]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ospfd: Increase packets sent at one time in ospf_write
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56 #include "ospfd/ospf_zebra.h"
57 #include "ospfd/ospf_gr.h"
58
59 /*
60 * OSPF Fragmentation / fragmented writes
61 *
62 * ospfd can support writing fragmented packets, for cases where
63 * kernel will not fragment IP_HDRINCL and/or multicast destined
64 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
65 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
66 * flags fields, hence user-space fragmentation will not work.
67 * Only Linux is known to leave IP header unmolested.
68 * Further, fragmentation really should be done the kernel, which already
69 * supports it, and which avoids nasty IP ID state problems.
70 *
71 * Fragmentation of OSPF packets can be required on networks with router
72 * with many many interfaces active in one area, or on networks with links
73 * with low MTUs.
74 */
75 #ifdef GNU_LINUX
76 #define WANT_OSPF_WRITE_FRAGMENT
77 #endif
78
79 /* Packet Type String. */
80 const struct message ospf_packet_type_str[] = {
81 {OSPF_MSG_HELLO, "Hello"},
82 {OSPF_MSG_DB_DESC, "Database Description"},
83 {OSPF_MSG_LS_REQ, "Link State Request"},
84 {OSPF_MSG_LS_UPD, "Link State Update"},
85 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
86 {0}};
87
88 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
89 particular types, offset is the "type" field of a packet. */
90 static const uint16_t ospf_packet_minlen[] = {
91 0,
92 OSPF_HELLO_MIN_SIZE,
93 OSPF_DB_DESC_MIN_SIZE,
94 OSPF_LS_REQ_MIN_SIZE,
95 OSPF_LS_UPD_MIN_SIZE,
96 OSPF_LS_ACK_MIN_SIZE,
97 };
98
99 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
100 types, offset is the "LSA type" field. */
101 static const uint16_t ospf_lsa_minlen[] = {
102 0, /* OSPF_UNKNOWN_LSA */
103 OSPF_ROUTER_LSA_MIN_SIZE, /* OSPF_ROUTER_LSA */
104 OSPF_NETWORK_LSA_MIN_SIZE, /* OSPF_NETWORK_LSA */
105 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_SUMMARY_LSA */
106 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_ASBR_SUMMARY_LSA */
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_EXTERNAL_LSA */
108 0, /* Unsupported, OSPF_GROUP_MEMBER_LSA */
109 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_NSSA_LSA */
110 0, /* Unsupported, OSPF_EXTERNAL_ATTRIBURES_LSA */
111 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_LINK_LSA */
112 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AREA_LSA */
113 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AS_LSA */
114 };
115
116 /* for ospf_check_auth() */
117 static int ospf_check_sum(struct ospf_header *);
118
119 /* OSPF authentication checking function */
120 static int ospf_auth_type(struct ospf_interface *oi)
121 {
122 int auth_type;
123
124 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
125 auth_type = oi->area->auth_type;
126 else
127 auth_type = OSPF_IF_PARAM(oi, auth_type);
128
129 /* Handle case where MD5 key list is not configured aka Cisco */
130 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
131 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
132 return OSPF_AUTH_NULL;
133
134 return auth_type;
135 }
136
137 static struct ospf_packet *ospf_packet_new(size_t size)
138 {
139 struct ospf_packet *new;
140
141 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
142 new->s = stream_new(size);
143
144 return new;
145 }
146
147 void ospf_packet_free(struct ospf_packet *op)
148 {
149 if (op->s)
150 stream_free(op->s);
151
152 XFREE(MTYPE_OSPF_PACKET, op);
153 }
154
155 struct ospf_fifo *ospf_fifo_new(void)
156 {
157 struct ospf_fifo *new;
158
159 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
160 return new;
161 }
162
163 /* Add new packet to fifo. */
164 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
165 {
166 if (fifo->tail)
167 fifo->tail->next = op;
168 else
169 fifo->head = op;
170
171 fifo->tail = op;
172
173 fifo->count++;
174 }
175
176 /* Add new packet to head of fifo. */
177 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
178 {
179 op->next = fifo->head;
180
181 if (fifo->tail == NULL)
182 fifo->tail = op;
183
184 fifo->head = op;
185
186 fifo->count++;
187 }
188
189 /* Delete first packet from fifo. */
190 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
191 {
192 struct ospf_packet *op;
193
194 op = fifo->head;
195
196 if (op) {
197 fifo->head = op->next;
198
199 if (fifo->head == NULL)
200 fifo->tail = NULL;
201
202 fifo->count--;
203 }
204
205 return op;
206 }
207
208 /* Return first fifo entry. */
209 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
210 {
211 return fifo->head;
212 }
213
214 /* Flush ospf packet fifo. */
215 void ospf_fifo_flush(struct ospf_fifo *fifo)
216 {
217 struct ospf_packet *op;
218 struct ospf_packet *next;
219
220 for (op = fifo->head; op; op = next) {
221 next = op->next;
222 ospf_packet_free(op);
223 }
224 fifo->head = fifo->tail = NULL;
225 fifo->count = 0;
226 }
227
228 /* Free ospf packet fifo. */
229 void ospf_fifo_free(struct ospf_fifo *fifo)
230 {
231 ospf_fifo_flush(fifo);
232
233 XFREE(MTYPE_OSPF_FIFO, fifo);
234 }
235
236 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
237 {
238 /* Add packet to end of queue. */
239 ospf_fifo_push(oi->obuf, op);
240
241 /* Debug of packet fifo*/
242 /* ospf_fifo_debug (oi->obuf); */
243 }
244
245 static void ospf_packet_add_top(struct ospf_interface *oi,
246 struct ospf_packet *op)
247 {
248 /* Add packet to head of queue. */
249 ospf_fifo_push_head(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_delete(struct ospf_interface *oi)
256 {
257 struct ospf_packet *op;
258
259 op = ospf_fifo_pop(oi->obuf);
260
261 if (op)
262 ospf_packet_free(op);
263 }
264
265 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
266 {
267 struct ospf_packet *new;
268
269 if (stream_get_endp(op->s) != op->length)
270 /* XXX size_t */
271 zlog_debug(
272 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
273 (unsigned long)STREAM_SIZE(op->s), op->length);
274
275 /* Reserve space for MD5 authentication that may be added later. */
276 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
277 stream_copy(new->s, op->s);
278
279 new->dst = op->dst;
280 new->length = op->length;
281
282 return new;
283 }
284
285 /* XXX inline */
286 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
287 {
288 int auth = 0;
289
290 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
291 auth = OSPF_AUTH_MD5_SIZE;
292
293 return auth;
294 }
295
296 static unsigned int ospf_packet_max(struct ospf_interface *oi)
297 {
298 int max;
299
300 max = oi->ifp->mtu - ospf_packet_authspace(oi);
301
302 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
303
304 return max;
305 }
306
307
308 static int ospf_check_md5_digest(struct ospf_interface *oi,
309 struct ospf_header *ospfh)
310 {
311 #ifdef CRYPTO_OPENSSL
312 EVP_MD_CTX *ctx;
313 #elif CRYPTO_INTERNAL
314 MD5_CTX ctx;
315 #endif
316 unsigned char digest[OSPF_AUTH_MD5_SIZE];
317 struct crypt_key *ck;
318 struct ospf_neighbor *nbr;
319 uint16_t length = ntohs(ospfh->length);
320
321 /* Get secret key. */
322 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
323 ospfh->u.crypt.key_id);
324 if (ck == NULL) {
325 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
326 IF_NAME(oi), ospfh->u.crypt.key_id);
327 return 0;
328 }
329
330 /* check crypto seqnum. */
331 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
332
333 if (nbr
334 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
335 flog_warn(
336 EC_OSPF_MD5,
337 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
338 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
339 ntohl(nbr->crypt_seqnum));
340 return 0;
341 }
342
343 /* Generate a digest for the ospf packet - their digest + our digest. */
344 #ifdef CRYPTO_OPENSSL
345 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
346 ctx = EVP_MD_CTX_new();
347 EVP_DigestInit(ctx, EVP_md5());
348 EVP_DigestUpdate(ctx, ospfh, length);
349 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
350 EVP_DigestFinal(ctx, digest, &md5_size);
351 EVP_MD_CTX_free(ctx);
352 #elif CRYPTO_INTERNAL
353 memset(&ctx, 0, sizeof(ctx));
354 MD5Init(&ctx);
355 MD5Update(&ctx, ospfh, length);
356 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
357 MD5Final(digest, &ctx);
358 #endif
359
360 /* compare the two */
361 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
362 flog_warn(EC_OSPF_MD5,
363 "interface %s: ospf_check_md5 checksum mismatch",
364 IF_NAME(oi));
365 return 0;
366 }
367
368 /* save neighbor's crypt_seqnum */
369 if (nbr)
370 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
371 return 1;
372 }
373
374 /* This function is called from ospf_write(), it will detect the
375 authentication scheme and if it is MD5, it will change the sequence
376 and update the MD5 digest. */
377 static int ospf_make_md5_digest(struct ospf_interface *oi,
378 struct ospf_packet *op)
379 {
380 struct ospf_header *ospfh;
381 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
382 #ifdef CRYPTO_OPENSSL
383 EVP_MD_CTX *ctx;
384 #elif CRYPTO_INTERNAL
385 MD5_CTX ctx;
386 #endif
387 void *ibuf;
388 uint32_t t;
389 struct crypt_key *ck;
390 const uint8_t *auth_key;
391
392 ibuf = STREAM_DATA(op->s);
393 ospfh = (struct ospf_header *)ibuf;
394
395 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
396 return 0;
397
398 /* We do this here so when we dup a packet, we don't have to
399 waste CPU rewriting other headers.
400
401 Note that frr_time /deliberately/ is not used here */
402 t = (time(NULL) & 0xFFFFFFFF);
403 if (t > oi->crypt_seqnum)
404 oi->crypt_seqnum = t;
405 else
406 oi->crypt_seqnum++;
407
408 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
409
410 /* Get MD5 Authentication key from auth_key list. */
411 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
412 auth_key = (const uint8_t *)digest;
413 else {
414 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
415 auth_key = ck->auth_key;
416 }
417
418 /* Generate a digest for the entire packet + our secret key. */
419 #ifdef CRYPTO_OPENSSL
420 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
421 ctx = EVP_MD_CTX_new();
422 EVP_DigestInit(ctx, EVP_md5());
423 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
424 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 EVP_DigestFinal(ctx, digest, &md5_size);
426 EVP_MD_CTX_free(ctx);
427 #elif CRYPTO_INTERNAL
428 memset(&ctx, 0, sizeof(ctx));
429 MD5Init(&ctx);
430 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
431 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
432 MD5Final(digest, &ctx);
433 #endif
434
435 /* Append md5 digest to the end of the stream. */
436 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
437
438 /* We do *NOT* increment the OSPF header length. */
439 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
440
441 if (stream_get_endp(op->s) != op->length)
442 /* XXX size_t */
443 flog_warn(
444 EC_OSPF_MD5,
445 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
446 (unsigned long)stream_get_endp(op->s), op->length);
447
448 return OSPF_AUTH_MD5_SIZE;
449 }
450
451
452 static void ospf_ls_req_timer(struct thread *thread)
453 {
454 struct ospf_neighbor *nbr;
455
456 nbr = THREAD_ARG(thread);
457 nbr->t_ls_req = NULL;
458
459 /* Send Link State Request. */
460 if (ospf_ls_request_count(nbr))
461 ospf_ls_req_send(nbr);
462
463 /* Set Link State Request retransmission timer. */
464 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
465 }
466
467 void ospf_ls_req_event(struct ospf_neighbor *nbr)
468 {
469 THREAD_OFF(nbr->t_ls_req);
470 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
471 }
472
473 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
474 ospf_neighbor.c */
475 void ospf_ls_upd_timer(struct thread *thread)
476 {
477 struct ospf_neighbor *nbr;
478
479 nbr = THREAD_ARG(thread);
480 nbr->t_ls_upd = NULL;
481
482 /* Send Link State Update. */
483 if (ospf_ls_retransmit_count(nbr) > 0) {
484 struct list *update;
485 struct ospf_lsdb *lsdb;
486 int i;
487 int retransmit_interval;
488
489 retransmit_interval =
490 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
491
492 lsdb = &nbr->ls_rxmt;
493 update = list_new();
494
495 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
496 struct route_table *table = lsdb->type[i].db;
497 struct route_node *rn;
498
499 for (rn = route_top(table); rn; rn = route_next(rn)) {
500 struct ospf_lsa *lsa;
501
502 if ((lsa = rn->info) != NULL) {
503 /* Don't retransmit an LSA if we
504 received it within
505 the last RxmtInterval seconds - this
506 is to allow the
507 neighbour a chance to acknowledge the
508 LSA as it may
509 have ben just received before the
510 retransmit timer
511 fired. This is a small tweak to what
512 is in the RFC,
513 but it will cut out out a lot of
514 retransmit traffic
515 - MAG */
516 if (monotime_since(&lsa->tv_recv, NULL)
517 >= retransmit_interval * 1000000LL)
518 listnode_add(update, rn->info);
519 }
520 }
521 }
522
523 if (listcount(update) > 0)
524 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
525 0);
526 list_delete(&update);
527 }
528
529 /* Set LS Update retransmission timer. */
530 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
531 }
532
533 void ospf_ls_ack_timer(struct thread *thread)
534 {
535 struct ospf_interface *oi;
536
537 oi = THREAD_ARG(thread);
538 oi->t_ls_ack = NULL;
539
540 /* Send Link State Acknowledgment. */
541 if (listcount(oi->ls_ack) > 0)
542 ospf_ls_ack_send_delayed(oi);
543
544 /* Set LS Ack timer. */
545 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
546 }
547
548 #ifdef WANT_OSPF_WRITE_FRAGMENT
549 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
550 struct msghdr *msg, unsigned int maxdatasize,
551 unsigned int mtu, int flags, uint8_t type)
552 {
553 #define OSPF_WRITE_FRAG_SHIFT 3
554 uint16_t offset;
555 struct iovec *iovp;
556 int ret;
557
558 assert(op->length == stream_get_endp(op->s));
559 assert(msg->msg_iovlen == 2);
560
561 /* we can but try.
562 *
563 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
564 * well as the IP_MF flag, making this all quite pointless.
565 *
566 * However, for a system on which IP_MF is left alone, and ip_id left
567 * alone or else which sets same ip_id for each fragment this might
568 * work, eg linux.
569 *
570 * XXX-TODO: It would be much nicer to have the kernel's use their
571 * existing fragmentation support to do this for us. Bugs/RFEs need to
572 * be raised against the various kernels.
