DISCARD_LSA(lsa, 1);
1962 }
1963
1964 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1965 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1966 if (IS_DEBUG_OSPF_NSSA)
1967 zlog_debug(
1968 "Incoming NSSA LSA Discarded: Not NSSA Area");
1969 DISCARD_LSA(lsa, 2);
1970 }
1971
1972 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1973 if (lsa->data->type == OSPF_ROUTER_LSA)
1974 if (!IPV4_ADDR_SAME(&lsa->data->id,
1975 &lsa->data->adv_router)) {
1976 char buf1[INET_ADDRSTRLEN];
1977 char buf2[INET_ADDRSTRLEN];
1978 char buf3[INET_ADDRSTRLEN];
1979
1980 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1981 "Incoming Router-LSA from %s with "
1982 "Adv-ID[%s] != LS-ID[%s]",
1983 inet_ntop(AF_INET, &ospfh->router_id,
1984 buf1, INET_ADDRSTRLEN),
1985 inet_ntop(AF_INET, &lsa->data->id,
1986 buf2, INET_ADDRSTRLEN),
1987 inet_ntop(AF_INET,
1988 &lsa->data->adv_router, buf3,
1989 INET_ADDRSTRLEN));
1990 flog_err(
1991 EC_OSPF_DOMAIN_CORRUPT,
1992 "OSPF domain compromised by attack or corruption. "
1993 "Verify correct operation of -ALL- OSPF routers.");
1994 DISCARD_LSA(lsa, 0);
1995 }
1996
1997 /* Find the LSA in the current database. */
1998
1999 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
2000
2001 /* (4) If the LSA's LS age is equal to MaxAge, and there is
2002 currently
2003 no instance of the LSA in the router's link state database,
2004 and none of router's neighbors are in states Exchange or
2005 Loading,
2006 then take the following actions: */
2007
2008 if (IS_LSA_MAXAGE(lsa) && !current
2009 && ospf_check_nbr_status(oi->ospf)) {
2010 /* (4a) Response Link State Acknowledgment. */
2011 ospf_ls_ack_send(nbr, lsa);
2012
2013 /* (4b) Discard LSA. */
2014 if (IS_DEBUG_OSPF(lsa, LSA)) {
2015 zlog_debug(
2016 "Link State Update[%s]: LS age is equal to MaxAge.",
2017 dump_lsa_key(lsa));
2018 }
2019 DISCARD_LSA(lsa, 3);
2020 }
2021
2022 if (IS_OPAQUE_LSA(lsa->data->type)
2023 && IPV4_ADDR_SAME(&lsa->data->adv_router,
2024 &oi->ospf->router_id)) {
2025 /*
2026 * Even if initial flushing seems to be completed, there
2027 * might
2028 * be a case that self-originated LSA with MaxAge still
2029 * remain
2030 * in the routing domain.
2031 * Just send an LSAck message to cease retransmission.
2032 */
2033 if (IS_LSA_MAXAGE(lsa)) {
2034 zlog_info("LSA[%s]: Boomerang effect?",
2035 dump_lsa_key(lsa));
2036 ospf_ls_ack_send(nbr, lsa);
2037 ospf_lsa_discard(lsa);
2038
2039 if (current != NULL && !IS_LSA_MAXAGE(current))
2040 ospf_opaque_lsa_refresh_schedule(
2041 current);
2042 continue;
2043 }
2044
2045 /*
2046 * If an instance of self-originated Opaque-LSA is not
2047 * found
2048 * in the LSDB, there are some possible cases here.
2049 *
2050 * 1) This node lost opaque-capability after restart.
2051 * 2) Else, a part of opaque-type is no more supported.
2052 * 3) Else, a part of opaque-id is no more supported.
2053 *
2054 * Anyway, it is still this node's responsibility to
2055 * flush it.
2056 * Otherwise, the LSA instance remains in the routing
2057 * domain
2058 * until its age reaches to MaxAge.
2059 */
2060 /* XXX: We should deal with this for *ALL* LSAs, not
2061 * just opaque */
2062 if (current == NULL) {
2063 if (IS_DEBUG_OSPF_EVENT)
2064 zlog_debug(
2065 "LSA[%s]: Previously originated Opaque-LSA,"
2066 "not found in the LSDB.",
2067 dump_lsa_key(lsa));
2068
2069 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2070
2071 ospf_opaque_self_originated_lsa_received(nbr,
2072 lsa);
2073 ospf_ls_ack_send(nbr, lsa);
2074
2075 continue;
2076 }
2077 }
2078
2079 /* It might be happen that received LSA is self-originated
2080 * network LSA, but
2081 * router ID is changed. So, we should check if LSA is a
2082 * network-LSA whose
2083 * Link State ID is one of the router's own IP interface
2084 * addresses but whose
2085 * Advertising Router is not equal to the router's own Router ID
2086 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2087 * flushed.
2088 */
2089
2090 if (lsa->data->type == OSPF_NETWORK_LSA) {
2091 struct listnode *oinode, *oinnode;
2092 struct ospf_interface *out_if;
2093 int Flag = 0;
2094
2095 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2096 oinnode, out_if)) {
2097 if (out_if == NULL)
2098 break;
2099
2100 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2101 &lsa->data->id))
2102 && (!(IPV4_ADDR_SAME(
2103 &oi->ospf->router_id,
2104 &lsa->data->adv_router)))) {
2105 if (out_if->network_lsa_self) {
2106 ospf_lsa_flush_area(
2107 lsa, out_if->area);
2108 if (IS_DEBUG_OSPF_EVENT)
2109 zlog_debug(
2110 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2111 (void *)lsa,
2112 (int)lsa->data
2113 ->type);
2114 ospf_lsa_discard(lsa);
2115 Flag = 1;
2116 }
2117 break;
2118 }
2119 }
2120 if (Flag)
2121 continue;
2122 }
2123
2124 /* (5) Find the instance of this LSA that is currently contained
2125 in the router's link state database. If there is no
2126 database copy, or the received LSA is more recent than
2127 the database copy the following steps must be performed.
2128 (The sub steps from RFC 2328 section 13 step (5) will be
2129 performed in
2130 ospf_flood() ) */
2131
2132 if (current == NULL
2133 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2134 /* CVE-2017-3224 */
2135 if (current && (lsa->data->ls_seqnum ==
2136 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2137 && !IS_LSA_MAXAGE(lsa))) {
2138 zlog_debug(
2139 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2140 dump_lsa_key(lsa));
2141
2142 DISCARD_LSA(lsa, 4);
2143 }
2144
2145 /* Actual flooding procedure. */
2146 if (ospf_flood(oi->ospf, nbr, current, lsa)
2147 < 0) /* Trap NSSA later. */
2148 DISCARD_LSA(lsa, 5);
2149 continue;
2150 }
2151
2152 /* (6) Else, If there is an instance of the LSA on the sending
2153 neighbor's Link state request list, an error has occurred in
2154 the Database Exchange process. In this case, restart the
2155 Database Exchange process by generating the neighbor event
2156 BadLSReq for the sending neighbor and stop processing the
2157 Link State Update packet. */
2158
2159 if (ospf_ls_request_lookup(nbr, lsa)) {
2160 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2161 flog_warn(
2162 EC_OSPF_PACKET,
2163 "LSA[%s] instance exists on Link state request list",
2164 dump_lsa_key(lsa));
2165
2166 /* Clean list of LSAs. */
2167 ospf_upd_list_clean(lsas);
2168 /* this lsa is not on lsas list already. */
2169 ospf_lsa_discard(lsa);
2170 return;
2171 }
2172
2173 /* If the received LSA is the same instance as the database copy
2174 (i.e., neither one is more recent) the following two steps
2175 should be performed: */
2176
2177 if (ret == 0) {
2178 /* If the LSA is listed in the Link state retransmission
2179 list
2180 for the receiving adjacency, the router itself is
2181 expecting
2182 an acknowledgment for this LSA. The router should
2183 treat the
2184 received LSA as an acknowledgment by removing the LSA
2185 from
2186 the Link state retransmission list. This is termed
2187 an
2188 "implied acknowledgment". */
2189
2190 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2191
2192 if (ls_ret != NULL) {
2193 ospf_ls_retransmit_delete(nbr, ls_ret);
2194
2195 /* Delayed acknowledgment sent if advertisement
2196 received
2197 from Designated Router, otherwise do nothing.
