]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #9015 from Prerana-GB/GR
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56 #include "ospfd/ospf_zebra.h"
57 #include "ospfd/ospf_gr.h"
58
59 /*
60 * OSPF Fragmentation / fragmented writes
61 *
62 * ospfd can support writing fragmented packets, for cases where
63 * kernel will not fragment IP_HDRINCL and/or multicast destined
64 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
65 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
66 * flags fields, hence user-space fragmentation will not work.
67 * Only Linux is known to leave IP header unmolested.
68 * Further, fragmentation really should be done the kernel, which already
69 * supports it, and which avoids nasty IP ID state problems.
70 *
71 * Fragmentation of OSPF packets can be required on networks with router
72 * with many many interfaces active in one area, or on networks with links
73 * with low MTUs.
74 */
75 #ifdef GNU_LINUX
76 #define WANT_OSPF_WRITE_FRAGMENT
77 #endif
78
79 /* Packet Type String. */
80 const struct message ospf_packet_type_str[] = {
81 {OSPF_MSG_HELLO, "Hello"},
82 {OSPF_MSG_DB_DESC, "Database Description"},
83 {OSPF_MSG_LS_REQ, "Link State Request"},
84 {OSPF_MSG_LS_UPD, "Link State Update"},
85 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
86 {0}};
87
88 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
89 particular types, offset is the "type" field of a packet. */
90 static const uint16_t ospf_packet_minlen[] = {
91 0,
92 OSPF_HELLO_MIN_SIZE,
93 OSPF_DB_DESC_MIN_SIZE,
94 OSPF_LS_REQ_MIN_SIZE,
95 OSPF_LS_UPD_MIN_SIZE,
96 OSPF_LS_ACK_MIN_SIZE,
97 };
98
99 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
100 types, offset is the "LSA type" field. */
101 static const uint16_t ospf_lsa_minlen[] = {
102 0,
103 OSPF_ROUTER_LSA_MIN_SIZE,
104 OSPF_NETWORK_LSA_MIN_SIZE,
105 OSPF_SUMMARY_LSA_MIN_SIZE,
106 OSPF_SUMMARY_LSA_MIN_SIZE,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
110 0,
111 0,
112 0,
113 0,
114 };
115
116 /* for ospf_check_auth() */
117 static int ospf_check_sum(struct ospf_header *);
118
119 /* OSPF authentication checking function */
120 static int ospf_auth_type(struct ospf_interface *oi)
121 {
122 int auth_type;
123
124 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
125 auth_type = oi->area->auth_type;
126 else
127 auth_type = OSPF_IF_PARAM(oi, auth_type);
128
129 /* Handle case where MD5 key list is not configured aka Cisco */
130 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
131 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
132 return OSPF_AUTH_NULL;
133
134 return auth_type;
135 }
136
137 static struct ospf_packet *ospf_packet_new(size_t size)
138 {
139 struct ospf_packet *new;
140
141 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
142 new->s = stream_new(size);
143
144 return new;
145 }
146
147 void ospf_packet_free(struct ospf_packet *op)
148 {
149 if (op->s)
150 stream_free(op->s);
151
152 XFREE(MTYPE_OSPF_PACKET, op);
153 }
154
155 struct ospf_fifo *ospf_fifo_new(void)
156 {
157 struct ospf_fifo *new;
158
159 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
160 return new;
161 }
162
163 /* Add new packet to fifo. */
164 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
165 {
166 if (fifo->tail)
167 fifo->tail->next = op;
168 else
169 fifo->head = op;
170
171 fifo->tail = op;
172
173 fifo->count++;
174 }
175
176 /* Add new packet to head of fifo. */
177 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
178 {
179 op->next = fifo->head;
180
181 if (fifo->tail == NULL)
182 fifo->tail = op;
183
184 fifo->head = op;
185
186 fifo->count++;
187 }
188
189 /* Delete first packet from fifo. */
190 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
191 {
192 struct ospf_packet *op;
193
194 op = fifo->head;
195
196 if (op) {
197 fifo->head = op->next;
198
199 if (fifo->head == NULL)
200 fifo->tail = NULL;
201
202 fifo->count--;
203 }
204
205 return op;
206 }
207
208 /* Return first fifo entry. */
209 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
210 {