573 */
574
575 /* set More Frag */
576 iph->ip_off |= IP_MF;
577
578 /* ip frag offset is expressed in units of 8byte words */
579 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
580
581 iovp = &msg->msg_iov[1];
582
583 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
584 > maxdatasize) {
585 /* data length of this frag is to next offset value */
586 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
587 iph->ip_len = iovp->iov_len + sizeof(struct ip);
588 assert(iph->ip_len <= mtu);
589
590 sockopt_iphdrincl_swab_htosys(iph);
591
592 ret = sendmsg(fd, msg, flags);
593
594 sockopt_iphdrincl_swab_systoh(iph);
595
596 if (ret < 0)
597 flog_err(
598 EC_LIB_SOCKET,
599 "*** ospf_write_frags: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
600 &iph->ip_dst, iph->ip_id, iph->ip_off,
601 iph->ip_len, mtu, safe_strerror(errno));
602
603 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
604 zlog_debug(
605 "ospf_write_frags: sent id %d, off %d, len %d to %pI4",
606 iph->ip_id, iph->ip_off, iph->ip_len,
607 &iph->ip_dst);
608 }
609
610 iph->ip_off += offset;
611 stream_forward_getp(op->s, iovp->iov_len);
612 iovp->iov_base = stream_pnt(op->s);
613 }
614
615 /* setup for final fragment */
616 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
617 iph->ip_len = iovp->iov_len + sizeof(struct ip);
618 iph->ip_off &= (~IP_MF);
619 }
620 #endif /* WANT_OSPF_WRITE_FRAGMENT */
621
622 static void ospf_write(struct thread *thread)
623 {
624 struct ospf *ospf = THREAD_ARG(thread);
625 struct ospf_interface *oi;
626 struct ospf_packet *op;
627 struct sockaddr_in sa_dst;
628 struct ip iph;
629 struct msghdr msg;
630 struct iovec iov[2];
631 uint8_t type;
632 int ret;
633 int flags = 0;
634 struct listnode *node;
635 #ifdef WANT_OSPF_WRITE_FRAGMENT
636 static uint16_t ipid = 0;
637 uint16_t maxdatasize;
638 #endif /* WANT_OSPF_WRITE_FRAGMENT */
639 #define OSPF_WRITE_IPHL_SHIFT 2
640 int pkt_count = 0;
641
642 #ifdef GNU_LINUX
643 unsigned char cmsgbuf[64] = {};
644 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
645 struct in_pktinfo *pi;
646 #endif
647
648 if (ospf->fd < 0 || ospf->oi_running == 0) {
649 if (IS_DEBUG_OSPF_EVENT)
650 zlog_debug(
651 "ospf_write failed to send, fd %d, instance %u",
652 ospf->fd, ospf->oi_running);
653 return;
654 }
655
656 node = listhead(ospf->oi_write_q);
657 assert(node);
658 oi = listgetdata(node);
659
660 #ifdef WANT_OSPF_WRITE_FRAGMENT
661 /* seed ipid static with low order bits of time */
662 if (ipid == 0)
663 ipid = (time(NULL) & 0xffff);
664 #endif /* WANT_OSPF_WRITE_FRAGMENT */
665
666 while ((pkt_count < ospf->write_oi_count) && oi) {
667 pkt_count++;
668 #ifdef WANT_OSPF_WRITE_FRAGMENT
669 /* convenience - max OSPF data per packet */
670 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
671 #endif /* WANT_OSPF_WRITE_FRAGMENT */
672 /* Get one packet from queue. */
673 op = ospf_fifo_head(oi->obuf);
674 assert(op);
675 assert(op->length >= OSPF_HEADER_SIZE);
676
677 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
678 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
679 ospf_if_ipmulticast(ospf, oi->address,
680 oi->ifp->ifindex);
681
682 /* Rewrite the md5 signature & update the seq */
683 ospf_make_md5_digest(oi, op);
684
685 /* Retrieve OSPF packet type. */
686 stream_set_getp(op->s, 1);
687 type = stream_getc(op->s);
688
689 /* reset get pointer */
690 stream_set_getp(op->s, 0);
691
692 memset(&iph, 0, sizeof(iph));
693 memset(&sa_dst, 0, sizeof(sa_dst));
694
695 sa_dst.sin_family = AF_INET;
696 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
697 sa_dst.sin_len = sizeof(sa_dst);
698 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
699 sa_dst.sin_addr = op->dst;
700 sa_dst.sin_port = htons(0);
701
702 /* Set DONTROUTE flag if dst is unicast. */
703 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
704 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
705 flags = MSG_DONTROUTE;
706
707 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
708 /* it'd be very strange for header to not be 4byte-word aligned
709 * but.. */
710 if (sizeof(struct ip)
711 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
712 iph.ip_hl++; /* we presume sizeof(struct ip) cant
713 overflow ip_hl.. */
714
715 iph.ip_v = IPVERSION;
716 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
717 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
718
719 #if defined(__DragonFly__)
720 /*
721 * DragonFly's raw socket expects ip_len/ip_off in network byte
722 * order.
723 */
724 iph.ip_len = htons(iph.ip_len);
725 #endif
726
727 #ifdef WANT_OSPF_WRITE_FRAGMENT
728 /* XXX-MT: not thread-safe at all..
729 * XXX: this presumes this is only programme sending OSPF
730 * packets
731 * otherwise, no guarantee ipid will be unique
732 */
733 iph.ip_id = ++ipid;
734 #endif /* WANT_OSPF_WRITE_FRAGMENT */
735
736 iph.ip_off = 0;
737 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
738 iph.ip_ttl = OSPF_VL_IP_TTL;
739 else
740 iph.ip_ttl = OSPF_IP_TTL;
741 iph.ip_p = IPPROTO_OSPFIGP;
742 iph.ip_sum = 0;
743 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
744 iph.ip_dst.s_addr = op->dst.s_addr;
745
746 memset(&msg, 0, sizeof(msg));
747 msg.msg_name = (caddr_t)&sa_dst;
748 msg.msg_namelen = sizeof(sa_dst);
749 msg.msg_iov = iov;
750 msg.msg_iovlen = 2;
751
752 iov[0].iov_base = (char *)&iph;
753 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
754 iov[1].iov_base = stream_pnt(op->s);
755 iov[1].iov_len = op->length;
756
757 #ifdef GNU_LINUX
758 msg.msg_control = (caddr_t)cm;
759 cm->cmsg_level = SOL_IP;
760 cm->cmsg_type = IP_PKTINFO;
761 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
762 pi = (struct in_pktinfo *)CMSG_DATA(cm);
763 pi->ipi_ifindex = oi->ifp->ifindex;
764
765 msg.msg_controllen = cm->cmsg_len;
766 #endif
767
768 /* Sadly we can not rely on kernels to fragment packets
769 * because of either IP_HDRINCL and/or multicast
770 * destination being set.
771 */
772
773 #ifdef WANT_OSPF_WRITE_FRAGMENT
774 if (op->length > maxdatasize)
775 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
776 oi->ifp->mtu, flags, type);
777 #endif /* WANT_OSPF_WRITE_FRAGMENT */
778
779 /* send final fragment (could be first) */
780 sockopt_iphdrincl_swab_htosys(&iph);
781 ret = sendmsg(ospf->fd, &msg, flags);
782 sockopt_iphdrincl_swab_systoh(&iph);
783 if (IS_DEBUG_OSPF_EVENT)
784 zlog_debug(
785 "ospf_write to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
786 &iph.ip_dst, iph.ip_id, iph.ip_off,
787 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
788
789 /* sendmsg will return EPERM if firewall is blocking sending.
790 * This is a normal situation when 'ip nhrp map multicast xxx'
791 * is being used to send multicast packets to DMVPN peers. In
792 * that case the original message is blocked with iptables rule
793 * causing the EPERM result
794 */
795 if (ret < 0 && errno != EPERM)
796 flog_err(
797 EC_LIB_SOCKET,
798 "*** sendmsg in ospf_write failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
799 &iph.ip_dst, iph.ip_id, iph.ip_off,
800 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
801 safe_strerror(errno));
802
803 /* Show debug sending packet. */
804 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
805 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
806 zlog_debug(
807 "-----------------------------------------------------");
808 stream_set_getp(op->s, 0);
809 ospf_packet_dump(op->s);
810 }
811
812 zlog_debug("%s sent to [%pI4] via [%s].",
813 lookup_msg(ospf_packet_type_str, type, NULL),
814 &op->dst, IF_NAME(oi));
815
816 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
817 zlog_debug(
818 "-----------------------------------------------------");
819 }
820
821 switch (type) {
822 case OSPF_MSG_HELLO:
823 oi->hello_out++;
824 break;
825 case OSPF_MSG_DB_DESC:
826 oi->db_desc_out++;
827 break;
828 case OSPF_MSG_LS_REQ:
829 oi->ls_req_out++;
830 break;
831 case OSPF_MSG_LS_UPD:
832 oi->ls_upd_out++;
833 break;
834 case OSPF_MSG_LS_ACK:
835 oi->ls_ack_out++;
836 break;
837 default:
838 break;
839 }
840
841 /* Now delete packet from queue. */
842 ospf_packet_delete(oi);
843
844 /* Move this interface to the tail of write_q to
845 serve everyone in a round robin fashion */
846 list_delete_node(ospf->oi_write_q, node);
847 if (ospf_fifo_head(oi->obuf) == NULL) {
848 oi->on_write_q = 0;
849 oi = NULL;
850 } else
851 listnode_add(ospf->oi_write_q, oi);
852
853 /* Setup to service from the head of the queue again */
854 if (!list_isempty(ospf->oi_write_q)) {
855 node = listhead(ospf->oi_write_q);
856 oi = listgetdata(node);
857 }
858 }
859
860 /* If packets still remain in queue, call write thread. */
861 if (!list_isempty(ospf->oi_write_q))
862 thread_add_write(master, ospf_write, ospf, ospf->fd,
863 &ospf->t_write);
864 }
865
866 /* OSPF Hello message read -- RFC2328 Section 10.5. */
867 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
868 struct stream *s, struct ospf_interface *oi, int size)
869 {
870 struct ospf_hello *hello;
871 struct ospf_neighbor *nbr;
872 int old_state;
873 struct prefix p;
874
875 /* increment statistics. */
876 oi->hello_in++;
877
878 hello = (struct ospf_hello *)stream_pnt(s);
879
880 /* If Hello is myself, silently discard. */
881 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
882 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
883 zlog_debug(
884 "ospf_header[%s/%pI4]: selforiginated, dropping.",
885 lookup_msg(ospf_packet_type_str, ospfh->type,
886 NULL),
887 &iph->ip_src);
888 }
889 return;
890 }
891
892 /* get neighbor prefix. */
893 p.family = AF_INET;
894 p.prefixlen = ip_masklen(hello->network_mask);
895 p.u.prefix4 = iph->ip_src;
896
897 /* Compare network mask. */
898 /* Checking is ignored for Point-to-Point and Virtual link. */
899 /* Checking is also ignored for Point-to-Multipoint with /32 prefix */
900 if (oi->type != OSPF_IFTYPE_POINTOPOINT
901 && oi->type != OSPF_IFTYPE_VIRTUALLINK
902 && !(oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
903 && oi->address->prefixlen == IPV4_MAX_BITLEN))
904 if (oi->address->prefixlen != p.prefixlen) {
905 flog_warn(
906 EC_OSPF_PACKET,
907 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
908 &ospfh->router_id, IF_NAME(oi),
909 (int)oi->address->prefixlen, (int)p.prefixlen);
910 return;
911 }
912
913 /* Compare Router Dead Interval. */
914 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
915 flog_warn(EC_OSPF_PACKET,
916 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
917 &ospfh->router_id,
918 OSPF_IF_PARAM(oi, v_wait),
919 ntohl(hello->dead_interval));
920 return;
921 }
922
923 /* Compare Hello Interval - ignored if fast-hellos are set. */
924 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
925 if (OSPF_IF_PARAM(oi, v_hello)
926 != ntohs(hello->hello_interval)) {
927 flog_warn(
928 EC_OSPF_PACKET,
929 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
930 &ospfh->router_id,
931 OSPF_IF_PARAM(oi, v_hello),
932 ntohs(hello->hello_interval));
933 return;
934 }
935 }
936
937 if (IS_DEBUG_OSPF_EVENT)
938 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
939 &ospfh->router_id,
940 ospf_options_dump(hello->options),
941 ospf_vrf_id_to_name(oi->ospf->vrf_id));
942
943 /* Compare options. */
944 #define REJECT_IF_TBIT_ON 1 /* XXX */
945 #ifdef REJECT_IF_TBIT_ON
946 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
947 /*
948 * This router does not support non-zero TOS.
949 * Drop this Hello packet not to establish neighbor
950 * relationship.
951 */
952 flog_warn(EC_OSPF_PACKET,
953 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
954 &ospfh->router_id);
955 return;
956 }
957 #endif /* REJECT_IF_TBIT_ON */
958
959 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
960 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
961 /*
962 * This router does know the correct usage of O-bit
963 * the bit should be set in DD packet only.
964 */
965 flog_warn(EC_OSPF_PACKET,
966 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
967 &ospfh->router_id);
968 #ifdef STRICT_OBIT_USAGE_CHECK
969 return; /* Reject this packet. */
970 #else /* STRICT_OBIT_USAGE_CHECK */
971 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
972 #endif /* STRICT_OBIT_USAGE_CHECK */
973 }
974
975 /* new for NSSA is to ensure that NP is on and E is off */
976
977 if (oi->area->external_routing == OSPF_AREA_NSSA) {
978 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
979 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
980 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
981 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
982 flog_warn(
983 EC_OSPF_PACKET,
984 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
985 &ospfh->router_id, OPTIONS(oi),
986 hello->options);
987 return;
988 }
989 if (IS_DEBUG_OSPF_NSSA)
990 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
991 &ospfh->router_id);
992 } else
993 /* The setting of the E-bit found in the Hello Packet's Options
994 field must match this area's ExternalRoutingCapability A
995 mismatch causes processing to stop and the packet to be
996 dropped. The setting of the rest of the bits in the Hello
997 Packet's Options field should be ignored. */
998 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
999 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1000 flog_warn(
1001 EC_OSPF_PACKET,
1002 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
1003 &ospfh->router_id, OPTIONS(oi),
1004 hello->options);
1005 return;
1006 }
1007
1008 /* get neighbour struct */
1009 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1010
1011 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1012 assert(nbr);
1013
1014 old_state = nbr->state;
1015
1016 /* Add event to thread. */
1017 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_HelloReceived);
1018
1019 /* RFC2328 Section 9.5.1
1020 If the router is not eligible to become Designated Router,
1021 (snip) It must also send an Hello Packet in reply to an
1022 Hello Packet received from any eligible neighbor (other than
1023 the current Designated Router and Backup Designated Router). */
1024 if (oi->type == OSPF_IFTYPE_NBMA)
1025 if (PRIORITY(oi) == 0 && hello->priority > 0
1026 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1027 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1028 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1029 ospf_hello_reply_timer,
1030 OSPF_HELLO_REPLY_DELAY);
1031
1032 /* on NBMA network type, it happens to receive bidirectional Hello
1033 packet
1034 without advance 1-Way Received event.
1035 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1036 if (oi->type == OSPF_IFTYPE_NBMA
1037 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1038 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1039 nbr->priority = hello->priority;
1040 nbr->d_router = hello->d_router;
1041 nbr->bd_router = hello->bd_router;
1042 return;
1043 }
1044
1045 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1046 size - OSPF_HELLO_MIN_SIZE)) {
1047 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1048 nbr->options |= hello->options;
1049 } else {
1050 /* If the router is DR_OTHER, RESTARTER will not wait
1051 * until it receives the hello from it if it receives
1052 * from DR and BDR.
1053 * So, helper might receives ONW_WAY hello from
1054 * RESTARTER. So not allowing to change the state if it
1055 * receives one_way hellow when it acts as HELPER for
1056 * that specific neighbor.
1057 */
1058 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1059 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1060 /* Set neighbor information. */
1061 nbr->priority = hello->priority;
1062 nbr->d_router = hello->d_router;
1063 nbr->bd_router = hello->bd_router;
1064 return;
1065 }
1066
1067 if (OSPF_GR_IS_ACTIVE_HELPER(nbr)) {
1068 /* As per the GR Conformance Test Case 7.2. Section 3
1069 * "Also, if X was the Designated Router on network segment S
1070 * when the helping relationship began, Y maintains X as the
1071 * Designated Router until the helping relationship is
1072 * terminated."
1073 * When I am helper for this neighbor, I should not trigger the
1074 * ISM Events. Also Intentionally not setting the priority and
1075 * other fields so that when the neighbor exits the Grace
1076 * period, it can handle if there is any change before GR and
1077 * after GR. */
1078 if (IS_DEBUG_OSPF_GR)
1079 zlog_debug(
1080 "%s, Neighbor is under GR Restart, hence ignoring the ISM Events",
1081 __PRETTY_FUNCTION__);
1082 } else {
1083 /* If neighbor itself declares DR and no BDR exists,
1084 cause event BackupSeen */
1085 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1086 if (hello->bd_router.s_addr == INADDR_ANY
1087 && oi->state == ISM_Waiting)
1088 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1089
1090 /* neighbor itself declares BDR. */
1091 if (oi->state == ISM_Waiting
1092 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1093 &hello->bd_router))
1094 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1095
1096 /* had not previously. */
1097 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1098 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1099 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1100 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1101 &nbr->d_router)))
1102 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1103
1104 /* had not previously. */
1105 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1106 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1107 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4,
1108 &hello->bd_router)
1109 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1110 &nbr->bd_router)))
1111 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1112
1113 /* Neighbor priority check. */
1114 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1115 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1116 }
1117
1118 /* Set neighbor information. */
1119 nbr->priority = hello->priority;
1120 nbr->d_router = hello->d_router;
1121 nbr->bd_router = hello->bd_router;
1122
1123 /*
1124 * RFC 3623 - Section 2:
1125 * "If the restarting router determines that it was the Designated
1126 * Router on a given segment prior to the restart, it elects
1127 * itself as the Designated Router again. The restarting router
1128 * knows that it was the Designated Router if, while the
1129 * associated interface is in Waiting state, a Hello packet is
1130 * received from a neighbor listing the router as the Designated
1131 * Router".
