]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5257 from ton31337/fix/update_rib_on_bgp_distance_changes
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56
57 /*
58 * OSPF Fragmentation / fragmented writes
59 *
60 * ospfd can support writing fragmented packets, for cases where
61 * kernel will not fragment IP_HDRINCL and/or multicast destined
62 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
63 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
64 * flags fields, hence user-space fragmentation will not work.
65 * Only Linux is known to leave IP header unmolested.
66 * Further, fragmentation really should be done the kernel, which already
67 * supports it, and which avoids nasty IP ID state problems.
68 *
69 * Fragmentation of OSPF packets can be required on networks with router
70 * with many many interfaces active in one area, or on networks with links
71 * with low MTUs.
72 */
73 #ifdef GNU_LINUX
74 #define WANT_OSPF_WRITE_FRAGMENT
75 #endif
76
77 /* Packet Type String. */
78 const struct message ospf_packet_type_str[] = {
79 {OSPF_MSG_HELLO, "Hello"},
80 {OSPF_MSG_DB_DESC, "Database Description"},
81 {OSPF_MSG_LS_REQ, "Link State Request"},
82 {OSPF_MSG_LS_UPD, "Link State Update"},
83 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
84 {0}};
85
86 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
87 particular types, offset is the "type" field of a packet. */
88 static const uint16_t ospf_packet_minlen[] = {
89 0,
90 OSPF_HELLO_MIN_SIZE,
91 OSPF_DB_DESC_MIN_SIZE,
92 OSPF_LS_REQ_MIN_SIZE,
93 OSPF_LS_UPD_MIN_SIZE,
94 OSPF_LS_ACK_MIN_SIZE,
95 };
96
97 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
98 types, offset is the "LSA type" field. */
99 static const uint16_t ospf_lsa_minlen[] = {
100 0,
101 OSPF_ROUTER_LSA_MIN_SIZE,
102 OSPF_NETWORK_LSA_MIN_SIZE,
103 OSPF_SUMMARY_LSA_MIN_SIZE,
104 OSPF_SUMMARY_LSA_MIN_SIZE,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 0,
110 0,
111 0,
112 };
113
114 /* for ospf_check_auth() */
115 static int ospf_check_sum(struct ospf_header *);
116
117 /* OSPF authentication checking function */
118 static int ospf_auth_type(struct ospf_interface *oi)
119 {
120 int auth_type;
121
122 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
123 auth_type = oi->area->auth_type;
124 else
125 auth_type = OSPF_IF_PARAM(oi, auth_type);
126
127 /* Handle case where MD5 key list is not configured aka Cisco */
128 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
129 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
130 return OSPF_AUTH_NULL;
131
132 return auth_type;
133 }
134
135 static struct ospf_packet *ospf_packet_new(size_t size)
136 {
137 struct ospf_packet *new;
138
139 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
140 new->s = stream_new(size);
141
142 return new;
143 }
144
145 void ospf_packet_free(struct ospf_packet *op)
146 {
147 if (op->s)
148 stream_free(op->s);
149
150 XFREE(MTYPE_OSPF_PACKET, op);
151 }
152
153 struct ospf_fifo *ospf_fifo_new(void)
154 {
155 struct ospf_fifo *new;
156
157 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
158 return new;
159 }
160
161 /* Add new packet to fifo. */
162 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
163 {
164 if (fifo->tail)
165 fifo->tail->next = op;
166 else
167 fifo->head = op;
168
169 fifo->tail = op;
170
171 fifo->count++;
172 }
173
174 /* Add new packet to head of fifo. */
175 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
176 {
177 op->next = fifo->head;
178
179 if (fifo->tail == NULL)
180 fifo->tail = op;
181
182 fifo->head = op;
183
184 fifo->count++;
185 }
186
187 /* Delete first packet from fifo. */
188 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
189 {
190 struct ospf_packet *op;
191
192 op = fifo->head;
193
194 if (op) {
195 fifo->head = op->next;
196
197 if (fifo->head == NULL)
198 fifo->tail = NULL;
199
200 fifo->count--;
201 }
202
203 return op;
204 }
205
206 /* Return first fifo entry. */
207 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
208 {
209 return fifo->head;
210 }
211
212 /* Flush ospf packet fifo. */
213 void ospf_fifo_flush(struct ospf_fifo *fifo)
214 {
215 struct ospf_packet *op;
216 struct ospf_packet *next;
217
218 for (op = fifo->head; op; op = next) {
219 next = op->next;
220 ospf_packet_free(op);
221 }
222 fifo->head = fifo->tail = NULL;
223 fifo->count = 0;
224 }
225
226 /* Free ospf packet fifo. */
227 void ospf_fifo_free(struct ospf_fifo *fifo)
228 {
229 ospf_fifo_flush(fifo);
230
231 XFREE(MTYPE_OSPF_FIFO, fifo);
232 }
233
234 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
235 {
236 /* Add packet to end of queue. */
237 ospf_fifo_push(oi->obuf, op);
238
239 /* Debug of packet fifo*/
240 /* ospf_fifo_debug (oi->obuf); */
241 }
242
243 static void ospf_packet_add_top(struct ospf_interface *oi,
244 struct ospf_packet *op)
245 {
246 /* Add packet to head of queue. */
247 ospf_fifo_push_head(oi->obuf, op);
248
249 /* Debug of packet fifo*/
250 /* ospf_fifo_debug (oi->obuf); */
251 }
252
253 static void ospf_packet_delete(struct ospf_interface *oi)
254 {
255 struct ospf_packet *op;
256
257 op = ospf_fifo_pop(oi->obuf);
258
259 if (op)
260 ospf_packet_free(op);
261 }
262
263 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
264 {
265 struct ospf_packet *new;
266
267 if (stream_get_endp(op->s) != op->length)
268 /* XXX size_t */
269 zlog_debug(
270 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
271 (unsigned long)STREAM_SIZE(op->s), op->length);
272
273 /* Reserve space for MD5 authentication that may be added later. */
274 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
275 stream_copy(new->s, op->s);
276
277 new->dst = op->dst;
278 new->length = op->length;
279
280 return new;
281 }
282
283 /* XXX inline */
284 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
285 {
286 int auth = 0;
287
288 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
289 auth = OSPF_AUTH_MD5_SIZE;
290
291 return auth;
292 }
293
294 static unsigned int ospf_packet_max(struct ospf_interface *oi)
295 {
296 int max;
297
298 max = oi->ifp->mtu - ospf_packet_authspace(oi);
299
300 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
301
302 return max;
303 }
304
305
306 static int ospf_check_md5_digest(struct ospf_interface *oi,
307 struct ospf_header *ospfh)
308 {
309 #ifdef CRYPTO_OPENSSL
310 EVP_MD_CTX *ctx;
311 #elif CRYPTO_INTERNAL
312 MD5_CTX ctx;
313 #endif
314 unsigned char digest[OSPF_AUTH_MD5_SIZE];
315 struct crypt_key *ck;
316 struct ospf_neighbor *nbr;
317 uint16_t length = ntohs(ospfh->length);
318
319 /* Get secret key. */
320 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
321 ospfh->u.crypt.key_id);
322 if (ck == NULL) {
323 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
324 IF_NAME(oi), ospfh->u.crypt.key_id);
325 return 0;
326 }
327
328 /* check crypto seqnum. */
329 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
330
331 if (nbr
332 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
333 flog_warn(
334 EC_OSPF_MD5,
335 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
336 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
337 ntohl(nbr->crypt_seqnum));
338 return 0;
339 }
340
341 /* Generate a digest for the ospf packet - their digest + our digest. */
342 #ifdef CRYPTO_OPENSSL
343 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
344 ctx = EVP_MD_CTX_new();
345 EVP_DigestInit(ctx, EVP_md5());
346 EVP_DigestUpdate(ctx, ospfh, length);
347 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
348 EVP_DigestFinal(ctx, digest, &md5_size);
349 EVP_MD_CTX_free(ctx);
350 #elif CRYPTO_INTERNAL
351 memset(&ctx, 0, sizeof(ctx));
352 MD5Init(&ctx);
353 MD5Update(&ctx, ospfh, length);
354 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
355 MD5Final(digest, &ctx);
356 #endif
357
358 /* compare the two */
359 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
360 flog_warn(EC_OSPF_MD5,
361 "interface %s: ospf_check_md5 checksum mismatch",
362 IF_NAME(oi));
363 return 0;
364 }
365
366 /* save neighbor's crypt_seqnum */
367 if (nbr)
368 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
369 return 1;
370 }
371
372 /* This function is called from ospf_write(), it will detect the
373 authentication scheme and if it is MD5, it will change the sequence
374 and update the MD5 digest. */
375 static int ospf_make_md5_digest(struct ospf_interface *oi,
376 struct ospf_packet *op)
377 {
378 struct ospf_header *ospfh;
379 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
380 #ifdef CRYPTO_OPENSSL
381 EVP_MD_CTX *ctx;
382 #elif CRYPTO_INTERNAL
383 MD5_CTX ctx;
384 #endif
385 void *ibuf;
386 uint32_t t;
387 struct crypt_key *ck;
388 const uint8_t *auth_key;
389
390 ibuf = STREAM_DATA(op->s);
391 ospfh = (struct ospf_header *)ibuf;
392
393 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
394 return 0;
395
396 /* We do this here so when we dup a packet, we don't have to
397 waste CPU rewriting other headers.
398
399 Note that quagga_time /deliberately/ is not used here */
400 t = (time(NULL) & 0xFFFFFFFF);
401 if (t > oi->crypt_seqnum)
402 oi->crypt_seqnum = t;
403 else
404 oi->crypt_seqnum++;
405
406 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
407
408 /* Get MD5 Authentication key from auth_key list. */
409 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
410 auth_key = (const uint8_t *)digest;
411 else {
412 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
413 auth_key = ck->auth_key;
414 }
415
416 /* Generate a digest for the entire packet + our secret key. */
417 #ifdef CRYPTO_OPENSSL
418 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
419 ctx = EVP_MD_CTX_new();
420 EVP_DigestInit(ctx, EVP_md5());
421 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
422 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
423 EVP_DigestFinal(ctx, digest, &md5_size);
424 EVP_MD_CTX_free(ctx);
425 #elif CRYPTO_INTERNAL
426 memset(&ctx, 0, sizeof(ctx));
427 MD5Init(&ctx);
428 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
429 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
430 MD5Final(digest, &ctx);
431 #endif
432
433 /* Append md5 digest to the end of the stream. */
434 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
435
436 /* We do *NOT* increment the OSPF header length. */
437 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
438
439 if (stream_get_endp(op->s) != op->length)
440 /* XXX size_t */
441 flog_warn(
442 EC_OSPF_MD5,
443 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
444 (unsigned long)stream_get_endp(op->s), op->length);
445
446 return OSPF_AUTH_MD5_SIZE;
447 }
448
449
450 static int ospf_ls_req_timer(struct thread *thread)
451 {
452 struct ospf_neighbor *nbr;
453
454 nbr = THREAD_ARG(thread);
455 nbr->t_ls_req = NULL;
456
457 /* Send Link State Request. */
458 if (ospf_ls_request_count(nbr))
459 ospf_ls_req_send(nbr);
460
461 /* Set Link State Request retransmission timer. */
462 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
463
464 return 0;
465 }
466
467 void ospf_ls_req_event(struct ospf_neighbor *nbr)
468 {
469 if (nbr->t_ls_req) {
470 thread_cancel(nbr->t_ls_req);
471 nbr->t_ls_req = NULL;
472 }
473 nbr->t_ls_req = NULL;
474 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
475 }
476
477 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
478 ospf_neighbor.c */
479 int ospf_ls_upd_timer(struct thread *thread)
480 {
481 struct ospf_neighbor *nbr;
482
483 nbr = THREAD_ARG(thread);
484 nbr->t_ls_upd = NULL;
485
486 /* Send Link State Update. */
487 if (ospf_ls_retransmit_count(nbr) > 0) {
488 struct list *update;
489 struct ospf_lsdb *lsdb;
490 int i;
491 int retransmit_interval;
492
493 retransmit_interval =
494 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
495
496 lsdb = &nbr->ls_rxmt;
497 update = list_new();
498
499 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
500 struct route_table *table = lsdb->type[i].db;
501 struct route_node *rn;
502
503 for (rn = route_top(table); rn; rn = route_next(rn)) {
504 struct ospf_lsa *lsa;
505
506 if ((lsa = rn->info) != NULL) {
507 /* Don't retransmit an LSA if we
508 received it within
509 the last RxmtInterval seconds - this
510 is to allow the
511 neighbour a chance to acknowledge the
512 LSA as it may
513 have ben just received before the
514 retransmit timer
515 fired. This is a small tweak to what
516 is in the RFC,
517 but it will cut out out a lot of
518 retransmit traffic
519 - MAG */
520 if (monotime_since(&lsa->tv_recv, NULL)
521 >= retransmit_interval * 1000000LL)
522 listnode_add(update, rn->info);
523 }
524 }
525 }
526
527 if (listcount(update) > 0)
528 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
529 0);
530 list_delete(&update);
531 }
532
533 /* Set LS Update retransmission timer. */
534 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
535
536 return 0;
537 }
538
539 int ospf_ls_ack_timer(struct thread *thread)
540 {
541 struct ospf_interface *oi;
542
543 oi = THREAD_ARG(thread);
544 oi->t_ls_ack = NULL;
545
546 /* Send Link State Acknowledgment. */
547 if (listcount(oi->ls_ack) > 0)
548 ospf_ls_ack_send_delayed(oi);
549
550 /* Set LS Ack timer. */
551 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
552
553 return 0;
554 }
555
556 #ifdef WANT_OSPF_WRITE_FRAGMENT
557 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
558 struct msghdr *msg, unsigned int maxdatasize,
559 unsigned int mtu, int flags, uint8_t type)
560 {
561 #define OSPF_WRITE_FRAG_SHIFT 3
562 uint16_t offset;
563 struct iovec *iovp;
564 int ret;
565
566 assert(op->length == stream_get_endp(op->s));
567 assert(msg->msg_iovlen == 2);
568
569 /* we can but try.
570 *
571 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
572 * well as the IP_MF flag, making this all quite pointless.
573 *
574 * However, for a system on which IP_MF is left alone, and ip_id left
575 * alone or else which sets same ip_id for each fragment this might
576 * work, eg linux.
577 *
578 * XXX-TODO: It would be much nicer to have the kernel's use their
579 * existing fragmentation support to do this for us. Bugs/RFEs need to
580 * be raised against the various kernels.