211 return fifo->head;
212 }
213
214 /* Flush ospf packet fifo. */
215 void ospf_fifo_flush(struct ospf_fifo *fifo)
216 {
217 struct ospf_packet *op;
218 struct ospf_packet *next;
219
220 for (op = fifo->head; op; op = next) {
221 next = op->next;
222 ospf_packet_free(op);
223 }
224 fifo->head = fifo->tail = NULL;
225 fifo->count = 0;
226 }
227
228 /* Free ospf packet fifo. */
229 void ospf_fifo_free(struct ospf_fifo *fifo)
230 {
231 ospf_fifo_flush(fifo);
232
233 XFREE(MTYPE_OSPF_FIFO, fifo);
234 }
235
236 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
237 {
238 /* Add packet to end of queue. */
239 ospf_fifo_push(oi->obuf, op);
240
241 /* Debug of packet fifo*/
242 /* ospf_fifo_debug (oi->obuf); */
243 }
244
245 static void ospf_packet_add_top(struct ospf_interface *oi,
246 struct ospf_packet *op)
247 {
248 /* Add packet to head of queue. */
249 ospf_fifo_push_head(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_delete(struct ospf_interface *oi)
256 {
257 struct ospf_packet *op;
258
259 op = ospf_fifo_pop(oi->obuf);
260
261 if (op)
262 ospf_packet_free(op);
263 }
264
265 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
266 {
267 struct ospf_packet *new;
268
269 if (stream_get_endp(op->s) != op->length)
270 /* XXX size_t */
271 zlog_debug(
272 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
273 (unsigned long)STREAM_SIZE(op->s), op->length);
274
275 /* Reserve space for MD5 authentication that may be added later. */
276 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
277 stream_copy(new->s, op->s);
278
279 new->dst = op->dst;
280 new->length = op->length;
281
282 return new;
283 }
284
285 /* XXX inline */
286 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
287 {
288 int auth = 0;
289
290 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
291 auth = OSPF_AUTH_MD5_SIZE;
292
293 return auth;
294 }
295
296 static unsigned int ospf_packet_max(struct ospf_interface *oi)
297 {
298 int max;
299
300 max = oi->ifp->mtu - ospf_packet_authspace(oi);
301
302 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
303
304 return max;
305 }
306
307
308 static int ospf_check_md5_digest(struct ospf_interface *oi,
309 struct ospf_header *ospfh)
310 {
311 #ifdef CRYPTO_OPENSSL
312 EVP_MD_CTX *ctx;
313 #elif CRYPTO_INTERNAL
314 MD5_CTX ctx;
315 #endif
316 unsigned char digest[OSPF_AUTH_MD5_SIZE];
317 struct crypt_key *ck;
318 struct ospf_neighbor *nbr;
319 uint16_t length = ntohs(ospfh->length);
320
321 /* Get secret key. */
322 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
323 ospfh->u.crypt.key_id);
324 if (ck == NULL) {
325 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
326 IF_NAME(oi), ospfh->u.crypt.key_id);
327 return 0;
328 }
329
330 /* check crypto seqnum. */
331 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
332
333 if (nbr
334 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
335 flog_warn(
336 EC_OSPF_MD5,
337 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
338 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
339 ntohl(nbr->crypt_seqnum));
340 return 0;
341 }
342
343 /* Generate a digest for the ospf packet - their digest + our digest. */
344 #ifdef CRYPTO_OPENSSL
345 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
346 ctx = EVP_MD_CTX_new();
347 EVP_DigestInit(ctx, EVP_md5());
348 EVP_DigestUpdate(ctx, ospfh, length);
349 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
350 EVP_DigestFinal(ctx, digest, &md5_size);
351 EVP_MD_CTX_free(ctx);
352 #elif CRYPTO_INTERNAL
353 memset(&ctx, 0, sizeof(ctx));
354 MD5Init(&ctx);
355 MD5Update(&ctx, ospfh, length);
356 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
357 MD5Final(digest, &ctx);
358 #endif
359
360 /* compare the two */
361 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
362 flog_warn(EC_OSPF_MD5,
363 "interface %s: ospf_check_md5 checksum mismatch",
364 IF_NAME(oi));
365 return 0;
366 }
367
368 /* save neighbor's crypt_seqnum */
369 if (nbr)
370 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
371 return 1;
372 }
373
