]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #9596 from LabNConsulting/ziemba/printfrr-nexthop
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56 #include "ospfd/ospf_zebra.h"
57 #include "ospfd/ospf_gr.h"
58
59 /*
60 * OSPF Fragmentation / fragmented writes
61 *
62 * ospfd can support writing fragmented packets, for cases where
63 * kernel will not fragment IP_HDRINCL and/or multicast destined
64 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
65 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
66 * flags fields, hence user-space fragmentation will not work.
67 * Only Linux is known to leave IP header unmolested.
68 * Further, fragmentation really should be done the kernel, which already
69 * supports it, and which avoids nasty IP ID state problems.
70 *
71 * Fragmentation of OSPF packets can be required on networks with router
72 * with many many interfaces active in one area, or on networks with links
73 * with low MTUs.
74 */
75 #ifdef GNU_LINUX
76 #define WANT_OSPF_WRITE_FRAGMENT
77 #endif
78
79 /* Packet Type String. */
80 const struct message ospf_packet_type_str[] = {
81 {OSPF_MSG_HELLO, "Hello"},
82 {OSPF_MSG_DB_DESC, "Database Description"},
83 {OSPF_MSG_LS_REQ, "Link State Request"},
84 {OSPF_MSG_LS_UPD, "Link State Update"},
85 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
86 {0}};
87
88 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
89 particular types, offset is the "type" field of a packet. */
90 static const uint16_t ospf_packet_minlen[] = {
91 0,
92 OSPF_HELLO_MIN_SIZE,
93 OSPF_DB_DESC_MIN_SIZE,
94 OSPF_LS_REQ_MIN_SIZE,
95 OSPF_LS_UPD_MIN_SIZE,
96 OSPF_LS_ACK_MIN_SIZE,
97 };
98
99 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
100 types, offset is the "LSA type" field. */
101 static const uint16_t ospf_lsa_minlen[] = {
102 0,
103 OSPF_ROUTER_LSA_MIN_SIZE,
104 OSPF_NETWORK_LSA_MIN_SIZE,
105 OSPF_SUMMARY_LSA_MIN_SIZE,
106 OSPF_SUMMARY_LSA_MIN_SIZE,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
110 0,
111 0,
112 0,
113 0,
114 };
115
116 /* for ospf_check_auth() */
117 static int ospf_check_sum(struct ospf_header *);
118
119 /* OSPF authentication checking function */
120 static int ospf_auth_type(struct ospf_interface *oi)
121 {
122 int auth_type;
123
124 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
125 auth_type = oi->area->auth_type;
126 else
127 auth_type = OSPF_IF_PARAM(oi, auth_type);
128
129 /* Handle case where MD5 key list is not configured aka Cisco */
130 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
131 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
132 return OSPF_AUTH_NULL;
133
134 return auth_type;
135 }
136
137 static struct ospf_packet *ospf_packet_new(size_t size)
138 {
139 struct ospf_packet *new;
140
141 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
142 new->s = stream_new(size);
143
144 return new;
145 }
146
147 void ospf_packet_free(struct ospf_packet *op)
148 {
149 if (op->s)
150 stream_free(op->s);
151
152 XFREE(MTYPE_OSPF_PACKET, op);
153 }
154
155 struct ospf_fifo *ospf_fifo_new(void)
156 {
157 struct ospf_fifo *new;
158
159 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
160 return new;
161 }
162
163 /* Add new packet to fifo. */
164 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
165 {
166 if (fifo->tail)
167 fifo->tail->next = op;
168 else
169 fifo->head = op;
170
171 fifo->tail = op;
172
173 fifo->count++;
174 }
175
176 /* Add new packet to head of fifo. */
177 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
178 {
179 op->next = fifo->head;
180
181 if (fifo->tail == NULL)
182 fifo->tail = op;
183
184 fifo->head = op;
185
186 fifo->count++;
187 }
188
189 /* Delete first packet from fifo. */
190 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
191 {
192 struct ospf_packet *op;
193
194 op = fifo->head;
195
196 if (op) {
197 fifo->head = op->next;
198
199 if (fifo->head == NULL)
200 fifo->tail = NULL;
201
202 fifo->count--;
203 }
204
205 return op;
206 }
207
208 /* Return first fifo entry. */
209 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
210 {
211 return fifo->head;
212 }
213
214 /* Flush ospf packet fifo. */
215 void ospf_fifo_flush(struct ospf_fifo *fifo)
216 {
217 struct ospf_packet *op;
218 struct ospf_packet *next;
219
220 for (op = fifo->head; op; op = next) {
221 next = op->next;
222 ospf_packet_free(op);
223 }
224 fifo->head = fifo->tail = NULL;
225 fifo->count = 0;
226 }
227
228 /* Free ospf packet fifo. */
229 void ospf_fifo_free(struct ospf_fifo *fifo)
230 {
231 ospf_fifo_flush(fifo);
232
233 XFREE(MTYPE_OSPF_FIFO, fifo);
234 }
235
236 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
237 {
238 /* Add packet to end of queue. */
239 ospf_fifo_push(oi->obuf, op);
240
241 /* Debug of packet fifo*/
242 /* ospf_fifo_debug (oi->obuf); */
243 }
244
245 static void ospf_packet_add_top(struct ospf_interface *oi,
246 struct ospf_packet *op)
247 {
248 /* Add packet to head of queue. */
249 ospf_fifo_push_head(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_delete(struct ospf_interface *oi)
256 {
257 struct ospf_packet *op;
258
259 op = ospf_fifo_pop(oi->obuf);
260
261 if (op)
262 ospf_packet_free(op);
263 }
264
265 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
266 {
267 struct ospf_packet *new;
268
269 if (stream_get_endp(op->s) != op->length)
270 /* XXX size_t */
271 zlog_debug(
272 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
273 (unsigned long)STREAM_SIZE(op->s), op->length);
274
275 /* Reserve space for MD5 authentication that may be added later. */
276 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
277 stream_copy(new->s, op->s);
278
279 new->dst = op->dst;
280 new->length = op->length;
281
282 return new;
283 }
284
285 /* XXX inline */
286 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
287 {
288 int auth = 0;
289
290 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
291 auth = OSPF_AUTH_MD5_SIZE;
292
293 return auth;
294 }
295
296 static unsigned int ospf_packet_max(struct ospf_interface *oi)
297 {
298 int max;
299
300 max = oi->ifp->mtu - ospf_packet_authspace(oi);
301
302 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
303
304 return max;
305 }
306
307
308 static int ospf_check_md5_digest(struct ospf_interface *oi,
309 struct ospf_header *ospfh)
310 {
311 #ifdef CRYPTO_OPENSSL
312 EVP_MD_CTX *ctx;
313 #elif CRYPTO_INTERNAL
314 MD5_CTX ctx;
315 #endif
316 unsigned char digest[OSPF_AUTH_MD5_SIZE];
317 struct crypt_key *ck;
318 struct ospf_neighbor *nbr;
319 uint16_t length = ntohs(ospfh->length);
320
321 /* Get secret key. */
322 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
323 ospfh->u.crypt.key_id);
324 if (ck == NULL) {
325 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
326 IF_NAME(oi), ospfh->u.crypt.key_id);
327 return 0;
328 }
329
330 /* check crypto seqnum. */
331 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
332
333 if (nbr
334 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
335 flog_warn(
336 EC_OSPF_MD5,
337 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
338 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
339 ntohl(nbr->crypt_seqnum));
340 return 0;
341 }
342
343 /* Generate a digest for the ospf packet - their digest + our digest. */
344 #ifdef CRYPTO_OPENSSL
345 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
346 ctx = EVP_MD_CTX_new();
347 EVP_DigestInit(ctx, EVP_md5());
348 EVP_DigestUpdate(ctx, ospfh, length);
349 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
350 EVP_DigestFinal(ctx, digest, &md5_size);
351 EVP_MD_CTX_free(ctx);
352 #elif CRYPTO_INTERNAL
353 memset(&ctx, 0, sizeof(ctx));
354 MD5Init(&ctx);
355 MD5Update(&ctx, ospfh, length);
356 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
357 MD5Final(digest, &ctx);
358 #endif
359
360 /* compare the two */
361 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
362 flog_warn(EC_OSPF_MD5,
363 "interface %s: ospf_check_md5 checksum mismatch",
364 IF_NAME(oi));
365 return 0;
366 }
367
368 /* save neighbor's crypt_seqnum */
369 if (nbr)
370 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
371 return 1;
372 }
373
374 /* This function is called from ospf_write(), it will detect the
375 authentication scheme and if it is MD5, it will change the sequence
376 and update the MD5 digest. */
377 static int ospf_make_md5_digest(struct ospf_interface *oi,
378 struct ospf_packet *op)
379 {
380 struct ospf_header *ospfh;
381 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
382 #ifdef CRYPTO_OPENSSL
383 EVP_MD_CTX *ctx;
384 #elif CRYPTO_INTERNAL
385 MD5_CTX ctx;
386 #endif
387 void *ibuf;
388 uint32_t t;
389 struct crypt_key *ck;
390 const uint8_t *auth_key;
391
392 ibuf = STREAM_DATA(op->s);
393 ospfh = (struct ospf_header *)ibuf;
394
395 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
396 return 0;
397
398 /* We do this here so when we dup a packet, we don't have to
399 waste CPU rewriting other headers.
400
401 Note that quagga_time /deliberately/ is not used here */
402 t = (time(NULL) & 0xFFFFFFFF);
403 if (t > oi->crypt_seqnum)
404 oi->crypt_seqnum = t;
405 else
406 oi->crypt_seqnum++;
407
408 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
409
410 /* Get MD5 Authentication key from auth_key list. */
411 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
412 auth_key = (const uint8_t *)digest;
413 else {
414 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
415 auth_key = ck->auth_key;
416 }
417
418 /* Generate a digest for the entire packet + our secret key. */
419 #ifdef CRYPTO_OPENSSL
420 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
421 ctx = EVP_MD_CTX_new();
422 EVP_DigestInit(ctx, EVP_md5());
423 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
424 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 EVP_DigestFinal(ctx, digest, &md5_size);
426 EVP_MD_CTX_free(ctx);
427 #elif CRYPTO_INTERNAL
428 memset(&ctx, 0, sizeof(ctx));
429 MD5Init(&ctx);
430 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
431 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
432 MD5Final(digest, &ctx);
433 #endif
434
435 /* Append md5 digest to the end of the stream. */
436 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
437
438 /* We do *NOT* increment the OSPF header length. */
439 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
440
441 if (stream_get_endp(op->s) != op->length)
442 /* XXX size_t */
443 flog_warn(
444 EC_OSPF_MD5,
445 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
446 (unsigned long)stream_get_endp(op->s), op->length);
447
448 return OSPF_AUTH_MD5_SIZE;
449 }
450
451
452 static int ospf_ls_req_timer(struct thread *thread)
453 {
454 struct ospf_neighbor *nbr;
455
456 nbr = THREAD_ARG(thread);
457 nbr->t_ls_req = NULL;
458
459 /* Send Link State Request. */
460 if (ospf_ls_request_count(nbr))
461 ospf_ls_req_send(nbr);
462
463 /* Set Link State Request retransmission timer. */
464 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
465
466 return 0;
467 }
468
469 void ospf_ls_req_event(struct ospf_neighbor *nbr)
470 {
471 thread_cancel(&nbr->t_ls_req);
472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
473 }
474
475 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
477 int ospf_ls_upd_timer(struct thread *thread)
478 {
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
524
525 if (listcount(update) > 0)
526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
528 list_delete(&update);
529 }
530
531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
533
534 return 0;
535 }
536
537 int ospf_ls_ack_timer(struct thread *thread)
538 {
539 struct ospf_interface *oi;
540
541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
543
544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
547
548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
550
551 return 0;
552 }
553
554 #ifdef WANT_OSPF_WRITE_FRAGMENT
555 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
557 unsigned int mtu, int flags, uint8_t type)
558 {
559 #define OSPF_WRITE_FRAG_SHIFT 3
560 uint16_t offset;
561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
603 flog_err(
604 EC_LIB_SOCKET,
605 "*** ospf_write_frags: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
606 &iph->ip_dst, iph->ip_id, iph->ip_off,
607 iph->ip_len, mtu, safe_strerror(errno));
608
609 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
610 zlog_debug(
611 "ospf_write_frags: sent id %d, off %d, len %d to %pI4",
612 iph->ip_id, iph->ip_off, iph->ip_len,
613 &iph->ip_dst);
614 }
615
616 iph->ip_off += offset;
617 stream_forward_getp(op->s, iovp->iov_len);
618 iovp->iov_base = stream_pnt(op->s);
619 }
620
621 /* setup for final fragment */
622 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
623 iph->ip_len = iovp->iov_len + sizeof(struct ip);
624 iph->ip_off &= (~IP_MF);
625 }
626 #endif /* WANT_OSPF_WRITE_FRAGMENT */
627
628 static int ospf_write(struct thread *thread)
629 {
630 struct ospf *ospf = THREAD_ARG(thread);
631 struct ospf_interface *oi;
632 struct ospf_interface *last_serviced_oi = NULL;
633 struct ospf_packet *op;
634 struct sockaddr_in sa_dst;
635 struct ip iph;
636 struct msghdr msg;
637 struct iovec iov[2];
638 uint8_t type;
639 int ret;
640 int flags = 0;
641 struct listnode *node;
642 #ifdef WANT_OSPF_WRITE_FRAGMENT
643 static uint16_t ipid = 0;
644 uint16_t maxdatasize;
645 #endif /* WANT_OSPF_WRITE_FRAGMENT */
646 #define OSPF_WRITE_IPHL_SHIFT 2
647 int pkt_count = 0;
648
649 #ifdef GNU_LINUX
650 unsigned char cmsgbuf[64] = {};
651 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
652 struct in_pktinfo *pi;
653 #endif
654
655 if (ospf->fd < 0 || ospf->oi_running == 0) {
656 if (IS_DEBUG_OSPF_EVENT)
657 zlog_debug(
658 "ospf_write failed to send, fd %d, instance %u",
659 ospf->fd, ospf->oi_running);
660 return -1;
661 }
662
663 node = listhead(ospf->oi_write_q);
664 assert(node);
665 oi = listgetdata(node);
666
667 #ifdef WANT_OSPF_WRITE_FRAGMENT
668 /* seed ipid static with low order bits of time */
669 if (ipid == 0)
670 ipid = (time(NULL) & 0xffff);
671 #endif /* WANT_OSPF_WRITE_FRAGMENT */
672
673 while ((pkt_count < ospf->write_oi_count) && oi
674 && (last_serviced_oi != oi)) {
675 /* If there is only packet in the queue, the oi is removed from
676 write-q, so fix up the last interface that was serviced */
677 if (last_serviced_oi == NULL) {
678 last_serviced_oi = oi;
679 }
680 pkt_count++;
681 #ifdef WANT_OSPF_WRITE_FRAGMENT
682 /* convenience - max OSPF data per packet */
683 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
684 #endif /* WANT_OSPF_WRITE_FRAGMENT */
685 /* Get one packet from queue. */
686 op = ospf_fifo_head(oi->obuf);
687 assert(op);
688 assert(op->length >= OSPF_HEADER_SIZE);
689
690 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
691 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
692 ospf_if_ipmulticast(ospf, oi->address,
693 oi->ifp->ifindex);
694
695 /* Rewrite the md5 signature & update the seq */
696 ospf_make_md5_digest(oi, op);
697
698 /* Retrieve OSPF packet type. */
699 stream_set_getp(op->s, 1);
700 type = stream_getc(op->s);
701
702 /* reset get pointer */
703 stream_set_getp(op->s, 0);
704
705 memset(&iph, 0, sizeof(struct ip));
706 memset(&sa_dst, 0, sizeof(sa_dst));
707
708 sa_dst.sin_family = AF_INET;
709 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
710 sa_dst.sin_len = sizeof(sa_dst);
711 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
712 sa_dst.sin_addr = op->dst;
713 sa_dst.sin_port = htons(0);
714
715 /* Set DONTROUTE flag if dst is unicast. */
716 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
717 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
718 flags = MSG_DONTROUTE;
719
720 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
721 /* it'd be very strange for header to not be 4byte-word aligned
722 * but.. */
723 if (sizeof(struct ip)
724 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
725 iph.ip_hl++; /* we presume sizeof(struct ip) cant
726 overflow ip_hl.. */
727
728 iph.ip_v = IPVERSION;
729 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
730 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
731
732 #if defined(__DragonFly__)
733 /*
734 * DragonFly's raw socket expects ip_len/ip_off in network byte
735 * order.