581 */
582
583 /* set More Frag */
584 iph->ip_off |= IP_MF;
585
586 /* ip frag offset is expressed in units of 8byte words */
587 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
588
589 iovp = &msg->msg_iov[1];
590
591 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
592 > maxdatasize) {
593 /* data length of this frag is to next offset value */
594 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
595 iph->ip_len = iovp->iov_len + sizeof(struct ip);
596 assert(iph->ip_len <= mtu);
597
598 sockopt_iphdrincl_swab_htosys(iph);
599
600 ret = sendmsg(fd, msg, flags);
601
602 sockopt_iphdrincl_swab_systoh(iph);
603
604 if (ret < 0)
605 flog_err(
606 EC_LIB_SOCKET,
607 "*** ospf_write_frags: sendmsg failed to %s,"
608 " id %d, off %d, len %d, mtu %u failed with %s",
609 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
610 iph->ip_len, mtu, safe_strerror(errno));
611
612 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
613 zlog_debug(
614 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
615 iph->ip_id, iph->ip_off, iph->ip_len,
616 inet_ntoa(iph->ip_dst));
617 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
618 zlog_debug(
619 "-----------------IP Header Dump----------------------");
620 ospf_ip_header_dump(iph);
621 zlog_debug(
622 "-----------------------------------------------------");
623 }
624 }
625
626 iph->ip_off += offset;
627 stream_forward_getp(op->s, iovp->iov_len);
628 iovp->iov_base = stream_pnt(op->s);
629 }
630
631 /* setup for final fragment */
632 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
633 iph->ip_len = iovp->iov_len + sizeof(struct ip);
634 iph->ip_off &= (~IP_MF);
635 }
636 #endif /* WANT_OSPF_WRITE_FRAGMENT */
637
638 static int ospf_write(struct thread *thread)
639 {
640 struct ospf *ospf = THREAD_ARG(thread);
641 struct ospf_interface *oi;
642 struct ospf_interface *last_serviced_oi = NULL;
643 struct ospf_packet *op;
644 struct sockaddr_in sa_dst;
645 struct ip iph;
646 struct msghdr msg;
647 struct iovec iov[2];
648 uint8_t type;
649 int ret;
650 int flags = 0;
651 struct listnode *node;
652 #ifdef WANT_OSPF_WRITE_FRAGMENT
653 static uint16_t ipid = 0;
654 uint16_t maxdatasize;
655 #endif /* WANT_OSPF_WRITE_FRAGMENT */
656 #define OSPF_WRITE_IPHL_SHIFT 2
657 int pkt_count = 0;
658
659 #ifdef GNU_LINUX
660 unsigned char cmsgbuf[64] = {};
661 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
662 struct in_pktinfo *pi;
663 #endif
664
665 if (ospf->fd < 0 || ospf->oi_running == 0) {
666 if (IS_DEBUG_OSPF_EVENT)
667 zlog_debug(
668 "ospf_write failed to send, fd %d, instance %u"
669 ,ospf->fd, ospf->oi_running);
670 return -1;
671 }
672
673 node = listhead(ospf->oi_write_q);
674 assert(node);
675 oi = listgetdata(node);
676
677 #ifdef WANT_OSPF_WRITE_FRAGMENT
678 /* seed ipid static with low order bits of time */
679 if (ipid == 0)
680 ipid = (time(NULL) & 0xffff);
681 #endif /* WANT_OSPF_WRITE_FRAGMENT */
682
683 while ((pkt_count < ospf->write_oi_count) && oi
684 && (last_serviced_oi != oi)) {
685 /* If there is only packet in the queue, the oi is removed from
686 write-q, so fix up the last interface that was serviced */
687 if (last_serviced_oi == NULL) {
688 last_serviced_oi = oi;
689 }
690 pkt_count++;
691 #ifdef WANT_OSPF_WRITE_FRAGMENT
692 /* convenience - max OSPF data per packet */
693 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
694 #endif /* WANT_OSPF_WRITE_FRAGMENT */
695 /* Get one packet from queue. */
696 op = ospf_fifo_head(oi->obuf);
697 assert(op);
698 assert(op->length >= OSPF_HEADER_SIZE);
699
700 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
701 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
702 ospf_if_ipmulticast(ospf, oi->address,
703 oi->ifp->ifindex);
704
705 /* Rewrite the md5 signature & update the seq */
706 ospf_make_md5_digest(oi, op);
707
708 /* Retrieve OSPF packet type. */
709 stream_set_getp(op->s, 1);
710 type = stream_getc(op->s);
711
712 /* reset get pointer */
713 stream_set_getp(op->s, 0);
714
715 memset(&iph, 0, sizeof(struct ip));
716 memset(&sa_dst, 0, sizeof(sa_dst));
717
718 sa_dst.sin_family = AF_INET;
719 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
720 sa_dst.sin_len = sizeof(sa_dst);
721 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
722 sa_dst.sin_addr = op->dst;
723 sa_dst.sin_port = htons(0);
724
725 /* Set DONTROUTE flag if dst is unicast. */
726 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
727 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
728 flags = MSG_DONTROUTE;
729
730 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
731 /* it'd be very strange for header to not be 4byte-word aligned
732 * but.. */
733 if (sizeof(struct ip)
734 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
735 iph.ip_hl++; /* we presume sizeof struct ip cant
736 overflow ip_hl.. */
737
738 iph.ip_v = IPVERSION;
739 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
740 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
741
742 #if defined(__DragonFly__)
743 /*
744 * DragonFly's raw socket expects ip_len/ip_off in network byte
745 * order.
746 */
747 iph.ip_len = htons(iph.ip_len);
748 #endif
749
750 #ifdef WANT_OSPF_WRITE_FRAGMENT
751 /* XXX-MT: not thread-safe at all..
752 * XXX: this presumes this is only programme sending OSPF
753 * packets
754 * otherwise, no guarantee ipid will be unique
755 */
756 iph.ip_id = ++ipid;
757 #endif /* WANT_OSPF_WRITE_FRAGMENT */
758
759 iph.ip_off = 0;
760 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
761 iph.ip_ttl = OSPF_VL_IP_TTL;
762 else
763 iph.ip_ttl = OSPF_IP_TTL;
764 iph.ip_p = IPPROTO_OSPFIGP;
765 iph.ip_sum = 0;
766 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
767 iph.ip_dst.s_addr = op->dst.s_addr;
768
769 memset(&msg, 0, sizeof(msg));
770 msg.msg_name = (caddr_t)&sa_dst;
771 msg.msg_namelen = sizeof(sa_dst);
772 msg.msg_iov = iov;
773 msg.msg_iovlen = 2;
774
775 iov[0].iov_base = (char *)&iph;
776 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
777 iov[1].iov_base = stream_pnt(op->s);
778 iov[1].iov_len = op->length;
779
780 #ifdef GNU_LINUX
781 msg.msg_control = (caddr_t)cm;
782 cm->cmsg_level = SOL_IP;
783 cm->cmsg_type = IP_PKTINFO;
784 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
785 pi = (struct in_pktinfo *)CMSG_DATA(cm);
786 pi->ipi_ifindex = oi->ifp->ifindex;
787
788 msg.msg_controllen = cm->cmsg_len;
789 #endif
790
791 /* Sadly we can not rely on kernels to fragment packets
792 * because of either IP_HDRINCL and/or multicast
793 * destination being set.
794 */
795
796 #ifdef WANT_OSPF_WRITE_FRAGMENT
797 if (op->length > maxdatasize)
798 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
799 oi->ifp->mtu, flags, type);
800 #endif /* WANT_OSPF_WRITE_FRAGMENT */
801
802 /* send final fragment (could be first) */
803 sockopt_iphdrincl_swab_htosys(&iph);
804 ret = sendmsg(ospf->fd, &msg, flags);
805 sockopt_iphdrincl_swab_systoh(&iph);
806 if (IS_DEBUG_OSPF_EVENT)
807 zlog_debug(
808 "ospf_write to %s, "
809 "id %d, off %d, len %d, interface %s, mtu %u:",
810 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
811 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
812
813 if (ret < 0)
814 flog_err(
815 EC_LIB_SOCKET,
816 "*** sendmsg in ospf_write failed to %s, "
817 "id %d, off %d, len %d, interface %s, mtu %u: %s",
818 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
819 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
820 safe_strerror(errno));
821
822 /* Show debug sending packet. */
823 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
824 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
825 zlog_debug(
826 "-----------------------------------------------------");
827 ospf_ip_header_dump(&iph);
828 stream_set_getp(op->s, 0);
829 ospf_packet_dump(op->s);
830 }
831
832 zlog_debug("%s sent to [%s] via [%s].",
833 lookup_msg(ospf_packet_type_str, type, NULL),
834 inet_ntoa(op->dst), IF_NAME(oi));
835
836 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
837 zlog_debug(
838 "-----------------------------------------------------");
839 }
840
841 switch (type) {
842 case OSPF_MSG_HELLO:
843 oi->hello_out++;
844 break;
845 case OSPF_MSG_DB_DESC:
846 oi->db_desc_out++;
847 break;
848 case OSPF_MSG_LS_REQ:
849 oi->ls_req_out++;
850 break;
851 case OSPF_MSG_LS_UPD:
852 oi->ls_upd_out++;
853 break;
854 case OSPF_MSG_LS_ACK:
855 oi->ls_ack_out++;
856 break;
857 default:
858 break;
859 }
860
861 /* Now delete packet from queue. */
862 ospf_packet_delete(oi);
863
864 /* Move this interface to the tail of write_q to
865 serve everyone in a round robin fashion */
866 list_delete_node(ospf->oi_write_q, node);
867 if (ospf_fifo_head(oi->obuf) == NULL) {
868 oi->on_write_q = 0;
869 last_serviced_oi = NULL;
870 oi = NULL;
871 } else {
872 listnode_add(ospf->oi_write_q, oi);
873 }
874
875 /* Setup to service from the head of the queue again */
876 if (!list_isempty(ospf->oi_write_q)) {
877 node = listhead(ospf->oi_write_q);
878 oi = listgetdata(node);
879 }
880 }
881
882 /* If packets still remain in queue, call write thread. */
883 if (!list_isempty(ospf->oi_write_q))
884 thread_add_write(master, ospf_write, ospf, ospf->fd,
885 &ospf->t_write);
886
887 return 0;
888 }
889
890 /* OSPF Hello message read -- RFC2328 Section 10.5. */
891 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
892 struct stream *s, struct ospf_interface *oi, int size)
893 {
894 struct ospf_hello *hello;
895 struct ospf_neighbor *nbr;
896 int old_state;
897 struct prefix p;
898
899 /* increment statistics. */
900 oi->hello_in++;
901
902 hello = (struct ospf_hello *)stream_pnt(s);
903
904 /* If Hello is myself, silently discard. */
905 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
906 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
907 zlog_debug(
908 "ospf_header[%s/%s]: selforiginated, "
909 "dropping.",
910 lookup_msg(ospf_packet_type_str, ospfh->type,
911 NULL),
912 inet_ntoa(iph->ip_src));
913 }
914 return;
915 }
916
917 /* get neighbor prefix. */
918 p.family = AF_INET;
919 p.prefixlen = ip_masklen(hello->network_mask);
920 p.u.prefix4 = iph->ip_src;
921
922 /* Compare network mask. */
923 /* Checking is ignored for Point-to-Point and Virtual link. */
924 if (oi->type != OSPF_IFTYPE_POINTOPOINT
925 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
926 if (oi->address->prefixlen != p.prefixlen) {
927 flog_warn(
928 EC_OSPF_PACKET,
929 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
930 inet_ntoa(ospfh->router_id), IF_NAME(oi),
931 (int)oi->address->prefixlen, (int)p.prefixlen);
932 return;
933 }
934
935 /* Compare Router Dead Interval. */
936 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
937 flog_warn(EC_OSPF_PACKET,
938 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
939 "(expected %u, but received %u).",
940 inet_ntoa(ospfh->router_id),
941 OSPF_IF_PARAM(oi, v_wait),
942 ntohl(hello->dead_interval));
943 return;
944 }
945
946 /* Compare Hello Interval - ignored if fast-hellos are set. */
947 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
948 if (OSPF_IF_PARAM(oi, v_hello)
949 != ntohs(hello->hello_interval)) {
950 flog_warn(
951 EC_OSPF_PACKET,
952 "Packet %s [Hello:RECV]: HelloInterval mismatch "
953 "(expected %u, but received %u).",
954 inet_ntoa(ospfh->router_id),
955 OSPF_IF_PARAM(oi, v_hello),
956 ntohs(hello->hello_interval));
957 return;
958 }
959 }
960
961 if (IS_DEBUG_OSPF_EVENT)
962 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
963 inet_ntoa(ospfh->router_id),
964 ospf_options_dump(hello->options),
965 ospf_vrf_id_to_name(oi->ospf->vrf_id));
966
967 /* Compare options. */
968 #define REJECT_IF_TBIT_ON 1 /* XXX */
969 #ifdef REJECT_IF_TBIT_ON
970 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
971 /*
972 * This router does not support non-zero TOS.
973 * Drop this Hello packet not to establish neighbor
974 * relationship.
975 */
976 flog_warn(EC_OSPF_PACKET,
977 "Packet %s [Hello:RECV]: T-bit on, drop it.",
978 inet_ntoa(ospfh->router_id));
979 return;
980 }
981 #endif /* REJECT_IF_TBIT_ON */
982
983 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
984 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
985 /*
986 * This router does know the correct usage of O-bit
987 * the bit should be set in DD packet only.
988 */
989 flog_warn(EC_OSPF_PACKET,
990 "Packet %s [Hello:RECV]: O-bit abuse?",
991 inet_ntoa(ospfh->router_id));
992 #ifdef STRICT_OBIT_USAGE_CHECK
993 return; /* Reject this packet. */
994 #else /* STRICT_OBIT_USAGE_CHECK */
995 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
996 #endif /* STRICT_OBIT_USAGE_CHECK */
997 }
998
999 /* new for NSSA is to ensure that NP is on and E is off */
1000
1001 if (oi->area->external_routing == OSPF_AREA_NSSA) {
1002 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1003 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1004 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1005 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
1006 flog_warn(
1007 EC_OSPF_PACKET,
1008 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1009 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1010 hello->options);
1011 return;
1012 }
1013 if (IS_DEBUG_OSPF_NSSA)
1014 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1015 inet_ntoa(ospfh->router_id));
1016 } else
1017 /* The setting of the E-bit found in the Hello Packet's Options
1018 field must match this area's ExternalRoutingCapability A
1019 mismatch causes processing to stop and the packet to be
1020 dropped. The setting of the rest of the bits in the Hello
1021 Packet's Options field should be ignored. */
1022 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1023 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1024 flog_warn(
1025 EC_OSPF_PACKET,
1026 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1027 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1028 hello->options);
1029 return;
1030 }
1031
1032 /* get neighbour struct */
1033 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1034
1035 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1036 assert(nbr);
1037
1038 old_state = nbr->state;
1039
1040 /* Add event to thread. */
1041 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1042
1043 /* RFC2328 Section 9.5.1
1044 If the router is not eligible to become Designated Router,
1045 (snip) It must also send an Hello Packet in reply to an
1046 Hello Packet received from any eligible neighbor (other than
1047 the current Designated Router and Backup Designated Router). */
1048 if (oi->type == OSPF_IFTYPE_NBMA)
1049 if (PRIORITY(oi) == 0 && hello->priority > 0
1050 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1051 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1052 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1053 ospf_hello_reply_timer,
1054 OSPF_HELLO_REPLY_DELAY);
1055
1056 /* on NBMA network type, it happens to receive bidirectional Hello
1057 packet
1058 without advance 1-Way Received event.