374 /* This function is called from ospf_write(), it will detect the
375 authentication scheme and if it is MD5, it will change the sequence
376 and update the MD5 digest. */
377 static int ospf_make_md5_digest(struct ospf_interface *oi,
378 struct ospf_packet *op)
379 {
380 struct ospf_header *ospfh;
381 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
382 #ifdef CRYPTO_OPENSSL
383 EVP_MD_CTX *ctx;
384 #elif CRYPTO_INTERNAL
385 MD5_CTX ctx;
386 #endif
387 void *ibuf;
388 uint32_t t;
389 struct crypt_key *ck;
390 const uint8_t *auth_key;
391
392 ibuf = STREAM_DATA(op->s);
393 ospfh = (struct ospf_header *)ibuf;
394
395 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
396 return 0;
397
398 /* We do this here so when we dup a packet, we don't have to
399 waste CPU rewriting other headers.
400
401 Note that quagga_time /deliberately/ is not used here */
402 t = (time(NULL) & 0xFFFFFFFF);
403 if (t > oi->crypt_seqnum)
404 oi->crypt_seqnum = t;
405 else
406 oi->crypt_seqnum++;
407
408 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
409
410 /* Get MD5 Authentication key from auth_key list. */
411 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
412 auth_key = (const uint8_t *)digest;
413 else {
414 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
415 auth_key = ck->auth_key;
416 }
417
418 /* Generate a digest for the entire packet + our secret key. */
419 #ifdef CRYPTO_OPENSSL
420 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
421 ctx = EVP_MD_CTX_new();
422 EVP_DigestInit(ctx, EVP_md5());
423 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
424 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 EVP_DigestFinal(ctx, digest, &md5_size);
426 EVP_MD_CTX_free(ctx);
427 #elif CRYPTO_INTERNAL
428 memset(&ctx, 0, sizeof(ctx));
429 MD5Init(&ctx);
430 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
431 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
432 MD5Final(digest, &ctx);
433 #endif
434
435 /* Append md5 digest to the end of the stream. */
436 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
437
438 /* We do *NOT* increment the OSPF header length. */
439 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
440
441 if (stream_get_endp(op->s) != op->length)
442 /* XXX size_t */
443 flog_warn(
444 EC_OSPF_MD5,
445 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
446 (unsigned long)stream_get_endp(op->s), op->length);
447
448 return OSPF_AUTH_MD5_SIZE;
449 }
450
451
452 static int ospf_ls_req_timer(struct thread *thread)
453 {
454 struct ospf_neighbor *nbr;
455
456 nbr = THREAD_ARG(thread);
457 nbr->t_ls_req = NULL;
458
459 /* Send Link State Request. */
460 if (ospf_ls_request_count(nbr))
461 ospf_ls_req_send(nbr);
462
463 /* Set Link State Request retransmission timer. */
464 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
465
466 return 0;
467 }
468
469 void ospf_ls_req_event(struct ospf_neighbor *nbr)
470 {
471 thread_cancel(&nbr->t_ls_req);
472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
473 }
474
475 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
477 int ospf_ls_upd_timer(struct thread *thread)
478 {
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
524
525 if (listcount(update) > 0)
526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
528 list_delete(&update);
529 }
530
531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
533
534 return 0;
535 }
536
537 int ospf_ls_ack_timer(struct thread *thread)
538 {
539 struct ospf_interface *oi;
540
541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
543
544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
547
548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
550
551 return 0;
552 }
553
554 #ifdef WANT_OSPF_WRITE_FRAGMENT
555 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
557 unsigned int mtu, int flags, uint8_t type)
558 {
559 #define OSPF_WRITE_FRAG_SHIFT 3
560 uint16_t offset;
561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
603 flog_err(
604 EC_LIB_SOCKET,
605 "*** ospf_write_frags: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