736 */
737 iph.ip_len = htons(iph.ip_len);
738 #endif
739
740 #ifdef WANT_OSPF_WRITE_FRAGMENT
741 /* XXX-MT: not thread-safe at all..
742 * XXX: this presumes this is only programme sending OSPF
743 * packets
744 * otherwise, no guarantee ipid will be unique
745 */
746 iph.ip_id = ++ipid;
747 #endif /* WANT_OSPF_WRITE_FRAGMENT */
748
749 iph.ip_off = 0;
750 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
751 iph.ip_ttl = OSPF_VL_IP_TTL;
752 else
753 iph.ip_ttl = OSPF_IP_TTL;
754 iph.ip_p = IPPROTO_OSPFIGP;
755 iph.ip_sum = 0;
756 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
757 iph.ip_dst.s_addr = op->dst.s_addr;
758
759 memset(&msg, 0, sizeof(msg));
760 msg.msg_name = (caddr_t)&sa_dst;
761 msg.msg_namelen = sizeof(sa_dst);
762 msg.msg_iov = iov;
763 msg.msg_iovlen = 2;
764
765 iov[0].iov_base = (char *)&iph;
766 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
767 iov[1].iov_base = stream_pnt(op->s);
768 iov[1].iov_len = op->length;
769
770 #ifdef GNU_LINUX
771 msg.msg_control = (caddr_t)cm;
772 cm->cmsg_level = SOL_IP;
773 cm->cmsg_type = IP_PKTINFO;
774 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
775 pi = (struct in_pktinfo *)CMSG_DATA(cm);
776 pi->ipi_ifindex = oi->ifp->ifindex;
777
778 msg.msg_controllen = cm->cmsg_len;
779 #endif
780
781 /* Sadly we can not rely on kernels to fragment packets
782 * because of either IP_HDRINCL and/or multicast
783 * destination being set.
784 */
785
786 #ifdef WANT_OSPF_WRITE_FRAGMENT
787 if (op->length > maxdatasize)
788 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
789 oi->ifp->mtu, flags, type);
790 #endif /* WANT_OSPF_WRITE_FRAGMENT */
791
792 /* send final fragment (could be first) */
793 sockopt_iphdrincl_swab_htosys(&iph);
794 ret = sendmsg(ospf->fd, &msg, flags);
795 sockopt_iphdrincl_swab_systoh(&iph);
796 if (IS_DEBUG_OSPF_EVENT)
797 zlog_debug(
798 "ospf_write to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
799 &iph.ip_dst, iph.ip_id, iph.ip_off,
800 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
801
802 /* sendmsg will return EPERM if firewall is blocking sending.
803 * This is a normal situation when 'ip nhrp map multicast xxx'
804 * is being used to send multicast packets to DMVPN peers. In
805 * that case the original message is blocked with iptables rule
806 * causing the EPERM result
807 */
808 if (ret < 0 && errno != EPERM)
809 flog_err(
810 EC_LIB_SOCKET,
811 "*** sendmsg in ospf_write failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
812 &iph.ip_dst, iph.ip_id, iph.ip_off,
813 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
814 safe_strerror(errno));
815
816 /* Show debug sending packet. */
817 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
818 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
819 zlog_debug(
820 "-----------------------------------------------------");
821 stream_set_getp(op->s, 0);
822 ospf_packet_dump(op->s);
823 }
824
825 zlog_debug("%s sent to [%pI4] via [%s].",
826 lookup_msg(ospf_packet_type_str, type, NULL),
827 &op->dst, IF_NAME(oi));
828
829 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
830 zlog_debug(
831 "-----------------------------------------------------");
832 }
833
834 switch (type) {
835 case OSPF_MSG_HELLO:
836 oi->hello_out++;
837 break;
838 case OSPF_MSG_DB_DESC:
839 oi->db_desc_out++;
840 break;
841 case OSPF_MSG_LS_REQ:
842 oi->ls_req_out++;
843 break;
844 case OSPF_MSG_LS_UPD:
845 oi->ls_upd_out++;
846 break;
847 case OSPF_MSG_LS_ACK:
848 oi->ls_ack_out++;
849 break;
850 default:
851 break;
852 }
853
854 /* Now delete packet from queue. */
855 ospf_packet_delete(oi);
856
857 /* Move this interface to the tail of write_q to
858 serve everyone in a round robin fashion */
859 list_delete_node(ospf->oi_write_q, node);
860 if (ospf_fifo_head(oi->obuf) == NULL) {
861 oi->on_write_q = 0;
862 last_serviced_oi = NULL;
863 oi = NULL;
864 } else {
865 listnode_add(ospf->oi_write_q, oi);
866 }
867
868 /* Setup to service from the head of the queue again */
869 if (!list_isempty(ospf->oi_write_q)) {
870 node = listhead(ospf->oi_write_q);
871 oi = listgetdata(node);
872 }
873 }
874
875 /* If packets still remain in queue, call write thread. */
876 if (!list_isempty(ospf->oi_write_q))
877 thread_add_write(master, ospf_write, ospf, ospf->fd,
878 &ospf->t_write);
879
880 return 0;
881 }
882
883 /* OSPF Hello message read -- RFC2328 Section 10.5. */
884 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
885 struct stream *s, struct ospf_interface *oi, int size)
886 {
887 struct ospf_hello *hello;
888 struct ospf_neighbor *nbr;
889 int old_state;
890 struct prefix p;
891
892 /* increment statistics. */
893 oi->hello_in++;
894
895 hello = (struct ospf_hello *)stream_pnt(s);
896
897 /* If Hello is myself, silently discard. */
898 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
899 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
900 zlog_debug(
901 "ospf_header[%s/%pI4]: selforiginated, dropping.",
902 lookup_msg(ospf_packet_type_str, ospfh->type,
903 NULL),
904 &iph->ip_src);
905 }
906 return;
907 }
908
909 /* get neighbor prefix. */
910 p.family = AF_INET;
911 p.prefixlen = ip_masklen(hello->network_mask);
912 p.u.prefix4 = iph->ip_src;
913
914 /* Compare network mask. */
915 /* Checking is ignored for Point-to-Point and Virtual link. */
916 /* Checking is also ignored for Point-to-Multipoint with /32 prefix */
917 if (oi->type != OSPF_IFTYPE_POINTOPOINT
918 && oi->type != OSPF_IFTYPE_VIRTUALLINK
919 && !(oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
920 && oi->address->prefixlen == IPV4_MAX_BITLEN))
921 if (oi->address->prefixlen != p.prefixlen) {
922 flog_warn(
923 EC_OSPF_PACKET,
924 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
925 &ospfh->router_id, IF_NAME(oi),
926 (int)oi->address->prefixlen, (int)p.prefixlen);
927 return;
928 }
929
930 /* Compare Router Dead Interval. */
931 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
932 flog_warn(EC_OSPF_PACKET,
933 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
934 &ospfh->router_id,
935 OSPF_IF_PARAM(oi, v_wait),
936 ntohl(hello->dead_interval));
937 return;
938 }
939
940 /* Compare Hello Interval - ignored if fast-hellos are set. */
941 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
942 if (OSPF_IF_PARAM(oi, v_hello)
943 != ntohs(hello->hello_interval)) {
944 flog_warn(
945 EC_OSPF_PACKET,
946 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
947 &ospfh->router_id,
948 OSPF_IF_PARAM(oi, v_hello),
949 ntohs(hello->hello_interval));
950 return;
951 }
952 }
953
954 if (IS_DEBUG_OSPF_EVENT)
955 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
956 &ospfh->router_id,
957 ospf_options_dump(hello->options),
958 ospf_vrf_id_to_name(oi->ospf->vrf_id));
959
960 /* Compare options. */
961 #define REJECT_IF_TBIT_ON 1 /* XXX */
962 #ifdef REJECT_IF_TBIT_ON
963 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
964 /*
965 * This router does not support non-zero TOS.
966 * Drop this Hello packet not to establish neighbor
967 * relationship.
968 */
969 flog_warn(EC_OSPF_PACKET,
970 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
971 &ospfh->router_id);
972 return;
973 }
974 #endif /* REJECT_IF_TBIT_ON */
975
976 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
977 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
978 /*
979 * This router does know the correct usage of O-bit
980 * the bit should be set in DD packet only.
981 */
982 flog_warn(EC_OSPF_PACKET,
983 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
984 &ospfh->router_id);
985 #ifdef STRICT_OBIT_USAGE_CHECK
986 return; /* Reject this packet. */
987 #else /* STRICT_OBIT_USAGE_CHECK */
988 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
989 #endif /* STRICT_OBIT_USAGE_CHECK */
990 }
991
992 /* new for NSSA is to ensure that NP is on and E is off */
993
994 if (oi->area->external_routing == OSPF_AREA_NSSA) {
995 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
996 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
997 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
998 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
999 flog_warn(
1000 EC_OSPF_PACKET,
1001 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
1002 &ospfh->router_id, OPTIONS(oi),
1003 hello->options);
1004 return;
1005 }
1006 if (IS_DEBUG_OSPF_NSSA)
1007 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
1008 &ospfh->router_id);
1009 } else
1010 /* The setting of the E-bit found in the Hello Packet's Options
1011 field must match this area's ExternalRoutingCapability A
1012 mismatch causes processing to stop and the packet to be
1013 dropped. The setting of the rest of the bits in the Hello
1014 Packet's Options field should be ignored. */
1015 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1016 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1017 flog_warn(
1018 EC_OSPF_PACKET,
1019 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
1020 &ospfh->router_id, OPTIONS(oi),
1021 hello->options);
1022 return;
1023 }
1024
1025 /* get neighbour struct */
1026 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1027
1028 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1029 assert(nbr);
1030
1031 old_state = nbr->state;
1032
1033 /* Add event to thread. */
1034 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1035
1036 /* RFC2328 Section 9.5.1
1037 If the router is not eligible to become Designated Router,
1038 (snip) It must also send an Hello Packet in reply to an
1039 Hello Packet received from any eligible neighbor (other than
1040 the current Designated Router and Backup Designated Router). */
1041 if (oi->type == OSPF_IFTYPE_NBMA)
1042 if (PRIORITY(oi) == 0 && hello->priority > 0
1043 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1044 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1045 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1046 ospf_hello_reply_timer,
1047 OSPF_HELLO_REPLY_DELAY);
1048
1049 /* on NBMA network type, it happens to receive bidirectional Hello
1050 packet
1051 without advance 1-Way Received event.
1052 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1053 if (oi->type == OSPF_IFTYPE_NBMA
1054 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1055 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1056 nbr->priority = hello->priority;
1057 nbr->d_router = hello->d_router;
1058 nbr->bd_router = hello->bd_router;
1059 return;
1060 }
1061
1062 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1063 size - OSPF_HELLO_MIN_SIZE)) {
1064 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1065 nbr->options |= hello->options;
1066 } else {
1067 /* If the router is DR_OTHER, RESTARTER will not wait
1068 * until it receives the hello from it if it receives
1069 * from DR and BDR.
1070 * So, helper might receives ONW_WAY hello from
1071 * RESTARTER. So not allowing to change the state if it
1072 * receives one_way hellow when it acts as HELPER for
1073 * that specific neighbor.
1074 */
1075 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1076 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1077 /* Set neighbor information. */
1078 nbr->priority = hello->priority;
1079 nbr->d_router = hello->d_router;
1080 nbr->bd_router = hello->bd_router;
1081 return;
1082 }
1083
1084 if (OSPF_GR_IS_ACTIVE_HELPER(nbr)) {
1085 /* As per the GR Conformance Test Case 7.2. Section 3
1086 * "Also, if X was the Designated Router on network segment S
1087 * when the helping relationship began, Y maintains X as the
1088 * Designated Router until the helping relationship is
1089 * terminated."
1090 * When I am helper for this neighbor, I should not trigger the
1091 * ISM Events. Also Intentionally not setting the priority and
1092 * other fields so that when the neighbor exits the Grace
1093 * period, it can handle if there is any change before GR and
1094 * after GR. */
1095 if (IS_DEBUG_OSPF_GR)
1096 zlog_debug(
1097 "%s, Neighbor is under GR Restart, hence ignoring the ISM Events",
1098 __PRETTY_FUNCTION__);
1099
1100 return;
1101 }
1102
1103 /* If neighbor itself declares DR and no BDR exists,
1104 cause event BackupSeen */
1105 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1106 if (hello->bd_router.s_addr == INADDR_ANY
1107 && oi->state == ISM_Waiting)
1108 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1109
1110 /* neighbor itself declares BDR. */
1111 if (oi->state == ISM_Waiting
1112 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1113 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1114
1115 /* had not previously. */
1116 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1117 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1118 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1119 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1120 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1121
1122 /* had not previously. */
1123 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1124 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1125 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1126 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1127 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1128
1129 /* Neighbor priority check. */
1130 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1131 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1132
1133 /* Set neighbor information. */
1134 nbr->priority = hello->priority;
1135 nbr->d_router = hello->d_router;
1136 nbr->bd_router = hello->bd_router;
1137 }
1138
1139 /* Save DD flags/options/Seqnum received. */
1140 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1141 struct ospf_db_desc *dd)
1142 {
1143 nbr->last_recv.flags = dd->flags;
1144 nbr->last_recv.options = dd->options;
1145 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1146 }
1147
1148 /* Process rest of DD packet. */
1149 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1150 struct ospf_neighbor *nbr,
1151 struct ospf_db_desc *dd, uint16_t size)
1152 {
1153 struct ospf_lsa *new, *find;
1154 struct lsa_header *lsah;
1155
1156 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1157 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1158 size -= OSPF_LSA_HEADER_SIZE) {
1159 lsah = (struct lsa_header *)stream_pnt(s);
1160 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1161
1162 /* Unknown LS type. */
1163 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1164 flog_warn(EC_OSPF_PACKET,
1165 "Packet [DD:RECV]: Unknown LS type %d.",
1166 lsah->type);
1167 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1168 return;
1169 }
1170
1171 if (IS_OPAQUE_LSA(lsah->type)
1172 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1173 flog_warn(EC_OSPF_PACKET,
1174 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1175 lsah->type, &lsah->id);
1176 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1177 return;
1178 }
1179
1180 switch (lsah->type) {
1181 case OSPF_AS_EXTERNAL_LSA:
1182 case OSPF_OPAQUE_AS_LSA:
1183 /* Check for stub area. Reject if AS-External from stub
1184 but
1185 allow if from NSSA. */
1186 if (oi->area->external_routing == OSPF_AREA_STUB) {
1187 flog_warn(
1188 EC_OSPF_PACKET,
1189 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1190 lsah->type, &lsah->id,
1191 (oi->area->external_routing
1192 == OSPF_AREA_STUB)
1193 ? "STUB"
1194 : "NSSA");
1195 OSPF_NSM_EVENT_SCHEDULE(nbr,
1196 NSM_SeqNumberMismatch);
1197 return;
1198 }
1199 break;
1200 default:
1201 break;
1202 }
1203
1204 /* Create LS-request object. */
1205 new = ospf_ls_request_new(lsah);
1206
1207 /* Lookup received LSA, then add LS request list. */
1208 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1209
1210 /* ospf_lsa_more_recent is fine with NULL pointers */
1211 switch (ospf_lsa_more_recent(find, new)) {
1212 case -1:
1213 /* Neighbour has a more recent LSA, we must request it
1214 */
1215 ospf_ls_request_add(nbr, new);
1216 /* fallthru */
1217 case 0:
1218 /* If we have a copy of this LSA, it's either less
1219 * recent
1220 * and we're requesting it from neighbour (the case
1221 * above), or
1222 * it's as recent and we both have same copy (this
1223 * case).