2198 */
2199 if (oi->state == ISM_Backup)
2200 if (NBR_IS_DR(nbr))
2201 listnode_add(
2202 oi->ls_ack,
2203 ospf_lsa_lock(lsa));
2204
2205 DISCARD_LSA(lsa, 6);
2206 } else
2207 /* Acknowledge the receipt of the LSA by sending a
2208 Link State Acknowledgment packet back out the
2209 receiving
2210 interface. */
2211 {
2212 ospf_ls_ack_send(nbr, lsa);
2213 DISCARD_LSA(lsa, 7);
2214 }
2215 }
2216
2217 /* The database copy is more recent. If the database copy
2218 has LS age equal to MaxAge and LS sequence number equal to
2219 MaxSequenceNumber, simply discard the received LSA without
2220 acknowledging it. (In this case, the LSA's LS sequence number
2221 is
2222 wrapping, and the MaxSequenceNumber LSA must be completely
2223 flushed before any new LSA instance can be introduced). */
2224
2225 else if (ret > 0) /* Database copy is more recent */
2226 {
2227 if (IS_LSA_MAXAGE(current)
2228 && current->data->ls_seqnum
2229 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2230 DISCARD_LSA(lsa, 8);
2231 }
2232 /* Otherwise, as long as the database copy has not been
2233 sent in a
2234 Link State Update within the last MinLSArrival
2235 seconds, send the
2236 database copy back to the sending neighbor,
2237 encapsulated within
2238 a Link State Update Packet. The Link State Update
2239 Packet should
2240 be sent directly to the neighbor. In so doing, do not
2241 put the
2242 database copy of the LSA on the neighbor's link state
2243 retransmission list, and do not acknowledge the
2244 received (less
2245 recent) LSA instance. */
2246 else {
2247 if (monotime_since(&current->tv_orig, NULL)
2248 >= ospf->min_ls_arrival * 1000LL)
2249 /* Trap NSSA type later.*/
2250 ospf_ls_upd_send_lsa(
2251 nbr, current,
2252 OSPF_SEND_PACKET_DIRECT);
2253 DISCARD_LSA(lsa, 9);
2254 }
2255 }
2256 }
2257 #undef DISCARD_LSA
2258
2259 assert(listcount(lsas) == 0);
2260 list_delete(&lsas);
2261 }
2262
2263 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2264 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2265 struct stream *s, struct ospf_interface *oi,
2266 uint16_t size)
2267 {
2268 struct ospf_neighbor *nbr;
2269
2270 /* increment statistics. */
2271 oi->ls_ack_in++;
2272
2273 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2274 if (nbr == NULL) {
2275 flog_warn(EC_OSPF_PACKET,
2276 "Link State Acknowledgment: Unknown Neighbor %s.",
2277 inet_ntoa(ospfh->router_id));
2278 return;
2279 }
2280
2281 /* Add event to thread. */
2282 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2283
2284 if (nbr->state < NSM_Exchange) {
2285 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2286 zlog_debug(
2287 "Link State Acknowledgment: "
2288 "Neighbor[%s] state %s is less than Exchange",
2289 inet_ntoa(ospfh->router_id),
2290 lookup_msg(ospf_nsm_state_msg, nbr->state,
2291 NULL));
2292 return;
2293 }
2294
2295 while (size >= OSPF_LSA_HEADER_SIZE) {
2296 struct ospf_lsa *lsa, *lsr;
2297
2298 lsa = ospf_lsa_new();
2299 lsa->data = (struct lsa_header *)stream_pnt(s);
2300 lsa->vrf_id = oi->ospf->vrf_id;
2301
2302 /* lsah = (struct lsa_header *) stream_pnt (s); */
2303 size -= OSPF_LSA_HEADER_SIZE;
2304 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2305
2306 if (lsa->data->type < OSPF_MIN_LSA
2307 || lsa->data->type >= OSPF_MAX_LSA) {
2308 lsa->data = NULL;
2309 ospf_lsa_discard(lsa);
2310 continue;
2311 }
2312
2313 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2314
2315 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2316 ospf_ls_retransmit_delete(nbr, lsr);
2317
2318 lsa->data = NULL;
2319 ospf_lsa_discard(lsa);
2320 }
2321
2322 return;
2323 }
2324
2325 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2326 struct interface **ifp,
2327 struct stream *ibuf)
2328 {
2329 int ret;
2330 struct ip *iph;
2331 uint16_t ip_len;
2332 ifindex_t ifindex = 0;
2333 struct iovec iov;
2334 /* Header and data both require alignment. */
2335 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2336 struct msghdr msgh;
2337
2338 memset(&msgh, 0, sizeof(struct msghdr));
2339 msgh.msg_iov = &iov;
2340 msgh.msg_iovlen = 1;
2341 msgh.msg_control = (caddr_t)buff;
2342 msgh.msg_controllen = sizeof(buff);
2343
2344 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2345 if (ret < 0) {
2346 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2347 safe_strerror(errno));
2348 return NULL;
2349 }
2350 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2351 {
2352 flog_warn(
2353 EC_OSPF_PACKET,
2354 "ospf_recv_packet: discarding runt packet of length %d "
2355 "(ip header size is %u)",
2356 ret, (unsigned int)sizeof(iph));
2357 return NULL;
2358 }
2359
2360 /* Note that there should not be alignment problems with this assignment
2361 because this is at the beginning of the stream data buffer. */
2362 iph = (struct ip *)STREAM_DATA(ibuf);
2363 sockopt_iphdrincl_swab_systoh(iph);
2364
2365 ip_len = iph->ip_len;
2366
2367 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2368 /*
2369 * Kernel network code touches incoming IP header parameters,
2370 * before protocol specific processing.
2371 *
2372 * 1) Convert byteorder to host representation.
2373 * --> ip_len, ip_id, ip_off
2374 *
2375 * 2) Adjust ip_len to strip IP header size!
2376 * --> If user process receives entire IP packet via RAW
2377 * socket, it must consider adding IP header size to
2378 * the "ip_len" field of "ip" structure.
2379 *
2380 * For more details, see <netinet/ip_input.c>.
2381 */
2382 ip_len = ip_len + (iph->ip_hl << 2);
2383 #endif
2384
2385 #if defined(__DragonFly__)
2386 /*
2387 * in DragonFly's raw socket, ip_len/ip_off are read
2388 * in network byte order.
2389 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2390 */
2391 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2392 #endif
2393
2394 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2395
2396 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2397
2398 if (ret != ip_len) {
2399 flog_warn(
2400 EC_OSPF_PACKET,
2401 "ospf_recv_packet read length mismatch: ip_len is %d, "
2402 "but recvmsg returned %d",
2403 ip_len, ret);
2404 return NULL;
2405 }
2406
2407 return ibuf;
2408 }
2409
2410 static struct ospf_interface *
2411 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2412 struct ip *iph, struct ospf_header *ospfh)
2413 {
2414 struct ospf_interface *rcv_oi;
2415 struct ospf_vl_data *vl_data;
2416 struct ospf_area *vl_area;
2417 struct listnode *node;
2418
2419 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2420 || !OSPF_IS_AREA_BACKBONE(ospfh))
2421 return NULL;
2422
2423 /* look for local OSPF interface matching the destination
2424 * to determine Area ID. We presume therefore the destination address
2425 * is unique, or at least (for "unnumbered" links), not used in other
2426 * areas
2427 */
2428 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2429 == NULL)
2430 return NULL;
2431
2432 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2433 vl_area =
2434 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2435 if (!vl_area)
2436 continue;
2437
2438 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2439 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2440 if (IS_DEBUG_OSPF_EVENT)
2441 zlog_debug("associating packet with %s",
2442 IF_NAME(vl_data->vl_oi));
2443 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2444 if (IS_DEBUG_OSPF_EVENT)
2445 zlog_debug(
2446 "This VL is not up yet, sorry");
2447 return NULL;
2448 }
2449
2450 return vl_data->vl_oi;
2451 }
2452 }
2453
2454 if (IS_DEBUG_OSPF_EVENT)
2455 zlog_debug("couldn't find any VL to associate the packet with");
2456
2457 return NULL;
2458 }
2459
2460 static int ospf_check_area_id(struct ospf_interface *oi,
2461 struct ospf_header *ospfh)
2462 {
2463 /* Check match the Area ID of the receiving interface. */
2464 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2465 return 1;
2466
2467 return 0;
2468 }
2469
2470 /* Unbound socket will accept any Raw IP packets if proto is matched.