606 &iph->ip_dst, iph->ip_id, iph->ip_off,
607 iph->ip_len, mtu, safe_strerror(errno));
608
609 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
610 zlog_debug(
611 "ospf_write_frags: sent id %d, off %d, len %d to %pI4",
612 iph->ip_id, iph->ip_off, iph->ip_len,
613 &iph->ip_dst);
614 }
615
616 iph->ip_off += offset;
617 stream_forward_getp(op->s, iovp->iov_len);
618 iovp->iov_base = stream_pnt(op->s);
619 }
620
621 /* setup for final fragment */
622 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
623 iph->ip_len = iovp->iov_len + sizeof(struct ip);
624 iph->ip_off &= (~IP_MF);
625 }
626 #endif /* WANT_OSPF_WRITE_FRAGMENT */
627
628 static int ospf_write(struct thread *thread)
629 {
630 struct ospf *ospf = THREAD_ARG(thread);
631 struct ospf_interface *oi;
632 struct ospf_interface *last_serviced_oi = NULL;
633 struct ospf_packet *op;
634 struct sockaddr_in sa_dst;
635 struct ip iph;
636 struct msghdr msg;
637 struct iovec iov[2];
638 uint8_t type;
639 int ret;
640 int flags = 0;
641 struct listnode *node;
642 #ifdef WANT_OSPF_WRITE_FRAGMENT
643 static uint16_t ipid = 0;
644 uint16_t maxdatasize;
645 #endif /* WANT_OSPF_WRITE_FRAGMENT */
646 #define OSPF_WRITE_IPHL_SHIFT 2
647 int pkt_count = 0;
648
649 #ifdef GNU_LINUX
650 unsigned char cmsgbuf[64] = {};
651 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
652 struct in_pktinfo *pi;
653 #endif
654
655 if (ospf->fd < 0 || ospf->oi_running == 0) {
656 if (IS_DEBUG_OSPF_EVENT)
657 zlog_debug(
658 "ospf_write failed to send, fd %d, instance %u",
659 ospf->fd, ospf->oi_running);
660 return -1;
661 }
662
663 node = listhead(ospf->oi_write_q);
664 assert(node);
665 oi = listgetdata(node);
666
667 #ifdef WANT_OSPF_WRITE_FRAGMENT
668 /* seed ipid static with low order bits of time */
669 if (ipid == 0)
670 ipid = (time(NULL) & 0xffff);
671 #endif /* WANT_OSPF_WRITE_FRAGMENT */
672
673 while ((pkt_count < ospf->write_oi_count) && oi
674 && (last_serviced_oi != oi)) {
675 /* If there is only packet in the queue, the oi is removed from
676 write-q, so fix up the last interface that was serviced */
677 if (last_serviced_oi == NULL) {
678 last_serviced_oi = oi;
679 }
680 pkt_count++;
681 #ifdef WANT_OSPF_WRITE_FRAGMENT
682 /* convenience - max OSPF data per packet */
683 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
684 #endif /* WANT_OSPF_WRITE_FRAGMENT */
685 /* Get one packet from queue. */
686 op = ospf_fifo_head(oi->obuf);
687 assert(op);
688 assert(op->length >= OSPF_HEADER_SIZE);
689
690 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
691 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
692 ospf_if_ipmulticast(ospf, oi->address,
693 oi->ifp->ifindex);
694
695 /* Rewrite the md5 signature & update the seq */
696 ospf_make_md5_digest(oi, op);
697
698 /* Retrieve OSPF packet type. */
699 stream_set_getp(op->s, 1);
700 type = stream_getc(op->s);
701
702 /* reset get pointer */
703 stream_set_getp(op->s, 0);
704
705 memset(&iph, 0, sizeof(struct ip));
706 memset(&sa_dst, 0, sizeof(sa_dst));
707
708 sa_dst.sin_family = AF_INET;
709 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
710 sa_dst.sin_len = sizeof(sa_dst);
711 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
712 sa_dst.sin_addr = op->dst;
713 sa_dst.sin_port = htons(0);
714
715 /* Set DONTROUTE flag if dst is unicast. */
716 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
717 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
718 flags = MSG_DONTROUTE;
719
720 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
721 /* it'd be very strange for header to not be 4byte-word aligned
722 * but.. */
723 if (sizeof(struct ip)
724 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
725 iph.ip_hl++; /* we presume sizeof(struct ip) cant
726 overflow ip_hl.. */
727
728 iph.ip_v = IPVERSION;
729 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
730 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
731
732 #if defined(__DragonFly__)
733 /*
734 * DragonFly's raw socket expects ip_len/ip_off in network byte
735 * order.