1132 */
1133 if (oi->area->ospf->gr_info.restart_in_progress
1134 && oi->state == ISM_Waiting
1135 && IPV4_ADDR_SAME(&hello->d_router, &oi->address->u.prefix4))
1136 DR(oi) = hello->d_router;
1137 }
1138
1139 /* Save DD flags/options/Seqnum received. */
1140 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1141 struct ospf_db_desc *dd)
1142 {
1143 nbr->last_recv.flags = dd->flags;
1144 nbr->last_recv.options = dd->options;
1145 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1146 }
1147
1148 /* Process rest of DD packet. */
1149 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1150 struct ospf_neighbor *nbr,
1151 struct ospf_db_desc *dd, uint16_t size)
1152 {
1153 struct ospf_lsa *new, *find;
1154 struct lsa_header *lsah;
1155
1156 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1157 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1158 size -= OSPF_LSA_HEADER_SIZE) {
1159 lsah = (struct lsa_header *)stream_pnt(s);
1160 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1161
1162 /* Unknown LS type. */
1163 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1164 flog_warn(EC_OSPF_PACKET,
1165 "Packet [DD:RECV]: Unknown LS type %d.",
1166 lsah->type);
1167 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1168 return;
1169 }
1170
1171 if (IS_OPAQUE_LSA(lsah->type)
1172 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1173 flog_warn(EC_OSPF_PACKET,
1174 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1175 lsah->type, &lsah->id);
1176 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1177 return;
1178 }
1179
1180 switch (lsah->type) {
1181 case OSPF_AS_EXTERNAL_LSA:
1182 case OSPF_OPAQUE_AS_LSA:
1183 /* Check for stub area. Reject if AS-External from stub
1184 but
1185 allow if from NSSA. */
1186 if (oi->area->external_routing == OSPF_AREA_STUB) {
1187 flog_warn(
1188 EC_OSPF_PACKET,
1189 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1190 lsah->type, &lsah->id,
1191 (oi->area->external_routing
1192 == OSPF_AREA_STUB)
1193 ? "STUB"
1194 : "NSSA");
1195 OSPF_NSM_EVENT_SCHEDULE(nbr,
1196 NSM_SeqNumberMismatch);
1197 return;
1198 }
1199 break;
1200 default:
1201 break;
1202 }
1203
1204 /* Create LS-request object. */
1205 new = ospf_ls_request_new(lsah);
1206
1207 /* Lookup received LSA, then add LS request list. */
1208 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1209
1210 /* ospf_lsa_more_recent is fine with NULL pointers */
1211 switch (ospf_lsa_more_recent(find, new)) {
1212 case -1:
1213 /* Neighbour has a more recent LSA, we must request it
1214 */
1215 ospf_ls_request_add(nbr, new);
1216 /* fallthru */
1217 case 0:
1218 /* If we have a copy of this LSA, it's either less
1219 * recent
1220 * and we're requesting it from neighbour (the case
1221 * above), or
1222 * it's as recent and we both have same copy (this
1223 * case).
1224 *
1225 * In neither of these two cases is there any point in
1226 * describing our copy of the LSA to the neighbour in a
1227 * DB-Summary packet, if we're still intending to do so.
1228 *
1229 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1230 * backward compatible optimisation to OSPF DB Exchange
1231 * /
1232 * DB Description process implemented here.
1233 */
1234 if (find)
1235 ospf_lsdb_delete(&nbr->db_sum, find);
1236 ospf_lsa_discard(new);
1237 break;
1238 default:
1239 /* We have the more recent copy, nothing specific to do:
1240 * - no need to request neighbours stale copy
1241 * - must leave DB summary list copy alone
1242 */
1243 if (IS_DEBUG_OSPF_EVENT)
1244 zlog_debug(
1245 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1246 lsah->type, &lsah->id);
1247 ospf_lsa_discard(new);
1248 }
1249 }
1250
1251 /* Master */
1252 if (IS_SET_DD_MS(nbr->dd_flags)) {
1253 nbr->dd_seqnum++;
1254
1255 /* Both sides have no More, then we're done with Exchange */
1256 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1257 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1258 else
1259 ospf_db_desc_send(nbr);
1260 }
1261 /* Slave */
1262 else {
1263 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1264
1265 /* Send DD packet in reply.
1266 *
1267 * Must be done to acknowledge the Master's DD, regardless of
1268 * whether we have more LSAs ourselves to describe.
1269 *
1270 * This function will clear the 'More' bit, if after this DD
1271 * we have no more LSAs to describe to the master..
1272 */
1273 ospf_db_desc_send(nbr);
1274
1275 /* Slave can raise ExchangeDone now, if master is also done */
1276 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1277 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1278 }
1279
1280 /* Save received neighbor values from DD. */
1281 ospf_db_desc_save_current(nbr, dd);
1282
1283 if (!nbr->t_ls_req)
1284 ospf_ls_req_send(nbr);
1285 }
1286
1287 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1288 struct ospf_neighbor *nbr)
1289 {
1290 /* Is DD duplicated? */
1291 if (dd->options == nbr->last_recv.options
1292 && dd->flags == nbr->last_recv.flags
1293 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1294 return 1;
1295
1296 return 0;
1297 }
1298
1299 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1300 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1301 struct stream *s, struct ospf_interface *oi,
1302 uint16_t size)
1303 {
1304 struct ospf_db_desc *dd;
1305 struct ospf_neighbor *nbr;
1306
1307 /* Increment statistics. */
1308 oi->db_desc_in++;
1309
1310 dd = (struct ospf_db_desc *)stream_pnt(s);
1311
1312 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1313 if (nbr == NULL) {
1314 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1315 &ospfh->router_id);
1316 return;
1317 }
1318
1319 /* Check MTU. */
1320 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1321 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1322 flog_warn(
1323 EC_OSPF_PACKET,
1324 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1325 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
1326 oi->ifp->mtu);
1327 return;
1328 }
1329
1330 /*
1331 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1332 * not
1333 * required. In fact at least JunOS sends DD packets with P bit clear.
1334 * Until proper solution is developped, this hack should help.
1335 *
1336 * Update: According to the RFCs, N bit is specified /only/ for Hello
1337 * options, unfortunately its use in DD options is not specified. Hence
1338 * some
1339 * implementations follow E-bit semantics and set it in DD options, and
1340 * some
1341 * treat it as unspecified and hence follow the directive "default for
1342 * options is clear", ie unset.
1343 *
1344 * Reset the flag, as ospfd follows E-bit semantics.
1345 */
1346 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1347 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1348 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1349 if (IS_DEBUG_OSPF_EVENT)
1350 zlog_debug(
1351 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1352 &nbr->router_id);
1353 SET_FLAG(dd->options, OSPF_OPTION_NP);
1354 }
1355
1356 #ifdef REJECT_IF_TBIT_ON
1357 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1358 /*
1359 * In Hello protocol, optional capability must have checked
1360 * to prevent this T-bit enabled router be my neighbor.
1361 */
1362 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1363 &nbr->router_id);
1364 return;
1365 }
1366 #endif /* REJECT_IF_TBIT_ON */
1367
1368 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1369 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1370 /*
1371 * This node is not configured to handle O-bit, for now.
1372 * Clear it to ignore unsupported capability proposed by
1373 * neighbor.
1374 */
1375 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1376 }
1377
1378 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1379 zlog_info(
1380 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
1381 ospf_get_name(oi->ospf), &nbr->router_id,
1382 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1383 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1384
1385 /* Process DD packet by neighbor status. */
1386 switch (nbr->state) {
1387 case NSM_Down:
1388 case NSM_Attempt:
1389 case NSM_TwoWay:
1390 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1391 zlog_info(
1392 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1393 &nbr->router_id,
1394 lookup_msg(ospf_nsm_state_msg, nbr->state,
1395 NULL));
1396 break;
1397 case NSM_Init:
1398 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1399 /* If the new state is ExStart, the processing of the current
1400 packet should then continue in this new state by falling
1401 through to case ExStart below. */
1402 if (nbr->state != NSM_ExStart)
1403 break;
1404 /* fallthru */
1405 case NSM_ExStart:
1406 /* Initial DBD */
1407 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1408 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1409 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1410 > 0) {
1411 /* We're Slave---obey */
1412 if (CHECK_FLAG(oi->ospf->config,
1413 OSPF_LOG_ADJACENCY_DETAIL))
1414 zlog_info(
1415 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1416 &nbr->router_id);
1417
1418 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1419
1420 /* Reset I/MS */
1421 UNSET_FLAG(nbr->dd_flags,
1422 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1423 } else {
1424 /* We're Master, ignore the initial DBD from
1425 * Slave */
1426 if (CHECK_FLAG(oi->ospf->config,
1427 OSPF_LOG_ADJACENCY_DETAIL))
1428 zlog_info(
1429 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1430 &nbr->router_id);
1431 break;
1432 }
1433 }
1434 /* Ack from the Slave */
1435 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1436 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1437 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1438 < 0) {
1439 zlog_info(
1440 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1441 &nbr->router_id);
1442 /* Reset I, leaving MS */
1443 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1444 } else {
1445 flog_warn(EC_OSPF_PACKET,
1446 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1447 &nbr->router_id);
1448 break;
1449 }
1450
1451 /* This is where the real Options are saved */
1452 nbr->options = dd->options;
1453
1454 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1455 if (IS_DEBUG_OSPF_EVENT)
1456 zlog_debug(
1457 "Neighbor[%pI4] is %sOpaque-capable.",
1458 &nbr->router_id,
1459 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1460 ? ""
1461 : "NOT ");
1462
1463 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1464 && IPV4_ADDR_SAME(&DR(oi),
1465 &nbr->address.u.prefix4)) {
1466 flog_warn(
1467 EC_OSPF_PACKET,
1468 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1469 &nbr->router_id);
1470 /* This situation is undesirable, but not a real
1471 * error. */
1472 }
1473 }
1474
1475 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1476
1477 /* continue processing rest of packet. */
1478 ospf_db_desc_proc(s, oi, nbr, dd, size);
1479 break;
1480 case NSM_Exchange:
1481 if (ospf_db_desc_is_dup(dd, nbr)) {
1482 if (IS_SET_DD_MS(nbr->dd_flags))
1483 /* Master: discard duplicated DD packet. */
1484 zlog_info(
1485 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1486 &nbr->router_id);
1487 else
1488 /* Slave: cause to retransmit the last Database
1489 Description. */
1490 {
1491 zlog_info(
1492 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1493 &nbr->router_id);
1494 ospf_db_desc_resend(nbr);
1495 }
1496 break;
1497 }
1498
1499 /* Otherwise DD packet should be checked. */
1500 /* Check Master/Slave bit mismatch */
1501 if (IS_SET_DD_MS(dd->flags)
1502 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1503 flog_warn(EC_OSPF_PACKET,
1504 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1505 &nbr->router_id);
1506 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1507 if (IS_DEBUG_OSPF_EVENT)
1508 zlog_debug(
1509 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1510 dd->flags, nbr->dd_flags);
1511 break;
1512 }
1513
1514 /* Check initialize bit is set. */
1515 if (IS_SET_DD_I(dd->flags)) {
1516 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1517 &nbr->router_id);
1518 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1519 break;
1520 }
1521
1522 /* Check DD Options. */
1523 if (dd->options != nbr->options) {
1524 flog_warn(EC_OSPF_PACKET,
1525 "Packet[DD]: Neighbor %pI4 options mismatch.",
1526 &nbr->router_id);
1527 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1528 break;
1529 }
1530
1531 /* Check DD sequence number. */
1532 if ((IS_SET_DD_MS(nbr->dd_flags)
1533 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1534 || (!IS_SET_DD_MS(nbr->dd_flags)
1535 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1536 flog_warn(
1537 EC_OSPF_PACKET,
1538 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1539 &nbr->router_id);
1540 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1541 break;
1542 }
1543
1544 /* Continue processing rest of packet. */
1545 ospf_db_desc_proc(s, oi, nbr, dd, size);
1546 break;
1547 case NSM_Loading:
1548 case NSM_Full:
1549 if (ospf_db_desc_is_dup(dd, nbr)) {
1550 if (IS_SET_DD_MS(nbr->dd_flags)) {
1551 /* Master should discard duplicate DD packet. */
1552 zlog_info(
1553 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1554 &nbr->router_id);
1555 break;
1556 } else {
1557 if (monotime_since(&nbr->last_send_ts, NULL)
1558 < nbr->v_inactivity * 1000000LL) {
1559 /* In states Loading and Full the slave
1560 must resend
1561 its last Database Description packet
1562 in response to
1563 duplicate Database Description
1564 packets received
1565 from the master. For this reason the
1566 slave must
1567 wait RouterDeadInterval seconds
1568 before freeing the
1569 last Database Description packet.
1570 Reception of a
1571 Database Description packet from the
1572 master after
1573 this interval will generate a
1574 SeqNumberMismatch
1575 neighbor event. RFC2328 Section 10.8
1576 */
1577 ospf_db_desc_resend(nbr);
1578 break;
1579 }
1580 }
1581 }
1582
1583 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1584 break;
1585 default:
1586 flog_warn(EC_OSPF_PACKET,
1587 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1588 &nbr->router_id, nbr->state);
1589 break;
1590 }
1591 }
1592
1593 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1594
1595 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1596 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1597 struct stream *s, struct ospf_interface *oi,
1598 uint16_t size)
1599 {
1600 struct ospf_neighbor *nbr;
1601 uint32_t ls_type;
1602 struct in_addr ls_id;
1603 struct in_addr adv_router;
1604 struct ospf_lsa *find;
1605 struct list *ls_upd;
1606 unsigned int length;
1607
1608 /* Increment statistics. */
1609 oi->ls_req_in++;
1610
1611 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1612 if (nbr == NULL) {
1613 flog_warn(EC_OSPF_PACKET,
1614 "Link State Request: Unknown Neighbor %pI4",
1615 &ospfh->router_id);
1616 return;
1617 }
1618
1619 /* Neighbor State should be Exchange or later. */
1620 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1621 && nbr->state != NSM_Full) {
1622 flog_warn(
1623 EC_OSPF_PACKET,
1624 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1625 &ospfh->router_id,
1626 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1627 return;
1628 }
1629
1630 /* Send Link State Update for ALL requested LSAs. */
1631 ls_upd = list_new();
1632 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1633
1634 while (size >= OSPF_LSA_KEY_SIZE) {
1635 /* Get one slice of Link State Request. */
1636 ls_type = stream_getl(s);
1637 ls_id.s_addr = stream_get_ipv4(s);
1638 adv_router.s_addr = stream_get_ipv4(s);
1639
1640 /* Verify LSA type. */
1641 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1642 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1643 list_delete(&ls_upd);
1644 return;
1645 }
1646
1647 /* Search proper LSA in LSDB. */
1648 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1649 adv_router);
1650 if (find == NULL) {
1651 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1652 list_delete(&ls_upd);
1653 return;
1654 }
1655
1656 /* Packet overflows MTU size, send immediately. */
1657 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1658 if (oi->type == OSPF_IFTYPE_NBMA)
1659 ospf_ls_upd_send(nbr, ls_upd,
1660 OSPF_SEND_PACKET_DIRECT, 0);
1661 else
1662 ospf_ls_upd_send(nbr, ls_upd,
1663 OSPF_SEND_PACKET_INDIRECT, 0);
1664
1665 /* Only remove list contents. Keep ls_upd. */
1666 list_delete_all_node(ls_upd);
1667
1668 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1669 }
1670
1671 /* Append LSA to update list. */
1672 listnode_add(ls_upd, find);
1673 length += ntohs(find->data->length);
1674
1675 size -= OSPF_LSA_KEY_SIZE;
1676 }
1677
1678 /* Send rest of Link State Update. */
1679 if (listcount(ls_upd) > 0) {
1680 if (oi->type == OSPF_IFTYPE_NBMA)
1681 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1682 0);
1683 else
1684 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1685 0);
1686
1687 list_delete(&ls_upd);
1688 } else
1689 list_delete(&ls_upd);
1690 }
1691
1692 /* Get the list of LSAs from Link State Update packet.