2471 To prevent it, compare src IP address and i/f address with masking
2472 i/f network mask. */
2473 static int ospf_check_network_mask(struct ospf_interface *oi,
2474 struct in_addr ip_src)
2475 {
2476 struct in_addr mask, me, him;
2477
2478 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2479 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2480 return 1;
2481
2482 masklen2ip(oi->address->prefixlen, &mask);
2483
2484 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2485 him.s_addr = ip_src.s_addr & mask.s_addr;
2486
2487 if (IPV4_ADDR_SAME(&me, &him))
2488 return 1;
2489
2490 return 0;
2491 }
2492
2493 /* Return 1, if the packet is properly authenticated and checksummed,
2494 0 otherwise. In particular, check that AuType header field is valid and
2495 matches the locally configured AuType, and that D.5 requirements are met. */
2496 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2497 {
2498 struct crypt_key *ck;
2499 uint16_t iface_auth_type;
2500 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2501
2502 switch (pkt_auth_type) {
2503 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2504 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2505 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2506 flog_warn(
2507 EC_OSPF_PACKET,
2508 "interface %s: auth-type mismatch, local %s, rcvd Null",
2509 IF_NAME(oi),
2510 lookup_msg(ospf_auth_type_str,
2511 iface_auth_type, NULL));
2512 return 0;
2513 }
2514 if (!ospf_check_sum(ospfh)) {
2515 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2516 flog_warn(
2517 EC_OSPF_PACKET,
2518 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2519 IF_NAME(oi),
2520 inet_ntoa(ospfh->router_id));
2521 return 0;
2522 }
2523 return 1;
2524 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2525 if (OSPF_AUTH_SIMPLE
2526 != (iface_auth_type = ospf_auth_type(oi))) {
2527 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2528 flog_warn(
2529 EC_OSPF_PACKET,
2530 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2531 IF_NAME(oi),
2532 lookup_msg(ospf_auth_type_str,
2533 iface_auth_type, NULL));
2534 return 0;
2535 }
2536 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2537 OSPF_AUTH_SIMPLE_SIZE)) {
2538 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2539 flog_warn(EC_OSPF_PACKET,
2540 "interface %s: Simple auth failed",
2541 IF_NAME(oi));
2542 return 0;
2543 }
2544 if (!ospf_check_sum(ospfh)) {
2545 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2546 flog_warn(
2547 EC_OSPF_PACKET,
2548 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2549 IF_NAME(oi),
2550 inet_ntoa(ospfh->router_id));
2551 return 0;
2552 }
2553 return 1;
2554 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2555 if (OSPF_AUTH_CRYPTOGRAPHIC
2556 != (iface_auth_type = ospf_auth_type(oi))) {
2557 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2558 flog_warn(
2559 EC_OSPF_PACKET,
2560 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2561 IF_NAME(oi),
2562 lookup_msg(ospf_auth_type_str,
2563 iface_auth_type, NULL));
2564 return 0;
2565 }
2566 if (ospfh->checksum) {
2567 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2568 flog_warn(
2569 EC_OSPF_PACKET,
2570 "interface %s: OSPF header checksum is not 0",
2571 IF_NAME(oi));
2572 return 0;
2573 }
2574 /* only MD5 crypto method can pass ospf_packet_examin() */
2575 if (NULL == (ck = listgetdata(
2576 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2577 || ospfh->u.crypt.key_id != ck->key_id ||
2578 /* Condition above uses the last key ID on the list,
2579 which is
2580 different from what ospf_crypt_key_lookup() does. A
2581 bug? */
2582 !ospf_check_md5_digest(oi, ospfh)) {
2583 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2584 flog_warn(EC_OSPF_MD5,
2585 "interface %s: MD5 auth failed",
2586 IF_NAME(oi));
2587 return 0;
2588 }
2589 return 1;
2590 default:
2591 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2592 flog_warn(
2593 EC_OSPF_PACKET,
2594 "interface %s: invalid packet auth-type (%02x)",
2595 IF_NAME(oi), pkt_auth_type);
2596 return 0;
2597 }
2598 }
2599
2600 static int ospf_check_sum(struct ospf_header *ospfh)
2601 {
2602 uint32_t ret;
2603 uint16_t sum;
2604
2605 /* clear auth_data for checksum. */
2606 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2607
2608 /* keep checksum and clear. */
2609 sum = ospfh->checksum;
2610 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2611
2612 /* calculate checksum. */
2613 ret = in_cksum(ospfh, ntohs(ospfh->length));
2614
2615 if (ret != sum) {
2616 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2617 ret, sum);
2618 return 0;
2619 }
2620
2621 return 1;
2622 }
2623
2624 /* Verify, that given link/TOS records are properly sized/aligned and match
2625 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2626 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2627 uint16_t linkbytes,
2628 const uint16_t num_links)
2629 {
2630 unsigned counted_links = 0, thislinklen;
2631
2632 while (linkbytes) {
2633 thislinklen =
2634 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2635 if (thislinklen > linkbytes) {
2636 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2637 zlog_debug("%s: length error in link block #%u",
2638 __func__, counted_links);
2639 return MSG_NG;
2640 }
2641 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2642 linkbytes -= thislinklen;
2643 counted_links++;
2644 }
2645 if (counted_links != num_links) {
2646 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2647 zlog_debug("%s: %u link blocks declared, %u present",
2648 __func__, num_links, counted_links);
2649 return MSG_NG;
2650 }
2651 return MSG_OK;
2652 }
2653
2654 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2655 minimum length constraint). */
2656 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2657 const uint8_t headeronly)
2658 {
2659 unsigned ret;
2660 struct router_lsa *rlsa;
2661 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2662 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2663 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2664 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2665 lookup_msg(ospf_lsa_type_msg, lsah->type,
2666 NULL));
2667 return MSG_NG;
2668 }
2669 switch (lsah->type) {
2670 case OSPF_ROUTER_LSA:
2671 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2672 * (12+)-byte link blocks */
2673 if (headeronly) {
2674 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2675 - OSPF_ROUTER_LSA_MIN_SIZE)
2676 % 4
2677 ? MSG_NG
2678 : MSG_OK;
2679 break;
2680 }
2681 rlsa = (struct router_lsa *)lsah;
2682 ret = ospf_router_lsa_links_examin(
2683 (struct router_lsa_link *)rlsa->link,
2684 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2685 header, "flags",
2686 0, "# links" */
2687 ntohs(rlsa->links) /* 16 bits */
2688 );
2689 break;
2690 case OSPF_AS_EXTERNAL_LSA:
2691 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2692 * blocks */
2693 case OSPF_AS_NSSA_LSA:
2694 /* RFC3101 C, idem */
2695 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2696 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2697 % 12
2698 ? MSG_NG
2699 : MSG_OK;
2700 break;
2701 /* Following LSA types are considered OK length-wise as soon as their
2702 * minimum
2703 * length constraint is met and length of the whole LSA is a multiple of
2704 * 4
2705 * (basic LSA header size is already a multiple of 4). */
2706 case OSPF_NETWORK_LSA:
2707 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2708 case OSPF_SUMMARY_LSA:
2709 case OSPF_ASBR_SUMMARY_LSA:
2710 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2711 * blocks */
2712 case OSPF_OPAQUE_LINK_LSA:
2713 case OSPF_OPAQUE_AREA_LSA:
2714 case OSPF_OPAQUE_AS_LSA:
2715 /* RFC5250 A.2, "some number of octets (of application-specific
2716 * data) padded to 32-bit alignment." This is considered
2717 * equivalent
2718 * to 4-byte alignment of all other LSA types, see
2719 * OSPF-ALIGNMENT.txt
2720 * file for the detailed analysis of this passage. */
2721 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2722 break;
2723 default:
2724 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2725 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2726 lsah->type);
2727 return MSG_NG;
2728 }
2729 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2730 zlog_debug("%s: alignment error in %s", __func__,
2731 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2732 return ret;
2733 }
2734
2735 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2736 includes verification of LSA blocks length/alignment and dispatching
2737 of deeper-level checks. */
2738 static unsigned
2739 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2740 size_t length, const uint8_t headeronly,
2741 /* When declared_num_lsas is not 0, compare it to the real
2742 number of LSAs
2743 and treat the difference as an error. */
2744 const uint32_t declared_num_lsas)
2745 {
2746 uint32_t counted_lsas = 0;
2747
2748 while (length) {
2749 uint16_t lsalen;
2750 if (length < OSPF_LSA_HEADER_SIZE) {
2751 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2752 zlog_debug(
2753 "%s: undersized (%zu B) trailing (#%u) LSA header",
2754 __func__, length, counted_lsas);
2755 return MSG_NG;
2756 }
2757 /* save on ntohs() calls here and in the LSA validator */
2758 lsalen = ntohs(lsah->length);
2759 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2760 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2761 zlog_debug(
2762 "%s: malformed LSA header #%u, declared length is %u B",
2763 __func__, counted_lsas, lsalen);
2764 return MSG_NG;
2765 }
2766 if (headeronly) {
2767 /* less checks here and in ospf_lsa_examin() */
2768 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2769 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2770 zlog_debug(