736 */
737 iph.ip_len = htons(iph.ip_len);
738 #endif
739
740 #ifdef WANT_OSPF_WRITE_FRAGMENT
741 /* XXX-MT: not thread-safe at all..
742 * XXX: this presumes this is only programme sending OSPF
743 * packets
744 * otherwise, no guarantee ipid will be unique
745 */
746 iph.ip_id = ++ipid;
747 #endif /* WANT_OSPF_WRITE_FRAGMENT */
748
749 iph.ip_off = 0;
750 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
751 iph.ip_ttl = OSPF_VL_IP_TTL;
752 else
753 iph.ip_ttl = OSPF_IP_TTL;
754 iph.ip_p = IPPROTO_OSPFIGP;
755 iph.ip_sum = 0;
756 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
757 iph.ip_dst.s_addr = op->dst.s_addr;
758
759 memset(&msg, 0, sizeof(msg));
760 msg.msg_name = (caddr_t)&sa_dst;
761 msg.msg_namelen = sizeof(sa_dst);
762 msg.msg_iov = iov;
763 msg.msg_iovlen = 2;
764
765 iov[0].iov_base = (char *)&iph;
766 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
767 iov[1].iov_base = stream_pnt(op->s);
768 iov[1].iov_len = op->length;
769
770 #ifdef GNU_LINUX
771 msg.msg_control = (caddr_t)cm;
772 cm->cmsg_level = SOL_IP;
773 cm->cmsg_type = IP_PKTINFO;
774 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
775 pi = (struct in_pktinfo *)CMSG_DATA(cm);
776 pi->ipi_ifindex = oi->ifp->ifindex;
777
778 msg.msg_controllen = cm->cmsg_len;
779 #endif
780
781 /* Sadly we can not rely on kernels to fragment packets
782 * because of either IP_HDRINCL and/or multicast
783 * destination being set.
784 */
785
786 #ifdef WANT_OSPF_WRITE_FRAGMENT
787 if (op->length > maxdatasize)
788 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
789 oi->ifp->mtu, flags, type);
790 #endif /* WANT_OSPF_WRITE_FRAGMENT */
791
792 /* send final fragment (could be first) */
793 sockopt_iphdrincl_swab_htosys(&iph);
794 ret = sendmsg(ospf->fd, &msg, flags);
795 sockopt_iphdrincl_swab_systoh(&iph);
796 if (IS_DEBUG_OSPF_EVENT)
797 zlog_debug(
798 "ospf_write to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
799 &iph.ip_dst, iph.ip_id, iph.ip_off,
800 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
801
802 /* sendmsg will return EPERM if firewall is blocking sending.