1224 *
1225 * In neither of these two cases is there any point in
1226 * describing our copy of the LSA to the neighbour in a
1227 * DB-Summary packet, if we're still intending to do so.
1228 *
1229 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1230 * backward compatible optimisation to OSPF DB Exchange
1231 * /
1232 * DB Description process implemented here.
1233 */
1234 if (find)
1235 ospf_lsdb_delete(&nbr->db_sum, find);
1236 ospf_lsa_discard(new);
1237 break;
1238 default:
1239 /* We have the more recent copy, nothing specific to do:
1240 * - no need to request neighbours stale copy
1241 * - must leave DB summary list copy alone
1242 */
1243 if (IS_DEBUG_OSPF_EVENT)
1244 zlog_debug(
1245 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1246 lsah->type, &lsah->id);
1247 ospf_lsa_discard(new);
1248 }
1249 }
1250
1251 /* Master */
1252 if (IS_SET_DD_MS(nbr->dd_flags)) {
1253 nbr->dd_seqnum++;
1254
1255 /* Both sides have no More, then we're done with Exchange */
1256 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1257 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1258 else
1259 ospf_db_desc_send(nbr);
1260 }
1261 /* Slave */
1262 else {
1263 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1264
1265 /* Send DD packet in reply.
1266 *
1267 * Must be done to acknowledge the Master's DD, regardless of
1268 * whether we have more LSAs ourselves to describe.
1269 *
1270 * This function will clear the 'More' bit, if after this DD
1271 * we have no more LSAs to describe to the master..
1272 */
1273 ospf_db_desc_send(nbr);
1274
1275 /* Slave can raise ExchangeDone now, if master is also done */
1276 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1277 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1278 }
1279
1280 /* Save received neighbor values from DD. */
1281 ospf_db_desc_save_current(nbr, dd);
1282
1283 if (!nbr->t_ls_req)
1284 ospf_ls_req_send(nbr);
1285 }
1286
1287 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1288 struct ospf_neighbor *nbr)
1289 {
1290 /* Is DD duplicated? */
1291 if (dd->options == nbr->last_recv.options
1292 && dd->flags == nbr->last_recv.flags
1293 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1294 return 1;
1295
1296 return 0;
1297 }
1298
1299 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1300 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1301 struct stream *s, struct ospf_interface *oi,
1302 uint16_t size)
1303 {
1304 struct ospf_db_desc *dd;
1305 struct ospf_neighbor *nbr;
1306
1307 /* Increment statistics. */
1308 oi->db_desc_in++;
1309
1310 dd = (struct ospf_db_desc *)stream_pnt(s);
1311
1312 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1313 if (nbr == NULL) {
1314 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1315 &ospfh->router_id);
1316 return;
1317 }
1318
1319 /* Check MTU. */
1320 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1321 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1322 flog_warn(
1323 EC_OSPF_PACKET,
1324 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1325 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
1326 oi->ifp->mtu);
1327 return;
1328 }
1329
1330 /*
1331 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1332 * not
1333 * required. In fact at least JunOS sends DD packets with P bit clear.
1334 * Until proper solution is developped, this hack should help.
1335 *
1336 * Update: According to the RFCs, N bit is specified /only/ for Hello
1337 * options, unfortunately its use in DD options is not specified. Hence
1338 * some
1339 * implementations follow E-bit semantics and set it in DD options, and
1340 * some
1341 * treat it as unspecified and hence follow the directive "default for
1342 * options is clear", ie unset.
1343 *
1344 * Reset the flag, as ospfd follows E-bit semantics.
1345 */
1346 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1347 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1348 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1349 if (IS_DEBUG_OSPF_EVENT)
1350 zlog_debug(
1351 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1352 &nbr->router_id);
1353 SET_FLAG(dd->options, OSPF_OPTION_NP);
1354 }
1355
1356 #ifdef REJECT_IF_TBIT_ON
1357 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1358 /*
1359 * In Hello protocol, optional capability must have checked
1360 * to prevent this T-bit enabled router be my neighbor.
1361 */
1362 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1363 &nbr->router_id);
1364 return;
1365 }
1366 #endif /* REJECT_IF_TBIT_ON */
1367
1368 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1369 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1370 /*
1371 * This node is not configured to handle O-bit, for now.
1372 * Clear it to ignore unsupported capability proposed by
1373 * neighbor.
1374 */
1375 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1376 }
1377
1378 /* Add event to thread. */
1379 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1380
1381 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1382 zlog_info(
1383 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
1384 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
1385 &nbr->router_id,
1386 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1387 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1388
1389 /* Process DD packet by neighbor status. */
1390 switch (nbr->state) {
1391 case NSM_Down:
1392 case NSM_Attempt:
1393 case NSM_TwoWay:
1394 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1395 zlog_info(
1396 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1397 &nbr->router_id,
1398 lookup_msg(ospf_nsm_state_msg, nbr->state,
1399 NULL));
1400 break;
1401 case NSM_Init:
1402 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1403 /* If the new state is ExStart, the processing of the current
1404 packet should then continue in this new state by falling
1405 through to case ExStart below. */
1406 if (nbr->state != NSM_ExStart)
1407 break;
1408 /* fallthru */
1409 case NSM_ExStart:
1410 /* Initial DBD */
1411 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1412 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1413 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1414 > 0) {
1415 /* We're Slave---obey */
1416 if (CHECK_FLAG(oi->ospf->config,
1417 OSPF_LOG_ADJACENCY_DETAIL))
1418 zlog_info(
1419 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1420 &nbr->router_id);
1421
1422 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1423
1424 /* Reset I/MS */
1425 UNSET_FLAG(nbr->dd_flags,
1426 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1427 } else {
1428 /* We're Master, ignore the initial DBD from
1429 * Slave */
1430 if (CHECK_FLAG(oi->ospf->config,
1431 OSPF_LOG_ADJACENCY_DETAIL))
1432 zlog_info(
1433 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1434 &nbr->router_id);
1435 break;
1436 }
1437 }
1438 /* Ack from the Slave */
1439 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1440 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1441 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1442 < 0) {
1443 zlog_info(
1444 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1445 &nbr->router_id);
1446 /* Reset I, leaving MS */
1447 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1448 } else {
1449 flog_warn(EC_OSPF_PACKET,
1450 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1451 &nbr->router_id);
1452 break;
1453 }
1454
1455 /* This is where the real Options are saved */
1456 nbr->options = dd->options;
1457
1458 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1459 if (IS_DEBUG_OSPF_EVENT)
1460 zlog_debug(
1461 "Neighbor[%pI4] is %sOpaque-capable.",
1462 &nbr->router_id,
1463 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1464 ? ""
1465 : "NOT ");
1466
1467 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1468 && IPV4_ADDR_SAME(&DR(oi),
1469 &nbr->address.u.prefix4)) {
1470 flog_warn(
1471 EC_OSPF_PACKET,
1472 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1473 &nbr->router_id);
1474 /* This situation is undesirable, but not a real
1475 * error. */
1476 }
1477 }
1478
1479 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1480
1481 /* continue processing rest of packet. */
1482 ospf_db_desc_proc(s, oi, nbr, dd, size);
1483 break;
1484 case NSM_Exchange:
1485 if (ospf_db_desc_is_dup(dd, nbr)) {
1486 if (IS_SET_DD_MS(nbr->dd_flags))
1487 /* Master: discard duplicated DD packet. */
1488 zlog_info(
1489 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1490 &nbr->router_id);
1491 else
1492 /* Slave: cause to retransmit the last Database
1493 Description. */
1494 {
1495 zlog_info(
1496 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1497 &nbr->router_id);
1498 ospf_db_desc_resend(nbr);
1499 }
1500 break;
1501 }
1502
1503 /* Otherwise DD packet should be checked. */
1504 /* Check Master/Slave bit mismatch */
1505 if (IS_SET_DD_MS(dd->flags)
1506 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1507 flog_warn(EC_OSPF_PACKET,
1508 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1509 &nbr->router_id);
1510 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1511 if (IS_DEBUG_OSPF_EVENT)
1512 zlog_debug(
1513 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1514 dd->flags, nbr->dd_flags);
1515 break;
1516 }
1517
1518 /* Check initialize bit is set. */
1519 if (IS_SET_DD_I(dd->flags)) {
1520 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1521 &nbr->router_id);
1522 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1523 break;
1524 }
1525
1526 /* Check DD Options. */
1527 if (dd->options != nbr->options) {
1528 flog_warn(EC_OSPF_PACKET,
1529 "Packet[DD]: Neighbor %pI4 options mismatch.",
1530 &nbr->router_id);
1531 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1532 break;
1533 }
1534
1535 /* Check DD sequence number. */
1536 if ((IS_SET_DD_MS(nbr->dd_flags)
1537 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1538 || (!IS_SET_DD_MS(nbr->dd_flags)
1539 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1540 flog_warn(
1541 EC_OSPF_PACKET,
1542 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1543 &nbr->router_id);
1544 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1545 break;
1546 }
1547
1548 /* Continue processing rest of packet. */
1549 ospf_db_desc_proc(s, oi, nbr, dd, size);
1550 break;
1551 case NSM_Loading:
1552 case NSM_Full:
1553 if (ospf_db_desc_is_dup(dd, nbr)) {
1554 if (IS_SET_DD_MS(nbr->dd_flags)) {
1555 /* Master should discard duplicate DD packet. */
1556 zlog_info(
1557 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1558 &nbr->router_id);
1559 break;
1560 } else {
1561 if (monotime_since(&nbr->last_send_ts, NULL)
1562 < nbr->v_inactivity * 1000000LL) {
1563 /* In states Loading and Full the slave
1564 must resend
1565 its last Database Description packet
1566 in response to
1567 duplicate Database Description
1568 packets received
1569 from the master. For this reason the
1570 slave must
1571 wait RouterDeadInterval seconds
1572 before freeing the
1573 last Database Description packet.
1574 Reception of a
1575 Database Description packet from the
1576 master after
1577 this interval will generate a
1578 SeqNumberMismatch
1579 neighbor event. RFC2328 Section 10.8
1580 */
1581 ospf_db_desc_resend(nbr);
1582 break;
1583 }
1584 }
1585 }
1586
1587 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1588 break;
1589 default:
1590 flog_warn(EC_OSPF_PACKET,
1591 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1592 &nbr->router_id, nbr->state);
1593 break;
1594 }
1595 }
1596
1597 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1598
1599 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1600 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1601 struct stream *s, struct ospf_interface *oi,
1602 uint16_t size)
1603 {
1604 struct ospf_neighbor *nbr;
1605 uint32_t ls_type;
1606 struct in_addr ls_id;
1607 struct in_addr adv_router;
1608 struct ospf_lsa *find;
1609 struct list *ls_upd;
1610 unsigned int length;
1611
1612 /* Increment statistics. */
1613 oi->ls_req_in++;
1614
1615 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1616 if (nbr == NULL) {
1617 flog_warn(EC_OSPF_PACKET,
1618 "Link State Request: Unknown Neighbor %pI4",
1619 &ospfh->router_id);
1620 return;
1621 }
1622
1623 /* Add event to thread. */
1624 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1625
1626 /* Neighbor State should be Exchange or later. */
1627 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1628 && nbr->state != NSM_Full) {
1629 flog_warn(
1630 EC_OSPF_PACKET,
1631 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1632 &ospfh->router_id,
1633 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1634 return;
1635 }
1636
1637 /* Send Link State Update for ALL requested LSAs. */
1638 ls_upd = list_new();
1639 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1640
1641 while (size >= OSPF_LSA_KEY_SIZE) {
1642 /* Get one slice of Link State Request. */
1643 ls_type = stream_getl(s);
1644 ls_id.s_addr = stream_get_ipv4(s);
1645 adv_router.s_addr = stream_get_ipv4(s);
1646
1647 /* Verify LSA type. */
1648 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1649 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1650 list_delete(&ls_upd);
1651 return;
1652 }
1653
1654 /* Search proper LSA in LSDB. */
1655 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1656 adv_router);
1657 if (find == NULL) {
1658 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1659 list_delete(&ls_upd);
1660 return;
1661 }
1662
1663 /* Packet overflows MTU size, send immediately. */
1664 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1665 if (oi->type == OSPF_IFTYPE_NBMA)
1666 ospf_ls_upd_send(nbr, ls_upd,
1667 OSPF_SEND_PACKET_DIRECT, 0);
1668 else
1669 ospf_ls_upd_send(nbr, ls_upd,
1670 OSPF_SEND_PACKET_INDIRECT, 0);
1671
1672 /* Only remove list contents. Keep ls_upd. */
1673 list_delete_all_node(ls_upd);
1674
1675 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1676 }
1677
1678 /* Append LSA to update list. */
1679 listnode_add(ls_upd, find);
1680 length += ntohs(find->data->length);
1681
1682 size -= OSPF_LSA_KEY_SIZE;
1683 }
1684
1685 /* Send rest of Link State Update. */
1686 if (listcount(ls_upd) > 0) {
1687 if (oi->type == OSPF_IFTYPE_NBMA)
1688 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1689 0);
1690 else
1691 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1692 0);
1693
1694 list_delete(&ls_upd);
1695 } else
1696 list_delete(&ls_upd);
1697 }
1698
1699 /* Get the list of LSAs from Link State Update packet.
1700 And process some validation -- RFC2328 Section 13. (1)-(2). */
1701 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1702 struct stream *s,
1703 struct ospf_interface *oi, size_t size)
1704 {
1705 uint16_t count, sum;
1706 uint32_t length;
1707 struct lsa_header *lsah;
1708 struct ospf_lsa *lsa;
1709 struct list *lsas;
1710
1711 lsas = list_new();
1712
1713 count = stream_getl(s);
1714 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1715
1716 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1717 size -= length, stream_forward_getp(s, length), count--) {
1718 lsah = (struct lsa_header *)stream_pnt(s);
1719 length = ntohs(lsah->length);
1720
1721 if (length > size) {
1722 flog_warn(
1723 EC_OSPF_PACKET,
1724 "Link State Update: LSA length exceeds packet size.");
1725 break;
1726 }
1727
1728 /* Validate the LSA's LS checksum. */
1729 sum = lsah->checksum;
1730 if (!ospf_lsa_checksum_valid(lsah)) {
1731 /* (bug #685) more details in a one-line message make it
1732 * possible
1733 * to identify problem source on the one hand and to
1734 * have a better
1735 * chance to compress repeated messages in syslog on the
1736 * other */
1737 flog_warn(
1738 EC_OSPF_PACKET,
1739 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1740 sum, lsah->checksum, &lsah->id,
1741 &nbr->src, &nbr->router_id,
1742 &lsah->adv_router);
1743 continue;
1744 }
1745
1746 /* Examine the LSA's LS type. */
1747 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1748 flog_warn(EC_OSPF_PACKET,
1749 "Link State Update: Unknown LS type %d",
1750 lsah->type);
1751 continue;
1752 }
1753
1754 /*
1755 * What if the received LSA's age is greater than MaxAge?
1756 * Treat it as a MaxAge case -- endo.