2771 "%s: malformed header-only LSA #%u",
2772 __func__, counted_lsas);
2773 return MSG_NG;
2774 }
2775 lsah = (struct lsa_header *)((caddr_t)lsah
2776 + OSPF_LSA_HEADER_SIZE);
2777 length -= OSPF_LSA_HEADER_SIZE;
2778 } else {
2779 /* make sure the input buffer is deep enough before
2780 * further checks */
2781 if (lsalen > length) {
2782 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2783 zlog_debug(
2784 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2785 __func__, counted_lsas, lsalen,
2786 length);
2787 return MSG_NG;
2788 }
2789 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2790 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2791 zlog_debug("%s: malformed LSA #%u",
2792 __func__, counted_lsas);
2793 return MSG_NG;
2794 }
2795 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2796 length -= lsalen;
2797 }
2798 counted_lsas++;
2799 }
2800
2801 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2802 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2803 zlog_debug(
2804 "%s: #LSAs declared (%u) does not match actual (%u)",
2805 __func__, declared_num_lsas, counted_lsas);
2806 return MSG_NG;
2807 }
2808 return MSG_OK;
2809 }
2810
2811 /* Verify a complete OSPF packet for proper sizing/alignment. */
2812 static unsigned ospf_packet_examin(struct ospf_header *oh,
2813 const unsigned bytesonwire)
2814 {
2815 uint16_t bytesdeclared, bytesauth;
2816 unsigned ret;
2817 struct ospf_ls_update *lsupd;
2818
2819 /* Length, 1st approximation. */
2820 if (bytesonwire < OSPF_HEADER_SIZE) {
2821 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2822 zlog_debug("%s: undersized (%u B) packet", __func__,
2823 bytesonwire);
2824 return MSG_NG;
2825 }
2826 /* Now it is safe to access header fields. Performing length check,
2827 * allow
2828 * for possible extra bytes of crypto auth/padding, which are not
2829 * counted
2830 * in the OSPF header "length" field. */
2831 if (oh->version != OSPF_VERSION) {
2832 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2833 zlog_debug("%s: invalid (%u) protocol version",
2834 __func__, oh->version);
2835 return MSG_NG;
2836 }
2837 bytesdeclared = ntohs(oh->length);
2838 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2839 bytesauth = 0;
2840 else {
2841 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2842 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2843 zlog_debug(
2844 "%s: unsupported crypto auth length (%u B)",
2845 __func__, oh->u.crypt.auth_data_len);
2846 return MSG_NG;
2847 }
2848 bytesauth = OSPF_AUTH_MD5_SIZE;
2849 }
2850 if (bytesdeclared + bytesauth > bytesonwire) {
2851 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2852 zlog_debug(
2853 "%s: packet length error (%u real, %u+%u declared)",
2854 __func__, bytesonwire, bytesdeclared,
2855 bytesauth);
2856 return MSG_NG;
2857 }
2858 /* Length, 2nd approximation. The type-specific constraint is checked
2859 against declared length, not amount of bytes on wire. */
2860 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2861 && bytesdeclared
2862 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2863 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2864 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2865 bytesdeclared,
2866 lookup_msg(ospf_packet_type_str, oh->type,
2867 NULL));
2868 return MSG_NG;
2869 }
2870 switch (oh->type) {
2871 case OSPF_MSG_HELLO:
2872 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2873 followed
2874 by N>=0 router-IDs. */
2875 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2876 % 4
2877 ? MSG_NG
2878 : MSG_OK;
2879 break;
2880 case OSPF_MSG_DB_DESC:
2881 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2882 followed
2883 by N>=0 header-only LSAs. */
2884 ret = ospf_lsaseq_examin(
2885 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2886 + OSPF_DB_DESC_MIN_SIZE),
2887 bytesdeclared - OSPF_HEADER_SIZE
2888 - OSPF_DB_DESC_MIN_SIZE,
2889 1, /* header-only LSAs */
2890 0);
2891 break;
2892 case OSPF_MSG_LS_REQ:
2893 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2894 * request blocks. */
2895 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2896 % OSPF_LSA_KEY_SIZE
2897 ? MSG_NG
2898 : MSG_OK;
2899 break;
2900 case OSPF_MSG_LS_UPD:
2901 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2902 followed
2903 by N>=0 full LSAs (with N declared beforehand). */
2904 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2905 + OSPF_HEADER_SIZE);
2906 ret = ospf_lsaseq_examin(
2907 (struct lsa_header *)((caddr_t)lsupd
2908 + OSPF_LS_UPD_MIN_SIZE),
2909 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2910 0, /* full LSAs */
2911 ntohl(lsupd->num_lsas) /* 32 bits */
2912 );
2913 break;
2914 case OSPF_MSG_LS_ACK:
2915 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2916 * LSAs. */
2917 ret = ospf_lsaseq_examin(
2918 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2919 + OSPF_LS_ACK_MIN_SIZE),
2920 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2921 1, /* header-only LSAs */
2922 0);
2923 break;
2924 default:
2925 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2926 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2927 oh->type);
2928 return MSG_NG;
2929 }
2930 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2931 zlog_debug("%s: malformed %s packet", __func__,
2932 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2933 return ret;
2934 }
2935
2936 /* OSPF Header verification. */
2937 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2938 struct ip *iph, struct ospf_header *ospfh)
2939 {
2940 /* Check Area ID. */
2941 if (!ospf_check_area_id(oi, ospfh)) {
2942 flog_warn(EC_OSPF_PACKET,
2943 "interface %s: ospf_read invalid Area ID %s.",
2944 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2945 return -1;
2946 }
2947
2948 /* Check network mask, Silently discarded. */
2949 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2950 flog_warn(
2951 EC_OSPF_PACKET,
2952 "interface %s: ospf_read network address is not same [%s]",
2953 IF_NAME(oi), inet_ntoa(iph->ip_src));
2954 return -1;
2955 }
2956
2957 /* Check authentication. The function handles logging actions, where
2958 * required. */
2959 if (!ospf_check_auth(oi, ospfh))
2960 return -1;
2961
2962 return 0;
2963 }
2964
2965 /* Starting point of packet process function. */
2966 int ospf_read(struct thread *thread)
2967 {
2968 int ret;
2969 struct stream *ibuf;
2970 struct ospf *ospf;
2971 struct ospf_interface *oi;
2972 struct ip *iph;
2973 struct ospf_header *ospfh;
2974 uint16_t length;
2975 struct interface *ifp = NULL;
2976 struct connected *c;
2977
2978 /* first of all get interface pointer. */
2979 ospf = THREAD_ARG(thread);
2980
2981 /* prepare for next packet. */
2982 ospf->t_read = NULL;
2983 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2984
2985 stream_reset(ospf->ibuf);
2986 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2987 if (ibuf == NULL)
2988 return -1;
2989 /* This raw packet is known to be at least as big as its IP header. */
2990
2991 /* Note that there should not be alignment problems with this assignment
2992 because this is at the beginning of the stream data buffer. */
2993 iph = (struct ip *)STREAM_DATA(ibuf);
2994 /* Note that sockopt_iphdrincl_swab_systoh was called in
2995 * ospf_recv_packet. */
2996
2997 if (ifp == NULL) {
2998 /* Handle cases where the platform does not support retrieving
2999 the ifindex,
3000 and also platforms (such as Solaris 8) that claim to support
3001 ifindex
3002 retrieval but do not. */
3003 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
3004 ospf->vrf_id);
3005 if (c)
3006 ifp = c->ifp;
3007 if (ifp == NULL)
3008 return 0;
3009 }
3010
3011 /* IP Header dump. */
3012 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3013 ospf_ip_header_dump(iph);
3014
3015 /* Self-originated packet should be discarded silently. */
3016 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3017 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3018 zlog_debug(
3019 "ospf_read[%s]: Dropping self-originated packet",
3020 inet_ntoa(iph->ip_src));
3021 }
3022 return 0;
3023 }
3024
3025 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
3026 by ospf_recv_packet() to be correct). */
3027 stream_forward_getp(ibuf, iph->ip_hl * 4);
3028
3029 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3030 if (MSG_OK
3031 != ospf_packet_examin(
3032 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
3033 return -1;
3034 /* Now it is safe to access all fields of OSPF packet header. */
3035
3036 /* associate packet with ospf interface */
3037 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3038
3039 /* ospf_verify_header() relies on a valid "oi" and thus can be called
3040 only
3041 after the passive/backbone/other checks below are passed. These
3042 checks
3043 in turn access the fields of unverified "ospfh" structure for their
3044 own
3045 purposes and must remain very accurate in doing this. */
3046
3047 /* If incoming interface is passive one, ignore it. */
3048 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3049 char buf[3][INET_ADDRSTRLEN];
3050
3051 if (IS_DEBUG_OSPF_EVENT)
3052 zlog_debug(
3053 "ignoring packet from router %s sent to %s, "
3054 "received on a passive interface, %s",
3055 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3056 sizeof(buf[0])),
3057 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3058 sizeof(buf[1])),
3059 inet_ntop(AF_INET, &oi->address->u.prefix4,
3060 buf[2], sizeof(buf[2])));
3061
3062 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3063 /* Try to fix multicast membership.
3064 * Some OS:es may have problems in this area,
3065 * make sure it is removed.