803 * This is a normal situation when 'ip nhrp map multicast xxx'
804 * is being used to send multicast packets to DMVPN peers. In
805 * that case the original message is blocked with iptables rule
806 * causing the EPERM result
807 */
808 if (ret < 0 && errno != EPERM)
809 flog_err(
810 EC_LIB_SOCKET,
811 "*** sendmsg in ospf_write failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
812 &iph.ip_dst, iph.ip_id, iph.ip_off,
813 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
814 safe_strerror(errno));
815
816 /* Show debug sending packet. */
817 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
818 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
819 zlog_debug(
820 "-----------------------------------------------------");
821 stream_set_getp(op->s, 0);
822 ospf_packet_dump(op->s);
823 }
824
825 zlog_debug("%s sent to [%pI4] via [%s].",
826 lookup_msg(ospf_packet_type_str, type, NULL),
827 &op->dst, IF_NAME(oi));
828
829 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
830 zlog_debug(
831 "-----------------------------------------------------");
832 }
833
834 switch (type) {
835 case OSPF_MSG_HELLO:
836 oi->hello_out++;
837 break;
838 case OSPF_MSG_DB_DESC:
839 oi->db_desc_out++;
840 break;
841 case OSPF_MSG_LS_REQ:
842 oi->ls_req_out++;
843 break;
844 case OSPF_MSG_LS_UPD:
845 oi->ls_upd_out++;
846 break;
847 case OSPF_MSG_LS_ACK:
848 oi->ls_ack_out++;
849 break;
850 default:
851 break;
852 }
853
854 /* Now delete packet from queue. */
855 ospf_packet_delete(oi);
856
857 /* Move this interface to the tail of write_q to
858 serve everyone in a round robin fashion */
859 list_delete_node(ospf->oi_write_q, node);
860 if (ospf_fifo_head(oi->obuf) == NULL) {
861 oi->on_write_q = 0;
862 last_serviced_oi = NULL;
863 oi = NULL;
864 } else {
865 listnode_add(ospf->oi_write_q, oi);
866 }
867
868 /* Setup to service from the head of the queue again */
869 if (!list_isempty(ospf->oi_write_q)) {
870 node = listhead(ospf->oi_write_q);
871 oi = listgetdata(node);
872 }
873 }
874
875 /* If packets still remain in queue, call write thread. */
876 if (!list_isempty(ospf->oi_write_q))
877 thread_add_write(master, ospf_write, ospf, ospf->fd,
878 &ospf->t_write);
879
880 return 0;
881 }
882
883 /* OSPF Hello message read -- RFC2328 Section 10.5. */
884 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
885 struct stream *s, struct ospf_interface *oi, int size)
886 {
887 struct ospf_hello *hello;
888 struct ospf_neighbor *nbr;
889 int old_state;
890 struct prefix p;
891
892 /* increment statistics. */
893 oi->hello_in++;
894
895 hello = (struct ospf_hello *)stream_pnt(s);
896
897 /* If Hello is myself, silently discard. */
898 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
899 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
900 zlog_debug(
901 "ospf_header[%s/%pI4]: selforiginated, dropping.",
902 lookup_msg(ospf_packet_type_str, ospfh->type,
903 NULL),
904 &iph->ip_src);
905 }
906 return;
907 }
908
909 /* get neighbor prefix. */
910 p.family = AF_INET;
911 p.prefixlen = ip_masklen(hello->network_mask);
912 p.u.prefix4 = iph->ip_src;
913
914 /* Compare network mask. */
915 /* Checking is ignored for Point-to-Point and Virtual link. */
916 /* Checking is also ignored for Point-to-Multipoint with /32 prefix */
917 if (oi->type != OSPF_IFTYPE_POINTOPOINT
918 && oi->type != OSPF_IFTYPE_VIRTUALLINK
919 && !(oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
920 && oi->address->prefixlen == IPV4_MAX_BITLEN))
921 if (oi->address->prefixlen != p.prefixlen) {
922 flog_warn(
923 EC_OSPF_PACKET,
924 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
925 &ospfh->router_id, IF_NAME(oi),
926 (int)oi->address->prefixlen, (int)p.prefixlen);
927 return;
928 }
929
930 /* Compare Router Dead Interval. */
931 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
932 flog_warn(EC_OSPF_PACKET,
933 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
934 &ospfh->router_id,
935 OSPF_IF_PARAM(oi, v_wait),
936 ntohl(hello->dead_interval));
937 return;