1059 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1060 if (oi->type == OSPF_IFTYPE_NBMA
1061 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1062 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1063 nbr->priority = hello->priority;
1064 nbr->d_router = hello->d_router;
1065 nbr->bd_router = hello->bd_router;
1066 return;
1067 }
1068
1069 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1070 size - OSPF_HELLO_MIN_SIZE)) {
1071 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1072 nbr->options |= hello->options;
1073 } else {
1074 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1075 /* Set neighbor information. */
1076 nbr->priority = hello->priority;
1077 nbr->d_router = hello->d_router;
1078 nbr->bd_router = hello->bd_router;
1079 return;
1080 }
1081
1082 /* If neighbor itself declares DR and no BDR exists,
1083 cause event BackupSeen */
1084 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1085 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1086 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1087
1088 /* neighbor itself declares BDR. */
1089 if (oi->state == ISM_Waiting
1090 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1091 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1092
1093 /* had not previously. */
1094 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1095 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1096 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1097 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1098 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1099
1100 /* had not previously. */
1101 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1102 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1103 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1104 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1105 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1106
1107 /* Neighbor priority check. */
1108 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1109 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1110
1111 /* Set neighbor information. */
1112 nbr->priority = hello->priority;
1113 nbr->d_router = hello->d_router;
1114 nbr->bd_router = hello->bd_router;
1115 }
1116
1117 /* Save DD flags/options/Seqnum received. */
1118 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1119 struct ospf_db_desc *dd)
1120 {
1121 nbr->last_recv.flags = dd->flags;
1122 nbr->last_recv.options = dd->options;
1123 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1124 }
1125
1126 /* Process rest of DD packet. */
1127 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1128 struct ospf_neighbor *nbr,
1129 struct ospf_db_desc *dd, uint16_t size)
1130 {
1131 struct ospf_lsa *new, *find;
1132 struct lsa_header *lsah;
1133
1134 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1135 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1136 size -= OSPF_LSA_HEADER_SIZE) {
1137 lsah = (struct lsa_header *)stream_pnt(s);
1138 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1139
1140 /* Unknown LS type. */
1141 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1142 flog_warn(EC_OSPF_PACKET,
1143 "Packet [DD:RECV]: Unknown LS type %d.",
1144 lsah->type);
1145 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1146 return;
1147 }
1148
1149 if (IS_OPAQUE_LSA(lsah->type)
1150 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1151 flog_warn(EC_OSPF_PACKET,
1152 "LSA[Type%d:%s]: Opaque capability mismatch?",
1153 lsah->type, inet_ntoa(lsah->id));
1154 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1155 return;
1156 }
1157
1158 switch (lsah->type) {
1159 case OSPF_AS_EXTERNAL_LSA:
1160 case OSPF_OPAQUE_AS_LSA:
1161 /* Check for stub area. Reject if AS-External from stub
1162 but
1163 allow if from NSSA. */
1164 if (oi->area->external_routing == OSPF_AREA_STUB) {
1165 flog_warn(
1166 EC_OSPF_PACKET,
1167 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1168 lsah->type, inet_ntoa(lsah->id),
1169 (oi->area->external_routing
1170 == OSPF_AREA_STUB)
1171 ? "STUB"
1172 : "NSSA");
1173 OSPF_NSM_EVENT_SCHEDULE(nbr,
1174 NSM_SeqNumberMismatch);
1175 return;
1176 }
1177 break;
1178 default:
1179 break;
1180 }
1181
1182 /* Create LS-request object. */
1183 new = ospf_ls_request_new(lsah);
1184
1185 /* Lookup received LSA, then add LS request list. */
1186 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1187
1188 /* ospf_lsa_more_recent is fine with NULL pointers */
1189 switch (ospf_lsa_more_recent(find, new)) {
1190 case -1:
1191 /* Neighbour has a more recent LSA, we must request it
1192 */
1193 ospf_ls_request_add(nbr, new);
1194 /* fallthru */
1195 case 0:
1196 /* If we have a copy of this LSA, it's either less
1197 * recent
1198 * and we're requesting it from neighbour (the case
1199 * above), or
1200 * it's as recent and we both have same copy (this
1201 * case).
1202 *
1203 * In neither of these two cases is there any point in
1204 * describing our copy of the LSA to the neighbour in a
1205 * DB-Summary packet, if we're still intending to do so.
1206 *
1207 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1208 * backward compatible optimisation to OSPF DB Exchange
1209 * /
1210 * DB Description process implemented here.
1211 */
1212 if (find)
1213 ospf_lsdb_delete(&nbr->db_sum, find);
1214 ospf_lsa_discard(new);
1215 break;
1216 default:
1217 /* We have the more recent copy, nothing specific to do:
1218 * - no need to request neighbours stale copy
1219 * - must leave DB summary list copy alone
1220 */
1221 if (IS_DEBUG_OSPF_EVENT)
1222 zlog_debug(
1223 "Packet [DD:RECV]: LSA received Type %d, "
1224 "ID %s is not recent.",
1225 lsah->type, inet_ntoa(lsah->id));
1226 ospf_lsa_discard(new);
1227 }
1228 }
1229
1230 /* Master */
1231 if (IS_SET_DD_MS(nbr->dd_flags)) {
1232 nbr->dd_seqnum++;
1233
1234 /* Both sides have no More, then we're done with Exchange */
1235 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1236 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1237 else
1238 ospf_db_desc_send(nbr);
1239 }
1240 /* Slave */
1241 else {
1242 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1243
1244 /* Send DD packet in reply.
1245 *
1246 * Must be done to acknowledge the Master's DD, regardless of
1247 * whether we have more LSAs ourselves to describe.
1248 *
1249 * This function will clear the 'More' bit, if after this DD
1250 * we have no more LSAs to describe to the master..
1251 */
1252 ospf_db_desc_send(nbr);
1253
1254 /* Slave can raise ExchangeDone now, if master is also done */
1255 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1256 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1257 }
1258
1259 /* Save received neighbor values from DD. */
1260 ospf_db_desc_save_current(nbr, dd);
1261
1262 if (!nbr->t_ls_req)
1263 ospf_ls_req_send(nbr);
1264 }
1265
1266 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1267 struct ospf_neighbor *nbr)
1268 {
1269 /* Is DD duplicated? */
1270 if (dd->options == nbr->last_recv.options
1271 && dd->flags == nbr->last_recv.flags
1272 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1273 return 1;
1274
1275 return 0;
1276 }
1277
1278 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1279 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1280 struct stream *s, struct ospf_interface *oi,
1281 uint16_t size)
1282 {
1283 struct ospf_db_desc *dd;
1284 struct ospf_neighbor *nbr;
1285
1286 /* Increment statistics. */
1287 oi->db_desc_in++;
1288
1289 dd = (struct ospf_db_desc *)stream_pnt(s);
1290
1291 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1292 if (nbr == NULL) {
1293 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
1294 inet_ntoa(ospfh->router_id));
1295 return;
1296 }
1297
1298 /* Check MTU. */
1299 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1300 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1301 flog_warn(
1302 EC_OSPF_PACKET,
1303 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1304 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1305 oi->ifp->mtu);
1306 return;
1307 }
1308
1309 /*
1310 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1311 * not
1312 * required. In fact at least JunOS sends DD packets with P bit clear.
1313 * Until proper solution is developped, this hack should help.
1314 *
1315 * Update: According to the RFCs, N bit is specified /only/ for Hello
1316 * options, unfortunately its use in DD options is not specified. Hence
1317 * some
1318 * implementations follow E-bit semantics and set it in DD options, and
1319 * some
1320 * treat it as unspecified and hence follow the directive "default for
1321 * options is clear", ie unset.
1322 *
1323 * Reset the flag, as ospfd follows E-bit semantics.
1324 */
1325 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1326 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1327 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1328 if (IS_DEBUG_OSPF_EVENT)
1329 zlog_debug(
1330 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1331 inet_ntoa(nbr->router_id));
1332 SET_FLAG(dd->options, OSPF_OPTION_NP);
1333 }
1334
1335 #ifdef REJECT_IF_TBIT_ON
1336 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1337 /*
1338 * In Hello protocol, optional capability must have checked
1339 * to prevent this T-bit enabled router be my neighbor.
1340 */
1341 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
1342 inet_ntoa(nbr->router_id));
1343 return;
1344 }
1345 #endif /* REJECT_IF_TBIT_ON */
1346
1347 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1348 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1349 /*
1350 * This node is not configured to handle O-bit, for now.
1351 * Clear it to ignore unsupported capability proposed by
1352 * neighbor.
1353 */
1354 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1355 }
1356
1357 /* Add event to thread. */
1358 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1359
1360 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1361 zlog_info(
1362 "%s:Packet[DD]: Neighbor %s state is %s, seq_num:0x%x, local:0x%x",
1363 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
1364 inet_ntoa(nbr->router_id),
1365 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1366 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1367
1368 /* Process DD packet by neighbor status. */
1369 switch (nbr->state) {
1370 case NSM_Down:
1371 case NSM_Attempt:
1372 case NSM_TwoWay:
1373 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1374 zlog_info(
1375 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1376 inet_ntoa(nbr->router_id),
1377 lookup_msg(ospf_nsm_state_msg, nbr->state,
1378 NULL));
1379 break;
1380 case NSM_Init:
1381 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1382 /* If the new state is ExStart, the processing of the current
1383 packet should then continue in this new state by falling
1384 through to case ExStart below. */
1385 if (nbr->state != NSM_ExStart)
1386 break;
1387 /* fallthru */
1388 case NSM_ExStart:
1389 /* Initial DBD */
1390 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1391 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1392 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1393 > 0) {
1394 /* We're Slave---obey */
1395 if (CHECK_FLAG(oi->ospf->config,
1396 OSPF_LOG_ADJACENCY_DETAIL))
1397 zlog_info(
1398 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1399 inet_ntoa(nbr->router_id));
1400
1401 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1402
1403 /* Reset I/MS */
1404 UNSET_FLAG(nbr->dd_flags,
1405 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1406 } else {
1407 /* We're Master, ignore the initial DBD from
1408 * Slave */
1409 if (CHECK_FLAG(oi->ospf->config,
1410 OSPF_LOG_ADJACENCY_DETAIL))
1411 zlog_info(
1412 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1413 "ignoring.",
1414 inet_ntoa(nbr->router_id));
1415 break;
1416 }
1417 }
1418 /* Ack from the Slave */
1419 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1420 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1421 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1422 < 0) {
1423 zlog_info(
1424 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1425 inet_ntoa(nbr->router_id));
1426 /* Reset I, leaving MS */
1427 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1428 } else {
1429 flog_warn(EC_OSPF_PACKET,
1430 "Packet[DD]: Neighbor %s Negotiation fails.",
1431 inet_ntoa(nbr->router_id));
1432 break;
1433 }
1434
1435 /* This is where the real Options are saved */
1436 nbr->options = dd->options;
1437
1438 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1439 if (IS_DEBUG_OSPF_EVENT)
1440 zlog_debug(
1441 "Neighbor[%s] is %sOpaque-capable.",
1442 inet_ntoa(nbr->router_id),
1443 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1444 ? ""
1445 : "NOT ");
1446
1447 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1448 && IPV4_ADDR_SAME(&DR(oi),
1449 &nbr->address.u.prefix4)) {
1450 flog_warn(
1451 EC_OSPF_PACKET,
1452 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1453 inet_ntoa(nbr->router_id));
1454 /* This situation is undesirable, but not a real
1455 * error. */
1456 }
1457 }
1458
1459 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1460
1461 /* continue processing rest of packet. */
1462 ospf_db_desc_proc(s, oi, nbr, dd, size);
1463 break;
1464 case NSM_Exchange:
1465 if (ospf_db_desc_is_dup(dd, nbr)) {
1466 if (IS_SET_DD_MS(nbr->dd_flags))
1467 /* Master: discard duplicated DD packet. */
1468 zlog_info(
1469 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1470 inet_ntoa(nbr->router_id));
1471 else
1472 /* Slave: cause to retransmit the last Database
1473 Description. */
1474 {
1475 zlog_info(
1476 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1477 inet_ntoa(nbr->router_id));
1478 ospf_db_desc_resend(nbr);
1479 }
1480 break;
1481 }
1482
1483 /* Otherwise DD packet should be checked. */
1484 /* Check Master/Slave bit mismatch */
1485 if (IS_SET_DD_MS(dd->flags)
1486 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1487 flog_warn(EC_OSPF_PACKET,
1488 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1489 inet_ntoa(nbr->router_id));
1490 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1491 if (IS_DEBUG_OSPF_EVENT)
1492 zlog_debug(
1493 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1494 dd->flags, nbr->dd_flags);
1495 break;
1496 }
1497
1498 /* Check initialize bit is set. */
1499 if (IS_SET_DD_I(dd->flags)) {
1500 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1501 inet_ntoa(nbr->router_id));
1502 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1503 break;
1504 }
1505
1506 /* Check DD Options. */
1507 if (dd->options != nbr->options) {
1508 #ifdef ORIGINAL_CODING
1509 /* Save the new options for debugging */
1510 nbr->options = dd->options;
1511 #endif /* ORIGINAL_CODING */
1512 flog_warn(EC_OSPF_PACKET,
1513 "Packet[DD]: Neighbor %s options mismatch.",
1514 inet_ntoa(nbr->router_id));
1515 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1516 break;
1517 }
1518
1519 /* Check DD sequence number. */
1520 if ((IS_SET_DD_MS(nbr->dd_flags)
1521 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1522 || (!IS_SET_DD_MS(nbr->dd_flags)
1523 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1524 flog_warn(
1525 EC_OSPF_PACKET,
1526 "Packet[DD]: Neighbor %s sequence number mismatch.",
1527 inet_ntoa(nbr->router_id));
1528 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1529 break;
1530 }
1531
1532 /* Continue processing rest of packet. */
1533 ospf_db_desc_proc(s, oi, nbr, dd, size);
1534 break;
1535 case NSM_Loading:
1536 case NSM_Full:
1537 if (ospf_db_desc_is_dup(dd, nbr)) {
1538 if (IS_SET_DD_MS(nbr->dd_flags)) {
1539 /* Master should discard duplicate DD packet. */
1540 zlog_info(
1541 "Packet[DD]: Neighbor %s duplicated, "
1542 "packet discarded.",
1543 inet_ntoa(nbr->router_id));
1544 break;
1545 } else {
1546 if (monotime_since(&nbr->last_send_ts, NULL)
1547 < nbr->v_inactivity * 1000000LL) {
1548 /* In states Loading and Full the slave
1549 must resend
1550 its last Database Description packet
1551 in response to
1552 duplicate Database Description
1553 packets received
1554 from the master. For this reason the
1555 slave must
1556 wait RouterDeadInterval seconds
1557 before freeing the
1558 last Database Description packet.
1559 Reception of a
1560 Database Description packet from the
1561 master after
1562 this interval will generate a
1563 SeqNumberMismatch
1564 neighbor event. RFC2328 Section 10.8
1565 */
1566 ospf_db_desc_resend(nbr);
1567 break;
1568 }
1569 }
1570 }
1571
1572 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1573 break;
1574 default:
1575 flog_warn(EC_OSPF_PACKET,
1576 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1577 inet_ntoa(nbr->router_id), nbr->state);
1578 break;
1579 }
1580 }
1581
1582 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1583
1584 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1585 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1586 struct stream *s, struct ospf_interface *oi,
1587 uint16_t size)
1588 {
1589 struct ospf_neighbor *nbr;
1590 uint32_t ls_type;
1591 struct in_addr ls_id;
1592 struct in_addr adv_router;
1593 struct ospf_lsa *find;
1594 struct list *ls_upd;
1595 unsigned int length;
1596
1597 /* Increment statistics. */
1598 oi->ls_req_in++;
1599
1600 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1601 if (nbr == NULL) {
1602 flog_warn(EC_OSPF_PACKET,
1603 "Link State Request: Unknown Neighbor %s.",
1604 inet_ntoa(ospfh->router_id));
1605 return;
1606 }
1607
1608 /* Add event to thread. */
1609 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1610
1611 /* Neighbor State should be Exchange or later. */
1612 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1613 && nbr->state != NSM_Full) {
1614 flog_warn(
1615 EC_OSPF_PACKET,
1616 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1617 inet_ntoa(ospfh->router_id),
1618 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1619 return;
1620 }
1621
1622 /* Send Link State Update for ALL requested LSAs. */
1623 ls_upd = list_new();
1624 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1625
1626 while (size >= OSPF_LSA_KEY_SIZE) {
1627 /* Get one slice of Link State Request. */
1628 ls_type = stream_getl(s);
1629 ls_id.s_addr = stream_get_ipv4(s);
1630 adv_router.s_addr = stream_get_ipv4(s);
1631
1632 /* Verify LSA type. */
1633 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1634 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1635 list_delete(&ls_upd);
1636 return;
1637 }
1638
1639 /* Search proper LSA in LSDB. */
1640 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1641 adv_router);
1642 if (find == NULL) {
1643 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1644 list_delete(&ls_upd);
1645 return;
1646 }
1647
1648 /* Packet overflows MTU size, send immediately. */
1649 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1650 if (oi->type == OSPF_IFTYPE_NBMA)
1651 ospf_ls_upd_send(nbr, ls_upd,
1652 OSPF_SEND_PACKET_DIRECT, 0);
1653 else
1654 ospf_ls_upd_send(nbr, ls_upd,
1655 OSPF_SEND_PACKET_INDIRECT, 0);
1656
1657 /* Only remove list contents. Keep ls_upd. */
1658 list_delete_all_node(ls_upd);
1659
1660 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1661 }
1662
1663 /* Append LSA to update list. */
1664 listnode_add(ls_upd, find);
1665 length += ntohs(find->data->length);
1666
1667 size -= OSPF_LSA_KEY_SIZE;
1668 }
1669
1670 /* Send rest of Link State Update. */
1671 if (listcount(ls_upd) > 0) {
1672 if (oi->type == OSPF_IFTYPE_NBMA)
1673 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1674 0);
1675 else
1676 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1677 0);
1678
1679 list_delete(&ls_upd);
1680 } else
1681 list_delete(&ls_upd);
1682 }
1683
1684 /* Get the list of LSAs from Link State Update packet.