1693 And process some validation -- RFC2328 Section 13. (1)-(2). */
1694 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1695 struct stream *s,
1696 struct ospf_interface *oi, size_t size)
1697 {
1698 uint16_t count, sum;
1699 uint32_t length;
1700 struct lsa_header *lsah;
1701 struct ospf_lsa *lsa;
1702 struct list *lsas;
1703
1704 lsas = list_new();
1705
1706 count = stream_getl(s);
1707 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1708
1709 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1710 size -= length, stream_forward_getp(s, length), count--) {
1711 lsah = (struct lsa_header *)stream_pnt(s);
1712 length = ntohs(lsah->length);
1713
1714 if (length > size) {
1715 flog_warn(
1716 EC_OSPF_PACKET,
1717 "Link State Update: LSA length exceeds packet size.");
1718 break;
1719 }
1720
1721 /* Validate the LSA's LS checksum. */
1722 sum = lsah->checksum;
1723 if (!ospf_lsa_checksum_valid(lsah)) {
1724 /* (bug #685) more details in a one-line message make it
1725 * possible
1726 * to identify problem source on the one hand and to
1727 * have a better
1728 * chance to compress repeated messages in syslog on the
1729 * other */
1730 flog_warn(
1731 EC_OSPF_PACKET,
1732 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1733 sum, lsah->checksum, &lsah->id,
1734 &nbr->src, &nbr->router_id,
1735 &lsah->adv_router);
1736 continue;
1737 }
1738
1739 /* Examine the LSA's LS type. */
1740 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1741 flog_warn(EC_OSPF_PACKET,
1742 "Link State Update: Unknown LS type %d",
1743 lsah->type);
1744 continue;
1745 }
1746
1747 /*
1748 * What if the received LSA's age is greater than MaxAge?
1749 * Treat it as a MaxAge case -- endo.
1750 */
1751 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1752 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1753
1754 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1755 #ifdef STRICT_OBIT_USAGE_CHECK
1756 if ((IS_OPAQUE_LSA(lsah->type)
1757 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1758 || (!IS_OPAQUE_LSA(lsah->type)
1759 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1760 /*
1761 * This neighbor must know the exact usage of
1762 * O-bit;
1763 * the bit will be set in Type-9,10,11 LSAs
1764 * only.
1765 */
1766 flog_warn(EC_OSPF_PACKET,
1767 "LSA[Type%d:%pI4]: O-bit abuse?",
1768 lsah->type, &lsah->id);
1769 continue;
1770 }
1771 #endif /* STRICT_OBIT_USAGE_CHECK */
1772
1773 /* Do not take in AS External Opaque-LSAs if we are a
1774 * stub. */
1775 if (lsah->type == OSPF_OPAQUE_AS_LSA
1776 && nbr->oi->area->external_routing
1777 != OSPF_AREA_DEFAULT) {
1778 if (IS_DEBUG_OSPF_EVENT)
1779 zlog_debug(
1780 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
1781 lsah->type,
1782 &lsah->id);
1783 continue;
1784 }
1785 } else if (IS_OPAQUE_LSA(lsah->type)) {
1786 flog_warn(EC_OSPF_PACKET,
1787 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1788 lsah->type, &lsah->id);
1789 continue;
1790 }
1791
1792 /* Create OSPF LSA instance. */
1793 lsa = ospf_lsa_new_and_data(length);
1794
1795 lsa->vrf_id = oi->ospf->vrf_id;
1796 /* We may wish to put some error checking if type NSSA comes in
1797 and area not in NSSA mode */
1798 switch (lsah->type) {
1799 case OSPF_AS_EXTERNAL_LSA:
1800 case OSPF_OPAQUE_AS_LSA:
1801 lsa->area = NULL;
1802 break;
1803 case OSPF_OPAQUE_LINK_LSA:
1804 lsa->oi = oi; /* Remember incoming interface for
1805 flooding control. */
1806 /* Fallthrough */
1807 default:
1808 lsa->area = oi->area;
1809 break;
1810 }
1811
1812 memcpy(lsa->data, lsah, length);
1813
1814 if (IS_DEBUG_OSPF_EVENT)
1815 zlog_debug(
1816 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1817 lsa->data->type, &lsa->data->id,
1818 (void *)lsa);
1819 listnode_add(lsas, lsa);
1820 }
1821
1822 return lsas;
1823 }
1824
1825 /* Cleanup Update list. */
1826 static void ospf_upd_list_clean(struct list *lsas)
1827 {
1828 struct listnode *node, *nnode;
1829 struct ospf_lsa *lsa;
1830
1831 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1832 ospf_lsa_discard(lsa);
1833
1834 list_delete(&lsas);
1835 }
1836
1837 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1838 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1839 struct ospf_header *ospfh, struct stream *s,
1840 struct ospf_interface *oi, uint16_t size)
1841 {
1842 struct ospf_neighbor *nbr;
1843 struct list *lsas;
1844 struct listnode *node, *nnode;
1845 struct ospf_lsa *lsa = NULL;
1846 /* unsigned long ls_req_found = 0; */
1847
1848 /* Dis-assemble the stream, update each entry, re-encapsulate for
1849 * flooding */
1850
1851 /* Increment statistics. */
1852 oi->ls_upd_in++;
1853
1854 /* Check neighbor. */
1855 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1856 if (nbr == NULL) {
1857 flog_warn(EC_OSPF_PACKET,
1858 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1859 &ospfh->router_id, IF_NAME(oi));
1860 return;
1861 }
1862
1863 /* Check neighbor state. */
1864 if (nbr->state < NSM_Exchange) {
1865 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1866 zlog_debug(
1867 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1868 &ospfh->router_id,
1869 lookup_msg(ospf_nsm_state_msg, nbr->state,
1870 NULL));
1871 return;
1872 }
1873
1874 /* Get list of LSAs from Link State Update packet. - Also performs
1875 * Stages 1 (validate LSA checksum) and 2 (check for LSA consistent
1876 * type) of section 13.
1877 */
1878 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1879
1880 if (lsas == NULL)
1881 return;
1882 #define DISCARD_LSA(L, N) \
1883 { \
1884 if (IS_DEBUG_OSPF_EVENT) \
1885 zlog_debug( \
1886 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1887 " Type-%d", \
1888 N, (void *)lsa, (int)lsa->data->type); \
1889 ospf_lsa_discard(L); \
1890 continue; \
1891 }
1892
1893 /* Process each LSA received in the one packet.
1894 *
1895 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1896 * text below are from the steps in RFC 2328, Section 13.
1897 */
1898 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1899 struct ospf_lsa *ls_ret, *current;
1900 int ret = 1;
1901
1902 if (IS_DEBUG_OSPF(lsa, LSA))
1903 zlog_debug("LSA Type-%d from %pI4, ID: %pI4, ADV: %pI4",
1904 lsa->data->type, &ospfh->router_id,
1905 &lsa->data->id, &lsa->data->adv_router);
1906
1907 listnode_delete(lsas,
1908 lsa); /* We don't need it in list anymore */
1909
1910 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1911 */
1912
1913 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1914
1915 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1916 */
1917
1918 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1919 */
1920
1921 /* Do take in Type-7's if we are an NSSA */
1922
1923 /* If we are also an ABR, later translate them to a Type-5
1924 * packet */
1925
1926 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1927 translate them to a separate Type-5 packet. */
1928
1929 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1930 /* Reject from STUB or NSSA */
1931 if (nbr->oi->area->external_routing
1932 != OSPF_AREA_DEFAULT) {
1933 if (IS_DEBUG_OSPF_NSSA)
1934 zlog_debug(
1935 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1936 DISCARD_LSA(lsa, 1);
1937 }
1938
1939 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1940 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1941 if (IS_DEBUG_OSPF_NSSA)
1942 zlog_debug(
1943 "Incoming NSSA LSA Discarded: Not NSSA Area");
1944 DISCARD_LSA(lsa, 2);
1945 }
1946
1947 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1948 if (lsa->data->type == OSPF_ROUTER_LSA)
1949 if (!IPV4_ADDR_SAME(&lsa->data->id,
1950 &lsa->data->adv_router)) {
1951 flog_err(
1952 EC_OSPF_ROUTER_LSA_MISMATCH,
1953 "Incoming Router-LSA from %pI4 with Adv-ID[%pI4] != LS-ID[%pI4]",
1954 &ospfh->router_id, &lsa->data->id,
1955 &lsa->data->adv_router);
1956 flog_err(
1957 EC_OSPF_DOMAIN_CORRUPT,
1958 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
1959 DISCARD_LSA(lsa, 0);
1960 }
1961
1962 /* Find the LSA in the current database. */
1963
1964 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1965
1966 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1967 currently
1968 no instance of the LSA in the router's link state database,
1969 and none of router's neighbors are in states Exchange or
1970 Loading,
1971 then take the following actions: */
1972
1973 if (IS_LSA_MAXAGE(lsa) && !current
1974 && ospf_check_nbr_status(oi->ospf)) {
1975 /* (4a) Response Link State Acknowledgment. */
1976 ospf_ls_ack_send(nbr, lsa);
1977
1978 /* (4b) Discard LSA. */
1979 if (IS_DEBUG_OSPF(lsa, LSA)) {
1980 zlog_debug(
1981 "Link State Update[%s]: LS age is equal to MaxAge.",
1982 dump_lsa_key(lsa));
1983 }
1984 DISCARD_LSA(lsa, 3);
1985 }
1986
1987 if (IS_OPAQUE_LSA(lsa->data->type)
1988 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1989 &oi->ospf->router_id)) {
1990 /*
1991 * Even if initial flushing seems to be completed, there
1992 * might
1993 * be a case that self-originated LSA with MaxAge still
1994 * remain
1995 * in the routing domain.
1996 * Just send an LSAck message to cease retransmission.
1997 */
1998 if (IS_LSA_MAXAGE(lsa)) {
1999 zlog_info("LSA[%s]: Boomerang effect?",
2000 dump_lsa_key(lsa));
2001 ospf_ls_ack_send(nbr, lsa);
2002 ospf_lsa_discard(lsa);
2003
2004 if (current != NULL && !IS_LSA_MAXAGE(current))
2005 ospf_opaque_lsa_refresh_schedule(
2006 current);
2007 continue;
2008 }
2009
2010 /*
2011 * If an instance of self-originated Opaque-LSA is not
2012 * found
2013 * in the LSDB, there are some possible cases here.
2014 *
2015 * 1) This node lost opaque-capability after restart.
2016 * 2) Else, a part of opaque-type is no more supported.
2017 * 3) Else, a part of opaque-id is no more supported.
2018 *
2019 * Anyway, it is still this node's responsibility to
2020 * flush it.
2021 * Otherwise, the LSA instance remains in the routing
2022 * domain
2023 * until its age reaches to MaxAge.
2024 */
2025 /* XXX: We should deal with this for *ALL* LSAs, not
2026 * just opaque */
2027 if (current == NULL) {
2028 if (IS_DEBUG_OSPF_EVENT)
2029 zlog_debug(
2030 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
2031 dump_lsa_key(lsa));
2032
2033 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2034
2035 ospf_ls_ack_send(nbr, lsa);
2036
2037 if (!ospf->gr_info.restart_in_progress) {
2038 ospf_opaque_self_originated_lsa_received(
2039 nbr, lsa);
2040 continue;
2041 }
2042 }
2043 }
2044
2045 /* It might be happen that received LSA is self-originated
2046 * network LSA, but
2047 * router ID is changed. So, we should check if LSA is a
2048 * network-LSA whose
2049 * Link State ID is one of the router's own IP interface
2050 * addresses but whose
2051 * Advertising Router is not equal to the router's own Router ID
2052 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2053 * flushed.
2054 */
2055
2056 if (lsa->data->type == OSPF_NETWORK_LSA) {
2057 struct listnode *oinode, *oinnode;
2058 struct ospf_interface *out_if;
2059 int Flag = 0;
2060
2061 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2062 oinnode, out_if)) {
2063 if (out_if == NULL)
2064 break;
2065
2066 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2067 &lsa->data->id))
2068 && (!(IPV4_ADDR_SAME(
2069 &oi->ospf->router_id,
2070 &lsa->data->adv_router)))) {
2071 if (out_if->network_lsa_self) {
2072 ospf_lsa_flush_area(
2073 lsa, out_if->area);
2074 if (IS_DEBUG_OSPF_EVENT)
2075 zlog_debug(
2076 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2077 (void *)lsa,
2078 (int)lsa->data
2079 ->type);
2080 ospf_lsa_discard(lsa);
2081 Flag = 1;
2082 }
2083 break;
2084 }
2085 }
2086 if (Flag)
2087 continue;
2088 }
2089
2090 /* (5) Find the instance of this LSA that is currently contained
2091 in the router's link state database. If there is no
2092 database copy, or the received LSA is more recent than
2093 the database copy the following steps must be performed.
2094 (The sub steps from RFC 2328 section 13 step (5) will be
2095 performed in
2096 ospf_flood() ) */
2097
2098 if (current == NULL
2099 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2100 /* CVE-2017-3224 */
2101 if (current && (IS_LSA_MAX_SEQ(current))
2102 && (IS_LSA_MAX_SEQ(lsa)) && !IS_LSA_MAXAGE(lsa)) {
2103 zlog_debug(
2104 "Link State Update[%s]: has Max Seq and higher checksum but not MaxAge. Dropping it",
2105 dump_lsa_key(lsa));
2106
2107 DISCARD_LSA(lsa, 4);
2108 }
2109
2110 /* Actual flooding procedure. */
2111 if (ospf_flood(oi->ospf, nbr, current, lsa)
2112 < 0) /* Trap NSSA later. */
2113 DISCARD_LSA(lsa, 5);
2114 continue;
2115 }
2116
2117 /* (6) Else, If there is an instance of the LSA on the sending
2118 neighbor's Link state request list, an error has occurred in
2119 the Database Exchange process. In this case, restart the
2120 Database Exchange process by generating the neighbor event
2121 BadLSReq for the sending neighbor and stop processing the
2122 Link State Update packet. */
2123
2124 if (ospf_ls_request_lookup(nbr, lsa)) {
2125 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2126 flog_warn(
2127 EC_OSPF_PACKET,
2128 "LSA[%s] instance exists on Link state request list",
2129 dump_lsa_key(lsa));
2130
2131 /* Clean list of LSAs. */
2132 ospf_upd_list_clean(lsas);
2133 /* this lsa is not on lsas list already. */
2134 ospf_lsa_discard(lsa);
2135 return;
2136 }
2137
2138 /* If the received LSA is the same instance as the database copy
2139 (i.e., neither one is more recent) the following two steps
2140 should be performed: */
2141
2142 if (ret == 0) {
2143 /* If the LSA is listed in the Link state retransmission
2144 list
2145 for the receiving adjacency, the router itself is
2146 expecting
2147 an acknowledgment for this LSA. The router should
2148 treat the
2149 received LSA as an acknowledgment by removing the LSA
2150 from
2151 the Link state retransmission list. This is termed
2152 an
2153 "implied acknowledgment". */
2154
2155 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2156
2157 if (ls_ret != NULL) {
2158 ospf_ls_retransmit_delete(nbr, ls_ret);
2159
2160 /* Delayed acknowledgment sent if advertisement
2161 received
2162 from Designated Router, otherwise do nothing.