3066 */
3067 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3068 ospf_if_set_multicast(oi);
3069 }
3070 return 0;
3071 }
3072
3073
3074 /* if no local ospf_interface,
3075 * or header area is backbone but ospf_interface is not
3076 * check for VLINK interface
3077 */
3078 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3079 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3080 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3081 == NULL) {
3082 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3083 zlog_debug(
3084 "Packet from [%s] received on link %s"
3085 " but no ospf_interface",
3086 inet_ntoa(iph->ip_src), ifp->name);
3087 return 0;
3088 }
3089 }
3090
3091 /* else it must be a local ospf interface, check it was received on
3092 * correct link
3093 */
3094 else if (oi->ifp != ifp) {
3095 if (IS_DEBUG_OSPF_EVENT)
3096 flog_warn(EC_OSPF_PACKET,
3097 "Packet from [%s] received on wrong link %s",
3098 inet_ntoa(iph->ip_src), ifp->name);
3099 return 0;
3100 } else if (oi->state == ISM_Down) {
3101 char buf[2][INET_ADDRSTRLEN];
3102 flog_warn(
3103 EC_OSPF_PACKET,
3104 "Ignoring packet from %s to %s received on interface that is "
3105 "down [%s]; interface flags are %s",
3106 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3107 sizeof(buf[0])),
3108 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3109 sizeof(buf[1])),
3110 ifp->name, if_flag_dump(ifp->flags));
3111 /* Fix multicast memberships? */
3112 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3113 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3114 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3115 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3116 if (oi->multicast_memberships)
3117 ospf_if_set_multicast(oi);
3118 return 0;
3119 }
3120
3121 /*
3122 * If the received packet is destined for AllDRouters, the packet
3123 * should be accepted only if the received ospf interface state is
3124 * either DR or Backup -- endo.
3125 */
3126 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3127 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3128 flog_warn(
3129 EC_OSPF_PACKET,
3130 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3131 inet_ntoa(iph->ip_src), IF_NAME(oi),
3132 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3133 /* Try to fix multicast membership. */
3134 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3135 ospf_if_set_multicast(oi);
3136 return 0;
3137 }
3138
3139 /* Verify more OSPF header fields. */
3140 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3141 if (ret < 0) {
3142 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3143 zlog_debug(
3144 "ospf_read[%s]: Header check failed, "
3145 "dropping.",
3146 inet_ntoa(iph->ip_src));
3147 return ret;
3148 }
3149
3150 /* Show debug receiving packet. */
3151 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3152 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3153 zlog_debug(
3154 "-----------------------------------------------------");
3155 ospf_packet_dump(ibuf);
3156 }
3157
3158 zlog_debug("%s received from [%s] via [%s]",
3159 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3160 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3161 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3162 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3163
3164 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3165 zlog_debug(
3166 "-----------------------------------------------------");
3167 }
3168
3169 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3170
3171 /* Adjust size to message length. */
3172 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3173
3174 /* Read rest of the packet and call each sort of packet routine. */
3175 switch (ospfh->type) {
3176 case OSPF_MSG_HELLO:
3177 ospf_hello(iph, ospfh, ibuf, oi, length);
3178 break;
3179 case OSPF_MSG_DB_DESC:
3180 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3181 break;
3182 case OSPF_MSG_LS_REQ:
3183 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3184 break;
3185 case OSPF_MSG_LS_UPD:
3186 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3187 break;
3188 case OSPF_MSG_LS_ACK:
3189 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3190 break;
3191 default:
3192 flog_warn(EC_OSPF_PACKET,
3193 "interface %s: OSPF packet header type %d is illegal",
3194 IF_NAME(oi), ospfh->type);
3195 break;
3196 }
3197
3198 return 0;
3199 }
3200
3201 /* Make OSPF header. */
3202 static void ospf_make_header(int type, struct ospf_interface *oi,
3203 struct stream *s)
3204 {
3205 struct ospf_header *ospfh;
3206
3207 ospfh = (struct ospf_header *)STREAM_DATA(s);
3208
3209 ospfh->version = (uint8_t)OSPF_VERSION;
3210 ospfh->type = (uint8_t)type;
3211
3212 ospfh->router_id = oi->ospf->router_id;
3213
3214 ospfh->checksum = 0;
3215 ospfh->area_id = oi->area->area_id;
3216 ospfh->auth_type = htons(ospf_auth_type(oi));
3217
3218 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3219
3220 stream_forward_endp(s, OSPF_HEADER_SIZE);
3221 }
3222
3223 /* Make Authentication Data. */
3224 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3225 {
3226 struct crypt_key *ck;
3227
3228 switch (ospf_auth_type(oi)) {
3229 case OSPF_AUTH_NULL:
3230 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3231 */
3232 break;
3233 case OSPF_AUTH_SIMPLE:
3234 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3235 OSPF_AUTH_SIMPLE_SIZE);
3236 break;
3237 case OSPF_AUTH_CRYPTOGRAPHIC:
3238 /* If key is not set, then set 0. */
3239 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3240 ospfh->u.crypt.zero = 0;
3241 ospfh->u.crypt.key_id = 0;
3242 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3243 } else {
3244 ck = listgetdata(
3245 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3246 ospfh->u.crypt.zero = 0;
3247 ospfh->u.crypt.key_id = ck->key_id;
3248 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3249 }
3250 /* note: the seq is done in ospf_make_md5_digest() */
3251 break;
3252 default:
3253 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3254 */
3255 break;
3256 }
3257
3258 return 0;
3259 }
3260
3261 /* Fill rest of OSPF header. */
3262 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3263 uint16_t length)
3264 {
3265 struct ospf_header *ospfh;
3266
3267 ospfh = (struct ospf_header *)STREAM_DATA(s);
3268
3269 /* Fill length. */
3270 ospfh->length = htons(length);
3271
3272 /* Calculate checksum. */
3273 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3274 ospfh->checksum = in_cksum(ospfh, length);
3275 else
3276 ospfh->checksum = 0;
3277
3278 /* Add Authentication Data. */
3279 ospf_make_auth(oi, ospfh);
3280 }
3281
3282 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3283 {
3284 struct ospf_neighbor *nbr;
3285 struct route_node *rn;
3286 uint16_t length = OSPF_HELLO_MIN_SIZE;
3287 struct in_addr mask;
3288 unsigned long p;
3289 int flag = 0;
3290
3291 /* Set netmask of interface. */
3292 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3293 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3294 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3295 masklen2ip(oi->address->prefixlen, &mask);
3296 else
3297 memset((char *)&mask, 0, sizeof(struct in_addr));
3298 stream_put_ipv4(s, mask.s_addr);
3299
3300 /* Set Hello Interval. */
3301 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3302 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3303 else
3304 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3305
3306 if (IS_DEBUG_OSPF_EVENT)
3307 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3308 IF_NAME(oi));
3309
3310 /* Set Options. */
3311 stream_putc(s, OPTIONS(oi));
3312
3313 /* Set Router Priority. */
3314 stream_putc(s, PRIORITY(oi));
3315
3316 /* Set Router Dead Interval. */
3317 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3318
3319 /* Set Designated Router. */
3320 stream_put_ipv4(s, DR(oi).s_addr);
3321
3322 p = stream_get_endp(s);
3323
3324 /* Set Backup Designated Router. */
3325 stream_put_ipv4(s, BDR(oi).s_addr);
3326
3327 /* Add neighbor seen. */