1685 And process some validation -- RFC2328 Section 13. (1)-(2). */
1686 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1687 struct stream *s,
1688 struct ospf_interface *oi, size_t size)
1689 {
1690 uint16_t count, sum;
1691 uint32_t length;
1692 struct lsa_header *lsah;
1693 struct ospf_lsa *lsa;
1694 struct list *lsas;
1695
1696 lsas = list_new();
1697
1698 count = stream_getl(s);
1699 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1700
1701 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1702 size -= length, stream_forward_getp(s, length), count--) {
1703 lsah = (struct lsa_header *)stream_pnt(s);
1704 length = ntohs(lsah->length);
1705
1706 if (length > size) {
1707 flog_warn(
1708 EC_OSPF_PACKET,
1709 "Link State Update: LSA length exceeds packet size.");
1710 break;
1711 }
1712
1713 /* Validate the LSA's LS checksum. */
1714 sum = lsah->checksum;
1715 if (!ospf_lsa_checksum_valid(lsah)) {
1716 /* (bug #685) more details in a one-line message make it
1717 * possible
1718 * to identify problem source on the one hand and to
1719 * have a better
1720 * chance to compress repeated messages in syslog on the
1721 * other */
1722 flog_warn(
1723 EC_OSPF_PACKET,
1724 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1725 sum, lsah->checksum, inet_ntoa(lsah->id),
1726 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1727 inet_ntoa(lsah->adv_router));
1728 continue;
1729 }
1730
1731 /* Examine the LSA's LS type. */
1732 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1733 flog_warn(EC_OSPF_PACKET,
1734 "Link State Update: Unknown LS type %d",
1735 lsah->type);
1736 continue;
1737 }
1738
1739 /*
1740 * What if the received LSA's age is greater than MaxAge?
1741 * Treat it as a MaxAge case -- endo.
1742 */
1743 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1744 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1745
1746 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1747 #ifdef STRICT_OBIT_USAGE_CHECK
1748 if ((IS_OPAQUE_LSA(lsah->type)
1749 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1750 || (!IS_OPAQUE_LSA(lsah->type)
1751 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1752 /*
1753 * This neighbor must know the exact usage of
1754 * O-bit;
1755 * the bit will be set in Type-9,10,11 LSAs
1756 * only.
1757 */
1758 flog_warn(EC_OSPF_PACKET,
1759 "LSA[Type%d:%s]: O-bit abuse?",
1760 lsah->type, inet_ntoa(lsah->id));
1761 continue;
1762 }
1763 #endif /* STRICT_OBIT_USAGE_CHECK */
1764
1765 /* Do not take in AS External Opaque-LSAs if we are a
1766 * stub. */
1767 if (lsah->type == OSPF_OPAQUE_AS_LSA
1768 && nbr->oi->area->external_routing
1769 != OSPF_AREA_DEFAULT) {
1770 if (IS_DEBUG_OSPF_EVENT)
1771 zlog_debug(
1772 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1773 lsah->type,
1774 inet_ntoa(lsah->id));
1775 continue;
1776 }
1777 } else if (IS_OPAQUE_LSA(lsah->type)) {
1778 flog_warn(EC_OSPF_PACKET,
1779 "LSA[Type%d:%s]: Opaque capability mismatch?",
1780 lsah->type, inet_ntoa(lsah->id));
1781 continue;
1782 }
1783
1784 /* Create OSPF LSA instance. */
1785 lsa = ospf_lsa_new_and_data(length);
1786
1787 lsa->vrf_id = oi->ospf->vrf_id;
1788 /* We may wish to put some error checking if type NSSA comes in
1789 and area not in NSSA mode */
1790 switch (lsah->type) {
1791 case OSPF_AS_EXTERNAL_LSA:
1792 case OSPF_OPAQUE_AS_LSA:
1793 lsa->area = NULL;
1794 break;
1795 case OSPF_OPAQUE_LINK_LSA:
1796 lsa->oi = oi; /* Remember incoming interface for
1797 flooding control. */
1798 /* Fallthrough */
1799 default:
1800 lsa->area = oi->area;
1801 break;
1802 }
1803
1804 memcpy(lsa->data, lsah, length);
1805
1806 if (IS_DEBUG_OSPF_EVENT)
1807 zlog_debug(
1808 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1809 lsa->data->type, inet_ntoa(lsa->data->id),
1810 (void *)lsa);
1811 listnode_add(lsas, lsa);
1812 }
1813
1814 return lsas;
1815 }
1816
1817 /* Cleanup Update list. */
1818 static void ospf_upd_list_clean(struct list *lsas)
1819 {
1820 struct listnode *node, *nnode;
1821 struct ospf_lsa *lsa;
1822
1823 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1824 ospf_lsa_discard(lsa);
1825
1826 list_delete(&lsas);
1827 }
1828
1829 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1830 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1831 struct ospf_header *ospfh, struct stream *s,
1832 struct ospf_interface *oi, uint16_t size)
1833 {
1834 struct ospf_neighbor *nbr;
1835 struct list *lsas;
1836 struct listnode *node, *nnode;
1837 struct ospf_lsa *lsa = NULL;
1838 /* unsigned long ls_req_found = 0; */
1839
1840 /* Dis-assemble the stream, update each entry, re-encapsulate for
1841 * flooding */
1842
1843 /* Increment statistics. */
1844 oi->ls_upd_in++;
1845
1846 /* Check neighbor. */
1847 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1848 if (nbr == NULL) {
1849 flog_warn(EC_OSPF_PACKET,
1850 "Link State Update: Unknown Neighbor %s on int: %s",
1851 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1852 return;
1853 }
1854
1855 /* Add event to thread. */
1856 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1857
1858 /* Check neighbor state. */
1859 if (nbr->state < NSM_Exchange) {
1860 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1861 zlog_debug(
1862 "Link State Update: "
1863 "Neighbor[%s] state %s is less than Exchange",
1864 inet_ntoa(ospfh->router_id),
1865 lookup_msg(ospf_nsm_state_msg, nbr->state,
1866 NULL));
1867 return;
1868 }
1869
1870 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1871 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1872 * of section 13.
1873 */
1874 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1875
1876 if (lsas == NULL)
1877 return;
1878 #define DISCARD_LSA(L, N) \
1879 { \
1880 if (IS_DEBUG_OSPF_EVENT) \
1881 zlog_debug( \
1882 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1883 " Type-%d", \
1884 N, (void *)lsa, (int)lsa->data->type); \
1885 ospf_lsa_discard(L); \
1886 continue; \
1887 }
1888
1889 /* Process each LSA received in the one packet.
1890 *
1891 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1892 * text below are from the steps in RFC 2328, Section 13.
1893 */
1894 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1895 struct ospf_lsa *ls_ret, *current;
1896 int ret = 1;
1897
1898 if (IS_DEBUG_OSPF_NSSA) {
1899 char buf1[INET_ADDRSTRLEN];
1900 char buf2[INET_ADDRSTRLEN];
1901 char buf3[INET_ADDRSTRLEN];
1902
1903 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1904 lsa->data->type,
1905 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1906 INET_ADDRSTRLEN),
1907 inet_ntop(AF_INET, &lsa->data->id, buf2,
1908 INET_ADDRSTRLEN),
1909 inet_ntop(AF_INET, &lsa->data->adv_router,
1910 buf3, INET_ADDRSTRLEN));
1911 }
1912
1913 listnode_delete(lsas,
1914 lsa); /* We don't need it in list anymore */
1915
1916 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1917 */
1918
1919 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1920
1921 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1922 */
1923
1924 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1925 */
1926
1927 /* Do take in Type-7's if we are an NSSA */
1928
1929 /* If we are also an ABR, later translate them to a Type-5
1930 * packet */
1931
1932 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1933 translate them to a separate Type-5 packet. */
1934
1935 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1936 /* Reject from STUB or NSSA */
1937 if (nbr->oi->area->external_routing
1938 != OSPF_AREA_DEFAULT) {
1939 if (IS_DEBUG_OSPF_NSSA)
1940 zlog_debug(
1941 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1942 DISCARD_LSA(lsa, 1);
1943 }
1944
1945 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1946 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1947 if (IS_DEBUG_OSPF_NSSA)
1948 zlog_debug(
1949 "Incoming NSSA LSA Discarded: Not NSSA Area");
1950 DISCARD_LSA(lsa, 2);
1951 }
1952
1953 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1954 if (lsa->data->type == OSPF_ROUTER_LSA)
1955 if (!IPV4_ADDR_SAME(&lsa->data->id,
1956 &lsa->data->adv_router)) {
1957 char buf1[INET_ADDRSTRLEN];
1958 char buf2[INET_ADDRSTRLEN];
1959 char buf3[INET_ADDRSTRLEN];
1960
1961 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1962 "Incoming Router-LSA from %s with "
1963 "Adv-ID[%s] != LS-ID[%s]",
1964 inet_ntop(AF_INET, &ospfh->router_id,
1965 buf1, INET_ADDRSTRLEN),
1966 inet_ntop(AF_INET, &lsa->data->id,
1967 buf2, INET_ADDRSTRLEN),
1968 inet_ntop(AF_INET,
1969 &lsa->data->adv_router, buf3,
1970 INET_ADDRSTRLEN));
1971 flog_err(
1972 EC_OSPF_DOMAIN_CORRUPT,
1973 "OSPF domain compromised by attack or corruption. "
1974 "Verify correct operation of -ALL- OSPF routers.");
1975 DISCARD_LSA(lsa, 0);
1976 }
1977
1978 /* Find the LSA in the current database. */
1979
1980 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1981
1982 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1983 currently
1984 no instance of the LSA in the router's link state database,
1985 and none of router's neighbors are in states Exchange or
1986 Loading,
1987 then take the following actions: */
1988
1989 if (IS_LSA_MAXAGE(lsa) && !current
1990 && ospf_check_nbr_status(oi->ospf)) {
1991 /* (4a) Response Link State Acknowledgment. */
1992 ospf_ls_ack_send(nbr, lsa);
1993
1994 /* (4b) Discard LSA. */
1995 if (IS_DEBUG_OSPF(lsa, LSA)) {
1996 zlog_debug(
1997 "Link State Update[%s]: LS age is equal to MaxAge.",
1998 dump_lsa_key(lsa));
1999 }
2000 DISCARD_LSA(lsa, 3);
2001 }
2002
2003 if (IS_OPAQUE_LSA(lsa->data->type)
2004 && IPV4_ADDR_SAME(&lsa->data->adv_router,
2005 &oi->ospf->router_id)) {
2006 /*
2007 * Even if initial flushing seems to be completed, there
2008 * might
2009 * be a case that self-originated LSA with MaxAge still
2010 * remain
2011 * in the routing domain.
2012 * Just send an LSAck message to cease retransmission.
2013 */
2014 if (IS_LSA_MAXAGE(lsa)) {
2015 zlog_info("LSA[%s]: Boomerang effect?",
2016 dump_lsa_key(lsa));
2017 ospf_ls_ack_send(nbr, lsa);
2018 ospf_lsa_discard(lsa);
2019
2020 if (current != NULL && !IS_LSA_MAXAGE(current))
2021 ospf_opaque_lsa_refresh_schedule(
2022 current);
2023 continue;
2024 }
2025
2026 /*
2027 * If an instance of self-originated Opaque-LSA is not
2028 * found
2029 * in the LSDB, there are some possible cases here.
2030 *
2031 * 1) This node lost opaque-capability after restart.
2032 * 2) Else, a part of opaque-type is no more supported.
2033 * 3) Else, a part of opaque-id is no more supported.
2034 *
2035 * Anyway, it is still this node's responsibility to
2036 * flush it.
2037 * Otherwise, the LSA instance remains in the routing
2038 * domain
2039 * until its age reaches to MaxAge.
2040 */
2041 /* XXX: We should deal with this for *ALL* LSAs, not
2042 * just opaque */
2043 if (current == NULL) {
2044 if (IS_DEBUG_OSPF_EVENT)
2045 zlog_debug(
2046 "LSA[%s]: Previously originated Opaque-LSA,"
2047 "not found in the LSDB.",
2048 dump_lsa_key(lsa));
2049
2050 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2051
2052 ospf_opaque_self_originated_lsa_received(nbr,
2053 lsa);
2054 ospf_ls_ack_send(nbr, lsa);
2055
2056 continue;
2057 }
2058 }
2059
2060 /* It might be happen that received LSA is self-originated
2061 * network LSA, but
2062 * router ID is changed. So, we should check if LSA is a
2063 * network-LSA whose
2064 * Link State ID is one of the router's own IP interface
2065 * addresses but whose
2066 * Advertising Router is not equal to the router's own Router ID
2067 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2068 * flushed.
2069 */
2070
2071 if (lsa->data->type == OSPF_NETWORK_LSA) {
2072 struct listnode *oinode, *oinnode;
2073 struct ospf_interface *out_if;
2074 int Flag = 0;
2075
2076 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2077 oinnode, out_if)) {
2078 if (out_if == NULL)
2079 break;
2080
2081 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2082 &lsa->data->id))
2083 && (!(IPV4_ADDR_SAME(
2084 &oi->ospf->router_id,
2085 &lsa->data->adv_router)))) {
2086 if (out_if->network_lsa_self) {
2087 ospf_lsa_flush_area(
2088 lsa, out_if->area);
2089 if (IS_DEBUG_OSPF_EVENT)
2090 zlog_debug(
2091 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2092 (void *)lsa,
2093 (int)lsa->data
2094 ->type);
2095 ospf_lsa_discard(lsa);
2096 Flag = 1;
2097 }
2098 break;
2099 }
2100 }
2101 if (Flag)
2102 continue;
2103 }
2104
2105 /* (5) Find the instance of this LSA that is currently contained
2106 in the router's link state database. If there is no
2107 database copy, or the received LSA is more recent than
2108 the database copy the following steps must be performed.
2109 (The sub steps from RFC 2328 section 13 step (5) will be
2110 performed in
2111 ospf_flood() ) */
2112
2113 if (current == NULL
2114 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2115 /* CVE-2017-3224 */
2116 if (current && (lsa->data->ls_seqnum ==
2117 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2118 && !IS_LSA_MAXAGE(lsa))) {
2119 zlog_debug(
2120 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2121 dump_lsa_key(lsa));
2122
2123 DISCARD_LSA(lsa, 4);
2124 }
2125
2126 /* Actual flooding procedure. */
2127 if (ospf_flood(oi->ospf, nbr, current, lsa)
2128 < 0) /* Trap NSSA later. */
2129 DISCARD_LSA(lsa, 5);
2130 continue;
2131 }
2132
2133 /* (6) Else, If there is an instance of the LSA on the sending
2134 neighbor's Link state request list, an error has occurred in
2135 the Database Exchange process. In this case, restart the
2136 Database Exchange process by generating the neighbor event
2137 BadLSReq for the sending neighbor and stop processing the
2138 Link State Update packet. */
2139
2140 if (ospf_ls_request_lookup(nbr, lsa)) {
2141 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2142 flog_warn(
2143 EC_OSPF_PACKET,
2144 "LSA[%s] instance exists on Link state request list",
2145 dump_lsa_key(lsa));
2146
2147 /* Clean list of LSAs. */
2148 ospf_upd_list_clean(lsas);
2149 /* this lsa is not on lsas list already. */
2150 ospf_lsa_discard(lsa);
2151 return;
2152 }
2153
2154 /* If the received LSA is the same instance as the database copy
2155 (i.e., neither one is more recent) the following two steps
2156 should be performed: */
2157
2158 if (ret == 0) {
2159 /* If the LSA is listed in the Link state retransmission
2160 list
2161 for the receiving adjacency, the router itself is
2162 expecting
2163 an acknowledgment for this LSA. The router should
2164 treat the
2165 received LSA as an acknowledgment by removing the LSA
2166 from
2167 the Link state retransmission list. This is termed
2168 an
2169 "implied acknowledgment". */
2170
2171 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2172
2173 if (ls_ret != NULL) {
2174 ospf_ls_retransmit_delete(nbr, ls_ret);
2175
2176 /* Delayed acknowledgment sent if advertisement
2177 received
2178 from Designated Router, otherwise do nothing.