2163 */
2164 if (oi->state == ISM_Backup)
2165 if (NBR_IS_DR(nbr))
2166 listnode_add(
2167 oi->ls_ack,
2168 ospf_lsa_lock(lsa));
2169
2170 DISCARD_LSA(lsa, 6);
2171 } else
2172 /* Acknowledge the receipt of the LSA by sending a
2173 Link State Acknowledgment packet back out the
2174 receiving
2175 interface. */
2176 {
2177 ospf_ls_ack_send(nbr, lsa);
2178 DISCARD_LSA(lsa, 7);
2179 }
2180 }
2181
2182 /* The database copy is more recent. If the database copy
2183 has LS age equal to MaxAge and LS sequence number equal to
2184 MaxSequenceNumber, simply discard the received LSA without
2185 acknowledging it. (In this case, the LSA's LS sequence number
2186 is
2187 wrapping, and the MaxSequenceNumber LSA must be completely
2188 flushed before any new LSA instance can be introduced). */
2189
2190 else if (ret > 0) /* Database copy is more recent */
2191 {
2192 if (IS_LSA_MAXAGE(current)
2193 && current->data->ls_seqnum
2194 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2195 DISCARD_LSA(lsa, 8);
2196 }
2197 /* Otherwise, as long as the database copy has not been
2198 sent in a
2199 Link State Update within the last MinLSArrival
2200 seconds, send the
2201 database copy back to the sending neighbor,
2202 encapsulated within
2203 a Link State Update Packet. The Link State Update
2204 Packet should
2205 be sent directly to the neighbor. In so doing, do not
2206 put the
2207 database copy of the LSA on the neighbor's link state
2208 retransmission list, and do not acknowledge the
2209 received (less
2210 recent) LSA instance. */
2211 else {
2212 if (monotime_since(&current->tv_orig, NULL)
2213 >= ospf->min_ls_arrival * 1000LL)
2214 /* Trap NSSA type later.*/
2215 ospf_ls_upd_send_lsa(
2216 nbr, current,
2217 OSPF_SEND_PACKET_DIRECT);
2218 DISCARD_LSA(lsa, 9);
2219 }
2220 }
2221 }
2222 #undef DISCARD_LSA
2223
2224 assert(listcount(lsas) == 0);
2225 list_delete(&lsas);
2226
2227 if (ospf->gr_info.restart_in_progress)
2228 ospf_gr_check_lsdb_consistency(oi->ospf, oi->area);
2229 }
2230
2231 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2232 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2233 struct stream *s, struct ospf_interface *oi,
2234 uint16_t size)
2235 {
2236 struct ospf_neighbor *nbr;
2237
2238 /* increment statistics. */
2239 oi->ls_ack_in++;
2240
2241 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2242 if (nbr == NULL) {
2243 flog_warn(EC_OSPF_PACKET,
2244 "Link State Acknowledgment: Unknown Neighbor %pI4",
2245 &ospfh->router_id);
2246 return;
2247 }
2248
2249 if (nbr->state < NSM_Exchange) {
2250 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2251 zlog_debug(
2252 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2253 &ospfh->router_id,
2254 lookup_msg(ospf_nsm_state_msg, nbr->state,
2255 NULL));
2256 return;
2257 }
2258
2259 while (size >= OSPF_LSA_HEADER_SIZE) {
2260 struct ospf_lsa *lsa, *lsr;
2261
2262 lsa = ospf_lsa_new();
2263 lsa->data = (struct lsa_header *)stream_pnt(s);
2264 lsa->vrf_id = oi->ospf->vrf_id;
2265
2266 /* lsah = (struct lsa_header *) stream_pnt (s); */
2267 size -= OSPF_LSA_HEADER_SIZE;
2268 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2269
2270 if (lsa->data->type < OSPF_MIN_LSA
2271 || lsa->data->type >= OSPF_MAX_LSA) {
2272 lsa->data = NULL;
2273 ospf_lsa_discard(lsa);
2274 continue;
2275 }
2276
2277 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2278
2279 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0) {
2280 ospf_ls_retransmit_delete(nbr, lsr);
2281 ospf_check_and_gen_init_seq_lsa(oi, lsa);
2282 }
2283
2284 lsa->data = NULL;
2285 ospf_lsa_discard(lsa);
2286 }
2287
2288 return;
2289 }
2290
2291 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2292 struct interface **ifp,
2293 struct stream *ibuf)
2294 {
2295 int ret;
2296 struct ip *iph;
2297 uint16_t ip_len;
2298 ifindex_t ifindex = 0;
2299 struct iovec iov;
2300 /* Header and data both require alignment. */
2301 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2302 struct msghdr msgh;
2303
2304 memset(&msgh, 0, sizeof(msgh));
2305 msgh.msg_iov = &iov;
2306 msgh.msg_iovlen = 1;
2307 msgh.msg_control = (caddr_t)buff;
2308 msgh.msg_controllen = sizeof(buff);
2309
2310 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2311 OSPF_MAX_PACKET_SIZE + 1);
2312 if (ret < 0) {
2313 if (errno != EAGAIN && errno != EWOULDBLOCK)
2314 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2315 safe_strerror(errno));
2316 return NULL;
2317 }
2318 if ((unsigned int)ret < sizeof(struct ip)) {
2319 flog_warn(
2320 EC_OSPF_PACKET,
2321 "ospf_recv_packet: discarding runt packet of length %d (ip header size is %u)",
2322 ret, (unsigned int)sizeof(iph));
2323 return NULL;
2324 }
2325
2326 /* Note that there should not be alignment problems with this assignment
2327 because this is at the beginning of the stream data buffer. */
2328 iph = (struct ip *)STREAM_DATA(ibuf);
2329 sockopt_iphdrincl_swab_systoh(iph);
2330
2331 ip_len = iph->ip_len;
2332
2333 #if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
2334 /*
2335 * Kernel network code touches incoming IP header parameters,
2336 * before protocol specific processing.
2337 *
2338 * 1) Convert byteorder to host representation.
2339 * --> ip_len, ip_id, ip_off
2340 *
2341 * 2) Adjust ip_len to strip IP header size!
2342 * --> If user process receives entire IP packet via RAW
2343 * socket, it must consider adding IP header size to
2344 * the "ip_len" field of "ip" structure.
2345 *
2346 * For more details, see <netinet/ip_input.c>.
2347 */
2348 ip_len = ip_len + (iph->ip_hl << 2);
2349 #endif
2350
2351 #if defined(__DragonFly__)
2352 /*
2353 * in DragonFly's raw socket, ip_len/ip_off are read
2354 * in network byte order.
2355 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2356 */
2357 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2358 #endif
2359
2360 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2361
2362 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2363
2364 if (ret != ip_len) {
2365 flog_warn(
2366 EC_OSPF_PACKET,
2367 "ospf_recv_packet read length mismatch: ip_len is %d, but recvmsg returned %d",
2368 ip_len, ret);
2369 return NULL;
2370 }
2371
2372 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2373 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2374 ospf_get_name(ospf), ifindex,
2375 *ifp ? (*ifp)->name : "Unknown");
2376 return ibuf;
2377 }
2378
2379 static struct ospf_interface *
2380 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2381 struct ip *iph, struct ospf_header *ospfh)
2382 {
2383 struct ospf_interface *rcv_oi;
2384 struct ospf_vl_data *vl_data;
2385 struct ospf_area *vl_area;
2386 struct listnode *node;
2387
2388 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2389 || !OSPF_IS_AREA_BACKBONE(ospfh))
2390 return NULL;
2391
2392 /* look for local OSPF interface matching the destination
2393 * to determine Area ID. We presume therefore the destination address
2394 * is unique, or at least (for "unnumbered" links), not used in other
2395 * areas
2396 */
2397 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2398 == NULL)
2399 return NULL;
2400
2401 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2402 vl_area =
2403 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2404 if (!vl_area)
2405 continue;
2406
2407 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2408 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2409 if (IS_DEBUG_OSPF_EVENT)
2410 zlog_debug("associating packet with %s",
2411 IF_NAME(vl_data->vl_oi));
2412 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2413 if (IS_DEBUG_OSPF_EVENT)
2414 zlog_debug(
2415 "This VL is not up yet, sorry");
2416 return NULL;
2417 }
2418
2419 return vl_data->vl_oi;
2420 }
2421 }
2422
2423 if (IS_DEBUG_OSPF_EVENT)
2424 zlog_debug("couldn't find any VL to associate the packet with");
2425
2426 return NULL;
2427 }
2428
2429 static int ospf_check_area_id(struct ospf_interface *oi,
2430 struct ospf_header *ospfh)
2431 {
2432 /* Check match the Area ID of the receiving interface. */
2433 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2434 return 1;
2435
2436 return 0;
2437 }
2438
2439 /* Unbound socket will accept any Raw IP packets if proto is matched.
2440 To prevent it, compare src IP address and i/f address with masking
2441 i/f network mask. */
2442 static int ospf_check_network_mask(struct ospf_interface *oi,
2443 struct in_addr ip_src)
2444 {
2445 struct in_addr mask, me, him;
2446
2447 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2448 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2449 return 1;
2450
2451 /* Ignore mask check for max prefix length (32) */
2452 if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
2453 && oi->address->prefixlen == IPV4_MAX_BITLEN)
2454 return 1;
2455
2456 masklen2ip(oi->address->prefixlen, &mask);
2457
2458 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2459 him.s_addr = ip_src.s_addr & mask.s_addr;
2460
2461 if (IPV4_ADDR_SAME(&me, &him))
2462 return 1;
2463
2464 return 0;
2465 }
2466
2467 /* Return 1, if the packet is properly authenticated and checksummed,
2468 0 otherwise. In particular, check that AuType header field is valid and
2469 matches the locally configured AuType, and that D.5 requirements are met. */
2470 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2471 {
2472 struct crypt_key *ck;
2473 uint16_t iface_auth_type;
2474 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2475
2476 switch (pkt_auth_type) {
2477 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2478 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2479 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2480 flog_warn(
2481 EC_OSPF_PACKET,
2482 "interface %s: auth-type mismatch, local %s, rcvd Null",
2483 IF_NAME(oi),
2484 lookup_msg(ospf_auth_type_str,
2485 iface_auth_type, NULL));
2486 return 0;
2487 }
2488 if (!ospf_check_sum(ospfh)) {
2489 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2490 flog_warn(
2491 EC_OSPF_PACKET,
2492 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
2493 IF_NAME(oi),
2494 &ospfh->router_id);
2495 return 0;
2496 }
2497 return 1;
2498 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2499 if (OSPF_AUTH_SIMPLE
2500 != (iface_auth_type = ospf_auth_type(oi))) {
2501 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2502 flog_warn(
2503 EC_OSPF_PACKET,
2504 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2505 IF_NAME(oi),
2506 lookup_msg(ospf_auth_type_str,
2507 iface_auth_type, NULL));
2508 return 0;
2509 }
2510 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2511 OSPF_AUTH_SIMPLE_SIZE)) {
2512 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2513 flog_warn(EC_OSPF_PACKET,
2514 "interface %s: Simple auth failed",
2515 IF_NAME(oi));
2516 return 0;
2517 }
2518 if (!ospf_check_sum(ospfh)) {
2519 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2520 flog_warn(
2521 EC_OSPF_PACKET,
2522 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
2523 IF_NAME(oi),
2524 &ospfh->router_id);
2525 return 0;
2526 }
2527 return 1;
2528 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2529 if (OSPF_AUTH_CRYPTOGRAPHIC
2530 != (iface_auth_type = ospf_auth_type(oi))) {
2531 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2532 flog_warn(
2533 EC_OSPF_PACKET,
2534 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2535 IF_NAME(oi),
2536 lookup_msg(ospf_auth_type_str,
2537 iface_auth_type, NULL));
2538 return 0;
2539 }
2540 if (ospfh->checksum) {
2541 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2542 flog_warn(
2543 EC_OSPF_PACKET,
2544 "interface %s: OSPF header checksum is not 0",
2545 IF_NAME(oi));
2546 return 0;
2547 }
2548 /* only MD5 crypto method can pass ospf_packet_examin() */
2549 if (NULL == (ck = listgetdata(
2550 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2551 || ospfh->u.crypt.key_id != ck->key_id ||
2552 /* Condition above uses the last key ID on the list,
2553 which is
2554 different from what ospf_crypt_key_lookup() does. A
2555 bug? */
2556 !ospf_check_md5_digest(oi, ospfh)) {
2557 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2558 flog_warn(EC_OSPF_MD5,
2559 "interface %s: MD5 auth failed",
2560 IF_NAME(oi));
2561 return 0;
2562 }
2563 return 1;
2564 default:
2565 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2566 flog_warn(
2567 EC_OSPF_PACKET,
2568 "interface %s: invalid packet auth-type (%02x)",
2569 IF_NAME(oi), pkt_auth_type);
2570 return 0;
2571 }
2572 }
2573
2574 static int ospf_check_sum(struct ospf_header *ospfh)
2575 {
2576 uint32_t ret;
2577 uint16_t sum;
2578
2579 /* clear auth_data for checksum. */
2580 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2581
2582 /* keep checksum and clear. */
2583 sum = ospfh->checksum;
2584 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2585
2586 /* calculate checksum. */
2587 ret = in_cksum(ospfh, ntohs(ospfh->length));
2588
2589 if (ret != sum) {
2590 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2591 ret, sum);
2592 return 0;
2593 }
2594
2595 return 1;
2596 }
2597
2598 /* Verify, that given link/TOS records are properly sized/aligned and match
2599 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2600 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2601 uint16_t linkbytes,
2602 const uint16_t num_links)
2603 {
2604 unsigned counted_links = 0, thislinklen;
2605
2606 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
2607 thislinklen =
2608 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2609 if (thislinklen > linkbytes) {
2610 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2611 zlog_debug("%s: length error in link block #%u",
2612 __func__, counted_links);
2613 return MSG_NG;
2614 }
2615 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2616 linkbytes -= thislinklen;
2617 counted_links++;
2618 }
2619 if (counted_links != num_links) {
2620 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2621 zlog_debug("%s: %u link blocks declared, %u present",
2622 __func__, num_links, counted_links);
2623 return MSG_NG;
2624 }
2625 return MSG_OK;
2626 }
2627
2628 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2629 minimum length constraint). */
2630 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2631 const uint8_t headeronly)
2632 {
2633 unsigned ret;
2634 struct router_lsa *rlsa;
2635 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2636 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2637 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2638 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2639 lookup_msg(ospf_lsa_type_msg, lsah->type,
2640 NULL));
2641 return MSG_NG;
2642 }
2643 switch (lsah->type) {
2644 case OSPF_ROUTER_LSA: {
2645 /*
2646 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2647 * (12+)-byte link blocks
2648 */
2649 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2650 - OSPF_ROUTER_LSA_MIN_SIZE;
2651
2652 /*
2653 * LSA link blocks are variable length but always multiples of
2654 * 4; basic sanity check
2655 */
2656 if (linkbytes_len % 4 != 0)
2657 return MSG_NG;
2658
2659 if (headeronly)
2660 return MSG_OK;
2661
2662 rlsa = (struct router_lsa *)lsah;
2663
2664 ret = ospf_router_lsa_links_examin(
2665 (struct router_lsa_link *)rlsa->link,
2666 linkbytes_len,
2667 ntohs(rlsa->links));
2668 break;
2669 }
2670 case OSPF_AS_EXTERNAL_LSA:
2671 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2672 * blocks */
2673 case OSPF_AS_NSSA_LSA:
2674 /* RFC3101 C, idem */
2675 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2676 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2677 % 12
2678 ? MSG_NG
2679 : MSG_OK;
2680 break;
2681 /* Following LSA types are considered OK length-wise as soon as their
2682 * minimum
2683 * length constraint is met and length of the whole LSA is a multiple of
2684 * 4
2685 * (basic LSA header size is already a multiple of 4). */
2686 case OSPF_NETWORK_LSA:
2687 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2688 case OSPF_SUMMARY_LSA:
2689 case OSPF_ASBR_SUMMARY_LSA:
2690 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2691 * blocks */
2692 case OSPF_OPAQUE_LINK_LSA:
2693 case OSPF_OPAQUE_AREA_LSA:
2694 case OSPF_OPAQUE_AS_LSA:
2695 /* RFC5250 A.2, "some number of octets (of application-specific
2696 * data) padded to 32-bit alignment." This is considered
2697 * equivalent
2698 * to 4-byte alignment of all other LSA types, see
2699 * OSPF-ALIGNMENT.txt
2700 * file for the detailed analysis of this passage. */
2701 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2702 break;
2703 default:
2704 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2705 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2706 lsah->type);
2707 return MSG_NG;
2708 }
2709 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2710 zlog_debug("%s: alignment error in %s", __func__,
2711 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2712 return ret;
2713 }
2714
2715 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2716 includes verification of LSA blocks length/alignment and dispatching
2717 of deeper-level checks. */
2718 static unsigned
2719 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2720 size_t length, const uint8_t headeronly,
2721 /* When declared_num_lsas is not 0, compare it to the real
2722 number of LSAs
2723 and treat the difference as an error. */
2724 const uint32_t declared_num_lsas)
2725 {
2726 uint32_t counted_lsas = 0;
2727
2728 while (length) {
2729 uint16_t lsalen;
2730 if (length < OSPF_LSA_HEADER_SIZE) {
2731 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2732 zlog_debug(
2733 "%s: undersized (%zu B) trailing (#%u) LSA header",
2734 __func__, length, counted_lsas);
2735 return MSG_NG;
2736 }
2737 /* save on ntohs() calls here and in the LSA validator */
2738 lsalen = ntohs(lsah->length);
2739 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2740 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2741 zlog_debug(
2742 "%s: malformed LSA header #%u, declared length is %u B",
2743 __func__, counted_lsas, lsalen);
2744 return MSG_NG;
2745 }
2746 if (headeronly) {
2747 /* less checks here and in ospf_lsa_examin() */
2748 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2749 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2750 zlog_debug(
2751 "%s: malformed header-only LSA #%u",
2752 __func__, counted_lsas);
2753 return MSG_NG;
2754 }
2755 lsah = (struct lsa_header *)((caddr_t)lsah
2756 + OSPF_LSA_HEADER_SIZE);
2757 length -= OSPF_LSA_HEADER_SIZE;
2758 } else {
2759 /* make sure the input buffer is deep enough before
2760 * further checks */
2761 if (lsalen > length) {
2762 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2763 zlog_debug(
2764 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2765 __func__, counted_lsas, lsalen,
2766 length);
2767 return MSG_NG;
2768 }
2769 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2770 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2771 zlog_debug("%s: malformed LSA #%u",
2772 __func__, counted_lsas);
2773 return MSG_NG;
2774 }
2775 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2776 length -= lsalen;
2777 }
2778 counted_lsas++;
2779 }
2780
2781 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2782 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2783 zlog_debug(
2784 "%s: #LSAs declared (%u) does not match actual (%u)",
2785 __func__, declared_num_lsas, counted_lsas);
2786 return MSG_NG;
2787 }
2788 return MSG_OK;
2789 }
2790
2791 /* Verify a complete OSPF packet for proper sizing/alignment. */
2792 static unsigned ospf_packet_examin(struct ospf_header *oh,
2793 const unsigned bytesonwire)
2794 {
2795 uint16_t bytesdeclared, bytesauth;
2796 unsigned ret;
2797 struct ospf_ls_update *lsupd;
2798
2799 /* Length, 1st approximation. */
2800 if (bytesonwire < OSPF_HEADER_SIZE) {
2801 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2802 zlog_debug("%s: undersized (%u B) packet", __func__,
2803 bytesonwire);
2804 return MSG_NG;
2805 }
2806 /* Now it is safe to access header fields. Performing length check,
2807 * allow
2808 * for possible extra bytes of crypto auth/padding, which are not
2809 * counted
2810 * in the OSPF header "length" field. */
2811 if (oh->version != OSPF_VERSION) {
2812 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2813 zlog_debug("%s: invalid (%u) protocol version",
2814 __func__, oh->version);
2815 return MSG_NG;
2816 }
2817 bytesdeclared = ntohs(oh->length);
2818 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2819 bytesauth = 0;
2820 else {
2821 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2822 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2823 zlog_debug(
2824 "%s: unsupported crypto auth length (%u B)",
2825 __func__, oh->u.crypt.auth_data_len);
2826 return MSG_NG;
2827 }
2828 bytesauth = OSPF_AUTH_MD5_SIZE;
2829 }
2830 if (bytesdeclared + bytesauth > bytesonwire) {
2831 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2832 zlog_debug(
2833 "%s: packet length error (%u real, %u+%u declared)",
2834 __func__, bytesonwire, bytesdeclared,
2835 bytesauth);
2836 return MSG_NG;
2837 }
2838 /* Length, 2nd approximation. The type-specific constraint is checked
2839 against declared length, not amount of bytes on wire. */
2840 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2841 && bytesdeclared
2842 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2843 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2844 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2845 bytesdeclared,
2846 lookup_msg(ospf_packet_type_str, oh->type,
2847 NULL));
2848 return MSG_NG;
2849 }
2850 switch (oh->type) {
2851 case OSPF_MSG_HELLO:
2852 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2853 followed
2854 by N>=0 router-IDs. */
2855 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2856 % 4
2857 ? MSG_NG
2858 : MSG_OK;
2859 break;
2860 case OSPF_MSG_DB_DESC:
2861 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2862 followed
2863 by N>=0 header-only LSAs. */
2864 ret = ospf_lsaseq_examin(
2865 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2866 + OSPF_DB_DESC_MIN_SIZE),
2867 bytesdeclared - OSPF_HEADER_SIZE
2868 - OSPF_DB_DESC_MIN_SIZE,
2869 1, /* header-only LSAs */
2870 0);
2871 break;
2872 case OSPF_MSG_LS_REQ:
2873 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2874 * request blocks. */
2875 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2876 % OSPF_LSA_KEY_SIZE
2877 ? MSG_NG
2878 : MSG_OK;
2879 break;
2880 case OSPF_MSG_LS_UPD:
2881 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2882 followed
2883 by N>=0 full LSAs (with N declared beforehand). */
2884 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2885 + OSPF_HEADER_SIZE);
2886 ret = ospf_lsaseq_examin(
2887 (struct lsa_header *)((caddr_t)lsupd
2888 + OSPF_LS_UPD_MIN_SIZE),
2889 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2890 0, /* full LSAs */
2891 ntohl(lsupd->num_lsas) /* 32 bits */
2892 );
2893 break;
2894 case OSPF_MSG_LS_ACK:
2895 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2896 * LSAs. */
2897 ret = ospf_lsaseq_examin(
2898 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2899 + OSPF_LS_ACK_MIN_SIZE),
2900 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2901 1, /* header-only LSAs */
2902 0);
2903 break;
2904 default:
2905 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2906 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2907 oh->type);
2908 return MSG_NG;
2909 }
2910 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2911 zlog_debug("%s: malformed %s packet", __func__,
2912 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2913 return ret;
2914 }
2915
2916 /* OSPF Header verification. */
2917 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2918 struct ip *iph, struct ospf_header *ospfh)
2919 {
2920 /* Check Area ID. */
2921 if (!ospf_check_area_id(oi, ospfh)) {
2922 flog_warn(EC_OSPF_PACKET,
2923 "interface %s: ospf_read invalid Area ID %pI4",
2924 IF_NAME(oi), &ospfh->area_id);
2925 return -1;
2926 }
2927
2928 /* Check network mask, Silently discarded. */
2929 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2930 flog_warn(
2931 EC_OSPF_PACKET,
2932 "interface %s: ospf_read network address is not same [%pI4]",
2933 IF_NAME(oi), &iph->ip_src);
2934 return -1;
2935 }
2936
2937 /* Check authentication. The function handles logging actions, where
2938 * required. */
2939 if (!ospf_check_auth(oi, ospfh))
2940 return -1;
2941
2942 return 0;
2943 }
2944
2945 enum ospf_read_return_enum {
2946 OSPF_READ_ERROR,
2947 OSPF_READ_CONTINUE,
2948 };
2949
2950 static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
2951 {
2952 int ret;
2953 struct stream *ibuf;
2954 struct ospf_interface *oi;
2955 struct ip *iph;
2956 struct ospf_header *ospfh;
2957 uint16_t length;
2958 struct connected *c;
2959 struct interface *ifp = NULL;
2960
2961 stream_reset(ospf->ibuf);
2962 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2963 if (ibuf == NULL)
2964 return OSPF_READ_ERROR;
2965
2966 /*
2967 * This raw packet is known to be at least as big as its
2968 * IP header. Note that there should not be alignment problems with
2969 * this assignment because this is at the beginning of the
2970 * stream data buffer.
2971 */
2972 iph = (struct ip *)STREAM_DATA(ibuf);
2973 /*
2974 * Note that sockopt_iphdrincl_swab_systoh was called in
2975 * ospf_recv_packet.
2976 */
2977 if (ifp == NULL) {
2978 /*
2979 * Handle cases where the platform does not support
2980 * retrieving the ifindex, and also platforms (such as
2981 * Solaris 8) that claim to support ifindex retrieval but do
2982 * not.
2983 */
2984 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2985 ospf->vrf_id);
2986 if (c)
2987 ifp = c->ifp;
2988 if (ifp == NULL) {
2989 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2990 zlog_debug(
2991 "%s: Unable to determine incoming interface from: %pI4(%s)",
2992 __func__, &iph->ip_src,
2993 ospf_get_name(ospf));
2994 return OSPF_READ_CONTINUE;
2995 }
2996 }
2997
2998 if (ospf->vrf_id == VRF_DEFAULT && ospf->vrf_id != ifp->vrf->vrf_id) {
2999 /*
3000 * We may have a situation where l3mdev_accept == 1
3001 * let's just kindly drop the packet and move on.
3002 * ospf really really really does not like when
3003 * we receive the same packet multiple times.
3004 */
3005 return OSPF_READ_CONTINUE;
3006 }
3007
3008 /* Self-originated packet should be discarded silently. */
3009 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3010 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3011 zlog_debug(
3012 "ospf_read[%pI4]: Dropping self-originated packet",
3013 &iph->ip_src);
3014 }
3015 return OSPF_READ_CONTINUE;
3016 }
3017
3018 /* Check that we have enough for an IP header */
3019 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3020 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3021 flog_warn(
3022 EC_OSPF_PACKET,
3023 "Rx'd IP packet with OSPF protocol number but no payload");
3024 } else {
3025 flog_warn(
3026 EC_OSPF_PACKET,
3027 "IP header length field claims header is %u bytes, but we only have %zu",
3028 (unsigned int)(iph->ip_hl << 2),
3029 STREAM_READABLE(ibuf));
3030 }
3031
3032 return OSPF_READ_ERROR;
3033 }
3034 stream_forward_getp(ibuf, iph->ip_hl << 2);
3035
3036 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3037 if (MSG_OK
3038 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3039 - stream_get_getp(ibuf)))
3040 return OSPF_READ_CONTINUE;
3041 /* Now it is safe to access all fields of OSPF packet header. */
3042
3043 /* associate packet with ospf interface */
3044 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3045
3046 /*
3047 * ospf_verify_header() relies on a valid "oi" and thus can be called
3048 * only after the passive/backbone/other checks below are passed.
3049 * These checks in turn access the fields of unverified "ospfh"
3050 * structure for their own purposes and must remain very accurate
3051 * in doing this.
3052 */
3053
3054 /* If incoming interface is passive one, ignore it. */
3055 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3056 if (IS_DEBUG_OSPF_EVENT)
3057 zlog_debug(
3058 "ignoring packet from router %pI4 sent to %pI4, received on a passive interface, %pI4",
3059 &ospfh->router_id, &iph->ip_dst,
3060 &oi->address->u.prefix4);
3061
3062 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3063 /* Try to fix multicast membership.
3064 * Some OS:es may have problems in this area,
3065 * make sure it is removed.
3066 */
3067 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3068 ospf_if_set_multicast(oi);
3069 }
3070 return OSPF_READ_CONTINUE;
3071 }
3072
3073
3074 /* if no local ospf_interface,
3075 * or header area is backbone but ospf_interface is not
3076 * check for VLINK interface
3077 */
3078 if ((oi == NULL)
3079 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3080 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3081 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3082 == NULL) {
3083 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3084 zlog_debug(
3085 "Packet from [%pI4] received on link %s but no ospf_interface",
3086 &iph->ip_src, ifp->name);
3087 return OSPF_READ_CONTINUE;
3088 }
3089 }
3090
3091 /*
3092 * else it must be a local ospf interface, check it was
3093 * received on correct link
3094 */
3095 else if (oi->ifp != ifp) {
3096 if (IS_DEBUG_OSPF_EVENT)
3097 flog_warn(EC_OSPF_PACKET,
3098 "Packet from [%pI4] received on wrong link %s",
3099 &iph->ip_src, ifp->name);
3100 return OSPF_READ_CONTINUE;
3101 } else if (oi->state == ISM_Down) {
3102 flog_warn(
3103 EC_OSPF_PACKET,
3104 "Ignoring packet from %pI4 to %pI4 received on interface that is down [%s]; interface flags are %s",
3105 &iph->ip_src, &iph->ip_dst, ifp->name,
3106 if_flag_dump(ifp->flags));
3107 /* Fix multicast memberships? */
3108 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3109 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3110 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3111 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3112 if (oi->multicast_memberships)
3113 ospf_if_set_multicast(oi);
3114 return OSPF_READ_CONTINUE;
3115 }
3116
3117 /*
3118 * If the received packet is destined for AllDRouters, the
3119 * packet should be accepted only if the received ospf
3120 * interface state is either DR or Backup -- endo.
3121 *
3122 * I wonder who endo is?
3123 */
3124 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3125 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3126 flog_warn(
3127 EC_OSPF_PACKET,
3128 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3129 &iph->ip_src, IF_NAME(oi),
3130 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3131 /* Try to fix multicast membership. */
3132 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3133 ospf_if_set_multicast(oi);
3134 return OSPF_READ_CONTINUE;
3135 }
3136
3137 /* Verify more OSPF header fields. */
3138 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3139 if (ret < 0) {
3140 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3141 zlog_debug(
3142 "ospf_read[%pI4]: Header check failed, dropping.",
3143 &iph->ip_src);
3144 return OSPF_READ_CONTINUE;
3145 }
3146
3147 /* Show debug receiving packet. */
3148 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3149 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3150 zlog_debug(
3151 "-----------------------------------------------------");
3152 ospf_packet_dump(ibuf);
3153 }
3154
3155 zlog_debug("%s received from [%pI4] via [%s]",
3156 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3157 &ospfh->router_id, IF_NAME(oi));
3158 zlog_debug(" src [%pI4],", &iph->ip_src);
3159 zlog_debug(" dst [%pI4]", &iph->ip_dst);
3160
3161 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3162 zlog_debug(
3163 "-----------------------------------------------------");
3164 }
3165
3166 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3167
3168 /* Adjust size to message length. */
3169 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3170
3171 /* Read rest of the packet and call each sort of packet routine.