3328 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3329 if ((nbr = rn->info))
3330 if (nbr->router_id.s_addr
3331 != 0) /* Ignore 0.0.0.0 node. */
3332 if (nbr->state
3333 != NSM_Attempt) /* Ignore Down neighbor. */
3334 if (nbr->state
3335 != NSM_Down) /* This is myself for
3336 DR election. */
3337 if (!IPV4_ADDR_SAME(
3338 &nbr->router_id,
3339 &oi->ospf->router_id)) {
3340 /* Check neighbor is
3341 * sane? */
3342 if (nbr->d_router.s_addr
3343 != 0
3344 && IPV4_ADDR_SAME(
3345 &nbr->d_router,
3346 &oi->address
3347 ->u
3348 .prefix4)
3349 && IPV4_ADDR_SAME(
3350 &nbr->bd_router,
3351 &oi->address
3352 ->u
3353 .prefix4))
3354 flag = 1;
3355
3356 /* Hello packet overflows interface MTU. */
3357 if (length + sizeof(uint32_t)
3358 > ospf_packet_max(oi)) {
3359 flog_err(
3360 EC_OSPF_LARGE_HELLO,
3361 "Oversized Hello packet! Larger than MTU. Not sending it out");
3362 return 0;
3363 }
3364
3365 stream_put_ipv4(
3366 s,
3367 nbr->router_id
3368 .s_addr);
3369 length += 4;
3370 }
3371
3372 /* Let neighbor generate BackupSeen. */
3373 if (flag == 1)
3374 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3375
3376 return length;
3377 }
3378
3379 static int ospf_make_db_desc(struct ospf_interface *oi,
3380 struct ospf_neighbor *nbr, struct stream *s)
3381 {
3382 struct ospf_lsa *lsa;
3383 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3384 uint8_t options;
3385 unsigned long pp;
3386 int i;
3387 struct ospf_lsdb *lsdb;
3388
3389 /* Set Interface MTU. */
3390 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3391 stream_putw(s, 0);
3392 else
3393 stream_putw(s, oi->ifp->mtu);
3394
3395 /* Set Options. */
3396 options = OPTIONS(oi);
3397 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3398 SET_FLAG(options, OSPF_OPTION_O);
3399 stream_putc(s, options);
3400
3401 /* DD flags */
3402 pp = stream_get_endp(s);
3403 stream_putc(s, nbr->dd_flags);
3404
3405 /* Set DD Sequence Number. */
3406 stream_putl(s, nbr->dd_seqnum);
3407
3408 /* shortcut unneeded walk of (empty) summary LSDBs */
3409 if (ospf_db_summary_isempty(nbr))
3410 goto empty;
3411
3412 /* Describe LSA Header from Database Summary List. */
3413 lsdb = &nbr->db_sum;
3414
3415 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3416 struct route_table *table = lsdb->type[i].db;
3417 struct route_node *rn;
3418
3419 for (rn = route_top(table); rn; rn = route_next(rn))
3420 if ((lsa = rn->info) != NULL) {
3421 if (IS_OPAQUE_LSA(lsa->data->type)
3422 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3423 /* Suppress advertising
3424 * opaque-information. */
3425 /* Remove LSA from DB summary list. */
3426 ospf_lsdb_delete(lsdb, lsa);
3427 continue;
3428 }
3429
3430 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3431 struct lsa_header *lsah;
3432 uint16_t ls_age;
3433
3434 /* DD packet overflows interface MTU. */
3435 if (length + OSPF_LSA_HEADER_SIZE
3436 > ospf_packet_max(oi))
3437 break;
3438
3439 /* Keep pointer to LS age. */
3440 lsah = (struct lsa_header
3441 *)(STREAM_DATA(s)
3442 + stream_get_endp(
3443 s));
3444
3445 /* Proceed stream pointer. */
3446 stream_put(s, lsa->data,
3447 OSPF_LSA_HEADER_SIZE);
3448 length += OSPF_LSA_HEADER_SIZE;
3449
3450 /* Set LS age. */
3451 ls_age = LS_AGE(lsa);
3452 lsah->ls_age = htons(ls_age);
3453 }
3454
3455 /* Remove LSA from DB summary list. */
3456 ospf_lsdb_delete(lsdb, lsa);
3457 }
3458 }
3459
3460 /* Update 'More' bit */
3461 if (ospf_db_summary_isempty(nbr)) {
3462 empty:
3463 if (nbr->state >= NSM_Exchange) {
3464 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3465 /* Rewrite DD flags */
3466 stream_putc_at(s, pp, nbr->dd_flags);
3467 } else {
3468 assert(IS_SET_DD_M(nbr->dd_flags));
3469 }
3470 }
3471 return length;
3472 }
3473
3474 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3475 unsigned long delta, struct ospf_neighbor *nbr,
3476 struct ospf_lsa *lsa)
3477 {
3478 struct ospf_interface *oi;
3479
3480 oi = nbr->oi;
3481
3482 /* LS Request packet overflows interface MTU
3483 * delta is just number of bytes required for 1 LS Req
3484 * ospf_packet_max will return the number of bytes can
3485 * be accomodated without ospf header. So length+delta
3486 * can be compared to ospf_packet_max
3487 * to check if it can fit another lsreq in the same packet.
3488 */
3489
3490 if (*length + delta > ospf_packet_max(oi))
3491 return 0;
3492
3493 stream_putl(s, lsa->data->type);
3494 stream_put_ipv4(s, lsa->data->id.s_addr);
3495 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3496
3497 ospf_lsa_unlock(&nbr->ls_req_last);
3498 nbr->ls_req_last = ospf_lsa_lock(lsa);
3499
3500 *length += 12;
3501 return 1;
3502 }
3503
3504 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3505 {
3506 struct ospf_lsa *lsa;
3507 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3508 unsigned long delta = 12;
3509 struct route_table *table;
3510 struct route_node *rn;
3511 int i;
3512 struct ospf_lsdb *lsdb;
3513
3514 lsdb = &nbr->ls_req;
3515
3516 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3517 table = lsdb->type[i].db;
3518 for (rn = route_top(table); rn; rn = route_next(rn))
3519 if ((lsa = (rn->info)) != NULL)
3520 if (ospf_make_ls_req_func(s, &length, delta,
3521 nbr, lsa)
3522 == 0) {
3523 route_unlock_node(rn);
3524 break;
3525 }
3526 }
3527 return length;
3528 }
3529
3530 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3531 {
3532 int age;
3533
3534 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3535
3536 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3537 }
3538
3539 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3540 struct stream *s)
3541 {
3542 struct ospf_lsa *lsa;
3543 struct listnode *node;
3544 uint16_t length = 0;
3545 unsigned int size_noauth;
3546 unsigned long delta = stream_get_endp(s);
3547 unsigned long pp;
3548 int count = 0;
3549
3550 if (IS_DEBUG_OSPF_EVENT)
3551 zlog_debug("ospf_make_ls_upd: Start");
3552
3553 pp = stream_get_endp(s);
3554 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3555 length += OSPF_LS_UPD_MIN_SIZE;
3556
3557 /* Calculate amount of packet usable for data. */
3558 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3559
3560 while ((node = listhead(update)) != NULL) {
3561 struct lsa_header *lsah;
3562 uint16_t ls_age;
3563
3564 if (IS_DEBUG_OSPF_EVENT)
3565 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3566 count);
3567
3568 lsa = listgetdata(node);
3569
3570 assert(lsa->data);
3571
3572 /* Will it fit? Minimum it has to fit atleast one */
3573 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3574 (count > 0))
3575 break;
3576
3577 /* Keep pointer to LS age. */
3578 lsah = (struct lsa_header *)(STREAM_DATA(s)
3579 + stream_get_endp(s));
3580
3581 /* Put LSA to Link State Request. */
3582 stream_put(s, lsa->data, ntohs(lsa->data->length));
3583
3584 /* Set LS age. */
3585 /* each hop must increment an lsa_age by transmit_delay
3586 of OSPF interface */
3587 ls_age = ls_age_increment(lsa,
3588 OSPF_IF_PARAM(oi, transmit_delay));
3589 lsah->ls_age = htons(ls_age);
3590
3591 length += ntohs(lsa->data->length);
3592 count++;
3593
3594 list_delete_node(update, node);
3595 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3596 }
3597
3598 /* Now set #LSAs. */
3599 stream_putl_at(s, pp, count);
3600
3601 if (IS_DEBUG_OSPF_EVENT)
3602 zlog_debug("ospf_make_ls_upd: Stop");
3603 return length;
3604 }
3605
3606 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3607 struct stream *s)
3608 {
3609 struct listnode *node, *nnode;
3610 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3611 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3612 struct ospf_lsa *lsa;
3613
3614 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3615 assert(lsa);
3616
3617 /* LS Ack packet overflows interface MTU
3618 * delta is just number of bytes required for
3619 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3620 * the number of bytes can be accomodated without
3621 * ospf header. So length+delta can be compared
3622 * against ospf_packet_max to check if it can fit
3623 * another ls header in the same packet.