2179 */
2180 if (oi->state == ISM_Backup)
2181 if (NBR_IS_DR(nbr))
2182 listnode_add(
2183 oi->ls_ack,
2184 ospf_lsa_lock(lsa));
2185
2186 DISCARD_LSA(lsa, 6);
2187 } else
2188 /* Acknowledge the receipt of the LSA by sending a
2189 Link State Acknowledgment packet back out the
2190 receiving
2191 interface. */
2192 {
2193 ospf_ls_ack_send(nbr, lsa);
2194 DISCARD_LSA(lsa, 7);
2195 }
2196 }
2197
2198 /* The database copy is more recent. If the database copy
2199 has LS age equal to MaxAge and LS sequence number equal to
2200 MaxSequenceNumber, simply discard the received LSA without
2201 acknowledging it. (In this case, the LSA's LS sequence number
2202 is
2203 wrapping, and the MaxSequenceNumber LSA must be completely
2204 flushed before any new LSA instance can be introduced). */
2205
2206 else if (ret > 0) /* Database copy is more recent */
2207 {
2208 if (IS_LSA_MAXAGE(current)
2209 && current->data->ls_seqnum
2210 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2211 DISCARD_LSA(lsa, 8);
2212 }
2213 /* Otherwise, as long as the database copy has not been
2214 sent in a
2215 Link State Update within the last MinLSArrival
2216 seconds, send the
2217 database copy back to the sending neighbor,
2218 encapsulated within
2219 a Link State Update Packet. The Link State Update
2220 Packet should
2221 be sent directly to the neighbor. In so doing, do not
2222 put the
2223 database copy of the LSA on the neighbor's link state
2224 retransmission list, and do not acknowledge the
2225 received (less
2226 recent) LSA instance. */
2227 else {
2228 if (monotime_since(&current->tv_orig, NULL)
2229 >= ospf->min_ls_arrival * 1000LL)
2230 /* Trap NSSA type later.*/
2231 ospf_ls_upd_send_lsa(
2232 nbr, current,
2233 OSPF_SEND_PACKET_DIRECT);
2234 DISCARD_LSA(lsa, 9);
2235 }
2236 }
2237 }
2238 #undef DISCARD_LSA
2239
2240 assert(listcount(lsas) == 0);
2241 list_delete(&lsas);
2242 }
2243
2244 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2245 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2246 struct stream *s, struct ospf_interface *oi,
2247 uint16_t size)
2248 {
2249 struct ospf_neighbor *nbr;
2250
2251 /* increment statistics. */
2252 oi->ls_ack_in++;
2253
2254 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2255 if (nbr == NULL) {
2256 flog_warn(EC_OSPF_PACKET,
2257 "Link State Acknowledgment: Unknown Neighbor %s.",
2258 inet_ntoa(ospfh->router_id));
2259 return;
2260 }
2261
2262 /* Add event to thread. */
2263 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2264
2265 if (nbr->state < NSM_Exchange) {
2266 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2267 zlog_debug(
2268 "Link State Acknowledgment: "
2269 "Neighbor[%s] state %s is less than Exchange",
2270 inet_ntoa(ospfh->router_id),
2271 lookup_msg(ospf_nsm_state_msg, nbr->state,
2272 NULL));
2273 return;
2274 }
2275
2276 while (size >= OSPF_LSA_HEADER_SIZE) {
2277 struct ospf_lsa *lsa, *lsr;
2278
2279 lsa = ospf_lsa_new();
2280 lsa->data = (struct lsa_header *)stream_pnt(s);
2281 lsa->vrf_id = oi->ospf->vrf_id;
2282
2283 /* lsah = (struct lsa_header *) stream_pnt (s); */
2284 size -= OSPF_LSA_HEADER_SIZE;
2285 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2286
2287 if (lsa->data->type < OSPF_MIN_LSA
2288 || lsa->data->type >= OSPF_MAX_LSA) {
2289 lsa->data = NULL;
2290 ospf_lsa_discard(lsa);
2291 continue;
2292 }
2293
2294 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2295
2296 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2297 ospf_ls_retransmit_delete(nbr, lsr);
2298
2299 lsa->data = NULL;
2300 ospf_lsa_discard(lsa);
2301 }
2302
2303 return;
2304 }
2305
2306 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2307 struct interface **ifp,
2308 struct stream *ibuf)
2309 {
2310 int ret;
2311 struct ip *iph;
2312 uint16_t ip_len;
2313 ifindex_t ifindex = 0;
2314 struct iovec iov;
2315 /* Header and data both require alignment. */
2316 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2317 struct msghdr msgh;
2318
2319 memset(&msgh, 0, sizeof(struct msghdr));
2320 msgh.msg_iov = &iov;
2321 msgh.msg_iovlen = 1;
2322 msgh.msg_control = (caddr_t)buff;
2323 msgh.msg_controllen = sizeof(buff);
2324
2325 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2326 if (ret < 0) {
2327 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2328 safe_strerror(errno));
2329 return NULL;
2330 }
2331 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2332 {
2333 flog_warn(
2334 EC_OSPF_PACKET,
2335 "ospf_recv_packet: discarding runt packet of length %d "
2336 "(ip header size is %u)",
2337 ret, (unsigned int)sizeof(iph));
2338 return NULL;
2339 }
2340
2341 /* Note that there should not be alignment problems with this assignment
2342 because this is at the beginning of the stream data buffer. */
2343 iph = (struct ip *)STREAM_DATA(ibuf);
2344 sockopt_iphdrincl_swab_systoh(iph);
2345
2346 ip_len = iph->ip_len;
2347
2348 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2349 /*
2350 * Kernel network code touches incoming IP header parameters,
2351 * before protocol specific processing.
2352 *
2353 * 1) Convert byteorder to host representation.
2354 * --> ip_len, ip_id, ip_off
2355 *
2356 * 2) Adjust ip_len to strip IP header size!
2357 * --> If user process receives entire IP packet via RAW
2358 * socket, it must consider adding IP header size to
2359 * the "ip_len" field of "ip" structure.
2360 *
2361 * For more details, see <netinet/ip_input.c>.
2362 */
2363 ip_len = ip_len + (iph->ip_hl << 2);
2364 #endif
2365
2366 #if defined(__DragonFly__)
2367 /*
2368 * in DragonFly's raw socket, ip_len/ip_off are read
2369 * in network byte order.
2370 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2371 */
2372 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2373 #endif
2374
2375 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2376
2377 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2378
2379 if (ret != ip_len) {
2380 flog_warn(
2381 EC_OSPF_PACKET,
2382 "ospf_recv_packet read length mismatch: ip_len is %d, "
2383 "but recvmsg returned %d",
2384 ip_len, ret);
2385 return NULL;
2386 }
2387
2388 return ibuf;
2389 }
2390
2391 static struct ospf_interface *
2392 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2393 struct ip *iph, struct ospf_header *ospfh)
2394 {
2395 struct ospf_interface *rcv_oi;
2396 struct ospf_vl_data *vl_data;
2397 struct ospf_area *vl_area;
2398 struct listnode *node;
2399
2400 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2401 || !OSPF_IS_AREA_BACKBONE(ospfh))
2402 return NULL;
2403
2404 /* look for local OSPF interface matching the destination
2405 * to determine Area ID. We presume therefore the destination address
2406 * is unique, or at least (for "unnumbered" links), not used in other
2407 * areas
2408 */
2409 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2410 == NULL)
2411 return NULL;
2412
2413 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2414 vl_area =
2415 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2416 if (!vl_area)
2417 continue;
2418
2419 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2420 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2421 if (IS_DEBUG_OSPF_EVENT)
2422 zlog_debug("associating packet with %s",
2423 IF_NAME(vl_data->vl_oi));
2424 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2425 if (IS_DEBUG_OSPF_EVENT)
2426 zlog_debug(
2427 "This VL is not up yet, sorry");
2428 return NULL;
2429 }
2430
2431 return vl_data->vl_oi;
2432 }
2433 }
2434
2435 if (IS_DEBUG_OSPF_EVENT)
2436 zlog_debug("couldn't find any VL to associate the packet with");
2437
2438 return NULL;
2439 }
2440
2441 static int ospf_check_area_id(struct ospf_interface *oi,
2442 struct ospf_header *ospfh)
2443 {
2444 /* Check match the Area ID of the receiving interface. */
2445 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2446 return 1;
2447
2448 return 0;
2449 }
2450
2451 /* Unbound socket will accept any Raw IP packets if proto is matched.
2452 To prevent it, compare src IP address and i/f address with masking
2453 i/f network mask. */
2454 static int ospf_check_network_mask(struct ospf_interface *oi,
2455 struct in_addr ip_src)
2456 {
2457 struct in_addr mask, me, him;
2458
2459 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2460 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2461 return 1;
2462
2463 masklen2ip(oi->address->prefixlen, &mask);
2464
2465 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2466 him.s_addr = ip_src.s_addr & mask.s_addr;
2467
2468 if (IPV4_ADDR_SAME(&me, &him))
2469 return 1;
2470
2471 return 0;
2472 }
2473
2474 /* Return 1, if the packet is properly authenticated and checksummed,
2475 0 otherwise. In particular, check that AuType header field is valid and
2476 matches the locally configured AuType, and that D.5 requirements are met. */
2477 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2478 {
2479 struct crypt_key *ck;
2480 uint16_t iface_auth_type;
2481 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2482
2483 switch (pkt_auth_type) {
2484 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2485 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2486 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2487 flog_warn(
2488 EC_OSPF_PACKET,
2489 "interface %s: auth-type mismatch, local %s, rcvd Null",
2490 IF_NAME(oi),
2491 lookup_msg(ospf_auth_type_str,
2492 iface_auth_type, NULL));
2493 return 0;
2494 }
2495 if (!ospf_check_sum(ospfh)) {
2496 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2497 flog_warn(
2498 EC_OSPF_PACKET,
2499 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2500 IF_NAME(oi),
2501 inet_ntoa(ospfh->router_id));
2502 return 0;
2503 }
2504 return 1;
2505 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2506 if (OSPF_AUTH_SIMPLE
2507 != (iface_auth_type = ospf_auth_type(oi))) {
2508 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2509 flog_warn(
2510 EC_OSPF_PACKET,
2511 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2512 IF_NAME(oi),
2513 lookup_msg(ospf_auth_type_str,
2514 iface_auth_type, NULL));
2515 return 0;
2516 }
2517 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2518 OSPF_AUTH_SIMPLE_SIZE)) {
2519 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2520 flog_warn(EC_OSPF_PACKET,
2521 "interface %s: Simple auth failed",
2522 IF_NAME(oi));
2523 return 0;
2524 }
2525 if (!ospf_check_sum(ospfh)) {
2526 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2527 flog_warn(
2528 EC_OSPF_PACKET,
2529 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2530 IF_NAME(oi),
2531 inet_ntoa(ospfh->router_id));
2532 return 0;
2533 }
2534 return 1;
2535 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2536 if (OSPF_AUTH_CRYPTOGRAPHIC
2537 != (iface_auth_type = ospf_auth_type(oi))) {
2538 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2539 flog_warn(
2540 EC_OSPF_PACKET,
2541 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2542 IF_NAME(oi),
2543 lookup_msg(ospf_auth_type_str,
2544 iface_auth_type, NULL));
2545 return 0;
2546 }
2547 if (ospfh->checksum) {
2548 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2549 flog_warn(
2550 EC_OSPF_PACKET,
2551 "interface %s: OSPF header checksum is not 0",
2552 IF_NAME(oi));
2553 return 0;
2554 }
2555 /* only MD5 crypto method can pass ospf_packet_examin() */
2556 if (NULL == (ck = listgetdata(
2557 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2558 || ospfh->u.crypt.key_id != ck->key_id ||
2559 /* Condition above uses the last key ID on the list,
2560 which is
2561 different from what ospf_crypt_key_lookup() does. A
2562 bug? */
2563 !ospf_check_md5_digest(oi, ospfh)) {
2564 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2565 flog_warn(EC_OSPF_MD5,
2566 "interface %s: MD5 auth failed",
2567 IF_NAME(oi));
2568 return 0;
2569 }
2570 return 1;
2571 default:
2572 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2573 flog_warn(
2574 EC_OSPF_PACKET,
2575 "interface %s: invalid packet auth-type (%02x)",
2576 IF_NAME(oi), pkt_auth_type);
2577 return 0;
2578 }
2579 }
2580
2581 static int ospf_check_sum(struct ospf_header *ospfh)
2582 {
2583 uint32_t ret;
2584 uint16_t sum;
2585
2586 /* clear auth_data for checksum. */
2587 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2588
2589 /* keep checksum and clear. */
2590 sum = ospfh->checksum;
2591 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2592
2593 /* calculate checksum. */
2594 ret = in_cksum(ospfh, ntohs(ospfh->length));
2595
2596 if (ret != sum) {
2597 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2598 ret, sum);
2599 return 0;
2600 }
2601
2602 return 1;
2603 }
2604
2605 /* Verify, that given link/TOS records are properly sized/aligned and match
2606 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2607 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2608 uint16_t linkbytes,
2609 const uint16_t num_links)
2610 {
2611 unsigned counted_links = 0, thislinklen;
2612
2613 while (linkbytes) {
2614 thislinklen =
2615 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2616 if (thislinklen > linkbytes) {
2617 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2618 zlog_debug("%s: length error in link block #%u",
2619 __func__, counted_links);
2620 return MSG_NG;
2621 }
2622 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2623 linkbytes -= thislinklen;
2624 counted_links++;
2625 }
2626 if (counted_links != num_links) {
2627 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2628 zlog_debug("%s: %u link blocks declared, %u present",
2629 __func__, num_links, counted_links);
2630 return MSG_NG;
2631 }
2632 return MSG_OK;
2633 }
2634
2635 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2636 minimum length constraint). */
2637 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2638 const uint8_t headeronly)
2639 {
2640 unsigned ret;
2641 struct router_lsa *rlsa;
2642 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2643 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2644 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2645 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2646 lookup_msg(ospf_lsa_type_msg, lsah->type,
2647 NULL));
2648 return MSG_NG;
2649 }
2650 switch (lsah->type) {
2651 case OSPF_ROUTER_LSA:
2652 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2653 * (12+)-byte link blocks */
2654 if (headeronly) {
2655 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2656 - OSPF_ROUTER_LSA_MIN_SIZE)
2657 % 4
2658 ? MSG_NG
2659 : MSG_OK;
2660 break;
2661 }
2662 rlsa = (struct router_lsa *)lsah;
2663 ret = ospf_router_lsa_links_examin(
2664 (struct router_lsa_link *)rlsa->link,
2665 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2666 header, "flags",