1757 */
1758 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1759 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1760
1761 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1762 #ifdef STRICT_OBIT_USAGE_CHECK
1763 if ((IS_OPAQUE_LSA(lsah->type)
1764 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1765 || (!IS_OPAQUE_LSA(lsah->type)
1766 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1767 /*
1768 * This neighbor must know the exact usage of
1769 * O-bit;
1770 * the bit will be set in Type-9,10,11 LSAs
1771 * only.
1772 */
1773 flog_warn(EC_OSPF_PACKET,
1774 "LSA[Type%d:%pI4]: O-bit abuse?",
1775 lsah->type, &lsah->id);
1776 continue;
1777 }
1778 #endif /* STRICT_OBIT_USAGE_CHECK */
1779
1780 /* Do not take in AS External Opaque-LSAs if we are a
1781 * stub. */
1782 if (lsah->type == OSPF_OPAQUE_AS_LSA
1783 && nbr->oi->area->external_routing
1784 != OSPF_AREA_DEFAULT) {
1785 if (IS_DEBUG_OSPF_EVENT)
1786 zlog_debug(
1787 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
1788 lsah->type,
1789 &lsah->id);
1790 continue;
1791 }
1792 } else if (IS_OPAQUE_LSA(lsah->type)) {
1793 flog_warn(EC_OSPF_PACKET,
1794 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1795 lsah->type, &lsah->id);
1796 continue;
1797 }
1798
1799 /* Create OSPF LSA instance. */
1800 lsa = ospf_lsa_new_and_data(length);
1801
1802 lsa->vrf_id = oi->ospf->vrf_id;
1803 /* We may wish to put some error checking if type NSSA comes in
1804 and area not in NSSA mode */
1805 switch (lsah->type) {
1806 case OSPF_AS_EXTERNAL_LSA:
1807 case OSPF_OPAQUE_AS_LSA:
1808 lsa->area = NULL;
1809 break;
1810 case OSPF_OPAQUE_LINK_LSA:
1811 lsa->oi = oi; /* Remember incoming interface for
1812 flooding control. */
1813 /* Fallthrough */
1814 default:
1815 lsa->area = oi->area;
1816 break;
1817 }
1818
1819 memcpy(lsa->data, lsah, length);
1820
1821 if (IS_DEBUG_OSPF_EVENT)
1822 zlog_debug(
1823 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1824 lsa->data->type, &lsa->data->id,
1825 (void *)lsa);
1826 listnode_add(lsas, lsa);
1827 }
1828
1829 return lsas;
1830 }
1831
1832 /* Cleanup Update list. */
1833 static void ospf_upd_list_clean(struct list *lsas)
1834 {
1835 struct listnode *node, *nnode;
1836 struct ospf_lsa *lsa;
1837
1838 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1839 ospf_lsa_discard(lsa);
1840
1841 list_delete(&lsas);
1842 }
1843
1844 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1845 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1846 struct ospf_header *ospfh, struct stream *s,
1847 struct ospf_interface *oi, uint16_t size)
1848 {
1849 struct ospf_neighbor *nbr;
1850 struct list *lsas;
1851 struct listnode *node, *nnode;
1852 struct ospf_lsa *lsa = NULL;
1853 /* unsigned long ls_req_found = 0; */
1854
1855 /* Dis-assemble the stream, update each entry, re-encapsulate for
1856 * flooding */
1857
1858 /* Increment statistics. */
1859 oi->ls_upd_in++;
1860
1861 /* Check neighbor. */
1862 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1863 if (nbr == NULL) {
1864 flog_warn(EC_OSPF_PACKET,
1865 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1866 &ospfh->router_id, IF_NAME(oi));
1867 return;
1868 }
1869
1870 /* Add event to thread. */
1871 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1872
1873 /* Check neighbor state. */
1874 if (nbr->state < NSM_Exchange) {
1875 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1876 zlog_debug(
1877 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1878 &ospfh->router_id,
1879 lookup_msg(ospf_nsm_state_msg, nbr->state,
1880 NULL));
1881 return;
1882 }
1883
1884 /* Get list of LSAs from Link State Update packet. - Also performs
1885 * Stages 1 (validate LSA checksum) and 2 (check for LSA consistent
1886 * type) of section 13.
1887 */
1888 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1889
1890 if (lsas == NULL)
1891 return;
1892 #define DISCARD_LSA(L, N) \
1893 { \
1894 if (IS_DEBUG_OSPF_EVENT) \
1895 zlog_debug( \
1896 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1897 " Type-%d", \
1898 N, (void *)lsa, (int)lsa->data->type); \
1899 ospf_lsa_discard(L); \
1900 continue; \
1901 }
1902
1903 /* Process each LSA received in the one packet.
1904 *
1905 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1906 * text below are from the steps in RFC 2328, Section 13.
1907 */
1908 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1909 struct ospf_lsa *ls_ret, *current;
1910 int ret = 1;
1911
1912 if (IS_DEBUG_OSPF(lsa, LSA))
1913 zlog_debug("LSA Type-%d from %pI4, ID: %pI4, ADV: %pI4",
1914 lsa->data->type, &ospfh->router_id,
1915 &lsa->data->id, &lsa->data->adv_router);
1916
1917 listnode_delete(lsas,
1918 lsa); /* We don't need it in list anymore */
1919
1920 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1921 */
1922
1923 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1924
1925 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1926 */
1927
1928 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1929 */
1930
1931 /* Do take in Type-7's if we are an NSSA */
1932
1933 /* If we are also an ABR, later translate them to a Type-5
1934 * packet */
1935
1936 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1937 translate them to a separate Type-5 packet. */
1938
1939 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1940 /* Reject from STUB or NSSA */
1941 if (nbr->oi->area->external_routing
1942 != OSPF_AREA_DEFAULT) {
1943 if (IS_DEBUG_OSPF_NSSA)
1944 zlog_debug(
1945 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1946 DISCARD_LSA(lsa, 1);
1947 }
1948
1949 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1950 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1951 if (IS_DEBUG_OSPF_NSSA)
1952 zlog_debug(
1953 "Incoming NSSA LSA Discarded: Not NSSA Area");
1954 DISCARD_LSA(lsa, 2);
1955 }
1956
1957 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1958 if (lsa->data->type == OSPF_ROUTER_LSA)
1959 if (!IPV4_ADDR_SAME(&lsa->data->id,
1960 &lsa->data->adv_router)) {
1961 flog_err(
1962 EC_OSPF_ROUTER_LSA_MISMATCH,
1963 "Incoming Router-LSA from %pI4 with Adv-ID[%pI4] != LS-ID[%pI4]",
1964 &ospfh->router_id, &lsa->data->id,
1965 &lsa->data->adv_router);
1966 flog_err(
1967 EC_OSPF_DOMAIN_CORRUPT,
1968 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
1969 DISCARD_LSA(lsa, 0);
1970 }
1971
1972 /* Find the LSA in the current database. */
1973
1974 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1975
1976 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1977 currently
1978 no instance of the LSA in the router's link state database,
1979 and none of router's neighbors are in states Exchange or
1980 Loading,
1981 then take the following actions: */
1982
1983 if (IS_LSA_MAXAGE(lsa) && !current
1984 && ospf_check_nbr_status(oi->ospf)) {
1985 /* (4a) Response Link State Acknowledgment. */
1986 ospf_ls_ack_send(nbr, lsa);
1987
1988 /* (4b) Discard LSA. */
1989 if (IS_DEBUG_OSPF(lsa, LSA)) {
1990 zlog_debug(
1991 "Link State Update[%s]: LS age is equal to MaxAge.",
1992 dump_lsa_key(lsa));
1993 }
1994 DISCARD_LSA(lsa, 3);
1995 }
1996
1997 if (IS_OPAQUE_LSA(lsa->data->type)
1998 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1999 &oi->ospf->router_id)) {
2000 /*
2001 * Even if initial flushing seems to be completed, there
2002 * might
2003 * be a case that self-originated LSA with MaxAge still
2004 * remain
2005 * in the routing domain.
2006 * Just send an LSAck message to cease retransmission.
2007 */
2008 if (IS_LSA_MAXAGE(lsa)) {
2009 zlog_info("LSA[%s]: Boomerang effect?",
2010 dump_lsa_key(lsa));
2011 ospf_ls_ack_send(nbr, lsa);
2012 ospf_lsa_discard(lsa);
2013
2014 if (current != NULL && !IS_LSA_MAXAGE(current))
2015 ospf_opaque_lsa_refresh_schedule(
2016 current);
2017 continue;
2018 }
2019
2020 /*
2021 * If an instance of self-originated Opaque-LSA is not
2022 * found
2023 * in the LSDB, there are some possible cases here.
2024 *
2025 * 1) This node lost opaque-capability after restart.
2026 * 2) Else, a part of opaque-type is no more supported.
2027 * 3) Else, a part of opaque-id is no more supported.
2028 *
2029 * Anyway, it is still this node's responsibility to
2030 * flush it.
2031 * Otherwise, the LSA instance remains in the routing
2032 * domain
2033 * until its age reaches to MaxAge.
2034 */
2035 /* XXX: We should deal with this for *ALL* LSAs, not
2036 * just opaque */
2037 if (current == NULL) {
2038 if (IS_DEBUG_OSPF_EVENT)
2039 zlog_debug(
2040 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
2041 dump_lsa_key(lsa));
2042
2043 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2044
2045 ospf_ls_ack_send(nbr, lsa);
2046
2047 if (!ospf->gr_info.restart_in_progress) {
2048 ospf_opaque_self_originated_lsa_received(
2049 nbr, lsa);
2050 continue;
2051 }
2052 }
2053 }
2054
2055 /* It might be happen that received LSA is self-originated
2056 * network LSA, but
2057 * router ID is changed. So, we should check if LSA is a
2058 * network-LSA whose
2059 * Link State ID is one of the router's own IP interface
2060 * addresses but whose
2061 * Advertising Router is not equal to the router's own Router ID
2062 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2063 * flushed.
2064 */
2065
2066 if (lsa->data->type == OSPF_NETWORK_LSA) {
2067 struct listnode *oinode, *oinnode;
2068 struct ospf_interface *out_if;
2069 int Flag = 0;
2070
2071 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2072 oinnode, out_if)) {
2073 if (out_if == NULL)
2074 break;
2075
2076 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2077 &lsa->data->id))
2078 && (!(IPV4_ADDR_SAME(
2079 &oi->ospf->router_id,
2080 &lsa->data->adv_router)))) {
2081 if (out_if->network_lsa_self) {
2082 ospf_lsa_flush_area(
2083 lsa, out_if->area);
2084 if (IS_DEBUG_OSPF_EVENT)
2085 zlog_debug(
2086 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2087 (void *)lsa,
2088 (int)lsa->data
2089 ->type);
2090 ospf_lsa_discard(lsa);
2091 Flag = 1;
2092 }
2093 break;
2094 }
2095 }
2096 if (Flag)
2097 continue;
2098 }
2099
2100 /* (5) Find the instance of this LSA that is currently contained
2101 in the router's link state database. If there is no
2102 database copy, or the received LSA is more recent than
2103 the database copy the following steps must be performed.
2104 (The sub steps from RFC 2328 section 13 step (5) will be
2105 performed in
2106 ospf_flood() ) */
2107
2108 if (current == NULL
2109 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2110 /* CVE-2017-3224 */
2111 if (current && (IS_LSA_MAX_SEQ(current))
2112 && (IS_LSA_MAX_SEQ(lsa)) && !IS_LSA_MAXAGE(lsa)) {
2113 zlog_debug(
2114 "Link State Update[%s]: has Max Seq and higher checksum but not MaxAge. Dropping it",
2115 dump_lsa_key(lsa));
2116
2117 DISCARD_LSA(lsa, 4);
2118 }
2119
2120 /* Actual flooding procedure. */
2121 if (ospf_flood(oi->ospf, nbr, current, lsa)
2122 < 0) /* Trap NSSA later. */
2123 DISCARD_LSA(lsa, 5);
2124 continue;
2125 }
2126
2127 /* (6) Else, If there is an instance of the LSA on the sending
2128 neighbor's Link state request list, an error has occurred in
2129 the Database Exchange process. In this case, restart the
2130 Database Exchange process by generating the neighbor event
2131 BadLSReq for the sending neighbor and stop processing the
2132 Link State Update packet. */
2133
2134 if (ospf_ls_request_lookup(nbr, lsa)) {
2135 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2136 flog_warn(
2137 EC_OSPF_PACKET,
2138 "LSA[%s] instance exists on Link state request list",
2139 dump_lsa_key(lsa));
2140
2141 /* Clean list of LSAs. */
2142 ospf_upd_list_clean(lsas);
2143 /* this lsa is not on lsas list already. */
2144 ospf_lsa_discard(lsa);
2145 return;
2146 }
2147
2148 /* If the received LSA is the same instance as the database copy
2149 (i.e., neither one is more recent) the following two steps
2150 should be performed: */
2151
2152 if (ret == 0) {
2153 /* If the LSA is listed in the Link state retransmission
2154 list
2155 for the receiving adjacency, the router itself is
2156 expecting
2157 an acknowledgment for this LSA. The router should
2158 treat the
2159 received LSA as an acknowledgment by removing the LSA
2160 from
2161 the Link state retransmission list. This is termed
2162 an
2163 "implied acknowledgment". */
2164
2165 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2166
2167 if (ls_ret != NULL) {
2168 ospf_ls_retransmit_delete(nbr, ls_ret);
2169
2170 /* Delayed acknowledgment sent if advertisement
2171 received
2172 from Designated Router, otherwise do nothing.