3624 */
3625 if ((length + delta) > ospf_packet_max(oi))
3626 break;
3627
3628 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3629 length += OSPF_LSA_HEADER_SIZE;
3630
3631 listnode_delete(ack, lsa);
3632 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3633 }
3634
3635 return length;
3636 }
3637
3638 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3639 {
3640 struct ospf_packet *op;
3641 uint16_t length = OSPF_HEADER_SIZE;
3642
3643 op = ospf_packet_new(oi->ifp->mtu);
3644
3645 /* Prepare OSPF common header. */
3646 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3647
3648 /* Prepare OSPF Hello body. */
3649 length += ospf_make_hello(oi, op->s);
3650 if (length == OSPF_HEADER_SIZE) {
3651 /* Hello overshooting MTU */
3652 ospf_packet_free(op);
3653 return;
3654 }
3655
3656 /* Fill OSPF header. */
3657 ospf_fill_header(oi, op->s, length);
3658
3659 /* Set packet length. */
3660 op->length = length;
3661
3662 op->dst.s_addr = addr;
3663
3664 if (IS_DEBUG_OSPF_EVENT) {
3665 if (oi->ospf->vrf_id)
3666 zlog_debug(
3667 "%s: Hello Tx interface %s ospf vrf %s id %u",
3668 __PRETTY_FUNCTION__, oi->ifp->name,
3669 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3670 oi->ospf->vrf_id);
3671 }
3672 /* Add packet to the top of the interface output queue, so that they
3673 * can't get delayed by things like long queues of LS Update packets
3674 */
3675 ospf_packet_add_top(oi, op);
3676
3677 /* Hook thread to write packet. */
3678 OSPF_ISM_WRITE_ON(oi->ospf);
3679 }
3680
3681 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3682 {
3683 struct ospf_interface *oi;
3684
3685 oi = nbr_nbma->oi;
3686 assert(oi);
3687
3688 /* If this is passive interface, do not send OSPF Hello. */
3689 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3690 return;
3691
3692 if (oi->type != OSPF_IFTYPE_NBMA)
3693 return;
3694
3695 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3696 return;
3697
3698 if (PRIORITY(oi) == 0)
3699 return;
3700
3701 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3702 && oi->state != ISM_Backup)
3703 return;
3704
3705 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3706 }
3707
3708 int ospf_poll_timer(struct thread *thread)
3709 {
3710 struct ospf_nbr_nbma *nbr_nbma;
3711
3712 nbr_nbma = THREAD_ARG(thread);
3713 nbr_nbma->t_poll = NULL;
3714
3715 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3716 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3717 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3718
3719 ospf_poll_send(nbr_nbma);
3720
3721 if (nbr_nbma->v_poll > 0)
3722 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3723 nbr_nbma->v_poll);
3724
3725 return 0;
3726 }
3727
3728
3729 int ospf_hello_reply_timer(struct thread *thread)
3730 {
3731 struct ospf_neighbor *nbr;
3732
3733 nbr = THREAD_ARG(thread);
3734 nbr->t_hello_reply = NULL;
3735
3736 assert(nbr->oi);
3737
3738 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3739 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3740 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3741
3742 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3743
3744 return 0;
3745 }
3746
3747 /* Send OSPF Hello. */
3748 void ospf_hello_send(struct ospf_interface *oi)
3749 {
3750 /* If this is passive interface, do not send OSPF Hello. */
3751 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3752 return;
3753
3754 if (oi->type == OSPF_IFTYPE_NBMA) {
3755 struct ospf_neighbor *nbr;
3756 struct route_node *rn;
3757
3758 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3759 if ((nbr = rn->info))
3760 if (nbr != oi->nbr_self)
3761 if (nbr->state != NSM_Down) {
3762 /* RFC 2328 Section 9.5.1
3763 If the router is not
3764 eligible to become Designated
3765 Router,
3766 it must periodically send
3767 Hello Packets to both the
3768 Designated Router and the
3769 Backup Designated Router (if
3770 they
3771 exist). */
3772 if (PRIORITY(oi) == 0
3773 && IPV4_ADDR_CMP(
3774 &DR(oi),
3775 &nbr->address.u
3776 .prefix4)
3777 && IPV4_ADDR_CMP(
3778 &BDR(oi),
3779 &nbr->address.u
3780 .prefix4))
3781 continue;
3782
3783 /* If the router is eligible to
3784 become Designated Router, it
3785 must periodically send Hello
3786 Packets to all neighbors that
3787 are also eligible. In
3788 addition, if the router is
3789 itself the
3790 Designated Router or Backup
3791 Designated Router, it must
3792 also
3793 send periodic Hello Packets
3794 to all other neighbors. */
3795
3796 if (nbr->priority == 0
3797 && oi->state == ISM_DROther)
3798 continue;
3799 /* if oi->state == Waiting, send
3800 * hello to all neighbors */
3801 ospf_hello_send_sub(
3802 oi,
3803 nbr->address.u.prefix4
3804 .s_addr);
3805 }
3806 } else {
3807 /* Decide destination address. */
3808 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3809 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3810 else
3811 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3812 }
3813 }
3814
3815 /* Send OSPF Database Description. */
3816 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3817 {
3818 struct ospf_interface *oi;
3819 struct ospf_packet *op;
3820 uint16_t length = OSPF_HEADER_SIZE;
3821
3822 oi = nbr->oi;
3823 op = ospf_packet_new(oi->ifp->mtu);
3824
3825 /* Prepare OSPF common header. */
3826 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3827
3828 /* Prepare OSPF Database Description body. */
3829 length += ospf_make_db_desc(oi, nbr, op->s);
3830
3831 /* Fill OSPF header. */
3832 ospf_fill_header(oi, op->s, length);
3833
3834 /* Set packet length. */
3835 op->length = length;
3836
3837 /* Decide destination address. */
3838 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3839 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3840 else
3841 op->dst = nbr->address.u.prefix4;
3842
3843 /* Add packet to the interface output queue. */
3844 ospf_packet_add(oi, op);
3845
3846 /* Hook thread to write packet. */
3847 OSPF_ISM_WRITE_ON(oi->ospf);
3848
3849 /* Remove old DD packet, then copy new one and keep in neighbor
3850 * structure. */
3851 if (nbr->last_send)
3852 ospf_packet_free(nbr->last_send);
3853 nbr->last_send = ospf_packet_dup(op);
3854 monotime(&nbr->last_send_ts);
3855 }
3856
3857 /* Re-send Database Description. */
3858 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3859 {
3860 struct ospf_interface *oi;
3861
3862 oi = nbr->oi;
3863
3864 /* Add packet to the interface output queue. */
3865 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3866
3867 /* Hook thread to write packet. */
3868 OSPF_ISM_WRITE_ON(oi->ospf);
3869 }
3870
3871 /* Send Link State Request. */
3872 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3873 {
3874 struct ospf_interface *oi;
3875 struct ospf_packet *op;
3876 uint16_t length = OSPF_HEADER_SIZE;
3877
3878 oi = nbr->oi;
3879 op = ospf_packet_new(oi->ifp->mtu);
3880
3881 /* Prepare OSPF common header. */
3882 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3883
3884 /* Prepare OSPF Link State Request body. */
3885 length += ospf_make_ls_req(nbr, op->s);
3886 if (length == OSPF_HEADER_SIZE) {
3887 ospf_packet_free(op);
3888 return;
3889 }
3890
3891 /* Fill OSPF header. */
3892 ospf_fill_header(oi, op->s, length);
3893
3894 /* Set packet length. */
3895 op->length = length;
3896
3897 /* Decide destination address. */
3898 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3899 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3900 else
3901 op->dst = nbr->address.u.prefix4;
3902
3903 /* Add packet to the interface output queue. */
3904 ospf_packet_add(oi, op);
3905
3906 /* Hook thread to write packet. */
3907 OSPF_ISM_WRITE_ON(oi->ospf);
3908
3909 /* Add Link State Request Retransmission Timer. */
3910 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3911 }
3912
3913 /* Send Link State Update with an LSA. */
3914 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3915 int flag)
3916 {
3917 struct list *update;
3918
3919 update = list_new();
3920
3921 listnode_add(update, lsa);
3922
3923 /*ospf instance is going down, send self originated
3924 * MAXAGE LSA update to neighbors to remove from LSDB */
3925 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3926 ospf_ls_upd_send(nbr, update, flag, 1);
3927 else
3928 ospf_ls_upd_send(nbr, update, flag, 0);
3929
3930 list_delete(&update);
3931 }
3932
3933 /* Determine size for packet. Must be at least big enough to accomodate next
3934 * LSA on list, which may be bigger than MTU size.
3935 *
3936 * Return pointer to new ospf_packet
3937 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3938 * on packet sizes (in which case offending LSA is deleted from update list)
3939 */
3940 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3941 struct ospf_interface *oi)
3942 {
3943 struct ospf_lsa *lsa;
3944 struct listnode *ln;
3945 size_t size;
3946 static char warned = 0;
3947
3948 lsa = listgetdata((ln = listhead(update)));
3949 assert(lsa->data);
3950
3951 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3952 > ospf_packet_max(oi)) {
3953 if (!warned) {
3954 flog_warn(
3955 EC_OSPF_LARGE_LSA,
3956 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3957 "will need to fragment. Not optimal. Try divide up"
3958 " your network with areas. Use 'debug ospf packet send'"
3959 " to see details, or look at 'show ip ospf database ..'");
3960 warned = 1;
3961 }
3962
3963 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3964 zlog_debug(
3965 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3966 " %d bytes originated by %s, will be fragmented!",
3967 inet_ntoa(lsa->data->id),
3968 ntohs(lsa->data->length),
3969 inet_ntoa(lsa->data->adv_router));
3970
3971 /*
3972 * Allocate just enough to fit this LSA only, to avoid including
3973 * other
3974 * LSAs in fragmented LSA Updates.
3975 */
3976 size = ntohs(lsa->data->length)
3977 + (oi->ifp->mtu - ospf_packet_max(oi))
3978 + OSPF_LS_UPD_MIN_SIZE;
3979 } else
3980 size = oi->ifp->mtu;
3981
3982 if (size > OSPF_MAX_PACKET_SIZE) {
3983 flog_warn(EC_OSPF_LARGE_LSA,
3984 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3985 " %d bytes, packet size %ld, dropping it completely."
3986 " OSPF routing is broken!",
3987 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3988 (long int)size);
3989 list_delete_node(update, ln);
3990 return NULL;
3991 }
3992
3993 /* IP header is built up separately by ospf_write(). This means, that we
3994 * must
3995 * reduce the "affordable" size just calculated by length of an IP
3996 * header.
3997 * This makes sure, that even if we manage to fill the payload with LSA
3998 * data
3999 * completely, the final packet (our data plus IP header) still fits
4000 * into
4001 * outgoing interface MTU. This correction isn't really meaningful for
4002 * an
4003 * oversized LSA, but for consistency the correction is done for both
4004 * cases.
4005 *
4006 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4007 */
4008 return ospf_packet_new(size - sizeof(struct ip));
4009 }
4010
4011 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4012 struct list *update, struct in_addr addr,
4013 int send_lsupd_now)
4014 {
4015 struct ospf_packet *op;
4016 uint16_t length = OSPF_HEADER_SIZE;
4017
4018 if (IS_DEBUG_OSPF_EVENT)
4019 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
4020 IF_NAME(oi), inet_ntoa(addr));
4021
4022 /* Check that we have really something to process */
4023 if (listcount(update) == 0)
4024 return;
4025
4026 op = ospf_ls_upd_packet_new(update, oi);
4027
4028 /* Prepare OSPF common header. */
4029 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4030
4031 /* Prepare OSPF Link State Update body.