2667 0, "# links" */
2668 ntohs(rlsa->links) /* 16 bits */
2669 );
2670 break;
2671 case OSPF_AS_EXTERNAL_LSA:
2672 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2673 * blocks */
2674 case OSPF_AS_NSSA_LSA:
2675 /* RFC3101 C, idem */
2676 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2677 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2678 % 12
2679 ? MSG_NG
2680 : MSG_OK;
2681 break;
2682 /* Following LSA types are considered OK length-wise as soon as their
2683 * minimum
2684 * length constraint is met and length of the whole LSA is a multiple of
2685 * 4
2686 * (basic LSA header size is already a multiple of 4). */
2687 case OSPF_NETWORK_LSA:
2688 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2689 case OSPF_SUMMARY_LSA:
2690 case OSPF_ASBR_SUMMARY_LSA:
2691 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2692 * blocks */
2693 case OSPF_OPAQUE_LINK_LSA:
2694 case OSPF_OPAQUE_AREA_LSA:
2695 case OSPF_OPAQUE_AS_LSA:
2696 /* RFC5250 A.2, "some number of octets (of application-specific
2697 * data) padded to 32-bit alignment." This is considered
2698 * equivalent
2699 * to 4-byte alignment of all other LSA types, see
2700 * OSPF-ALIGNMENT.txt
2701 * file for the detailed analysis of this passage. */
2702 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2703 break;
2704 default:
2705 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2706 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2707 lsah->type);
2708 return MSG_NG;
2709 }
2710 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2711 zlog_debug("%s: alignment error in %s", __func__,
2712 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2713 return ret;
2714 }
2715
2716 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2717 includes verification of LSA blocks length/alignment and dispatching
2718 of deeper-level checks. */
2719 static unsigned
2720 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2721 size_t length, const uint8_t headeronly,
2722 /* When declared_num_lsas is not 0, compare it to the real
2723 number of LSAs
2724 and treat the difference as an error. */
2725 const uint32_t declared_num_lsas)
2726 {
2727 uint32_t counted_lsas = 0;
2728
2729 while (length) {
2730 uint16_t lsalen;
2731 if (length < OSPF_LSA_HEADER_SIZE) {
2732 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2733 zlog_debug(
2734 "%s: undersized (%zu B) trailing (#%u) LSA header",
2735 __func__, length, counted_lsas);
2736 return MSG_NG;
2737 }
2738 /* save on ntohs() calls here and in the LSA validator */
2739 lsalen = ntohs(lsah->length);
2740 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2741 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2742 zlog_debug(
2743 "%s: malformed LSA header #%u, declared length is %u B",
2744 __func__, counted_lsas, lsalen);
2745 return MSG_NG;
2746 }
2747 if (headeronly) {
2748 /* less checks here and in ospf_lsa_examin() */
2749 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2750 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2751 zlog_debug(
2752 "%s: malformed header-only LSA #%u",
2753 __func__, counted_lsas);
2754 return MSG_NG;
2755 }
2756 lsah = (struct lsa_header *)((caddr_t)lsah
2757 + OSPF_LSA_HEADER_SIZE);
2758 length -= OSPF_LSA_HEADER_SIZE;
2759 } else {
2760 /* make sure the input buffer is deep enough before
2761 * further checks */
2762 if (lsalen > length) {
2763 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2764 zlog_debug(
2765 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2766 __func__, counted_lsas, lsalen,
2767 length);
2768 return MSG_NG;
2769 }
2770 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2771 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2772 zlog_debug("%s: malformed LSA #%u",
2773 __func__, counted_lsas);
2774 return MSG_NG;
2775 }
2776 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2777 length -= lsalen;
2778 }
2779 counted_lsas++;
2780 }
2781
2782 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2783 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2784 zlog_debug(
2785 "%s: #LSAs declared (%u) does not match actual (%u)",
2786 __func__, declared_num_lsas, counted_lsas);
2787 return MSG_NG;
2788 }
2789 return MSG_OK;
2790 }
2791
2792 /* Verify a complete OSPF packet for proper sizing/alignment. */
2793 static unsigned ospf_packet_examin(struct ospf_header *oh,
2794 const unsigned bytesonwire)
2795 {
2796 uint16_t bytesdeclared, bytesauth;
2797 unsigned ret;
2798 struct ospf_ls_update *lsupd;
2799
2800 /* Length, 1st approximation. */
2801 if (bytesonwire < OSPF_HEADER_SIZE) {
2802 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2803 zlog_debug("%s: undersized (%u B) packet", __func__,
2804 bytesonwire);
2805 return MSG_NG;
2806 }
2807 /* Now it is safe to access header fields. Performing length check,
2808 * allow
2809 * for possible extra bytes of crypto auth/padding, which are not
2810 * counted
2811 * in the OSPF header "length" field. */
2812 if (oh->version != OSPF_VERSION) {
2813 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2814 zlog_debug("%s: invalid (%u) protocol version",
2815 __func__, oh->version);
2816 return MSG_NG;
2817 }
2818 bytesdeclared = ntohs(oh->length);
2819 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2820 bytesauth = 0;
2821 else {
2822 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2823 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2824 zlog_debug(
2825 "%s: unsupported crypto auth length (%u B)",
2826 __func__, oh->u.crypt.auth_data_len);
2827 return MSG_NG;
2828 }
2829 bytesauth = OSPF_AUTH_MD5_SIZE;
2830 }
2831 if (bytesdeclared + bytesauth > bytesonwire) {
2832 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2833 zlog_debug(
2834 "%s: packet length error (%u real, %u+%u declared)",
2835 __func__, bytesonwire, bytesdeclared,
2836 bytesauth);
2837 return MSG_NG;
2838 }
2839 /* Length, 2nd approximation. The type-specific constraint is checked
2840 against declared length, not amount of bytes on wire. */
2841 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2842 && bytesdeclared
2843 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2844 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2845 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2846 bytesdeclared,
2847 lookup_msg(ospf_packet_type_str, oh->type,
2848 NULL));
2849 return MSG_NG;
2850 }
2851 switch (oh->type) {
2852 case OSPF_MSG_HELLO:
2853 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2854 followed
2855 by N>=0 router-IDs. */
2856 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2857 % 4
2858 ? MSG_NG
2859 : MSG_OK;
2860 break;
2861 case OSPF_MSG_DB_DESC:
2862 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2863 followed
2864 by N>=0 header-only LSAs. */
2865 ret = ospf_lsaseq_examin(
2866 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2867 + OSPF_DB_DESC_MIN_SIZE),
2868 bytesdeclared - OSPF_HEADER_SIZE
2869 - OSPF_DB_DESC_MIN_SIZE,
2870 1, /* header-only LSAs */
2871 0);
2872 break;
2873 case OSPF_MSG_LS_REQ:
2874 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2875 * request blocks. */
2876 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2877 % OSPF_LSA_KEY_SIZE
2878 ? MSG_NG
2879 : MSG_OK;
2880 break;
2881 case OSPF_MSG_LS_UPD:
2882 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2883 followed
2884 by N>=0 full LSAs (with N declared beforehand). */
2885 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2886 + OSPF_HEADER_SIZE);
2887 ret = ospf_lsaseq_examin(
2888 (struct lsa_header *)((caddr_t)lsupd
2889 + OSPF_LS_UPD_MIN_SIZE),
2890 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2891 0, /* full LSAs */
2892 ntohl(lsupd->num_lsas) /* 32 bits */
2893 );
2894 break;
2895 case OSPF_MSG_LS_ACK:
2896 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2897 * LSAs. */
2898 ret = ospf_lsaseq_examin(
2899 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2900 + OSPF_LS_ACK_MIN_SIZE),
2901 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2902 1, /* header-only LSAs */
2903 0);
2904 break;
2905 default:
2906 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2907 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2908 oh->type);
2909 return MSG_NG;
2910 }
2911 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2912 zlog_debug("%s: malformed %s packet", __func__,
2913 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2914 return ret;
2915 }
2916
2917 /* OSPF Header verification. */
2918 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2919 struct ip *iph, struct ospf_header *ospfh)
2920 {
2921 /* Check Area ID. */
2922 if (!ospf_check_area_id(oi, ospfh)) {
2923 flog_warn(EC_OSPF_PACKET,
2924 "interface %s: ospf_read invalid Area ID %s.",
2925 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2926 return -1;
2927 }
2928
2929 /* Check network mask, Silently discarded. */
2930 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2931 flog_warn(
2932 EC_OSPF_PACKET,
2933 "interface %s: ospf_read network address is not same [%s]",
2934 IF_NAME(oi), inet_ntoa(iph->ip_src));
2935 return -1;
2936 }
2937
2938 /* Check authentication. The function handles logging actions, where
2939 * required. */
2940 if (!ospf_check_auth(oi, ospfh))
2941 return -1;
2942
2943 return 0;
2944 }
2945
2946 /* Starting point of packet process function. */
2947 int ospf_read(struct thread *thread)
2948 {
2949 int ret;
2950 struct stream *ibuf;
2951 struct ospf *ospf;
2952 struct ospf_interface *oi;
2953 struct ip *iph;
2954 struct ospf_header *ospfh;
2955 uint16_t length;
2956 struct interface *ifp = NULL;
2957 struct connected *c;
2958
2959 /* first of all get interface pointer. */
2960 ospf = THREAD_ARG(thread);
2961
2962 /* prepare for next packet. */
2963 ospf->t_read = NULL;
2964 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2965
2966 stream_reset(ospf->ibuf);
2967 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2968 if (ibuf == NULL)
2969 return -1;
2970 /* This raw packet is known to be at least as big as its IP header. */
2971
2972 /* Note that there should not be alignment problems with this assignment
2973 because this is at the beginning of the stream data buffer. */
2974 iph = (struct ip *)STREAM_DATA(ibuf);
2975 /* Note that sockopt_iphdrincl_swab_systoh was called in
2976 * ospf_recv_packet. */
2977
2978 if (ifp == NULL) {
2979 /* Handle cases where the platform does not support retrieving
2980 the ifindex,
2981 and also platforms (such as Solaris 8) that claim to support
2982 ifindex
2983 retrieval but do not. */
2984 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2985 ospf->vrf_id);
2986 if (c)
2987 ifp = c->ifp;
2988 if (ifp == NULL)
2989 return 0;
2990 }
2991
2992 /* IP Header dump. */
2993 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2994 ospf_ip_header_dump(iph);
2995
2996 /* Self-originated packet should be discarded silently. */
2997 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2998 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2999 zlog_debug(
3000 "ospf_read[%s]: Dropping self-originated packet",
3001 inet_ntoa(iph->ip_src));
3002 }
3003 return 0;
3004 }
3005
3006 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
3007 by ospf_recv_packet() to be correct). */
3008 stream_forward_getp(ibuf, iph->ip_hl * 4);
3009
3010 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3011 if (MSG_OK
3012 != ospf_packet_examin(
3013 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
3014 return -1;
3015 /* Now it is safe to access all fields of OSPF packet header. */
3016
3017 /* associate packet with ospf interface */
3018 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3019
3020 /* ospf_verify_header() relies on a valid "oi" and thus can be called
3021 only
3022 after the passive/backbone/other checks below are passed. These
3023 checks
3024 in turn access the fields of unverified "ospfh" structure for their
3025 own
3026 purposes and must remain very accurate in doing this. */
3027
3028 /* If incoming interface is passive one, ignore it. */
3029 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3030 char buf[3][INET_ADDRSTRLEN];
3031
3032 if (IS_DEBUG_OSPF_EVENT)
3033 zlog_debug(
3034 "ignoring packet from router %s sent to %s, "
3035 "received on a passive interface, %s",
3036 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3037 sizeof(buf[0])),
3038 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3039 sizeof(buf[1])),
3040 inet_ntop(AF_INET, &oi->address->u.prefix4,
3041 buf[2], sizeof(buf[2])));
3042
3043 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3044 /* Try to fix multicast membership.
3045 * Some OS:es may have problems in this area,
3046 * make sure it is removed.
3047 */
3048 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3049 ospf_if_set_multicast(oi);
3050 }
3051 return 0;
3052 }
3053
3054
3055 /* if no local ospf_interface,
3056 * or header area is backbone but ospf_interface is not
3057 * check for VLINK interface
3058 */
3059 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3060 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3061 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3062 == NULL) {
3063 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3064 zlog_debug(
3065 "Packet from [%s] received on link %s"
3066 " but no ospf_interface",
3067 inet_ntoa(iph->ip_src), ifp->name);
3068 return 0;
3069 }
3070 }
3071
3072 /* else it must be a local ospf interface, check it was received on
3073 * correct link
3074 */
3075 else if (oi->ifp != ifp) {
3076 if (IS_DEBUG_OSPF_EVENT)
3077 flog_warn(EC_OSPF_PACKET,
3078 "Packet from [%s] received on wrong link %s",
3079 inet_ntoa(iph->ip_src), ifp->name);
3080 return 0;
3081 } else if (oi->state == ISM_Down) {
3082 char buf[2][INET_ADDRSTRLEN];
3083 flog_warn(
3084 EC_OSPF_PACKET,
3085 "Ignoring packet from %s to %s received on interface that is "
3086 "down [%s]; interface flags are %s",
3087 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3088 sizeof(buf[0])),
3089 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3090 sizeof(buf[1])),
3091 ifp->name, if_flag_dump(ifp->flags));
3092 /* Fix multicast memberships? */
3093 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3094 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3095 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3096 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3097 if (oi->multicast_memberships)
3098 ospf_if_set_multicast(oi);
3099 return 0;
3100 }
3101
3102 /*
3103 * If the received packet is destined for AllDRouters, the packet
3104 * should be accepted only if the received ospf interface state is
3105 * either DR or Backup -- endo.