2173 */
2174 if (oi->state == ISM_Backup)
2175 if (NBR_IS_DR(nbr))
2176 listnode_add(
2177 oi->ls_ack,
2178 ospf_lsa_lock(lsa));
2179
2180 DISCARD_LSA(lsa, 6);
2181 } else
2182 /* Acknowledge the receipt of the LSA by sending a
2183 Link State Acknowledgment packet back out the
2184 receiving
2185 interface. */
2186 {
2187 ospf_ls_ack_send(nbr, lsa);
2188 DISCARD_LSA(lsa, 7);
2189 }
2190 }
2191
2192 /* The database copy is more recent. If the database copy
2193 has LS age equal to MaxAge and LS sequence number equal to
2194 MaxSequenceNumber, simply discard the received LSA without
2195 acknowledging it. (In this case, the LSA's LS sequence number
2196 is
2197 wrapping, and the MaxSequenceNumber LSA must be completely
2198 flushed before any new LSA instance can be introduced). */
2199
2200 else if (ret > 0) /* Database copy is more recent */
2201 {
2202 if (IS_LSA_MAXAGE(current)
2203 && current->data->ls_seqnum
2204 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2205 DISCARD_LSA(lsa, 8);
2206 }
2207 /* Otherwise, as long as the database copy has not been
2208 sent in a
2209 Link State Update within the last MinLSArrival
2210 seconds, send the
2211 database copy back to the sending neighbor,
2212 encapsulated within
2213 a Link State Update Packet. The Link State Update
2214 Packet should
2215 be sent directly to the neighbor. In so doing, do not
2216 put the
2217 database copy of the LSA on the neighbor's link state
2218 retransmission list, and do not acknowledge the
2219 received (less
2220 recent) LSA instance. */
2221 else {
2222 if (monotime_since(&current->tv_orig, NULL)
2223 >= ospf->min_ls_arrival * 1000LL)
2224 /* Trap NSSA type later.*/
2225 ospf_ls_upd_send_lsa(
2226 nbr, current,
2227 OSPF_SEND_PACKET_DIRECT);
2228 DISCARD_LSA(lsa, 9);
2229 }
2230 }
2231 }
2232 #undef DISCARD_LSA
2233
2234 assert(listcount(lsas) == 0);
2235 list_delete(&lsas);
2236
2237 if (ospf->gr_info.restart_in_progress)
2238 ospf_gr_check_lsdb_consistency(oi->ospf, oi->area);
2239 }
2240
2241 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2242 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2243 struct stream *s, struct ospf_interface *oi,
2244 uint16_t size)
2245 {
2246 struct ospf_neighbor *nbr;
2247
2248 /* increment statistics. */
2249 oi->ls_ack_in++;
2250
2251 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2252 if (nbr == NULL) {
2253 flog_warn(EC_OSPF_PACKET,
2254 "Link State Acknowledgment: Unknown Neighbor %pI4",
2255 &ospfh->router_id);
2256 return;
2257 }
2258
2259 /* Add event to thread. */
2260 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2261
2262 if (nbr->state < NSM_Exchange) {
2263 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2264 zlog_debug(
2265 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2266 &ospfh->router_id,
2267 lookup_msg(ospf_nsm_state_msg, nbr->state,
2268 NULL));
2269 return;
2270 }
2271
2272 while (size >= OSPF_LSA_HEADER_SIZE) {
2273 struct ospf_lsa *lsa, *lsr;
2274
2275 lsa = ospf_lsa_new();
2276 lsa->data = (struct lsa_header *)stream_pnt(s);
2277 lsa->vrf_id = oi->ospf->vrf_id;
2278
2279 /* lsah = (struct lsa_header *) stream_pnt (s); */
2280 size -= OSPF_LSA_HEADER_SIZE;
2281 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2282
2283 if (lsa->data->type < OSPF_MIN_LSA
2284 || lsa->data->type >= OSPF_MAX_LSA) {
2285 lsa->data = NULL;
2286 ospf_lsa_discard(lsa);
2287 continue;
2288 }
2289
2290 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2291
2292 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0) {
2293 ospf_ls_retransmit_delete(nbr, lsr);
2294 ospf_check_and_gen_init_seq_lsa(oi, lsa);
2295 }
2296
2297 lsa->data = NULL;
2298 ospf_lsa_discard(lsa);
2299 }
2300
2301 return;
2302 }
2303
2304 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2305 struct interface **ifp,
2306 struct stream *ibuf)
2307 {
2308 int ret;
2309 struct ip *iph;
2310 uint16_t ip_len;
2311 ifindex_t ifindex = 0;
2312 struct iovec iov;
2313 /* Header and data both require alignment. */
2314 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2315 struct msghdr msgh;
2316
2317 memset(&msgh, 0, sizeof(struct msghdr));
2318 msgh.msg_iov = &iov;
2319 msgh.msg_iovlen = 1;
2320 msgh.msg_control = (caddr_t)buff;
2321 msgh.msg_controllen = sizeof(buff);
2322
2323 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2324 OSPF_MAX_PACKET_SIZE + 1);
2325 if (ret < 0) {
2326 if (errno != EAGAIN && errno != EWOULDBLOCK)
2327 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2328 safe_strerror(errno));
2329 return NULL;
2330 }
2331 if ((unsigned int)ret < sizeof(struct ip)) {
2332 flog_warn(
2333 EC_OSPF_PACKET,
2334 "ospf_recv_packet: discarding runt packet of length %d (ip header size is %u)",
2335 ret, (unsigned int)sizeof(iph));
2336 return NULL;
2337 }
2338
2339 /* Note that there should not be alignment problems with this assignment
2340 because this is at the beginning of the stream data buffer. */
2341 iph = (struct ip *)STREAM_DATA(ibuf);
2342 sockopt_iphdrincl_swab_systoh(iph);
2343
2344 ip_len = iph->ip_len;
2345
2346 #if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
2347 /*
2348 * Kernel network code touches incoming IP header parameters,
2349 * before protocol specific processing.
2350 *
2351 * 1) Convert byteorder to host representation.
2352 * --> ip_len, ip_id, ip_off
2353 *
2354 * 2) Adjust ip_len to strip IP header size!
2355 * --> If user process receives entire IP packet via RAW
2356 * socket, it must consider adding IP header size to
2357 * the "ip_len" field of "ip" structure.
2358 *
2359 * For more details, see <netinet/ip_input.c>.
2360 */
2361 ip_len = ip_len + (iph->ip_hl << 2);
2362 #endif
2363
2364 #if defined(__DragonFly__)
2365 /*
2366 * in DragonFly's raw socket, ip_len/ip_off are read
2367 * in network byte order.
2368 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2369 */
2370 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2371 #endif
2372
2373 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2374
2375 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2376
2377 if (ret != ip_len) {
2378 flog_warn(
2379 EC_OSPF_PACKET,
2380 "ospf_recv_packet read length mismatch: ip_len is %d, but recvmsg returned %d",
2381 ip_len, ret);
2382 return NULL;
2383 }
2384
2385 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2386 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2387 ospf_get_name(ospf), ifindex,
2388 *ifp ? (*ifp)->name : "Unknown");
2389 return ibuf;
2390 }
2391
2392 static struct ospf_interface *
2393 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2394 struct ip *iph, struct ospf_header *ospfh)
2395 {
2396 struct ospf_interface *rcv_oi;
2397 struct ospf_vl_data *vl_data;
2398 struct ospf_area *vl_area;
2399 struct listnode *node;
2400
2401 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2402 || !OSPF_IS_AREA_BACKBONE(ospfh))
2403 return NULL;
2404
2405 /* look for local OSPF interface matching the destination
2406 * to determine Area ID. We presume therefore the destination address
2407 * is unique, or at least (for "unnumbered" links), not used in other
2408 * areas
2409 */
2410 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2411 == NULL)
2412 return NULL;
2413
2414 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2415 vl_area =
2416 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2417 if (!vl_area)
2418 continue;
2419
2420 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2421 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2422 if (IS_DEBUG_OSPF_EVENT)
2423 zlog_debug("associating packet with %s",
2424 IF_NAME(vl_data->vl_oi));
2425 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2426 if (IS_DEBUG_OSPF_EVENT)
2427 zlog_debug(
2428 "This VL is not up yet, sorry");
2429 return NULL;
2430 }
2431
2432 return vl_data->vl_oi;
2433 }
2434 }
2435
2436 if (IS_DEBUG_OSPF_EVENT)
2437 zlog_debug("couldn't find any VL to associate the packet with");
2438
2439 return NULL;
2440 }
2441
2442 static int ospf_check_area_id(struct ospf_interface *oi,
2443 struct ospf_header *ospfh)
2444 {
2445 /* Check match the Area ID of the receiving interface. */
2446 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2447 return 1;
2448
2449 return 0;
2450 }
2451
2452 /* Unbound socket will accept any Raw IP packets if proto is matched.
2453 To prevent it, compare src IP address and i/f address with masking
2454 i/f network mask. */
2455 static int ospf_check_network_mask(struct ospf_interface *oi,
2456 struct in_addr ip_src)
2457 {
2458 struct in_addr mask, me, him;
2459
2460 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2461 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2462 return 1;
2463
2464 /* Ignore mask check for max prefix length (32) */
2465 if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
2466 && oi->address->prefixlen == IPV4_MAX_BITLEN)
2467 return 1;
2468
2469 masklen2ip(oi->address->prefixlen, &mask);
2470
2471 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2472 him.s_addr = ip_src.s_addr & mask.s_addr;
2473
2474 if (IPV4_ADDR_SAME(&me, &him))
2475 return 1;
2476
2477 return 0;
2478 }
2479
2480 /* Return 1, if the packet is properly authenticated and checksummed,
2481 0 otherwise. In particular, check that AuType header field is valid and
2482 matches the locally configured AuType, and that D.5 requirements are met. */
2483 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2484 {
2485 struct crypt_key *ck;
2486 uint16_t iface_auth_type;
2487 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2488
2489 switch (pkt_auth_type) {
2490 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2491 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2492 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2493 flog_warn(
2494 EC_OSPF_PACKET,
2495 "interface %s: auth-type mismatch, local %s, rcvd Null",
2496 IF_NAME(oi),
2497 lookup_msg(ospf_auth_type_str,
2498 iface_auth_type, NULL));
2499 return 0;
2500 }
2501 if (!ospf_check_sum(ospfh)) {
2502 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2503 flog_warn(
2504 EC_OSPF_PACKET,
2505 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
2506 IF_NAME(oi),
2507 &ospfh->router_id);
2508 return 0;
2509 }
2510 return 1;
2511 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2512 if (OSPF_AUTH_SIMPLE
2513 != (iface_auth_type = ospf_auth_type(oi))) {
2514 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2515 flog_warn(
2516 EC_OSPF_PACKET,
2517 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2518 IF_NAME(oi),
2519 lookup_msg(ospf_auth_type_str,
2520 iface_auth_type, NULL));
2521 return 0;
2522 }
2523 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2524 OSPF_AUTH_SIMPLE_SIZE)) {
2525 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2526 flog_warn(EC_OSPF_PACKET,
2527 "interface %s: Simple auth failed",
2528 IF_NAME(oi));
2529 return 0;
2530 }
2531 if (!ospf_check_sum(ospfh)) {
2532 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2533 flog_warn(
2534 EC_OSPF_PACKET,
2535 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
2536 IF_NAME(oi),
2537 &ospfh->router_id);
2538 return 0;
2539 }
2540 return 1;
2541 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2542 if (OSPF_AUTH_CRYPTOGRAPHIC
2543 != (iface_auth_type = ospf_auth_type(oi))) {
2544 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2545 flog_warn(
2546 EC_OSPF_PACKET,
2547 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2548 IF_NAME(oi),
2549 lookup_msg(ospf_auth_type_str,
2550 iface_auth_type, NULL));
2551 return 0;
2552 }
2553 if (ospfh->checksum) {
2554 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2555 flog_warn(
2556 EC_OSPF_PACKET,
2557 "interface %s: OSPF header checksum is not 0",
2558 IF_NAME(oi));
2559 return 0;
2560 }
2561 /* only MD5 crypto method can pass ospf_packet_examin() */
2562 if (NULL == (ck = listgetdata(
2563 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2564 || ospfh->u.crypt.key_id != ck->key_id ||
2565 /* Condition above uses the last key ID on the list,
2566 which is
2567 different from what ospf_crypt_key_lookup() does. A
2568 bug? */
2569 !ospf_check_md5_digest(oi, ospfh)) {
2570 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2571 flog_warn(EC_OSPF_MD5,
2572 "interface %s: MD5 auth failed",
2573 IF_NAME(oi));
2574 return 0;
2575 }
2576 return 1;
2577 default:
2578 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2579 flog_warn(
2580 EC_OSPF_PACKET,
2581 "interface %s: invalid packet auth-type (%02x)",
2582 IF_NAME(oi), pkt_auth_type);
2583 return 0;
2584 }
2585 }
2586
2587 static int ospf_check_sum(struct ospf_header *ospfh)
2588 {
2589 uint32_t ret;
2590 uint16_t sum;
2591
2592 /* clear auth_data for checksum. */
2593 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2594
2595 /* keep checksum and clear. */
2596 sum = ospfh->checksum;
2597 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2598
2599 /* calculate checksum. */
2600 ret = in_cksum(ospfh, ntohs(ospfh->length));
2601
2602 if (ret != sum) {
2603 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2604 ret, sum);
2605 return 0;
2606 }
2607
2608 return 1;
2609 }
2610
2611 /* Verify, that given link/TOS records are properly sized/aligned and match
2612 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2613 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2614 uint16_t linkbytes,
2615 const uint16_t num_links)
2616 {
2617 unsigned counted_links = 0, thislinklen;
2618
2619 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
2620 thislinklen =
2621 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2622 if (thislinklen > linkbytes) {
2623 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2624 zlog_debug("%s: length error in link block #%u",
2625 __func__, counted_links);
2626 return MSG_NG;
2627 }
2628 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2629 linkbytes -= thislinklen;
2630 counted_links++;
2631 }
2632 if (counted_links != num_links) {
2633 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2634 zlog_debug("%s: %u link blocks declared, %u present",
2635 __func__, num_links, counted_links);
2636 return MSG_NG;
2637 }
2638 return MSG_OK;
2639 }
2640
2641 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2642 minimum length constraint). */
2643 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2644 const uint8_t headeronly)
2645 {
2646 unsigned ret;
2647 struct router_lsa *rlsa;
2648 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2649 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2650 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2651 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2652 lookup_msg(ospf_lsa_type_msg, lsah->type,
2653 NULL));
2654 return MSG_NG;
2655 }
2656 switch (lsah->type) {
2657 case OSPF_ROUTER_LSA: {
2658 /*
2659 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2660 * (12+)-byte link blocks
2661 */
2662 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2663 - OSPF_ROUTER_LSA_MIN_SIZE;
2664
2665 /*
2666 * LSA link blocks are variable length but always multiples of
2667 * 4; basic sanity check
2668 */
2669 if (linkbytes_len % 4 != 0)
2670 return MSG_NG;
2671
2672 if (headeronly)
2673 return MSG_OK;
2674
2675 rlsa = (struct router_lsa *)lsah;
2676
2677 ret = ospf_router_lsa_links_examin(
2678 (struct router_lsa_link *)rlsa->link,
2679 linkbytes_len,
2680 ntohs(rlsa->links));
2681 break;
2682 }
2683 case OSPF_AS_EXTERNAL_LSA:
2684 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2685 * blocks */
2686 case OSPF_AS_NSSA_LSA:
2687 /* RFC3101 C, idem */
2688 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2689 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2690 % 12
2691 ? MSG_NG
2692 : MSG_OK;
2693 break;
2694 /* Following LSA types are considered OK length-wise as soon as their
2695 * minimum
2696 * length constraint is met and length of the whole LSA is a multiple of
2697 * 4
2698 * (basic LSA header size is already a multiple of 4). */
2699 case OSPF_NETWORK_LSA:
2700 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2701 case OSPF_SUMMARY_LSA:
2702 case OSPF_ASBR_SUMMARY_LSA:
2703 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2704 * blocks */
2705 case OSPF_OPAQUE_LINK_LSA:
2706 case OSPF_OPAQUE_AREA_LSA:
2707 case OSPF_OPAQUE_AS_LSA:
2708 /* RFC5250 A.2, "some number of octets (of application-specific
2709 * data) padded to 32-bit alignment." This is considered
2710 * equivalent
2711 * to 4-byte alignment of all other LSA types, see
2712 * OSPF-ALIGNMENT.txt
2713 * file for the detailed analysis of this passage. */
2714 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2715 break;
2716 default:
2717 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2718 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2719 lsah->type);
2720 return MSG_NG;
2721 }
2722 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2723 zlog_debug("%s: alignment error in %s", __func__,
2724 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2725 return ret;
2726 }
2727
2728 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2729 includes verification of LSA blocks length/alignment and dispatching
2730 of deeper-level checks. */
2731 static unsigned
2732 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2733 size_t length, const uint8_t headeronly,
2734 /* When declared_num_lsas is not 0, compare it to the real
2735 number of LSAs
2736 and treat the difference as an error. */
2737 const uint32_t declared_num_lsas)
2738 {
2739 uint32_t counted_lsas = 0;
2740
2741 while (length) {
2742 uint16_t lsalen;
2743 if (length < OSPF_LSA_HEADER_SIZE) {
2744 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2745 zlog_debug(
2746 "%s: undersized (%zu B) trailing (#%u) LSA header",
2747 __func__, length, counted_lsas);
2748 return MSG_NG;
2749 }
2750 /* save on ntohs() calls here and in the LSA validator */
2751 lsalen = ntohs(lsah->length);
2752 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2753 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2754 zlog_debug(
2755 "%s: malformed LSA header #%u, declared length is %u B",
2756 __func__, counted_lsas, lsalen);
2757 return MSG_NG;
2758 }
2759 if (headeronly) {
2760 /* less checks here and in ospf_lsa_examin() */
2761 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2762 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2763 zlog_debug(
2764 "%s: malformed header-only LSA #%u",
2765 __func__, counted_lsas);
2766 return MSG_NG;
2767 }
2768 lsah = (struct lsa_header *)((caddr_t)lsah
2769 + OSPF_LSA_HEADER_SIZE);
2770 length -= OSPF_LSA_HEADER_SIZE;
2771 } else {
2772 /* make sure the input buffer is deep enough before
2773 * further checks */
2774 if (lsalen > length) {
2775 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2776 zlog_debug(
2777 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2778 __func__, counted_lsas, lsalen,
2779 length);
2780 return MSG_NG;
2781 }
2782 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2783 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2784 zlog_debug("%s: malformed LSA #%u",
2785 __func__, counted_lsas);
2786 return MSG_NG;
2787 }
2788 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2789 length -= lsalen;
2790 }
2791 counted_lsas++;
2792 }
2793
2794 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2795 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2796 zlog_debug(
2797 "%s: #LSAs declared (%u) does not match actual (%u)",
2798 __func__, declared_num_lsas, counted_lsas);
2799 return MSG_NG;
2800 }
2801 return MSG_OK;
2802 }
2803
2804 /* Verify a complete OSPF packet for proper sizing/alignment. */
2805 static unsigned ospf_packet_examin(struct ospf_header *oh,
2806 const unsigned bytesonwire)
2807 {
2808 uint16_t bytesdeclared, bytesauth;
2809 unsigned ret;
2810 struct ospf_ls_update *lsupd;
2811
2812 /* Length, 1st approximation. */
2813 if (bytesonwire < OSPF_HEADER_SIZE) {
2814 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2815 zlog_debug("%s: undersized (%u B) packet", __func__,
2816 bytesonwire);
2817 return MSG_NG;
2818 }
2819 /* Now it is safe to access header fields. Performing length check,
2820 * allow
2821 * for possible extra bytes of crypto auth/padding, which are not
2822 * counted
2823 * in the OSPF header "length" field. */
2824 if (oh->version != OSPF_VERSION) {
2825 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2826 zlog_debug("%s: invalid (%u) protocol version",
2827 __func__, oh->version);
2828 return MSG_NG;
2829 }
2830 bytesdeclared = ntohs(oh->length);
2831 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2832 bytesauth = 0;
2833 else {
2834 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2835 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2836 zlog_debug(
2837 "%s: unsupported crypto auth length (%u B)",
2838 __func__, oh->u.crypt.auth_data_len);
2839 return MSG_NG;
2840 }
2841 bytesauth = OSPF_AUTH_MD5_SIZE;
2842 }
2843 if (bytesdeclared + bytesauth > bytesonwire) {
2844 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2845 zlog_debug(
2846 "%s: packet length error (%u real, %u+%u declared)",
2847 __func__, bytesonwire, bytesdeclared,
2848 bytesauth);
2849 return MSG_NG;
2850 }
2851 /* Length, 2nd approximation. The type-specific constraint is checked
2852 against declared length, not amount of bytes on wire. */
2853 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2854 && bytesdeclared
2855 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2856 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2857 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2858 bytesdeclared,
2859 lookup_msg(ospf_packet_type_str, oh->type,
2860 NULL));
2861 return MSG_NG;
2862 }
2863 switch (oh->type) {
2864 case OSPF_MSG_HELLO:
2865 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2866 followed
2867 by N>=0 router-IDs. */
2868 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2869 % 4
2870 ? MSG_NG
2871 : MSG_OK;
2872 break;
2873 case OSPF_MSG_DB_DESC:
2874 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2875 followed
2876 by N>=0 header-only LSAs. */
2877 ret = ospf_lsaseq_examin(
2878 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2879 + OSPF_DB_DESC_MIN_SIZE),
2880 bytesdeclared - OSPF_HEADER_SIZE
2881 - OSPF_DB_DESC_MIN_SIZE,
2882 1, /* header-only LSAs */
2883 0);
2884 break;
2885 case OSPF_MSG_LS_REQ:
2886 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2887 * request blocks. */
2888 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2889 % OSPF_LSA_KEY_SIZE
2890 ? MSG_NG
2891 : MSG_OK;
2892 break;
2893 case OSPF_MSG_LS_UPD:
2894 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2895 followed
2896 by N>=0 full LSAs (with N declared beforehand). */
2897 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2898 + OSPF_HEADER_SIZE);
2899 ret = ospf_lsaseq_examin(
2900 (struct lsa_header *)((caddr_t)lsupd
2901 + OSPF_LS_UPD_MIN_SIZE),
2902 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2903 0, /* full LSAs */
2904 ntohl(lsupd->num_lsas) /* 32 bits */
2905 );
2906 break;
2907 case OSPF_MSG_LS_ACK:
2908 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2909 * LSAs. */
2910 ret = ospf_lsaseq_examin(
2911 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2912 + OSPF_LS_ACK_MIN_SIZE),
2913 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2914 1, /* header-only LSAs */
2915 0);
2916 break;
2917 default:
2918 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2919 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2920 oh->type);
2921 return MSG_NG;
2922 }
2923 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2924 zlog_debug("%s: malformed %s packet", __func__,
2925 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2926 return ret;
2927 }
2928
2929 /* OSPF Header verification. */
2930 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2931 struct ip *iph, struct ospf_header *ospfh)
2932 {
2933 /* Check Area ID. */
2934 if (!ospf_check_area_id(oi, ospfh)) {
2935 flog_warn(EC_OSPF_PACKET,
2936 "interface %s: ospf_read invalid Area ID %pI4",
2937 IF_NAME(oi), &ospfh->area_id);
2938 return -1;
2939 }
2940
2941 /* Check network mask, Silently discarded. */
2942 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2943 flog_warn(
2944 EC_OSPF_PACKET,
2945 "interface %s: ospf_read network address is not same [%pI4]",
2946 IF_NAME(oi), &iph->ip_src);
2947 return -1;
2948 }
2949
2950 /* Check authentication. The function handles logging actions, where
2951 * required. */
2952 if (!ospf_check_auth(oi, ospfh))
2953 return -1;
2954
2955 return 0;
2956 }
2957
2958 enum ospf_read_return_enum {
2959 OSPF_READ_ERROR,
2960 OSPF_READ_CONTINUE,
2961 };
2962
2963 static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
2964 {
2965 int ret;
2966 struct stream *ibuf;
2967 struct ospf_interface *oi;
2968 struct ip *iph;
2969 struct ospf_header *ospfh;
2970 uint16_t length;
2971 struct connected *c;
2972 struct interface *ifp = NULL;
2973
2974 stream_reset(ospf->ibuf);
2975 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2976 if (ibuf == NULL)
2977 return OSPF_READ_ERROR;
2978
2979 /*
2980 * This raw packet is known to be at least as big as its
2981 * IP header. Note that there should not be alignment problems with
2982 * this assignment because this is at the beginning of the
2983 * stream data buffer.
2984 */
2985 iph = (struct ip *)STREAM_DATA(ibuf);
2986 /*
2987 * Note that sockopt_iphdrincl_swab_systoh was called in
2988 * ospf_recv_packet.
2989 */
2990 if (ifp == NULL) {
2991 /*
2992 * Handle cases where the platform does not support
2993 * retrieving the ifindex, and also platforms (such as
2994 * Solaris 8) that claim to support ifindex retrieval but do
2995 * not.
2996 */
2997 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2998 ospf->vrf_id);
2999 if (c)
3000 ifp = c->ifp;
3001 if (ifp == NULL) {
3002 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3003 zlog_debug(
3004 "%s: Unable to determine incoming interface from: %pI4(%s)",
3005 __func__, &iph->ip_src,
3006 ospf_get_name(ospf));
3007 return OSPF_READ_CONTINUE;
3008 }
3009 }
3010
3011 if (ospf->vrf_id == VRF_DEFAULT && ospf->vrf_id != ifp->vrf_id) {
3012 /*
3013 * We may have a situation where l3mdev_accept == 1
3014 * let's just kindly drop the packet and move on.
3015 * ospf really really really does not like when
3016 * we receive the same packet multiple times.
3017 */
3018 return OSPF_READ_CONTINUE;
3019 }
3020
3021 /* Self-originated packet should be discarded silently. */
3022 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3023 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3024 zlog_debug(
3025 "ospf_read[%pI4]: Dropping self-originated packet",
3026 &iph->ip_src);
3027 }
3028 return OSPF_READ_CONTINUE;
3029 }
3030
3031 /* Check that we have enough for an IP header */
3032 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3033 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3034 flog_warn(
3035 EC_OSPF_PACKET,
3036 "Rx'd IP packet with OSPF protocol number but no payload");
3037 } else {
3038 flog_warn(
3039 EC_OSPF_PACKET,
3040 "IP header length field claims header is %u bytes, but we only have %zu",
3041 (unsigned int)(iph->ip_hl << 2),
3042 STREAM_READABLE(ibuf));
3043 }
3044
3045 return OSPF_READ_ERROR;
3046 }
3047 stream_forward_getp(ibuf, iph->ip_hl << 2);
3048
3049 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3050 if (MSG_OK
3051 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3052 - stream_get_getp(ibuf)))
3053 return OSPF_READ_CONTINUE;
3054 /* Now it is safe to access all fields of OSPF packet header. */
3055
3056 /* associate packet with ospf interface */
3057 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3058
3059 /*
3060 * ospf_verify_header() relies on a valid "oi" and thus can be called
3061 * only after the passive/backbone/other checks below are passed.
3062 * These checks in turn access the fields of unverified "ospfh"
3063 * structure for their own purposes and must remain very accurate
3064 * in doing this.
3065 */
3066
3067 /* If incoming interface is passive one, ignore it. */
3068 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3069 if (IS_DEBUG_OSPF_EVENT)
3070 zlog_debug(
3071 "ignoring packet from router %pI4 sent to %pI4, received on a passive interface, %pI4",
3072 &ospfh->router_id, &iph->ip_dst,
3073 &oi->address->u.prefix4);
3074
3075 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3076 /* Try to fix multicast membership.
3077 * Some OS:es may have problems in this area,
3078 * make sure it is removed.
3079 */
3080 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3081 ospf_if_set_multicast(oi);
3082 }
3083 return OSPF_READ_CONTINUE;
3084 }
3085
3086
3087 /* if no local ospf_interface,
3088 * or header area is backbone but ospf_interface is not
3089 * check for VLINK interface
3090 */
3091 if ((oi == NULL)
3092 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3093 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3094 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3095 == NULL) {
3096 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3097 zlog_debug(
3098 "Packet from [%pI4] received on link %s but no ospf_interface",
3099 &iph->ip_src, ifp->name);
3100 return OSPF_READ_CONTINUE;
3101 }
3102 }
3103
3104 /*
3105 * else it must be a local ospf interface, check it was
3106 * received on correct link
3107 */
3108 else if (oi->ifp != ifp) {
3109 if (IS_DEBUG_OSPF_EVENT)
3110 flog_warn(EC_OSPF_PACKET,
3111 "Packet from [%pI4] received on wrong link %s",
3112 &iph->ip_src, ifp->name);
3113 return OSPF_READ_CONTINUE;
3114 } else if (oi->state == ISM_Down) {
3115 flog_warn(
3116 EC_OSPF_PACKET,
3117 "Ignoring packet from %pI4 to %pI4 received on interface that is down [%s]; interface flags are %s",
3118 &iph->ip_src, &iph->ip_dst, ifp->name,
3119 if_flag_dump(ifp->flags));
3120 /* Fix multicast memberships? */
3121 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3122 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3123 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3124 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3125 if (oi->multicast_memberships)
3126 ospf_if_set_multicast(oi);
3127 return OSPF_READ_CONTINUE;
3128 }
3129
3130 /*
3131 * If the received packet is destined for AllDRouters, the
3132 * packet should be accepted only if the received ospf
3133 * interface state is either DR or Backup -- endo.
3134 *
3135 * I wonder who endo is?
3136 */
3137 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3138 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3139 flog_warn(
3140 EC_OSPF_PACKET,
3141 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3142 &iph->ip_src, IF_NAME(oi),
3143 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3144 /* Try to fix multicast membership. */
3145 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3146 ospf_if_set_multicast(oi);
3147 return OSPF_READ_CONTINUE;
3148 }
3149
3150 /* Verify more OSPF header fields. */
3151 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3152 if (ret < 0) {
3153 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3154 zlog_debug(
3155 "ospf_read[%pI4]: Header check failed, dropping.",
3156 &iph->ip_src);
3157 return OSPF_READ_CONTINUE;
3158 }
3159
3160 /* Show debug receiving packet. */
3161 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3162 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3163 zlog_debug(
3164 "-----------------------------------------------------");
3165 ospf_packet_dump(ibuf);
3166 }
3167
3168 zlog_debug("%s received from [%pI4] via [%s]",
3169 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3170 &ospfh->router_id, IF_NAME(oi));
3171 zlog_debug(" src [%pI4],", &iph->ip_src);
3172 zlog_debug(" dst [%pI4]", &iph->ip_dst);
3173
3174 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3175 zlog_debug(
3176 "-----------------------------------------------------");
3177 }
3178
3179 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3180
3181 /* Adjust size to message length. */
3182 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3183
3184 /* Read rest of the packet and call each sort of packet routine.