4032 * Includes Type-7 translation.
4033 */
4034 length += ospf_make_ls_upd(oi, update, op->s);
4035
4036 /* Fill OSPF header. */
4037 ospf_fill_header(oi, op->s, length);
4038
4039 /* Set packet length. */
4040 op->length = length;
4041
4042 /* Decide destination address. */
4043 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4044 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4045 else
4046 op->dst.s_addr = addr.s_addr;
4047
4048 /* Add packet to the interface output queue. */
4049 ospf_packet_add(oi, op);
4050 /* Call ospf_write() right away to send ospf packets to neighbors */
4051 if (send_lsupd_now) {
4052 struct thread os_packet_thd;
4053
4054 os_packet_thd.arg = (void *)oi->ospf;
4055 if (oi->on_write_q == 0) {
4056 listnode_add(oi->ospf->oi_write_q, oi);
4057 oi->on_write_q = 1;
4058 }
4059 ospf_write(&os_packet_thd);
4060 /*
4061 * We are fake calling ospf_write with a fake
4062 * thread. Imagine that we have oi_a already
4063 * enqueued and we have turned on the write
4064 * thread(t_write).
4065 * Now this function calls this for oi_b
4066 * so the on_write_q has oi_a and oi_b on
4067 * it, ospf_write runs and clears the packets
4068 * for both oi_a and oi_b. Removing them from
4069 * the on_write_q. After this thread of execution
4070 * finishes we will execute the t_write thread
4071 * with nothing in the on_write_q causing an
4072 * assert. So just make sure that the t_write
4073 * is actually turned off.
4074 */
4075 if (list_isempty(oi->ospf->oi_write_q))
4076 OSPF_TIMER_OFF(oi->ospf->t_write);
4077 } else {
4078 /* Hook thread to write packet. */
4079 OSPF_ISM_WRITE_ON(oi->ospf);
4080 }
4081 }
4082
4083 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4084 {
4085 struct ospf_interface *oi = THREAD_ARG(thread);
4086 struct route_node *rn;
4087 struct route_node *rnext;
4088 struct list *update;
4089 char again = 0;
4090
4091 oi->t_ls_upd_event = NULL;
4092
4093 if (IS_DEBUG_OSPF_EVENT)
4094 zlog_debug("ospf_ls_upd_send_queue start");
4095
4096 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4097 rnext = route_next(rn);
4098
4099 if (rn->info == NULL)
4100 continue;
4101
4102 update = (struct list *)rn->info;
4103
4104 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4105
4106 /* list might not be empty. */
4107 if (listcount(update) == 0) {
4108 list_delete((struct list **)&rn->info);
4109 route_unlock_node(rn);
4110 } else
4111 again = 1;
4112 }
4113
4114 if (again != 0) {
4115 if (IS_DEBUG_OSPF_EVENT)
4116 zlog_debug(
4117 "ospf_ls_upd_send_queue: update lists not cleared,"
4118 " %d nodes to try again, raising new event",
4119 again);
4120 oi->t_ls_upd_event = NULL;
4121 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4122 &oi->t_ls_upd_event);
4123 }
4124
4125 if (IS_DEBUG_OSPF_EVENT)
4126 zlog_debug("ospf_ls_upd_send_queue stop");
4127
4128 return 0;
4129 }
4130
4131 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4132 int send_lsupd_now)
4133 {
4134 struct ospf_interface *oi;
4135 struct ospf_lsa *lsa;
4136 struct prefix_ipv4 p;
4137 struct route_node *rn;
4138 struct listnode *node;
4139
4140 oi = nbr->oi;
4141
4142 p.family = AF_INET;
4143 p.prefixlen = IPV4_MAX_BITLEN;
4144
4145 /* Decide destination address. */
4146 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4147 p.prefix = oi->vl_data->peer_addr;
4148 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4149 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4150 else if (flag == OSPF_SEND_PACKET_DIRECT)
4151 p.prefix = nbr->address.u.prefix4;
4152 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4153 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4154 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4155 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4156 else
4157 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4158
4159 if (oi->type == OSPF_IFTYPE_NBMA) {
4160 if (flag == OSPF_SEND_PACKET_INDIRECT)
4161 flog_warn(
4162 EC_OSPF_PACKET,
4163 "* LS-Update is directly sent on NBMA network.");
4164 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4165 flog_warn(EC_OSPF_PACKET,
4166 "* LS-Update is sent to myself.");
4167 }
4168
4169 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4170
4171 if (rn->info == NULL)
4172 rn->info = list_new();
4173 else
4174 route_unlock_node(rn);
4175
4176 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4177 listnode_add(rn->info,
4178 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4179 if (send_lsupd_now) {
4180 struct list *send_update_list;
4181 struct route_node *rnext;
4182
4183 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4184 rnext = route_next(rn);
4185
4186 if (rn->info == NULL)
4187 continue;
4188
4189 send_update_list = (struct list *)rn->info;
4190
4191 ospf_ls_upd_queue_send(oi, send_update_list,
4192 rn->p.u.prefix4, 1);
4193 }
4194 } else
4195 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4196 &oi->t_ls_upd_event);
4197 }
4198
4199 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4200 struct in_addr dst)
4201 {
4202 struct ospf_packet *op;
4203 uint16_t length = OSPF_HEADER_SIZE;
4204
4205 op = ospf_packet_new(oi->ifp->mtu);
4206
4207 /* Prepare OSPF common header. */
4208 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4209
4210 /* Prepare OSPF Link State Acknowledgment body. */
4211 length += ospf_make_ls_ack(oi, ack, op->s);
4212
4213 /* Fill OSPF header. */
4214 ospf_fill_header(oi, op->s, length);
4215
4216 /* Set packet length. */
4217 op->length = length;
4218
4219 /* Decide destination address. */
4220 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4221 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4222 else
4223 op->dst.s_addr = dst.s_addr;
4224
4225 /* Add packet to the interface output queue. */
4226 ospf_packet_add(oi, op);
4227
4228 /* Hook thread to write packet. */
4229 OSPF_ISM_WRITE_ON(oi->ospf);
4230 }
4231
4232 static int ospf_ls_ack_send_event(struct thread *thread)
4233 {
4234 struct ospf_interface *oi = THREAD_ARG(thread);
4235
4236 oi->t_ls_ack_direct = NULL;
4237
4238 while (listcount(oi->ls_ack_direct.ls_ack))
4239 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4240 oi->ls_ack_direct.dst);
4241
4242 return 0;
4243 }
4244
4245 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4246 {
4247 struct ospf_interface *oi = nbr->oi;
4248
4249 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4250 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4251
4252 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4253
4254 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4255 &oi->t_ls_ack_direct);
4256 }
4257
4258 /* Send Link State Acknowledgment delayed. */
4259 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4260 {
4261 struct in_addr dst;
4262
4263 /* Decide destination address. */
4264 /* RFC2328 Section 13.5 On non-broadcast
4265 networks, delayed Link State Acknowledgment packets must be
4266 unicast separately over each adjacency (i.e., neighbor whose
4267 state is >= Exchange). */
4268 if (oi->type == OSPF_IFTYPE_NBMA) {
4269 struct ospf_neighbor *nbr;
4270 struct route_node *rn;
4271
4272 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4273 if ((nbr = rn->info) != NULL)
4274 if (nbr != oi->nbr_self
4275 && nbr->state >= NSM_Exchange)
4276 while (listcount(oi->ls_ack))
4277 ospf_ls_ack_send_list(
4278 oi, oi->ls_ack,
4279 nbr->address.u.prefix4);
4280 return;
4281 }
4282 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4283 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4284 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4285 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4286 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4287 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4288 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4289 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4290 else
4291 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4292
4293 while (listcount(oi->ls_ack))
4294 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4295 }
4296
4297 /*
4298 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4299 * address. As a result, the kernel does not need to learn the interface
4300 * MAC of the OSPF neighbor. However, in our world, this will delay
4301 * convergence. Take the case when due to a link flap, all routes now
4302 * want to use an interface which was deemed to be costlier prior to this
4303 * event. For routes that will be installed, the missing MAC will have
4304 * punt-to-CPU set on them. This may overload the CPU control path that
4305 * can be avoided if the MAC was known apriori.
4306 */
4307 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4308 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4309 {
4310 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4311 int ret;
4312
4313 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4314 return;
4315
4316 snprintf(ping_nbr, sizeof(ping_nbr),
4317 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4318 inet_ntoa(nbr->address.u.prefix4));
4319
4320 ret = system(ping_nbr);
4321 if (IS_DEBUG_OSPF_EVENT)
4322 zlog_debug("Executed %s %s", ping_nbr,
4323 ((ret == 0) ? "successfully" : "but failed"));
4324 }
FRRouting mirror