3106 */
3107 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3108 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3109 flog_warn(
3110 EC_OSPF_PACKET,
3111 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3112 inet_ntoa(iph->ip_src), IF_NAME(oi),
3113 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3114 /* Try to fix multicast membership. */
3115 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3116 ospf_if_set_multicast(oi);
3117 return 0;
3118 }
3119
3120 /* Verify more OSPF header fields. */
3121 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3122 if (ret < 0) {
3123 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3124 zlog_debug(
3125 "ospf_read[%s]: Header check failed, "
3126 "dropping.",
3127 inet_ntoa(iph->ip_src));
3128 return ret;
3129 }
3130
3131 /* Show debug receiving packet. */
3132 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3133 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3134 zlog_debug(
3135 "-----------------------------------------------------");
3136 ospf_packet_dump(ibuf);
3137 }
3138
3139 zlog_debug("%s received from [%s] via [%s]",
3140 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3141 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3142 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3143 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3144
3145 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3146 zlog_debug(
3147 "-----------------------------------------------------");
3148 }
3149
3150 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3151
3152 /* Adjust size to message length. */
3153 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3154
3155 /* Read rest of the packet and call each sort of packet routine. */
3156 switch (ospfh->type) {
3157 case OSPF_MSG_HELLO:
3158 ospf_hello(iph, ospfh, ibuf, oi, length);
3159 break;
3160 case OSPF_MSG_DB_DESC:
3161 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3162 break;
3163 case OSPF_MSG_LS_REQ:
3164 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3165 break;
3166 case OSPF_MSG_LS_UPD:
3167 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3168 break;
3169 case OSPF_MSG_LS_ACK:
3170 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3171 break;
3172 default:
3173 flog_warn(EC_OSPF_PACKET,
3174 "interface %s: OSPF packet header type %d is illegal",
3175 IF_NAME(oi), ospfh->type);
3176 break;
3177 }
3178
3179 return 0;
3180 }
3181
3182 /* Make OSPF header. */
3183 static void ospf_make_header(int type, struct ospf_interface *oi,
3184 struct stream *s)
3185 {
3186 struct ospf_header *ospfh;
3187
3188 ospfh = (struct ospf_header *)STREAM_DATA(s);
3189
3190 ospfh->version = (uint8_t)OSPF_VERSION;
3191 ospfh->type = (uint8_t)type;
3192
3193 ospfh->router_id = oi->ospf->router_id;
3194
3195 ospfh->checksum = 0;
3196 ospfh->area_id = oi->area->area_id;
3197 ospfh->auth_type = htons(ospf_auth_type(oi));
3198
3199 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3200
3201 stream_forward_endp(s, OSPF_HEADER_SIZE);
3202 }
3203
3204 /* Make Authentication Data. */
3205 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3206 {
3207 struct crypt_key *ck;
3208
3209 switch (ospf_auth_type(oi)) {
3210 case OSPF_AUTH_NULL:
3211 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3212 */
3213 break;
3214 case OSPF_AUTH_SIMPLE:
3215 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3216 OSPF_AUTH_SIMPLE_SIZE);
3217 break;
3218 case OSPF_AUTH_CRYPTOGRAPHIC:
3219 /* If key is not set, then set 0. */
3220 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3221 ospfh->u.crypt.zero = 0;
3222 ospfh->u.crypt.key_id = 0;
3223 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3224 } else {
3225 ck = listgetdata(
3226 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3227 ospfh->u.crypt.zero = 0;
3228 ospfh->u.crypt.key_id = ck->key_id;
3229 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3230 }
3231 /* note: the seq is done in ospf_make_md5_digest() */
3232 break;
3233 default:
3234 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3235 */
3236 break;
3237 }
3238
3239 return 0;
3240 }
3241
3242 /* Fill rest of OSPF header. */
3243 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3244 uint16_t length)
3245 {
3246 struct ospf_header *ospfh;
3247
3248 ospfh = (struct ospf_header *)STREAM_DATA(s);
3249
3250 /* Fill length. */
3251 ospfh->length = htons(length);
3252
3253 /* Calculate checksum. */
3254 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3255 ospfh->checksum = in_cksum(ospfh, length);
3256 else
3257 ospfh->checksum = 0;
3258
3259 /* Add Authentication Data. */
3260 ospf_make_auth(oi, ospfh);
3261 }
3262
3263 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3264 {
3265 struct ospf_neighbor *nbr;
3266 struct route_node *rn;
3267 uint16_t length = OSPF_HELLO_MIN_SIZE;
3268 struct in_addr mask;
3269 unsigned long p;
3270 int flag = 0;
3271
3272 /* Set netmask of interface. */
3273 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3274 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3275 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3276 masklen2ip(oi->address->prefixlen, &mask);
3277 else
3278 memset((char *)&mask, 0, sizeof(struct in_addr));
3279 stream_put_ipv4(s, mask.s_addr);
3280
3281 /* Set Hello Interval. */
3282 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3283 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3284 else
3285 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3286
3287 if (IS_DEBUG_OSPF_EVENT)
3288 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3289 IF_NAME(oi));
3290
3291 /* Set Options. */
3292 stream_putc(s, OPTIONS(oi));
3293
3294 /* Set Router Priority. */
3295 stream_putc(s, PRIORITY(oi));
3296
3297 /* Set Router Dead Interval. */
3298 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3299
3300 /* Set Designated Router. */
3301 stream_put_ipv4(s, DR(oi).s_addr);
3302
3303 p = stream_get_endp(s);
3304
3305 /* Set Backup Designated Router. */
3306 stream_put_ipv4(s, BDR(oi).s_addr);
3307
3308 /* Add neighbor seen. */
3309 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3310 if ((nbr = rn->info))
3311 if (nbr->router_id.s_addr
3312 != 0) /* Ignore 0.0.0.0 node. */
3313 if (nbr->state
3314 != NSM_Attempt) /* Ignore Down neighbor. */
3315 if (nbr->state
3316 != NSM_Down) /* This is myself for
3317 DR election. */
3318 if (!IPV4_ADDR_SAME(
3319 &nbr->router_id,
3320 &oi->ospf->router_id)) {
3321 /* Check neighbor is
3322 * sane? */
3323 if (nbr->d_router.s_addr
3324 != 0
3325 && IPV4_ADDR_SAME(
3326 &nbr->d_router,
3327 &oi->address
3328 ->u
3329 .prefix4)
3330 && IPV4_ADDR_SAME(
3331 &nbr->bd_router,
3332 &oi->address
3333 ->u
3334 .prefix4))
3335 flag = 1;
3336
3337 /* Hello packet overflows interface MTU. */
3338 if (length + sizeof(uint32_t)
3339 > ospf_packet_max(oi)) {
3340 flog_err(
3341 EC_OSPF_LARGE_HELLO,
3342 "Oversized Hello packet! Larger than MTU. Not sending it out");
3343 return 0;
3344 }
3345
3346 stream_put_ipv4(
3347 s,
3348 nbr->router_id
3349 .s_addr);
3350 length += 4;
3351 }
3352
3353 /* Let neighbor generate BackupSeen. */
3354 if (flag == 1)
3355 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3356
3357 return length;
3358 }
3359
3360 static int ospf_make_db_desc(struct ospf_interface *oi,
3361 struct ospf_neighbor *nbr, struct stream *s)
3362 {
3363 struct ospf_lsa *lsa;
3364 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3365 uint8_t options;
3366 unsigned long pp;
3367 int i;
3368 struct ospf_lsdb *lsdb;
3369
3370 /* Set Interface MTU. */
3371 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3372 stream_putw(s, 0);
3373 else
3374 stream_putw(s, oi->ifp->mtu);
3375
3376 /* Set Options. */
3377 options = OPTIONS(oi);
3378 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3379 SET_FLAG(options, OSPF_OPTION_O);
3380 stream_putc(s, options);
3381
3382 /* DD flags */
3383 pp = stream_get_endp(s);
3384 stream_putc(s, nbr->dd_flags);
3385
3386 /* Set DD Sequence Number. */
3387 stream_putl(s, nbr->dd_seqnum);
3388
3389 /* shortcut unneeded walk of (empty) summary LSDBs */
3390 if (ospf_db_summary_isempty(nbr))
3391 goto empty;
3392
3393 /* Describe LSA Header from Database Summary List. */
3394 lsdb = &nbr->db_sum;
3395
3396 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3397 struct route_table *table = lsdb->type[i].db;
3398 struct route_node *rn;
3399
3400 for (rn = route_top(table); rn; rn = route_next(rn))
3401 if ((lsa = rn->info) != NULL) {
3402 if (IS_OPAQUE_LSA(lsa->data->type)
3403 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3404 /* Suppress advertising
3405 * opaque-information. */
3406 /* Remove LSA from DB summary list. */
3407 ospf_lsdb_delete(lsdb, lsa);
3408 continue;
3409 }
3410
3411 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3412 struct lsa_header *lsah;
3413 uint16_t ls_age;
3414
3415 /* DD packet overflows interface MTU. */
3416 if (length + OSPF_LSA_HEADER_SIZE
3417 > ospf_packet_max(oi))
3418 break;
3419
3420 /* Keep pointer to LS age. */
3421 lsah = (struct lsa_header
3422 *)(STREAM_DATA(s)
3423 + stream_get_endp(
3424 s));
3425
3426 /* Proceed stream pointer. */
3427 stream_put(s, lsa->data,
3428 OSPF_LSA_HEADER_SIZE);
3429 length += OSPF_LSA_HEADER_SIZE;
3430
3431 /* Set LS age. */
3432 ls_age = LS_AGE(lsa);
3433 lsah->ls_age = htons(ls_age);
3434 }
3435
3436 /* Remove LSA from DB summary list. */
3437 ospf_lsdb_delete(lsdb, lsa);
3438 }
3439 }
3440
3441 /* Update 'More' bit */
3442 if (ospf_db_summary_isempty(nbr)) {
3443 empty:
3444 if (nbr->state >= NSM_Exchange) {
3445 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3446 /* Rewrite DD flags */
3447 stream_putc_at(s, pp, nbr->dd_flags);
3448 } else {
3449 assert(IS_SET_DD_M(nbr->dd_flags));
3450 }
3451 }
3452 return length;
3453 }
3454
3455 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3456 unsigned long delta, struct ospf_neighbor *nbr,
3457 struct ospf_lsa *lsa)
3458 {
3459 struct ospf_interface *oi;
3460
3461 oi = nbr->oi;
3462
3463 /* LS Request packet overflows interface MTU
3464 * delta is just number of bytes required for 1 LS Req
3465 * ospf_packet_max will return the number of bytes can
3466 * be accomodated without ospf header. So length+delta
3467 * can be compared to ospf_packet_max
3468 * to check if it can fit another lsreq in the same packet.
3469 */
3470
3471 if (*length + delta > ospf_packet_max(oi))
3472 return 0;
3473
3474 stream_putl(s, lsa->data->type);
3475 stream_put_ipv4(s, lsa->data->id.s_addr);
3476 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3477
3478 ospf_lsa_unlock(&nbr->ls_req_last);
3479 nbr->ls_req_last = ospf_lsa_lock(lsa);
3480
3481 *length += 12;
3482 return 1;
3483 }
3484
3485 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3486 {
3487 struct ospf_lsa *lsa;
3488 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3489 unsigned long delta = 12;
3490 struct route_table *table;
3491 struct route_node *rn;
3492 int i;
3493 struct ospf_lsdb *lsdb;
3494
3495 lsdb = &nbr->ls_req;
3496
3497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3498 table = lsdb->type[i].db;
3499 for (rn = route_top(table); rn; rn = route_next(rn))
3500 if ((lsa = (rn->info)) != NULL)
3501 if (ospf_make_ls_req_func(s, &length, delta,
3502 nbr, lsa)
3503 == 0) {
3504 route_unlock_node(rn);
3505 break;
3506 }
3507 }
3508 return length;
3509 }
3510
3511 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3512 {
3513 int age;
3514
3515 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3516
3517 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3518 }
3519
3520 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3521 struct stream *s)
3522 {
3523 struct ospf_lsa *lsa;
3524 struct listnode *node;
3525 uint16_t length = 0;
3526 unsigned int size_noauth;
3527 unsigned long delta = stream_get_endp(s);
3528 unsigned long pp;
3529 int count = 0;
3530
3531 if (IS_DEBUG_OSPF_EVENT)
3532 zlog_debug("ospf_make_ls_upd: Start");
3533
3534 pp = stream_get_endp(s);
3535 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3536 length += OSPF_LS_UPD_MIN_SIZE;
3537
3538 /* Calculate amount of packet usable for data. */
3539 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3540
3541 while ((node = listhead(update)) != NULL) {
3542 struct lsa_header *lsah;
3543 uint16_t ls_age;
3544
3545 if (IS_DEBUG_OSPF_EVENT)
3546 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3547 count);
3548
3549 lsa = listgetdata(node);
3550
3551 assert(lsa->data);
3552
3553 /* Will it fit? Minimum it has to fit atleast one */
3554 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3555 (count > 0))
3556 break;
3557
3558 /* Keep pointer to LS age. */
3559 lsah = (struct lsa_header *)(STREAM_DATA(s)
3560 + stream_get_endp(s));
3561
3562 /* Put LSA to Link State Request. */
3563 stream_put(s, lsa->data, ntohs(lsa->data->length));
3564
3565 /* Set LS age. */
3566 /* each hop must increment an lsa_age by transmit_delay
3567 of OSPF interface */
3568 ls_age = ls_age_increment(lsa,
3569 OSPF_IF_PARAM(oi, transmit_delay));
3570 lsah->ls_age = htons(ls_age);
3571
3572 length += ntohs(lsa->data->length);
3573 count++;
3574
3575 list_delete_node(update, node);
3576 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3577 }
3578
3579 /* Now set #LSAs. */
3580 stream_putl_at(s, pp, count);
3581
3582 if (IS_DEBUG_OSPF_EVENT)
3583 zlog_debug("ospf_make_ls_upd: Stop");
3584 return length;
3585 }
3586
3587 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3588 struct stream *s)
3589 {
3590 struct listnode *node, *nnode;
3591 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3592 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3593 struct ospf_lsa *lsa;
3594
3595 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3596 assert(lsa);
3597
3598 /* LS Ack packet overflows interface MTU
3599 * delta is just number of bytes required for
3600 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3601 * the number of bytes can be accomodated without
3602 * ospf header. So length+delta can be compared
3603 * against ospf_packet_max to check if it can fit
3604 * another ls header in the same packet.
3605 */
3606 if ((length + delta) > ospf_packet_max(oi))
3607 break;
3608
3609 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3610 length += OSPF_LSA_HEADER_SIZE;
3611
3612 listnode_delete(ack, lsa);
3613 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3614 }
3615
3616 return length;
3617 }
3618
3619 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3620 {
3621 struct ospf_packet *op;
3622 uint16_t length = OSPF_HEADER_SIZE;
3623
3624 op = ospf_packet_new(oi->ifp->mtu);
3625
3626 /* Prepare OSPF common header. */
3627 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3628
3629 /* Prepare OSPF Hello body. */
3630 length += ospf_make_hello(oi, op->s);
3631 if (length == OSPF_HEADER_SIZE) {
3632 /* Hello overshooting MTU */
3633 ospf_packet_free(op);
3634 return;
3635 }
3636
3637 /* Fill OSPF header. */
3638 ospf_fill_header(oi, op->s, length);
3639
3640 /* Set packet length. */
3641 op->length = length;
3642
3643 op->dst.s_addr = addr;
3644
3645 if (IS_DEBUG_OSPF_EVENT) {
3646 if (oi->ospf->vrf_id)
3647 zlog_debug(
3648 "%s: Hello Tx interface %s ospf vrf %s id %u",
3649 __PRETTY_FUNCTION__, oi->ifp->name,
3650 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3651 oi->ospf->vrf_id);
3652 }
3653 /* Add packet to the top of the interface output queue, so that they
3654 * can't get delayed by things like long queues of LS Update packets
3655 */
3656 ospf_packet_add_top(oi, op);
3657
3658 /* Hook thread to write packet. */
3659 OSPF_ISM_WRITE_ON(oi->ospf);
3660 }
3661
3662 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3663 {
3664 struct ospf_interface *oi;
3665
3666 oi = nbr_nbma->oi;
3667 assert(oi);
3668
3669 /* If this is passive interface, do not send OSPF Hello. */
3670 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3671 return;
3672
3673 if (oi->type != OSPF_IFTYPE_NBMA)
3674 return;
3675
3676 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3677 return;
3678
3679 if (PRIORITY(oi) == 0)
3680 return;
3681
3682 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3683 && oi->state != ISM_Backup)
3684 return;
3685
3686 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3687 }
3688
3689 int ospf_poll_timer(struct thread *thread)
3690 {
3691 struct ospf_nbr_nbma *nbr_nbma;
3692
3693 nbr_nbma = THREAD_ARG(thread);
3694 nbr_nbma->t_poll = NULL;
3695
3696 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3697 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3698 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3699
3700 ospf_poll_send(nbr_nbma);
3701
3702 if (nbr_nbma->v_poll > 0)
3703 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3704 nbr_nbma->v_poll);
3705
3706 return 0;
3707 }
3708
3709
3710 int ospf_hello_reply_timer(struct thread *thread)
3711 {
3712 struct ospf_neighbor *nbr;
3713
3714 nbr = THREAD_ARG(thread);
3715 nbr->t_hello_reply = NULL;
3716
3717 assert(nbr->oi);
3718
3719 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3720 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3721 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3722
3723 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3724
3725 return 0;
3726 }
3727
3728 /* Send OSPF Hello. */
3729 void ospf_hello_send(struct ospf_interface *oi)
3730 {
3731 /* If this is passive interface, do not send OSPF Hello. */
3732 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3733 return;
3734
3735 if (oi->type == OSPF_IFTYPE_NBMA) {
3736 struct ospf_neighbor *nbr;
3737 struct route_node *rn;
3738
3739 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3740 if ((nbr = rn->info))
3741 if (nbr != oi->nbr_self)
3742 if (nbr->state != NSM_Down) {
3743 /* RFC 2328 Section 9.5.1
3744 If the router is not
3745 eligible to become Designated
3746 Router,
3747 it must periodically send
3748 Hello Packets to both the
3749 Designated Router and the
3750 Backup Designated Router (if
3751 they
3752 exist). */
3753 if (PRIORITY(oi) == 0
3754 && IPV4_ADDR_CMP(
3755 &DR(oi),
3756 &nbr->address.u
3757 .prefix4)
3758 && IPV4_ADDR_CMP(
3759 &BDR(oi),
3760 &nbr->address.u
3761 .prefix4))
3762 continue;
3763
3764 /* If the router is eligible to
3765 become Designated Router, it
3766 must periodically send Hello
3767 Packets to all neighbors that
3768 are also eligible. In
3769 addition, if the router is
3770 itself the
3771 Designated Router or Backup
3772 Designated Router, it must
3773 also
3774 send periodic Hello Packets
3775 to all other neighbors. */
3776
3777 if (nbr->priority == 0
3778 && oi->state == ISM_DROther)
3779 continue;
3780 /* if oi->state == Waiting, send
3781 * hello to all neighbors */
3782 ospf_hello_send_sub(
3783 oi,
3784 nbr->address.u.prefix4
3785 .s_addr);
3786 }
3787 } else {
3788 /* Decide destination address. */
3789 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3790 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3791 else
3792 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3793 }
3794 }
3795
3796 /* Send OSPF Database Description. */
3797 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3798 {
3799 struct ospf_interface *oi;
3800 struct ospf_packet *op;
3801 uint16_t length = OSPF_HEADER_SIZE;
3802
3803 oi = nbr->oi;
3804 op = ospf_packet_new(oi->ifp->mtu);
3805
3806 /* Prepare OSPF common header. */
3807 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3808
3809 /* Prepare OSPF Database Description body. */
3810 length += ospf_make_db_desc(oi, nbr, op->s);
3811
3812 /* Fill OSPF header. */
3813 ospf_fill_header(oi, op->s, length);
3814
3815 /* Set packet length. */
3816 op->length = length;
3817
3818 /* Decide destination address. */
3819 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3820 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3821 else
3822 op->dst = nbr->address.u.prefix4;
3823
3824 /* Add packet to the interface output queue. */
3825 ospf_packet_add(oi, op);
3826
3827 /* Hook thread to write packet. */
3828 OSPF_ISM_WRITE_ON(oi->ospf);
3829
3830 /* Remove old DD packet, then copy new one and keep in neighbor
3831 * structure. */
3832 if (nbr->last_send)
3833 ospf_packet_free(nbr->last_send);
3834 nbr->last_send = ospf_packet_dup(op);
3835 monotime(&nbr->last_send_ts);
3836 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3837 zlog_info(
3838 "%s:Packet[DD]: %s DB Desc send with seqnum:%x , flags:%x",
3839 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3840 inet_ntoa(nbr->router_id), nbr->dd_seqnum,
3841 nbr->dd_flags);
3842 }
3843
3844 /* Re-send Database Description. */
3845 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3846 {
3847 struct ospf_interface *oi;
3848
3849 oi = nbr->oi;
3850
3851 /* Add packet to the interface output queue. */
3852 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3853
3854 /* Hook thread to write packet. */
3855 OSPF_ISM_WRITE_ON(oi->ospf);
3856 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3857 zlog_info(
3858 "%s:Packet[DD]: %s DB Desc resend with seqnum:%x , flags:%x",
3859 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3860 inet_ntoa(nbr->router_id), nbr->dd_seqnum,
3861 nbr->dd_flags);
3862 }
3863
3864 /* Send Link State Request. */
3865 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3866 {
3867 struct ospf_interface *oi;
3868 struct ospf_packet *op;
3869 uint16_t length = OSPF_HEADER_SIZE;
3870
3871 oi = nbr->oi;
3872 op = ospf_packet_new(oi->ifp->mtu);
3873
3874 /* Prepare OSPF common header. */
3875 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3876
3877 /* Prepare OSPF Link State Request body. */
3878 length += ospf_make_ls_req(nbr, op->s);
3879 if (length == OSPF_HEADER_SIZE) {
3880 ospf_packet_free(op);
3881 return;
3882 }
3883
3884 /* Fill OSPF header. */
3885 ospf_fill_header(oi, op->s, length);
3886
3887 /* Set packet length. */
3888 op->length = length;
3889
3890 /* Decide destination address. */
3891 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3892 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3893 else
3894 op->dst = nbr->address.u.prefix4;
3895
3896 /* Add packet to the interface output queue. */
3897 ospf_packet_add(oi, op);
3898
3899 /* Hook thread to write packet. */
3900 OSPF_ISM_WRITE_ON(oi->ospf);
3901
3902 /* Add Link State Request Retransmission Timer. */
3903 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3904 }
3905
3906 /* Send Link State Update with an LSA. */
3907 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3908 int flag)
3909 {
3910 struct list *update;
3911
3912 update = list_new();
3913
3914 listnode_add(update, lsa);
3915
3916 /*ospf instance is going down, send self originated
3917 * MAXAGE LSA update to neighbors to remove from LSDB */
3918 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3919 ospf_ls_upd_send(nbr, update, flag, 1);
3920 else
3921 ospf_ls_upd_send(nbr, update, flag, 0);
3922
3923 list_delete(&update);
3924 }
3925
3926 /* Determine size for packet. Must be at least big enough to accomodate next
3927 * LSA on list, which may be bigger than MTU size.