3172 */
3173 switch (ospfh->type) {
3174 case OSPF_MSG_HELLO:
3175 ospf_hello(iph, ospfh, ibuf, oi, length);
3176 break;
3177 case OSPF_MSG_DB_DESC:
3178 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3179 break;
3180 case OSPF_MSG_LS_REQ:
3181 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3182 break;
3183 case OSPF_MSG_LS_UPD:
3184 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3185 break;
3186 case OSPF_MSG_LS_ACK:
3187 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3188 break;
3189 default:
3190 flog_warn(
3191 EC_OSPF_PACKET,
3192 "interface %s(%s): OSPF packet header type %d is illegal",
3193 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3194 break;
3195 }
3196
3197 return OSPF_READ_CONTINUE;
3198 }
3199
3200 /* Starting point of packet process function. */
3201 void ospf_read(struct thread *thread)
3202 {
3203 struct ospf *ospf;
3204 int32_t count = 0;
3205 enum ospf_read_return_enum ret;
3206
3207 /* first of all get interface pointer. */
3208 ospf = THREAD_ARG(thread);
3209
3210 /* prepare for next packet. */
3211 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3212
3213 while (count < ospf->write_oi_count) {
3214 count++;
3215 ret = ospf_read_helper(ospf);
3216 switch (ret) {
3217 case OSPF_READ_ERROR:
3218 return;
3219 case OSPF_READ_CONTINUE:
3220 break;
3221 }
3222 }
3223 }
3224
3225 /* Make OSPF header. */
3226 static void ospf_make_header(int type, struct ospf_interface *oi,
3227 struct stream *s)
3228 {
3229 struct ospf_header *ospfh;
3230
3231 ospfh = (struct ospf_header *)STREAM_DATA(s);
3232
3233 ospfh->version = (uint8_t)OSPF_VERSION;
3234 ospfh->type = (uint8_t)type;
3235
3236 ospfh->router_id = oi->ospf->router_id;
3237
3238 ospfh->checksum = 0;
3239 ospfh->area_id = oi->area->area_id;
3240 ospfh->auth_type = htons(ospf_auth_type(oi));
3241
3242 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3243
3244 stream_forward_endp(s, OSPF_HEADER_SIZE);
3245 }
3246
3247 /* Make Authentication Data. */
3248 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3249 {
3250 struct crypt_key *ck;
3251
3252 switch (ospf_auth_type(oi)) {
3253 case OSPF_AUTH_NULL:
3254 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3255 */
3256 break;
3257 case OSPF_AUTH_SIMPLE:
3258 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3259 OSPF_AUTH_SIMPLE_SIZE);
3260 break;
3261 case OSPF_AUTH_CRYPTOGRAPHIC:
3262 /* If key is not set, then set 0. */
3263 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3264 ospfh->u.crypt.zero = 0;
3265 ospfh->u.crypt.key_id = 0;
3266 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3267 } else {
3268 ck = listgetdata(
3269 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3270 ospfh->u.crypt.zero = 0;
3271 ospfh->u.crypt.key_id = ck->key_id;
3272 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3273 }
3274 /* note: the seq is done in ospf_make_md5_digest() */
3275 break;
3276 default:
3277 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3278 */
3279 break;
3280 }
3281
3282 return 0;
3283 }
3284
3285 /* Fill rest of OSPF header. */
3286 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3287 uint16_t length)
3288 {
3289 struct ospf_header *ospfh;
3290
3291 ospfh = (struct ospf_header *)STREAM_DATA(s);
3292
3293 /* Fill length. */
3294 ospfh->length = htons(length);
3295
3296 /* Calculate checksum. */
3297 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3298 ospfh->checksum = in_cksum(ospfh, length);
3299 else
3300 ospfh->checksum = 0;
3301
3302 /* Add Authentication Data. */
3303 ospf_make_auth(oi, ospfh);
3304 }
3305
3306 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3307 {
3308 struct ospf_neighbor *nbr;
3309 struct route_node *rn;
3310 uint16_t length = OSPF_HELLO_MIN_SIZE;
3311 struct in_addr mask;
3312 unsigned long p;
3313 int flag = 0;
3314
3315 /* Set netmask of interface. */
3316 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3317 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3318 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3319 masklen2ip(oi->address->prefixlen, &mask);
3320 else
3321 memset((char *)&mask, 0, sizeof(struct in_addr));
3322 stream_put_ipv4(s, mask.s_addr);
3323
3324 /* Set Hello Interval. */
3325 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3326 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3327 else
3328 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3329
3330 if (IS_DEBUG_OSPF_EVENT)
3331 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3332 IF_NAME(oi));
3333
3334 /* Set Options. */
3335 stream_putc(s, OPTIONS(oi));
3336
3337 /* Set Router Priority. */
3338 stream_putc(s, PRIORITY(oi));
3339
3340 /* Set Router Dead Interval. */
3341 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3342
3343 /* Set Designated Router. */
3344 stream_put_ipv4(s, DR(oi).s_addr);
3345
3346 p = stream_get_endp(s);
3347
3348 /* Set Backup Designated Router. */
3349 stream_put_ipv4(s, BDR(oi).s_addr);
3350
3351 /* Add neighbor seen. */
3352 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3353 if ((nbr = rn->info))
3354 if (nbr->router_id.s_addr
3355 != INADDR_ANY) /* Ignore 0.0.0.0 node. */
3356 if (nbr->state
3357 != NSM_Attempt) /* Ignore Down neighbor. */
3358 if (nbr->state
3359 != NSM_Down) /* This is myself for
3360 DR election. */
3361 if (!IPV4_ADDR_SAME(
3362 &nbr->router_id,
3363 &oi->ospf->router_id)) {
3364 /* Check neighbor is
3365 * sane? */
3366 if (nbr->d_router.s_addr
3367 != INADDR_ANY
3368 && IPV4_ADDR_SAME(
3369 &nbr->d_router,
3370 &oi->address
3371 ->u
3372 .prefix4)
3373 && IPV4_ADDR_SAME(
3374 &nbr->bd_router,
3375 &oi->address
3376 ->u
3377 .prefix4))
3378 flag = 1;
3379
3380 /* Hello packet overflows interface MTU. */
3381 if (length + sizeof(uint32_t)
3382 > ospf_packet_max(oi)) {
3383 flog_err(
3384 EC_OSPF_LARGE_HELLO,
3385 "Oversized Hello packet! Larger than MTU. Not sending it out");
3386 return 0;
3387 }
3388
3389 stream_put_ipv4(
3390 s,
3391 nbr->router_id
3392 .s_addr);
3393 length += 4;
3394 }
3395
3396 /* Let neighbor generate BackupSeen. */
3397 if (flag == 1)
3398 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3399
3400 return length;
3401 }
3402
3403 static int ospf_make_db_desc(struct ospf_interface *oi,
3404 struct ospf_neighbor *nbr, struct stream *s)
3405 {
3406 struct ospf_lsa *lsa;
3407 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3408 uint8_t options;
3409 unsigned long pp;
3410 int i;
3411 struct ospf_lsdb *lsdb;
3412
3413 /* Set Interface MTU. */
3414 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3415 stream_putw(s, 0);
3416 else
3417 stream_putw(s, oi->ifp->mtu);
3418
3419 /* Set Options. */
3420 options = OPTIONS(oi);
3421 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3422 SET_FLAG(options, OSPF_OPTION_O);
3423 stream_putc(s, options);
3424
3425 /* DD flags */
3426 pp = stream_get_endp(s);
3427 stream_putc(s, nbr->dd_flags);
3428
3429 /* Set DD Sequence Number. */
3430 stream_putl(s, nbr->dd_seqnum);
3431
3432 /* shortcut unneeded walk of (empty) summary LSDBs */
3433 if (ospf_db_summary_isempty(nbr))
3434 goto empty;
3435
3436 /* Describe LSA Header from Database Summary List. */
3437 lsdb = &nbr->db_sum;
3438
3439 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3440 struct route_table *table = lsdb->type[i].db;
3441 struct route_node *rn;
3442
3443 for (rn = route_top(table); rn; rn = route_next(rn))
3444 if ((lsa = rn->info) != NULL) {
3445 if (IS_OPAQUE_LSA(lsa->data->type)
3446 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3447 /* Suppress advertising
3448 * opaque-information. */
3449 /* Remove LSA from DB summary list. */
3450 ospf_lsdb_delete(lsdb, lsa);
3451 continue;
3452 }
3453
3454 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3455 struct lsa_header *lsah;
3456 uint16_t ls_age;
3457
3458 /* DD packet overflows interface MTU. */
3459 if (length + OSPF_LSA_HEADER_SIZE
3460 > ospf_packet_max(oi))
3461 break;
3462
3463 /* Keep pointer to LS age. */
3464 lsah = (struct lsa_header
3465 *)(STREAM_DATA(s)
3466 + stream_get_endp(
3467 s));
3468
3469 /* Proceed stream pointer. */
3470 stream_put(s, lsa->data,
3471 OSPF_LSA_HEADER_SIZE);
3472 length += OSPF_LSA_HEADER_SIZE;
3473
3474 /* Set LS age. */
3475 ls_age = LS_AGE(lsa);
3476 lsah->ls_age = htons(ls_age);
3477 }
3478
3479 /* Remove LSA from DB summary list. */
3480 ospf_lsdb_delete(lsdb, lsa);
3481 }
3482 }
3483
3484 /* Update 'More' bit */
3485 if (ospf_db_summary_isempty(nbr)) {
3486 empty:
3487 if (nbr->state >= NSM_Exchange) {
3488 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3489 /* Rewrite DD flags */
3490 stream_putc_at(s, pp, nbr->dd_flags);
3491 } else {
3492 assert(IS_SET_DD_M(nbr->dd_flags));
3493 }
3494 }
3495 return length;
3496 }
3497
3498 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3499 unsigned long delta, struct ospf_neighbor *nbr,
3500 struct ospf_lsa *lsa)
3501 {
3502 struct ospf_interface *oi;
3503
3504 oi = nbr->oi;
3505
3506 /* LS Request packet overflows interface MTU
3507 * delta is just number of bytes required for 1 LS Req
3508 * ospf_packet_max will return the number of bytes can
3509 * be accommodated without ospf header. So length+delta
3510 * can be compared to ospf_packet_max
3511 * to check if it can fit another lsreq in the same packet.
3512 */
3513
3514 if (*length + delta > ospf_packet_max(oi))
3515 return 0;
3516
3517 stream_putl(s, lsa->data->type);
3518 stream_put_ipv4(s, lsa->data->id.s_addr);
3519 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3520
3521 ospf_lsa_unlock(&nbr->ls_req_last);
3522 nbr->ls_req_last = ospf_lsa_lock(lsa);
3523
3524 *length += 12;
3525 return 1;
3526 }
3527
3528 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3529 {
3530 struct ospf_lsa *lsa;
3531 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3532 unsigned long delta = 12;
3533 struct route_table *table;
3534 struct route_node *rn;
3535 int i;
3536 struct ospf_lsdb *lsdb;
3537
3538 lsdb = &nbr->ls_req;
3539
3540 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3541 table = lsdb->type[i].db;
3542 for (rn = route_top(table); rn; rn = route_next(rn))
3543 if ((lsa = (rn->info)) != NULL)
3544 if (ospf_make_ls_req_func(s, &length, delta,
3545 nbr, lsa)
3546 == 0) {
3547 route_unlock_node(rn);
3548 break;
3549 }
3550 }
3551 return length;
3552 }
3553
3554 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3555 {
3556 int age;
3557
3558 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3559
3560 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3561 }
3562
3563 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3564 struct stream *s)
3565 {
3566 struct ospf_lsa *lsa;
3567 struct listnode *node;
3568 uint16_t length = 0;
3569 unsigned int size_noauth;
3570 unsigned long delta = stream_get_endp(s);
3571 unsigned long pp;
3572 int count = 0;
3573
3574 if (IS_DEBUG_OSPF_EVENT)
3575 zlog_debug("ospf_make_ls_upd: Start");
3576
3577 pp = stream_get_endp(s);
3578 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3579 length += OSPF_LS_UPD_MIN_SIZE;
3580
3581 /* Calculate amount of packet usable for data. */
3582 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3583
3584 while ((node = listhead(update)) != NULL) {
3585 struct lsa_header *lsah;
3586 uint16_t ls_age;
3587
3588 lsa = listgetdata(node);
3589 assert(lsa->data);
3590
3591 if (IS_DEBUG_OSPF_EVENT)
3592 zlog_debug("%s: List Iteration %d LSA[%s]", __func__,
3593 count, dump_lsa_key(lsa));
3594
3595 /* Will it fit? Minimum it has to fit at least one */
3596 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3597 (count > 0))
3598 break;
3599
3600 /* Keep pointer to LS age. */
3601 lsah = (struct lsa_header *)(STREAM_DATA(s)
3602 + stream_get_endp(s));
3603
3604 /* Put LSA to Link State Request. */
3605 stream_put(s, lsa->data, ntohs(lsa->data->length));
3606
3607 /* Set LS age. */
3608 /* each hop must increment an lsa_age by transmit_delay
3609 of OSPF interface */
3610 ls_age = ls_age_increment(lsa,
3611 OSPF_IF_PARAM(oi, transmit_delay));
3612 lsah->ls_age = htons(ls_age);
3613
3614 length += ntohs(lsa->data->length);
3615 count++;
3616
3617 list_delete_node(update, node);
3618 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3619 }
3620
3621 /* Now set #LSAs. */
3622 stream_putl_at(s, pp, count);
3623
3624 if (IS_DEBUG_OSPF_EVENT)
3625 zlog_debug("ospf_make_ls_upd: Stop");
3626 return length;
3627 }
3628
3629 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3630 struct stream *s)
3631 {
3632 struct listnode *node, *nnode;
3633 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3634 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3635 struct ospf_lsa *lsa;
3636
3637 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3638 assert(lsa);
3639
3640 /* LS Ack packet overflows interface MTU
3641 * delta is just number of bytes required for
3642 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3643 * the number of bytes can be accommodated without
3644 * ospf header. So length+delta can be compared
3645 * against ospf_packet_max to check if it can fit
3646 * another ls header in the same packet.