3185 */
3186 switch (ospfh->type) {
3187 case OSPF_MSG_HELLO:
3188 ospf_hello(iph, ospfh, ibuf, oi, length);
3189 break;
3190 case OSPF_MSG_DB_DESC:
3191 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3192 break;
3193 case OSPF_MSG_LS_REQ:
3194 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3195 break;
3196 case OSPF_MSG_LS_UPD:
3197 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3198 break;
3199 case OSPF_MSG_LS_ACK:
3200 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3201 break;
3202 default:
3203 flog_warn(
3204 EC_OSPF_PACKET,
3205 "interface %s(%s): OSPF packet header type %d is illegal",
3206 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3207 break;
3208 }
3209
3210 return OSPF_READ_CONTINUE;
3211 }
3212
3213 /* Starting point of packet process function. */
3214 int ospf_read(struct thread *thread)
3215 {
3216 struct ospf *ospf;
3217 int32_t count = 0;
3218 enum ospf_read_return_enum ret;
3219
3220 /* first of all get interface pointer. */
3221 ospf = THREAD_ARG(thread);
3222
3223 /* prepare for next packet. */
3224 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3225
3226 while (count < ospf->write_oi_count) {
3227 count++;
3228 ret = ospf_read_helper(ospf);
3229 switch (ret) {
3230 case OSPF_READ_ERROR:
3231 return -1;
3232 case OSPF_READ_CONTINUE:
3233 break;
3234 }
3235 }
3236
3237 return 0;
3238 }
3239
3240 /* Make OSPF header. */
3241 static void ospf_make_header(int type, struct ospf_interface *oi,
3242 struct stream *s)
3243 {
3244 struct ospf_header *ospfh;
3245
3246 ospfh = (struct ospf_header *)STREAM_DATA(s);
3247
3248 ospfh->version = (uint8_t)OSPF_VERSION;
3249 ospfh->type = (uint8_t)type;
3250
3251 ospfh->router_id = oi->ospf->router_id;
3252
3253 ospfh->checksum = 0;
3254 ospfh->area_id = oi->area->area_id;
3255 ospfh->auth_type = htons(ospf_auth_type(oi));
3256
3257 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3258
3259 stream_forward_endp(s, OSPF_HEADER_SIZE);
3260 }
3261
3262 /* Make Authentication Data. */
3263 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3264 {
3265 struct crypt_key *ck;
3266
3267 switch (ospf_auth_type(oi)) {
3268 case OSPF_AUTH_NULL:
3269 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3270 */
3271 break;
3272 case OSPF_AUTH_SIMPLE:
3273 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3274 OSPF_AUTH_SIMPLE_SIZE);
3275 break;
3276 case OSPF_AUTH_CRYPTOGRAPHIC:
3277 /* If key is not set, then set 0. */
3278 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3279 ospfh->u.crypt.zero = 0;
3280 ospfh->u.crypt.key_id = 0;
3281 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3282 } else {
3283 ck = listgetdata(
3284 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3285 ospfh->u.crypt.zero = 0;
3286 ospfh->u.crypt.key_id = ck->key_id;
3287 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3288 }
3289 /* note: the seq is done in ospf_make_md5_digest() */
3290 break;
3291 default:
3292 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3293 */
3294 break;
3295 }
3296
3297 return 0;
3298 }
3299
3300 /* Fill rest of OSPF header. */
3301 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3302 uint16_t length)
3303 {
3304 struct ospf_header *ospfh;
3305
3306 ospfh = (struct ospf_header *)STREAM_DATA(s);
3307
3308 /* Fill length. */
3309 ospfh->length = htons(length);
3310
3311 /* Calculate checksum. */
3312 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3313 ospfh->checksum = in_cksum(ospfh, length);
3314 else
3315 ospfh->checksum = 0;
3316
3317 /* Add Authentication Data. */
3318 ospf_make_auth(oi, ospfh);
3319 }
3320
3321 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3322 {
3323 struct ospf_neighbor *nbr;
3324 struct route_node *rn;
3325 uint16_t length = OSPF_HELLO_MIN_SIZE;
3326 struct in_addr mask;
3327 unsigned long p;
3328 int flag = 0;
3329
3330 /* Set netmask of interface. */
3331 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3332 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3333 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3334 masklen2ip(oi->address->prefixlen, &mask);
3335 else
3336 memset((char *)&mask, 0, sizeof(struct in_addr));
3337 stream_put_ipv4(s, mask.s_addr);
3338
3339 /* Set Hello Interval. */
3340 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3341 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3342 else
3343 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3344
3345 if (IS_DEBUG_OSPF_EVENT)
3346 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3347 IF_NAME(oi));
3348
3349 /* Set Options. */
3350 stream_putc(s, OPTIONS(oi));
3351
3352 /* Set Router Priority. */
3353 stream_putc(s, PRIORITY(oi));
3354
3355 /* Set Router Dead Interval. */
3356 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3357
3358 /* Set Designated Router. */
3359 stream_put_ipv4(s, DR(oi).s_addr);
3360
3361 p = stream_get_endp(s);
3362
3363 /* Set Backup Designated Router. */
3364 stream_put_ipv4(s, BDR(oi).s_addr);
3365
3366 /* Add neighbor seen. */
3367 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3368 if ((nbr = rn->info))
3369 if (nbr->router_id.s_addr
3370 != INADDR_ANY) /* Ignore 0.0.0.0 node. */
3371 if (nbr->state
3372 != NSM_Attempt) /* Ignore Down neighbor. */
3373 if (nbr->state
3374 != NSM_Down) /* This is myself for
3375 DR election. */
3376 if (!IPV4_ADDR_SAME(
3377 &nbr->router_id,
3378 &oi->ospf->router_id)) {
3379 /* Check neighbor is
3380 * sane? */
3381 if (nbr->d_router.s_addr
3382 != INADDR_ANY
3383 && IPV4_ADDR_SAME(
3384 &nbr->d_router,
3385 &oi->address
3386 ->u
3387 .prefix4)
3388 && IPV4_ADDR_SAME(
3389 &nbr->bd_router,
3390 &oi->address
3391 ->u
3392 .prefix4))
3393 flag = 1;
3394
3395 /* Hello packet overflows interface MTU. */
3396 if (length + sizeof(uint32_t)
3397 > ospf_packet_max(oi)) {
3398 flog_err(
3399 EC_OSPF_LARGE_HELLO,
3400 "Oversized Hello packet! Larger than MTU. Not sending it out");
3401 return 0;
3402 }
3403
3404 stream_put_ipv4(
3405 s,
3406 nbr->router_id
3407 .s_addr);
3408 length += 4;
3409 }
3410
3411 /* Let neighbor generate BackupSeen. */
3412 if (flag == 1)
3413 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3414
3415 return length;
3416 }
3417
3418 static int ospf_make_db_desc(struct ospf_interface *oi,
3419 struct ospf_neighbor *nbr, struct stream *s)
3420 {
3421 struct ospf_lsa *lsa;
3422 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3423 uint8_t options;
3424 unsigned long pp;
3425 int i;
3426 struct ospf_lsdb *lsdb;
3427
3428 /* Set Interface MTU. */
3429 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3430 stream_putw(s, 0);
3431 else
3432 stream_putw(s, oi->ifp->mtu);
3433
3434 /* Set Options. */
3435 options = OPTIONS(oi);
3436 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3437 SET_FLAG(options, OSPF_OPTION_O);
3438 stream_putc(s, options);
3439
3440 /* DD flags */
3441 pp = stream_get_endp(s);
3442 stream_putc(s, nbr->dd_flags);
3443
3444 /* Set DD Sequence Number. */
3445 stream_putl(s, nbr->dd_seqnum);
3446
3447 /* shortcut unneeded walk of (empty) summary LSDBs */
3448 if (ospf_db_summary_isempty(nbr))
3449 goto empty;
3450
3451 /* Describe LSA Header from Database Summary List. */
3452 lsdb = &nbr->db_sum;
3453
3454 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3455 struct route_table *table = lsdb->type[i].db;
3456 struct route_node *rn;
3457
3458 for (rn = route_top(table); rn; rn = route_next(rn))
3459 if ((lsa = rn->info) != NULL) {
3460 if (IS_OPAQUE_LSA(lsa->data->type)
3461 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3462 /* Suppress advertising
3463 * opaque-information. */
3464 /* Remove LSA from DB summary list. */
3465 ospf_lsdb_delete(lsdb, lsa);
3466 continue;
3467 }
3468
3469 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3470 struct lsa_header *lsah;
3471 uint16_t ls_age;
3472
3473 /* DD packet overflows interface MTU. */
3474 if (length + OSPF_LSA_HEADER_SIZE
3475 > ospf_packet_max(oi))
3476 break;
3477
3478 /* Keep pointer to LS age. */
3479 lsah = (struct lsa_header
3480 *)(STREAM_DATA(s)
3481 + stream_get_endp(
3482 s));
3483
3484 /* Proceed stream pointer. */
3485 stream_put(s, lsa->data,
3486 OSPF_LSA_HEADER_SIZE);
3487 length += OSPF_LSA_HEADER_SIZE;
3488
3489 /* Set LS age. */
3490 ls_age = LS_AGE(lsa);
3491 lsah->ls_age = htons(ls_age);
3492 }
3493
3494 /* Remove LSA from DB summary list. */
3495 ospf_lsdb_delete(lsdb, lsa);
3496 }
3497 }
3498
3499 /* Update 'More' bit */
3500 if (ospf_db_summary_isempty(nbr)) {
3501 empty:
3502 if (nbr->state >= NSM_Exchange) {
3503 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3504 /* Rewrite DD flags */
3505 stream_putc_at(s, pp, nbr->dd_flags);
3506 } else {
3507 assert(IS_SET_DD_M(nbr->dd_flags));
3508 }
3509 }
3510 return length;
3511 }
3512
3513 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3514 unsigned long delta, struct ospf_neighbor *nbr,
3515 struct ospf_lsa *lsa)
3516 {
3517 struct ospf_interface *oi;
3518
3519 oi = nbr->oi;
3520
3521 /* LS Request packet overflows interface MTU
3522 * delta is just number of bytes required for 1 LS Req
3523 * ospf_packet_max will return the number of bytes can
3524 * be accomodated without ospf header. So length+delta
3525 * can be compared to ospf_packet_max
3526 * to check if it can fit another lsreq in the same packet.
3527 */
3528
3529 if (*length + delta > ospf_packet_max(oi))
3530 return 0;
3531
3532 stream_putl(s, lsa->data->type);
3533 stream_put_ipv4(s, lsa->data->id.s_addr);
3534 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3535
3536 ospf_lsa_unlock(&nbr->ls_req_last);
3537 nbr->ls_req_last = ospf_lsa_lock(lsa);
3538
3539 *length += 12;
3540 return 1;
3541 }
3542
3543 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3544 {
3545 struct ospf_lsa *lsa;
3546 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3547 unsigned long delta = 12;
3548 struct route_table *table;
3549 struct route_node *rn;
3550 int i;
3551 struct ospf_lsdb *lsdb;
3552
3553 lsdb = &nbr->ls_req;
3554
3555 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3556 table = lsdb->type[i].db;
3557 for (rn = route_top(table); rn; rn = route_next(rn))
3558 if ((lsa = (rn->info)) != NULL)
3559 if (ospf_make_ls_req_func(s, &length, delta,
3560 nbr, lsa)
3561 == 0) {
3562 route_unlock_node(rn);
3563 break;
3564 }
3565 }
3566 return length;
3567 }
3568
3569 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3570 {
3571 int age;
3572
3573 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3574
3575 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3576 }
3577
3578 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3579 struct stream *s)
3580 {
3581 struct ospf_lsa *lsa;
3582 struct listnode *node;
3583 uint16_t length = 0;
3584 unsigned int size_noauth;
3585 unsigned long delta = stream_get_endp(s);
3586 unsigned long pp;
3587 int count = 0;
3588
3589 if (IS_DEBUG_OSPF_EVENT)
3590 zlog_debug("ospf_make_ls_upd: Start");
3591
3592 pp = stream_get_endp(s);
3593 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3594 length += OSPF_LS_UPD_MIN_SIZE;
3595
3596 /* Calculate amount of packet usable for data. */
3597 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3598
3599 while ((node = listhead(update)) != NULL) {
3600 struct lsa_header *lsah;
3601 uint16_t ls_age;
3602
3603 lsa = listgetdata(node);
3604 assert(lsa->data);
3605
3606 if (IS_DEBUG_OSPF_EVENT)
3607 zlog_debug("%s: List Iteration %d LSA[%s]", __func__,
3608 count, dump_lsa_key(lsa));
3609
3610 /* Will it fit? Minimum it has to fit atleast one */
3611 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3612 (count > 0))
3613 break;
3614
3615 /* Keep pointer to LS age. */
3616 lsah = (struct lsa_header *)(STREAM_DATA(s)
3617 + stream_get_endp(s));
3618
3619 /* Put LSA to Link State Request. */
3620 stream_put(s, lsa->data, ntohs(lsa->data->length));
3621
3622 /* Set LS age. */
3623 /* each hop must increment an lsa_age by transmit_delay
3624 of OSPF interface */
3625 ls_age = ls_age_increment(lsa,
3626 OSPF_IF_PARAM(oi, transmit_delay));
3627 lsah->ls_age = htons(ls_age);
3628
3629 length += ntohs(lsa->data->length);
3630 count++;
3631
3632 list_delete_node(update, node);
3633 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3634 }
3635
3636 /* Now set #LSAs. */
3637 stream_putl_at(s, pp, count);
3638
3639 if (IS_DEBUG_OSPF_EVENT)
3640 zlog_debug("ospf_make_ls_upd: Stop");
3641 return length;
3642 }
3643
3644 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3645 struct stream *s)
3646 {
3647 struct listnode *node, *nnode;
3648 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3649 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3650 struct ospf_lsa *lsa;
3651
3652 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3653 assert(lsa);
3654
3655 /* LS Ack packet overflows interface MTU
3656 * delta is just number of bytes required for
3657 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3658 * the number of bytes can be accomodated without
3659 * ospf header. So length+delta can be compared
3660 * against ospf_packet_max to check if it can fit
3661 * another ls header in the same packet.
3662 */
3663 if ((length + delta) > ospf_packet_max(oi))
3664 break;
3665
3666 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3667 length += OSPF_LSA_HEADER_SIZE;
3668
3669 listnode_delete(ack, lsa);
3670 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3671 }
3672
3673 return length;
3674 }
3675
3676 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3677 {
3678 struct ospf_packet *op;
3679 uint16_t length = OSPF_HEADER_SIZE;
3680
3681 op = ospf_packet_new(oi->ifp->mtu);
3682
3683 /* Prepare OSPF common header. */
3684 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3685
3686 /* Prepare OSPF Hello body. */
3687 length += ospf_make_hello(oi, op->s);
3688 if (length == OSPF_HEADER_SIZE) {
3689 /* Hello overshooting MTU */
3690 ospf_packet_free(op);
3691 return;
3692 }
3693
3694 /* Fill OSPF header. */
3695 ospf_fill_header(oi, op->s, length);
3696
3697 /* Set packet length. */
3698 op->length = length;
3699
3700 op->dst.s_addr = addr;
3701
3702 if (IS_DEBUG_OSPF_EVENT) {
3703 if (oi->ospf->vrf_id)
3704 zlog_debug(
3705 "%s: Hello Tx interface %s ospf vrf %s id %u",
3706 __func__, oi->ifp->name,
3707 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3708 oi->ospf->vrf_id);
3709 }
3710 /* Add packet to the top of the interface output queue, so that they
3711 * can't get delayed by things like long queues of LS Update packets
3712 */
3713 ospf_packet_add_top(oi, op);
3714
3715 /* Hook thread to write packet. */
3716 OSPF_ISM_WRITE_ON(oi->ospf);
3717 }
3718
3719 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3720 {
3721 struct ospf_interface *oi;
3722
3723 oi = nbr_nbma->oi;
3724 assert(oi);
3725
3726 /* If this is passive interface, do not send OSPF Hello. */
3727 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3728 return;
3729
3730 if (oi->type != OSPF_IFTYPE_NBMA)
3731 return;
3732
3733 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3734 return;
3735
3736 if (PRIORITY(oi) == 0)
3737 return;
3738
3739 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3740 && oi->state != ISM_Backup)
3741 return;
3742
3743 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3744 }
3745
3746 int ospf_poll_timer(struct thread *thread)
3747 {
3748 struct ospf_nbr_nbma *nbr_nbma;
3749
3750 nbr_nbma = THREAD_ARG(thread);
3751 nbr_nbma->t_poll = NULL;
3752
3753 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3754 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3755 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
3756
3757 ospf_poll_send(nbr_nbma);
3758
3759 if (nbr_nbma->v_poll > 0)
3760 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3761 nbr_nbma->v_poll);
3762
3763 return 0;
3764 }
3765
3766
3767 int ospf_hello_reply_timer(struct thread *thread)
3768 {
3769 struct ospf_neighbor *nbr;
3770
3771 nbr = THREAD_ARG(thread);
3772 nbr->t_hello_reply = NULL;
3773
3774 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3775 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3776 IF_NAME(nbr->oi), &nbr->router_id);
3777
3778 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3779
3780 return 0;
3781 }
3782
3783 /* Send OSPF Hello. */
3784 void ospf_hello_send(struct ospf_interface *oi)
3785 {
3786 /* If this is passive interface, do not send OSPF Hello. */
3787 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3788 return;
3789
3790 if (oi->type == OSPF_IFTYPE_NBMA) {
3791 struct ospf_neighbor *nbr;
3792 struct route_node *rn;
3793
3794 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3795 if ((nbr = rn->info))
3796 if (nbr != oi->nbr_self)
3797 if (nbr->state != NSM_Down) {
3798 /* RFC 2328 Section 9.5.1
3799 If the router is not
3800 eligible to become Designated
3801 Router,
3802 it must periodically send
3803 Hello Packets to both the
3804 Designated Router and the
3805 Backup Designated Router (if
3806 they
3807 exist). */
3808 if (PRIORITY(oi) == 0
3809 && IPV4_ADDR_CMP(
3810 &DR(oi),
3811 &nbr->address.u
3812 .prefix4)
3813 && IPV4_ADDR_CMP(
3814 &BDR(oi),
3815 &nbr->address.u
3816 .prefix4))
3817 continue;
3818
3819 /* If the router is eligible to
3820 become Designated Router, it
3821 must periodically send Hello
3822 Packets to all neighbors that
3823 are also eligible. In
3824 addition, if the router is
3825 itself the
3826 Designated Router or Backup
3827 Designated Router, it must
3828 also
3829 send periodic Hello Packets
3830 to all other neighbors. */
3831
3832 if (nbr->priority == 0
3833 && oi->state == ISM_DROther)
3834 continue;
3835 /* if oi->state == Waiting, send
3836 * hello to all neighbors */
3837 ospf_hello_send_sub(
3838 oi,
3839 nbr->address.u.prefix4
3840 .s_addr);
3841 }
3842 } else {
3843 /* Decide destination address. */
3844 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3845 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3846 else
3847 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3848 }
3849 }
3850
3851 /* Send OSPF Database Description. */
3852 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3853 {
3854 struct ospf_interface *oi;
3855 struct ospf_packet *op;
3856 uint16_t length = OSPF_HEADER_SIZE;
3857
3858 oi = nbr->oi;
3859 op = ospf_packet_new(oi->ifp->mtu);
3860
3861 /* Prepare OSPF common header. */
3862 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3863
3864 /* Prepare OSPF Database Description body. */
3865 length += ospf_make_db_desc(oi, nbr, op->s);
3866
3867 /* Fill OSPF header. */
3868 ospf_fill_header(oi, op->s, length);
3869
3870 /* Set packet length. */
3871 op->length = length;
3872
3873 /* Decide destination address. */
3874 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3875 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3876 else
3877 op->dst = nbr->address.u.prefix4;
3878
3879 /* Add packet to the interface output queue. */
3880 ospf_packet_add(oi, op);
3881
3882 /* Hook thread to write packet. */
3883 OSPF_ISM_WRITE_ON(oi->ospf);
3884
3885 /* Remove old DD packet, then copy new one and keep in neighbor
3886 * structure. */
3887 if (nbr->last_send)
3888 ospf_packet_free(nbr->last_send);
3889 nbr->last_send = ospf_packet_dup(op);
3890 monotime(&nbr->last_send_ts);
3891 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3892 zlog_info(
3893 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
3894 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3895 &nbr->router_id, nbr->dd_seqnum,
3896 nbr->dd_flags);
3897 }
3898
3899 /* Re-send Database Description. */
3900 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3901 {
3902 struct ospf_interface *oi;
3903
3904 oi = nbr->oi;
3905
3906 /* Add packet to the interface output queue. */
3907 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3908
3909 /* Hook thread to write packet. */
3910 OSPF_ISM_WRITE_ON(oi->ospf);
3911 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3912 zlog_info(
3913 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
3914 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3915 &nbr->router_id, nbr->dd_seqnum,
3916 nbr->dd_flags);
3917 }
3918
3919 /* Send Link State Request. */
3920 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3921 {
3922 struct ospf_interface *oi;
3923 struct ospf_packet *op;
3924 uint16_t length = OSPF_HEADER_SIZE;
3925
3926 oi = nbr->oi;
3927 op = ospf_packet_new(oi->ifp->mtu);
3928
3929 /* Prepare OSPF common header. */
3930 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3931
3932 /* Prepare OSPF Link State Request body. */
3933 length += ospf_make_ls_req(nbr, op->s);
3934 if (length == OSPF_HEADER_SIZE) {
3935 ospf_packet_free(op);
3936 return;
3937 }
3938
3939 /* Fill OSPF header. */
3940 ospf_fill_header(oi, op->s, length);
3941
3942 /* Set packet length. */
3943 op->length = length;
3944
3945 /* Decide destination address. */
3946 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3947 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3948 else
3949 op->dst = nbr->address.u.prefix4;
3950
3951 /* Add packet to the interface output queue. */
3952 ospf_packet_add(oi, op);
3953
3954 /* Hook thread to write packet. */
3955 OSPF_ISM_WRITE_ON(oi->ospf);
3956
3957 /* Add Link State Request Retransmission Timer. */
3958 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3959 }
3960
3961 /* Send Link State Update with an LSA. */
3962 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3963 int flag)
3964 {
3965 struct list *update;
3966
3967 update = list_new();
3968
3969 listnode_add(update, lsa);
3970
3971 /*ospf instance is going down, send self originated
3972 * MAXAGE LSA update to neighbors to remove from LSDB */
3973 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3974 ospf_ls_upd_send(nbr, update, flag, 1);
3975 else
3976 ospf_ls_upd_send(nbr, update, flag, 0);
3977
3978 list_delete(&update);
3979 }
3980
3981 /* Determine size for packet. Must be at least big enough to accomodate next
3982 * LSA on list, which may be bigger than MTU size.