3928 *
3929 * Return pointer to new ospf_packet
3930 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3931 * on packet sizes (in which case offending LSA is deleted from update list)
3932 */
3933 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3934 struct ospf_interface *oi)
3935 {
3936 struct ospf_lsa *lsa;
3937 struct listnode *ln;
3938 size_t size;
3939 static char warned = 0;
3940
3941 lsa = listgetdata((ln = listhead(update)));
3942 assert(lsa->data);
3943
3944 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3945 > ospf_packet_max(oi)) {
3946 if (!warned) {
3947 flog_warn(
3948 EC_OSPF_LARGE_LSA,
3949 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3950 "will need to fragment. Not optimal. Try divide up"
3951 " your network with areas. Use 'debug ospf packet send'"
3952 " to see details, or look at 'show ip ospf database ..'");
3953 warned = 1;
3954 }
3955
3956 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3957 zlog_debug(
3958 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3959 " %d bytes originated by %s, will be fragmented!",
3960 inet_ntoa(lsa->data->id),
3961 ntohs(lsa->data->length),
3962 inet_ntoa(lsa->data->adv_router));
3963
3964 /*
3965 * Allocate just enough to fit this LSA only, to avoid including
3966 * other
3967 * LSAs in fragmented LSA Updates.
3968 */
3969 size = ntohs(lsa->data->length)
3970 + (oi->ifp->mtu - ospf_packet_max(oi))
3971 + OSPF_LS_UPD_MIN_SIZE;
3972 } else
3973 size = oi->ifp->mtu;
3974
3975 if (size > OSPF_MAX_PACKET_SIZE) {
3976 flog_warn(EC_OSPF_LARGE_LSA,
3977 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3978 " %d bytes, packet size %ld, dropping it completely."
3979 " OSPF routing is broken!",
3980 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3981 (long int)size);
3982 list_delete_node(update, ln);
3983 return NULL;
3984 }
3985
3986 /* IP header is built up separately by ospf_write(). This means, that we
3987 * must
3988 * reduce the "affordable" size just calculated by length of an IP
3989 * header.
3990 * This makes sure, that even if we manage to fill the payload with LSA
3991 * data
3992 * completely, the final packet (our data plus IP header) still fits
3993 * into
3994 * outgoing interface MTU. This correction isn't really meaningful for
3995 * an
3996 * oversized LSA, but for consistency the correction is done for both
3997 * cases.
3998 *
3999 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4000 */
4001 return ospf_packet_new(size - sizeof(struct ip));
4002 }
4003
4004 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4005 struct list *update, struct in_addr addr,
4006 int send_lsupd_now)
4007 {
4008 struct ospf_packet *op;
4009 uint16_t length = OSPF_HEADER_SIZE;
4010
4011 if (IS_DEBUG_OSPF_EVENT)
4012 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
4013 IF_NAME(oi), inet_ntoa(addr));
4014
4015 /* Check that we have really something to process */
4016 if (listcount(update) == 0)
4017 return;
4018
4019 op = ospf_ls_upd_packet_new(update, oi);
4020
4021 /* Prepare OSPF common header. */
4022 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4023
4024 /* Prepare OSPF Link State Update body.
4025 * Includes Type-7 translation.
4026 */
4027 length += ospf_make_ls_upd(oi, update, op->s);
4028
4029 /* Fill OSPF header. */
4030 ospf_fill_header(oi, op->s, length);
4031
4032 /* Set packet length. */
4033 op->length = length;
4034
4035 /* Decide destination address. */
4036 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4037 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4038 else
4039 op->dst.s_addr = addr.s_addr;
4040
4041 /* Add packet to the interface output queue. */
4042 ospf_packet_add(oi, op);
4043 /* Call ospf_write() right away to send ospf packets to neighbors */
4044 if (send_lsupd_now) {
4045 struct thread os_packet_thd;
4046
4047 os_packet_thd.arg = (void *)oi->ospf;
4048 if (oi->on_write_q == 0) {
4049 listnode_add(oi->ospf->oi_write_q, oi);
4050 oi->on_write_q = 1;
4051 }
4052 ospf_write(&os_packet_thd);
4053 /*
4054 * We are fake calling ospf_write with a fake
4055 * thread. Imagine that we have oi_a already
4056 * enqueued and we have turned on the write
4057 * thread(t_write).
4058 * Now this function calls this for oi_b
4059 * so the on_write_q has oi_a and oi_b on
4060 * it, ospf_write runs and clears the packets
4061 * for both oi_a and oi_b. Removing them from
4062 * the on_write_q. After this thread of execution
4063 * finishes we will execute the t_write thread
4064 * with nothing in the on_write_q causing an
4065 * assert. So just make sure that the t_write
4066 * is actually turned off.
4067 */
4068 if (list_isempty(oi->ospf->oi_write_q))
4069 OSPF_TIMER_OFF(oi->ospf->t_write);
4070 } else {
4071 /* Hook thread to write packet. */
4072 OSPF_ISM_WRITE_ON(oi->ospf);
4073 }
4074 }
4075
4076 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4077 {
4078 struct ospf_interface *oi = THREAD_ARG(thread);
4079 struct route_node *rn;
4080 struct route_node *rnext;
4081 struct list *update;
4082 char again = 0;
4083
4084 oi->t_ls_upd_event = NULL;
4085
4086 if (IS_DEBUG_OSPF_EVENT)
4087 zlog_debug("ospf_ls_upd_send_queue start");
4088
4089 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4090 rnext = route_next(rn);
4091
4092 if (rn->info == NULL)
4093 continue;
4094
4095 update = (struct list *)rn->info;
4096
4097 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4098
4099 /* list might not be empty. */
4100 if (listcount(update) == 0) {
4101 list_delete((struct list **)&rn->info);
4102 route_unlock_node(rn);
4103 } else
4104 again = 1;
4105 }
4106
4107 if (again != 0) {
4108 if (IS_DEBUG_OSPF_EVENT)
4109 zlog_debug(
4110 "ospf_ls_upd_send_queue: update lists not cleared,"
4111 " %d nodes to try again, raising new event",
4112 again);
4113 oi->t_ls_upd_event = NULL;
4114 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4115 &oi->t_ls_upd_event);
4116 }
4117
4118 if (IS_DEBUG_OSPF_EVENT)
4119 zlog_debug("ospf_ls_upd_send_queue stop");
4120
4121 return 0;
4122 }
4123
4124 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4125 int send_lsupd_now)
4126 {
4127 struct ospf_interface *oi;
4128 struct ospf_lsa *lsa;
4129 struct prefix_ipv4 p;
4130 struct route_node *rn;
4131 struct listnode *node;
4132
4133 oi = nbr->oi;
4134
4135 p.family = AF_INET;
4136 p.prefixlen = IPV4_MAX_BITLEN;
4137
4138 /* Decide destination address. */
4139 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4140 p.prefix = oi->vl_data->peer_addr;
4141 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4142 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4143 else if (flag == OSPF_SEND_PACKET_DIRECT)
4144 p.prefix = nbr->address.u.prefix4;
4145 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4146 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4147 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4148 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4149 else
4150 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4151
4152 if (oi->type == OSPF_IFTYPE_NBMA) {
4153 if (flag == OSPF_SEND_PACKET_INDIRECT)
4154 flog_warn(
4155 EC_OSPF_PACKET,
4156 "* LS-Update is directly sent on NBMA network.");
4157 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4158 flog_warn(EC_OSPF_PACKET,
4159 "* LS-Update is sent to myself.");
4160 }
4161
4162 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4163
4164 if (rn->info == NULL)
4165 rn->info = list_new();
4166 else
4167 route_unlock_node(rn);
4168
4169 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4170 listnode_add(rn->info,
4171 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4172 if (send_lsupd_now) {
4173 struct list *send_update_list;
4174 struct route_node *rnext;
4175
4176 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4177 rnext = route_next(rn);
4178
4179 if (rn->info == NULL)
4180 continue;
4181
4182 send_update_list = (struct list *)rn->info;
4183
4184 ospf_ls_upd_queue_send(oi, send_update_list,
4185 rn->p.u.prefix4, 1);
4186 }
4187 } else
4188 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4189 &oi->t_ls_upd_event);
4190 }
4191
4192 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4193 struct in_addr dst)
4194 {
4195 struct ospf_packet *op;
4196 uint16_t length = OSPF_HEADER_SIZE;
4197
4198 op = ospf_packet_new(oi->ifp->mtu);
4199
4200 /* Prepare OSPF common header. */
4201 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4202
4203 /* Prepare OSPF Link State Acknowledgment body. */
4204 length += ospf_make_ls_ack(oi, ack, op->s);
4205
4206 /* Fill OSPF header. */
4207 ospf_fill_header(oi, op->s, length);
4208
4209 /* Set packet length. */
4210 op->length = length;
4211
4212 /* Decide destination address. */
4213 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4214 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4215 else
4216 op->dst.s_addr = dst.s_addr;
4217
4218 /* Add packet to the interface output queue. */
4219 ospf_packet_add(oi, op);
4220
4221 /* Hook thread to write packet. */
4222 OSPF_ISM_WRITE_ON(oi->ospf);
4223 }
4224
4225 static int ospf_ls_ack_send_event(struct thread *thread)
4226 {
4227 struct ospf_interface *oi = THREAD_ARG(thread);
4228
4229 oi->t_ls_ack_direct = NULL;
4230
4231 while (listcount(oi->ls_ack_direct.ls_ack))
4232 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4233 oi->ls_ack_direct.dst);
4234
4235 return 0;
4236 }
4237
4238 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4239 {
4240 struct ospf_interface *oi = nbr->oi;
4241
4242 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4243 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4244
4245 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4246
4247 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4248 &oi->t_ls_ack_direct);
4249 }
4250
4251 /* Send Link State Acknowledgment delayed. */
4252 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4253 {
4254 struct in_addr dst;
4255
4256 /* Decide destination address. */
4257 /* RFC2328 Section 13.5 On non-broadcast
4258 networks, delayed Link State Acknowledgment packets must be
4259 unicast separately over each adjacency (i.e., neighbor whose
4260 state is >= Exchange). */
4261 if (oi->type == OSPF_IFTYPE_NBMA) {
4262 struct ospf_neighbor *nbr;
4263 struct route_node *rn;
4264
4265 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4266 if ((nbr = rn->info) != NULL)
4267 if (nbr != oi->nbr_self
4268 && nbr->state >= NSM_Exchange)
4269 while (listcount(oi->ls_ack))
4270 ospf_ls_ack_send_list(
4271 oi, oi->ls_ack,
4272 nbr->address.u.prefix4);
4273 return;
4274 }
4275 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4276 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4277 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4278 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4279 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4280 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4281 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4282 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4283 else
4284 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4285
4286 while (listcount(oi->ls_ack))
4287 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4288 }
4289
4290 /*
4291 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4292 * address. As a result, the kernel does not need to learn the interface
4293 * MAC of the OSPF neighbor. However, in our world, this will delay
4294 * convergence. Take the case when due to a link flap, all routes now
4295 * want to use an interface which was deemed to be costlier prior to this
4296 * event. For routes that will be installed, the missing MAC will have
4297 * punt-to-CPU set on them. This may overload the CPU control path that
4298 * can be avoided if the MAC was known apriori.
4299 */
4300 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4301 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4302 {
4303 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4304 int ret;
4305
4306 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4307 return;
4308
4309 snprintf(ping_nbr, sizeof(ping_nbr),
4310 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4311 inet_ntoa(nbr->address.u.prefix4));
4312
4313 ret = system(ping_nbr);
4314 if (IS_DEBUG_OSPF_EVENT)
4315 zlog_debug("Executed %s %s", ping_nbr,
4316 ((ret == 0) ? "successfully" : "but failed"));
4317 }
FRRouting mirror