3647 */
3648 if ((length + delta) > ospf_packet_max(oi))
3649 break;
3650
3651 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3652 length += OSPF_LSA_HEADER_SIZE;
3653
3654 listnode_delete(ack, lsa);
3655 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3656 }
3657
3658 return length;
3659 }
3660
3661 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3662 {
3663 struct ospf_packet *op;
3664 uint16_t length = OSPF_HEADER_SIZE;
3665
3666 op = ospf_packet_new(oi->ifp->mtu);
3667
3668 /* Prepare OSPF common header. */
3669 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3670
3671 /* Prepare OSPF Hello body. */
3672 length += ospf_make_hello(oi, op->s);
3673 if (length == OSPF_HEADER_SIZE) {
3674 /* Hello overshooting MTU */
3675 ospf_packet_free(op);
3676 return;
3677 }
3678
3679 /* Fill OSPF header. */
3680 ospf_fill_header(oi, op->s, length);
3681
3682 /* Set packet length. */
3683 op->length = length;
3684
3685 op->dst.s_addr = addr;
3686
3687 if (IS_DEBUG_OSPF_EVENT) {
3688 if (oi->ospf->vrf_id)
3689 zlog_debug(
3690 "%s: Hello Tx interface %s ospf vrf %s id %u",
3691 __func__, oi->ifp->name,
3692 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3693 oi->ospf->vrf_id);
3694 }
3695 /* Add packet to the top of the interface output queue, so that they
3696 * can't get delayed by things like long queues of LS Update packets
3697 */
3698 ospf_packet_add_top(oi, op);
3699
3700 /* Hook thread to write packet. */
3701 OSPF_ISM_WRITE_ON(oi->ospf);
3702 }
3703
3704 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3705 {
3706 struct ospf_interface *oi;
3707
3708 oi = nbr_nbma->oi;
3709 assert(oi);
3710
3711 /* If this is passive interface, do not send OSPF Hello. */
3712 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3713 return;
3714
3715 if (oi->type != OSPF_IFTYPE_NBMA)
3716 return;
3717
3718 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3719 return;
3720
3721 if (PRIORITY(oi) == 0)
3722 return;
3723
3724 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3725 && oi->state != ISM_Backup)
3726 return;
3727
3728 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3729 }
3730
3731 void ospf_poll_timer(struct thread *thread)
3732 {
3733 struct ospf_nbr_nbma *nbr_nbma;
3734
3735 nbr_nbma = THREAD_ARG(thread);
3736 nbr_nbma->t_poll = NULL;
3737
3738 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3739 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3740 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
3741
3742 ospf_poll_send(nbr_nbma);
3743
3744 if (nbr_nbma->v_poll > 0)
3745 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3746 nbr_nbma->v_poll);
3747 }
3748
3749
3750 void ospf_hello_reply_timer(struct thread *thread)
3751 {
3752 struct ospf_neighbor *nbr;
3753
3754 nbr = THREAD_ARG(thread);
3755 nbr->t_hello_reply = NULL;
3756
3757 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3758 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3759 IF_NAME(nbr->oi), &nbr->router_id);
3760
3761 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3762 }
3763
3764 /* Send OSPF Hello. */
3765 void ospf_hello_send(struct ospf_interface *oi)
3766 {
3767 /* If this is passive interface, do not send OSPF Hello. */
3768 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3769 return;
3770
3771 if (oi->type == OSPF_IFTYPE_NBMA) {
3772 struct ospf_neighbor *nbr;
3773 struct route_node *rn;
3774
3775 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3776 if ((nbr = rn->info))
3777 if (nbr != oi->nbr_self)
3778 if (nbr->state != NSM_Down) {
3779 /* RFC 2328 Section 9.5.1
3780 If the router is not
3781 eligible to become Designated
3782 Router,
3783 it must periodically send
3784 Hello Packets to both the
3785 Designated Router and the
3786 Backup Designated Router (if
3787 they
3788 exist). */
3789 if (PRIORITY(oi) == 0
3790 && IPV4_ADDR_CMP(
3791 &DR(oi),
3792 &nbr->address.u
3793 .prefix4)
3794 && IPV4_ADDR_CMP(
3795 &BDR(oi),
3796 &nbr->address.u
3797 .prefix4))
3798 continue;
3799
3800 /* If the router is eligible to
3801 become Designated Router, it
3802 must periodically send Hello
3803 Packets to all neighbors that
3804 are also eligible. In
3805 addition, if the router is
3806 itself the
3807 Designated Router or Backup
3808 Designated Router, it must
3809 also
3810 send periodic Hello Packets
3811 to all other neighbors. */
3812
3813 if (nbr->priority == 0
3814 && oi->state == ISM_DROther)
3815 continue;
3816 /* if oi->state == Waiting, send
3817 * hello to all neighbors */
3818 ospf_hello_send_sub(
3819 oi,
3820 nbr->address.u.prefix4
3821 .s_addr);
3822 }
3823 } else {
3824 /* Decide destination address. */
3825 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3826 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3827 else
3828 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3829 }
3830 }
3831
3832 /* Send OSPF Database Description. */
3833 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3834 {
3835 struct ospf_interface *oi;
3836 struct ospf_packet *op;
3837 uint16_t length = OSPF_HEADER_SIZE;
3838
3839 oi = nbr->oi;
3840 op = ospf_packet_new(oi->ifp->mtu);
3841
3842 /* Prepare OSPF common header. */
3843 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3844
3845 /* Prepare OSPF Database Description body. */
3846 length += ospf_make_db_desc(oi, nbr, op->s);
3847
3848 /* Fill OSPF header. */
3849 ospf_fill_header(oi, op->s, length);
3850
3851 /* Set packet length. */
3852 op->length = length;
3853
3854 /* Decide destination address. */
3855 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3856 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3857 else
3858 op->dst = nbr->address.u.prefix4;
3859
3860 /* Add packet to the interface output queue. */
3861 ospf_packet_add(oi, op);
3862
3863 /* Hook thread to write packet. */
3864 OSPF_ISM_WRITE_ON(oi->ospf);
3865
3866 /* Remove old DD packet, then copy new one and keep in neighbor
3867 * structure. */
3868 if (nbr->last_send)
3869 ospf_packet_free(nbr->last_send);
3870 nbr->last_send = ospf_packet_dup(op);
3871 monotime(&nbr->last_send_ts);
3872 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3873 zlog_info(
3874 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
3875 ospf_get_name(oi->ospf), &nbr->router_id,
3876 nbr->dd_seqnum, nbr->dd_flags);
3877 }
3878
3879 /* Re-send Database Description. */
3880 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3881 {
3882 struct ospf_interface *oi;
3883
3884 oi = nbr->oi;
3885
3886 /* Add packet to the interface output queue. */
3887 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3888
3889 /* Hook thread to write packet. */
3890 OSPF_ISM_WRITE_ON(oi->ospf);
3891 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3892 zlog_info(
3893 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
3894 ospf_get_name(oi->ospf), &nbr->router_id,
3895 nbr->dd_seqnum, nbr->dd_flags);
3896 }
3897
3898 /* Send Link State Request. */
3899 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3900 {
3901 struct ospf_interface *oi;
3902 struct ospf_packet *op;
3903 uint16_t length = OSPF_HEADER_SIZE;
3904
3905 oi = nbr->oi;
3906 op = ospf_packet_new(oi->ifp->mtu);
3907
3908 /* Prepare OSPF common header. */
3909 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3910
3911 /* Prepare OSPF Link State Request body. */
3912 length += ospf_make_ls_req(nbr, op->s);
3913 if (length == OSPF_HEADER_SIZE) {
3914 ospf_packet_free(op);
3915 return;
3916 }
3917
3918 /* Fill OSPF header. */
3919 ospf_fill_header(oi, op->s, length);
3920
3921 /* Set packet length. */
3922 op->length = length;
3923
3924 /* Decide destination address. */
3925 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3926 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3927 else
3928 op->dst = nbr->address.u.prefix4;
3929
3930 /* Add packet to the interface output queue. */
3931 ospf_packet_add(oi, op);
3932
3933 /* Hook thread to write packet. */
3934 OSPF_ISM_WRITE_ON(oi->ospf);
3935
3936 /* Add Link State Request Retransmission Timer. */
3937 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3938 }
3939
3940 /* Send Link State Update with an LSA. */
3941 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3942 int flag)
3943 {
3944 struct list *update;
3945
3946 update = list_new();
3947
3948 listnode_add(update, lsa);
3949
3950 /*ospf instance is going down, send self originated
3951 * MAXAGE LSA update to neighbors to remove from LSDB */
3952 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3953 ospf_ls_upd_send(nbr, update, flag, 1);
3954 else
3955 ospf_ls_upd_send(nbr, update, flag, 0);
3956
3957 list_delete(&update);
3958 }
3959
3960 /* Determine size for packet. Must be at least big enough to accommodate next
3961 * LSA on list, which may be bigger than MTU size.
3962 *
3963 * Return pointer to new ospf_packet
3964 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3965 * on packet sizes (in which case offending LSA is deleted from update list)
3966 */
3967 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3968 struct ospf_interface *oi)
3969 {
3970 struct ospf_lsa *lsa;
3971 struct listnode *ln;
3972 size_t size;
3973 static char warned = 0;
3974
3975 lsa = listgetdata((ln = listhead(update)));
3976 assert(lsa->data);
3977
3978 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3979 > ospf_packet_max(oi)) {
3980 if (!warned) {
3981 flog_warn(
3982 EC_OSPF_LARGE_LSA,
3983 "ospf_ls_upd_packet_new: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'");
3984 warned = 1;
3985 }
3986
3987 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3988 zlog_debug(
3989 "ospf_ls_upd_packet_new: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
3990 &lsa->data->id,
3991 ntohs(lsa->data->length),
3992 &lsa->data->adv_router);
3993
3994 /*
3995 * Allocate just enough to fit this LSA only, to avoid including
3996 * other
3997 * LSAs in fragmented LSA Updates.
3998 */
3999 size = ntohs(lsa->data->length)
4000 + (oi->ifp->mtu - ospf_packet_max(oi))
4001 + OSPF_LS_UPD_MIN_SIZE;
4002 } else
4003 size = oi->ifp->mtu;
4004
4005 if (size > OSPF_MAX_PACKET_SIZE) {
4006 flog_warn(EC_OSPF_LARGE_LSA,
4007 "ospf_ls_upd_packet_new: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
4008 &lsa->data->id, ntohs(lsa->data->length),
4009 (long int)size);
4010 list_delete_node(update, ln);
4011 return NULL;
4012 }
4013
4014 /* IP header is built up separately by ospf_write(). This means, that we
4015 * must
4016 * reduce the "affordable" size just calculated by length of an IP
4017 * header.
4018 * This makes sure, that even if we manage to fill the payload with LSA
4019 * data
4020 * completely, the final packet (our data plus IP header) still fits
4021 * into
4022 * outgoing interface MTU. This correction isn't really meaningful for
4023 * an
4024 * oversized LSA, but for consistency the correction is done for both
4025 * cases.
4026 *
4027 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4028 */
4029 return ospf_packet_new(size - sizeof(struct ip));
4030 }
4031
4032 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4033 struct list *update, struct in_addr addr,
4034 int send_lsupd_now)
4035 {
4036 struct ospf_packet *op;
4037 uint16_t length = OSPF_HEADER_SIZE;
4038
4039 if (IS_DEBUG_OSPF_EVENT)
4040 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4041 IF_NAME(oi), &addr);
4042
4043 /* Check that we have really something to process */
4044 if (listcount(update) == 0)
4045 return;
4046
4047 op = ospf_ls_upd_packet_new(update, oi);
4048
4049 /* Prepare OSPF common header. */
4050 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4051
4052 /* Prepare OSPF Link State Update body.
4053 * Includes Type-7 translation.
4054 */
4055 length += ospf_make_ls_upd(oi, update, op->s);
4056
4057 /* Fill OSPF header. */
4058 ospf_fill_header(oi, op->s, length);
4059
4060 /* Set packet length. */
4061 op->length = length;
4062
4063 /* Decide destination address. */
4064 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4065 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4066 else
4067 op->dst.s_addr = addr.s_addr;
4068
4069 /* Add packet to the interface output queue. */
4070 ospf_packet_add(oi, op);
4071 /* Call ospf_write() right away to send ospf packets to neighbors */
4072 if (send_lsupd_now) {
4073 struct thread os_packet_thd;
4074
4075 os_packet_thd.arg = (void *)oi->ospf;
4076 if (oi->on_write_q == 0) {
4077 listnode_add(oi->ospf->oi_write_q, oi);
4078 oi->on_write_q = 1;
4079 }
4080 ospf_write(&os_packet_thd);
4081 /*
4082 * We are fake calling ospf_write with a fake
4083 * thread. Imagine that we have oi_a already
4084 * enqueued and we have turned on the write
4085 * thread(t_write).
4086 * Now this function calls this for oi_b
4087 * so the on_write_q has oi_a and oi_b on
4088 * it, ospf_write runs and clears the packets
4089 * for both oi_a and oi_b. Removing them from
4090 * the on_write_q. After this thread of execution
4091 * finishes we will execute the t_write thread
4092 * with nothing in the on_write_q causing an
4093 * assert. So just make sure that the t_write
4094 * is actually turned off.
4095 */
4096 if (list_isempty(oi->ospf->oi_write_q))
4097 THREAD_OFF(oi->ospf->t_write);
4098 } else {
4099 /* Hook thread to write packet. */
4100 OSPF_ISM_WRITE_ON(oi->ospf);
4101 }
4102 }
4103
4104 static void ospf_ls_upd_send_queue_event(struct thread *thread)
4105 {
4106 struct ospf_interface *oi = THREAD_ARG(thread);
4107 struct route_node *rn;
4108 struct route_node *rnext;
4109 struct list *update;
4110 char again = 0;
4111
4112 oi->t_ls_upd_event = NULL;
4113
4114 if (IS_DEBUG_OSPF_EVENT)
4115 zlog_debug("ospf_ls_upd_send_queue start");
4116
4117 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4118 rnext = route_next(rn);
4119
4120 if (rn->info == NULL)
4121 continue;
4122
4123 update = (struct list *)rn->info;
4124
4125 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4126
4127 /* list might not be empty. */
4128 if (listcount(update) == 0) {
4129 list_delete((struct list **)&rn->info);
4130 route_unlock_node(rn);
4131 } else
4132 again = 1;
4133 }
4134
4135 if (again != 0) {
4136 if (IS_DEBUG_OSPF_EVENT)
4137 zlog_debug(
4138 "ospf_ls_upd_send_queue: update lists not cleared, %d nodes to try again, raising new event",
4139 again);
4140 oi->t_ls_upd_event = NULL;
4141 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4142 &oi->t_ls_upd_event);
4143 }
4144
4145 if (IS_DEBUG_OSPF_EVENT)
4146 zlog_debug("ospf_ls_upd_send_queue stop");
4147 }
4148
4149 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4150 int send_lsupd_now)
4151 {
4152 struct ospf_interface *oi;
4153 struct ospf_lsa *lsa;
4154 struct prefix_ipv4 p;
4155 struct route_node *rn;
4156 struct listnode *node;
4157
4158 oi = nbr->oi;
4159
4160 p.family = AF_INET;
4161 p.prefixlen = IPV4_MAX_BITLEN;
4162
4163 /* Decide destination address. */
4164 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4165 p.prefix = oi->vl_data->peer_addr;
4166 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4167 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4168 else if (flag == OSPF_SEND_PACKET_DIRECT)
4169 p.prefix = nbr->address.u.prefix4;
4170 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4171 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4172 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4173 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4174 else
4175 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4176
4177 if (oi->type == OSPF_IFTYPE_NBMA) {
4178 if (flag == OSPF_SEND_PACKET_INDIRECT)
4179 flog_warn(
4180 EC_OSPF_PACKET,
4181 "* LS-Update is directly sent on NBMA network.");
4182 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4183 flog_warn(EC_OSPF_PACKET,
4184 "* LS-Update is sent to myself.");
4185 }
4186
4187 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4188
4189 if (rn->info == NULL)
4190 rn->info = list_new();
4191 else
4192 route_unlock_node(rn);
4193
4194 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4195 listnode_add(rn->info,
4196 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4197 if (send_lsupd_now) {
4198 struct list *send_update_list;
4199 struct route_node *rnext;
4200
4201 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4202 rnext = route_next(rn);
4203
4204 if (rn->info == NULL)
4205 continue;
4206
4207 send_update_list = (struct list *)rn->info;
4208
4209 ospf_ls_upd_queue_send(oi, send_update_list,
4210 rn->p.u.prefix4, 1);
4211 }
4212 } else
4213 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4214 &oi->t_ls_upd_event);
4215 }
4216
4217 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4218 struct in_addr dst)
4219 {
4220 struct ospf_packet *op;
4221 uint16_t length = OSPF_HEADER_SIZE;
4222
4223 op = ospf_packet_new(oi->ifp->mtu);
4224
4225 /* Prepare OSPF common header. */
4226 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4227
4228 /* Prepare OSPF Link State Acknowledgment body. */
4229 length += ospf_make_ls_ack(oi, ack, op->s);
4230
4231 /* Fill OSPF header. */
4232 ospf_fill_header(oi, op->s, length);
4233
4234 /* Set packet length. */
4235 op->length = length;
4236
4237 /* Decide destination address. */
4238 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4239 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4240 else
4241 op->dst.s_addr = dst.s_addr;
4242
4243 /* Add packet to the interface output queue. */
4244 ospf_packet_add(oi, op);
4245
4246 /* Hook thread to write packet. */
4247 OSPF_ISM_WRITE_ON(oi->ospf);
4248 }
4249
4250 static void ospf_ls_ack_send_event(struct thread *thread)
4251 {
4252 struct ospf_interface *oi = THREAD_ARG(thread);
4253
4254 oi->t_ls_ack_direct = NULL;
4255
4256 while (listcount(oi->ls_ack_direct.ls_ack))
4257 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4258 oi->ls_ack_direct.dst);
4259 }
4260
4261 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4262 {
4263 struct ospf_interface *oi = nbr->oi;
4264
4265 if (IS_GRACE_LSA(lsa)) {
4266 if (IS_DEBUG_OSPF_GR)
4267 zlog_debug("%s, Sending GRACE ACK to Restarter.",
4268 __func__);
4269 }
4270
4271 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4272 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4273
4274 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4275
4276 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4277 &oi->t_ls_ack_direct);
4278 }
4279
4280 /* Send Link State Acknowledgment delayed. */
4281 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4282 {
4283 struct in_addr dst;
4284
4285 /* Decide destination address. */
4286 /* RFC2328 Section 13.5 On non-broadcast
4287 networks, delayed Link State Acknowledgment packets must be
4288 unicast separately over each adjacency (i.e., neighbor whose
4289 state is >= Exchange). */
4290 if (oi->type == OSPF_IFTYPE_NBMA) {
4291 struct ospf_neighbor *nbr;
4292 struct route_node *rn;
4293
4294 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4295 if ((nbr = rn->info) != NULL)
4296 if (nbr != oi->nbr_self
4297 && nbr->state >= NSM_Exchange)
4298 while (listcount(oi->ls_ack))
4299 ospf_ls_ack_send_list(
4300 oi, oi->ls_ack,
4301 nbr->address.u.prefix4);
4302 return;
4303 }
4304 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4305 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4306 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4307 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4308 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4309 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4310 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4311 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4312 else
4313 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4314
4315 while (listcount(oi->ls_ack))
4316 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4317 }
4318
4319 /*
4320 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4321 * address. As a result, the kernel does not need to learn the interface
4322 * MAC of the OSPF neighbor. However, in our world, this will delay
4323 * convergence. Take the case when due to a link flap, all routes now
4324 * want to use an interface which was deemed to be costlier prior to this
4325 * event. For routes that will be installed, the missing MAC will have
4326 * punt-to-CPU set on them. This may overload the CPU control path that
4327 * can be avoided if the MAC was known apriori.
4328 */
4329 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4330 {
4331 if (!nbr || !nbr->oi->ospf->proactive_arp)
4332 return;
4333
4334 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
4335 }
FRRouting mirror