3983 *
3984 * Return pointer to new ospf_packet
3985 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3986 * on packet sizes (in which case offending LSA is deleted from update list)
3987 */
3988 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3989 struct ospf_interface *oi)
3990 {
3991 struct ospf_lsa *lsa;
3992 struct listnode *ln;
3993 size_t size;
3994 static char warned = 0;
3995
3996 lsa = listgetdata((ln = listhead(update)));
3997 assert(lsa->data);
3998
3999 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
4000 > ospf_packet_max(oi)) {
4001 if (!warned) {
4002 flog_warn(
4003 EC_OSPF_LARGE_LSA,
4004 "ospf_ls_upd_packet_new: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'");
4005 warned = 1;
4006 }
4007
4008 if (IS_DEBUG_OSPF_PACKET(0, SEND))
4009 zlog_debug(
4010 "ospf_ls_upd_packet_new: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
4011 &lsa->data->id,
4012 ntohs(lsa->data->length),
4013 &lsa->data->adv_router);
4014
4015 /*
4016 * Allocate just enough to fit this LSA only, to avoid including
4017 * other
4018 * LSAs in fragmented LSA Updates.
4019 */
4020 size = ntohs(lsa->data->length)
4021 + (oi->ifp->mtu - ospf_packet_max(oi))
4022 + OSPF_LS_UPD_MIN_SIZE;
4023 } else
4024 size = oi->ifp->mtu;
4025
4026 if (size > OSPF_MAX_PACKET_SIZE) {
4027 flog_warn(EC_OSPF_LARGE_LSA,
4028 "ospf_ls_upd_packet_new: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
4029 &lsa->data->id, ntohs(lsa->data->length),
4030 (long int)size);
4031 list_delete_node(update, ln);
4032 return NULL;
4033 }
4034
4035 /* IP header is built up separately by ospf_write(). This means, that we
4036 * must
4037 * reduce the "affordable" size just calculated by length of an IP
4038 * header.
4039 * This makes sure, that even if we manage to fill the payload with LSA
4040 * data
4041 * completely, the final packet (our data plus IP header) still fits
4042 * into
4043 * outgoing interface MTU. This correction isn't really meaningful for
4044 * an
4045 * oversized LSA, but for consistency the correction is done for both
4046 * cases.
4047 *
4048 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4049 */
4050 return ospf_packet_new(size - sizeof(struct ip));
4051 }
4052
4053 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4054 struct list *update, struct in_addr addr,
4055 int send_lsupd_now)
4056 {
4057 struct ospf_packet *op;
4058 uint16_t length = OSPF_HEADER_SIZE;
4059
4060 if (IS_DEBUG_OSPF_EVENT)
4061 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4062 IF_NAME(oi), &addr);
4063
4064 /* Check that we have really something to process */
4065 if (listcount(update) == 0)
4066 return;
4067
4068 op = ospf_ls_upd_packet_new(update, oi);
4069
4070 /* Prepare OSPF common header. */
4071 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4072
4073 /* Prepare OSPF Link State Update body.
4074 * Includes Type-7 translation.
4075 */
4076 length += ospf_make_ls_upd(oi, update, op->s);
4077
4078 /* Fill OSPF header. */
4079 ospf_fill_header(oi, op->s, length);
4080
4081 /* Set packet length. */
4082 op->length = length;
4083
4084 /* Decide destination address. */
4085 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4086 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4087 else
4088 op->dst.s_addr = addr.s_addr;
4089
4090 /* Add packet to the interface output queue. */
4091 ospf_packet_add(oi, op);
4092 /* Call ospf_write() right away to send ospf packets to neighbors */
4093 if (send_lsupd_now) {
4094 struct thread os_packet_thd;
4095
4096 os_packet_thd.arg = (void *)oi->ospf;
4097 if (oi->on_write_q == 0) {
4098 listnode_add(oi->ospf->oi_write_q, oi);
4099 oi->on_write_q = 1;
4100 }
4101 ospf_write(&os_packet_thd);
4102 /*
4103 * We are fake calling ospf_write with a fake
4104 * thread. Imagine that we have oi_a already
4105 * enqueued and we have turned on the write
4106 * thread(t_write).
4107 * Now this function calls this for oi_b
4108 * so the on_write_q has oi_a and oi_b on
4109 * it, ospf_write runs and clears the packets
4110 * for both oi_a and oi_b. Removing them from
4111 * the on_write_q. After this thread of execution
4112 * finishes we will execute the t_write thread
4113 * with nothing in the on_write_q causing an
4114 * assert. So just make sure that the t_write
4115 * is actually turned off.
4116 */
4117 if (list_isempty(oi->ospf->oi_write_q))
4118 OSPF_TIMER_OFF(oi->ospf->t_write);
4119 } else {
4120 /* Hook thread to write packet. */
4121 OSPF_ISM_WRITE_ON(oi->ospf);
4122 }
4123 }
4124
4125 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4126 {
4127 struct ospf_interface *oi = THREAD_ARG(thread);
4128 struct route_node *rn;
4129 struct route_node *rnext;
4130 struct list *update;
4131 char again = 0;
4132
4133 oi->t_ls_upd_event = NULL;
4134
4135 if (IS_DEBUG_OSPF_EVENT)
4136 zlog_debug("ospf_ls_upd_send_queue start");
4137
4138 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4139 rnext = route_next(rn);
4140
4141 if (rn->info == NULL)
4142 continue;
4143
4144 update = (struct list *)rn->info;
4145
4146 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4147
4148 /* list might not be empty. */
4149 if (listcount(update) == 0) {
4150 list_delete((struct list **)&rn->info);
4151 route_unlock_node(rn);
4152 } else
4153 again = 1;
4154 }
4155
4156 if (again != 0) {
4157 if (IS_DEBUG_OSPF_EVENT)
4158 zlog_debug(
4159 "ospf_ls_upd_send_queue: update lists not cleared, %d nodes to try again, raising new event",
4160 again);
4161 oi->t_ls_upd_event = NULL;
4162 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4163 &oi->t_ls_upd_event);
4164 }
4165
4166 if (IS_DEBUG_OSPF_EVENT)
4167 zlog_debug("ospf_ls_upd_send_queue stop");
4168
4169 return 0;
4170 }
4171
4172 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4173 int send_lsupd_now)
4174 {
4175 struct ospf_interface *oi;
4176 struct ospf_lsa *lsa;
4177 struct prefix_ipv4 p;
4178 struct route_node *rn;
4179 struct listnode *node;
4180
4181 oi = nbr->oi;
4182
4183 p.family = AF_INET;
4184 p.prefixlen = IPV4_MAX_BITLEN;
4185
4186 /* Decide destination address. */
4187 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4188 p.prefix = oi->vl_data->peer_addr;
4189 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4190 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4191 else if (flag == OSPF_SEND_PACKET_DIRECT)
4192 p.prefix = nbr->address.u.prefix4;
4193 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4194 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4195 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4196 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4197 else
4198 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4199
4200 if (oi->type == OSPF_IFTYPE_NBMA) {
4201 if (flag == OSPF_SEND_PACKET_INDIRECT)
4202 flog_warn(
4203 EC_OSPF_PACKET,
4204 "* LS-Update is directly sent on NBMA network.");
4205 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4206 flog_warn(EC_OSPF_PACKET,
4207 "* LS-Update is sent to myself.");
4208 }
4209
4210 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4211
4212 if (rn->info == NULL)
4213 rn->info = list_new();
4214 else
4215 route_unlock_node(rn);
4216
4217 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4218 listnode_add(rn->info,
4219 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4220 if (send_lsupd_now) {
4221 struct list *send_update_list;
4222 struct route_node *rnext;
4223
4224 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4225 rnext = route_next(rn);
4226
4227 if (rn->info == NULL)
4228 continue;
4229
4230 send_update_list = (struct list *)rn->info;
4231
4232 ospf_ls_upd_queue_send(oi, send_update_list,
4233 rn->p.u.prefix4, 1);
4234 }
4235 } else
4236 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4237 &oi->t_ls_upd_event);
4238 }
4239
4240 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4241 struct in_addr dst)
4242 {
4243 struct ospf_packet *op;
4244 uint16_t length = OSPF_HEADER_SIZE;
4245
4246 op = ospf_packet_new(oi->ifp->mtu);
4247
4248 /* Prepare OSPF common header. */
4249 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4250
4251 /* Prepare OSPF Link State Acknowledgment body. */
4252 length += ospf_make_ls_ack(oi, ack, op->s);
4253
4254 /* Fill OSPF header. */
4255 ospf_fill_header(oi, op->s, length);
4256
4257 /* Set packet length. */
4258 op->length = length;
4259
4260 /* Decide destination address. */
4261 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4262 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4263 else
4264 op->dst.s_addr = dst.s_addr;
4265
4266 /* Add packet to the interface output queue. */
4267 ospf_packet_add(oi, op);
4268
4269 /* Hook thread to write packet. */
4270 OSPF_ISM_WRITE_ON(oi->ospf);
4271 }
4272
4273 static int ospf_ls_ack_send_event(struct thread *thread)
4274 {
4275 struct ospf_interface *oi = THREAD_ARG(thread);
4276
4277 oi->t_ls_ack_direct = NULL;
4278
4279 while (listcount(oi->ls_ack_direct.ls_ack))
4280 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4281 oi->ls_ack_direct.dst);
4282
4283 return 0;
4284 }
4285
4286 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4287 {
4288 struct ospf_interface *oi = nbr->oi;
4289
4290 if (IS_GRACE_LSA(lsa)) {
4291 if (IS_DEBUG_OSPF_GR)
4292 zlog_debug("%s, Sending GRACE ACK to Restarter.",
4293 __func__);
4294 }
4295
4296 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4297 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4298
4299 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4300
4301 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4302 &oi->t_ls_ack_direct);
4303 }
4304
4305 /* Send Link State Acknowledgment delayed. */
4306 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4307 {
4308 struct in_addr dst;
4309
4310 /* Decide destination address. */
4311 /* RFC2328 Section 13.5 On non-broadcast
4312 networks, delayed Link State Acknowledgment packets must be
4313 unicast separately over each adjacency (i.e., neighbor whose
4314 state is >= Exchange). */
4315 if (oi->type == OSPF_IFTYPE_NBMA) {
4316 struct ospf_neighbor *nbr;
4317 struct route_node *rn;
4318
4319 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4320 if ((nbr = rn->info) != NULL)
4321 if (nbr != oi->nbr_self
4322 && nbr->state >= NSM_Exchange)
4323 while (listcount(oi->ls_ack))
4324 ospf_ls_ack_send_list(
4325 oi, oi->ls_ack,
4326 nbr->address.u.prefix4);
4327 return;
4328 }
4329 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4330 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4331 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4332 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4333 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4334 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4335 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4336 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4337 else
4338 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4339
4340 while (listcount(oi->ls_ack))
4341 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4342 }
4343
4344 /*
4345 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4346 * address. As a result, the kernel does not need to learn the interface
4347 * MAC of the OSPF neighbor. However, in our world, this will delay
4348 * convergence. Take the case when due to a link flap, all routes now
4349 * want to use an interface which was deemed to be costlier prior to this
4350 * event. For routes that will be installed, the missing MAC will have
4351 * punt-to-CPU set on them. This may overload the CPU control path that
4352 * can be avoided if the MAC was known apriori.
4353 */
4354 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4355 {
4356 if (!nbr || !nbr->oi->ospf->proactive_arp)
4357 return;
4358
4359 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
4360 }
FRRouting mirror