938 }
939
940 /* Compare Hello Interval - ignored if fast-hellos are set. */
941 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
942 if (OSPF_IF_PARAM(oi, v_hello)
943 != ntohs(hello->hello_interval)) {
944 flog_warn(
945 EC_OSPF_PACKET,
946 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
947 &ospfh->router_id,
948 OSPF_IF_PARAM(oi, v_hello),
949 ntohs(hello->hello_interval));
950 return;
951 }
952 }
953
954 if (IS_DEBUG_OSPF_EVENT)
955 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
956 &ospfh->router_id,
957 ospf_options_dump(hello->options),
958 ospf_vrf_id_to_name(oi->ospf->vrf_id));
959
960 /* Compare options. */
961 #define REJECT_IF_TBIT_ON 1 /* XXX */
962 #ifdef REJECT_IF_TBIT_ON
963 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
964 /*
965 * This router does not support non-zero TOS.
966 * Drop this Hello packet not to establish neighbor
967 * relationship.
968 */
969 flog_warn(EC_OSPF_PACKET,
970 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
971 &ospfh->router_id);
972 return;
973 }
974 #endif /* REJECT_IF_TBIT_ON */
975
976 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
977 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
978 /*
979 * This router does know the correct usage of O-bit
980 * the bit should be set in DD packet only.
981 */
982 flog_warn(EC_OSPF_PACKET,
983 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
984 &ospfh->router_id);
985 #ifdef STRICT_OBIT_USAGE_CHECK
986 return; /* Reject this packet. */
987 #else /* STRICT_OBIT_USAGE_CHECK */
988 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
989 #endif /* STRICT_OBIT_USAGE_CHECK */
990 }
991
992 /* new for NSSA is to ensure that NP is on and E is off */
993
994 if (oi->area->external_routing == OSPF_AREA_NSSA) {
995 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
996 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
997 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
998 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
999 flog_warn(
1000 EC_OSPF_PACKET,
1001 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
1002 &ospfh->router_id, OPTIONS(oi),
1003 hello->options);
1004 return;
1005 }
1006 if (IS_DEBUG_OSPF_NSSA)
1007 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
1008 &ospfh->router_id);
1009 } else
1010 /* The setting of the E-bit found in the Hello Packet's Options
1011 field must match this area's ExternalRoutingCapability A
1012 mismatch causes processing to stop and the packet to be
1013 dropped. The setting of the rest of the bits in the Hello
1014 Packet's Options field should be ignored. */
1015 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1016 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1017 flog_warn(
1018 EC_OSPF_PACKET,
1019 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
1020 &ospfh->router_id, OPTIONS(oi),
1021 hello->options);
1022 return;
1023 }
1024
1025 /* get neighbour struct */
1026 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1027
1028 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1029 assert(nbr);
1030
1031 old_state = nbr->state;
1032
1033 /* Add event to thread. */
1034 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1035
1036 /* RFC2328 Section 9.5.1
1037 If the router is not eligible to become Designated Router,
1038 (snip) It must also send an Hello Packet in reply to an
1039 Hello Packet received from any eligible neighbor (other than
1040 the current Designated Router and Backup Designated Router). */
1041 if (oi->type == OSPF_IFTYPE_NBMA)
1042 if (PRIORITY(oi) == 0 && hello->priority > 0
1043 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1044 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1045 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1046 ospf_hello_reply_timer,
1047 OSPF_HELLO_REPLY_DELAY);
1048
1049 /* on NBMA network type, it happens to receive bidirectional Hello
1050 packet
1051 without advance 1-Way Received event.
1052 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1053 if (oi->type == OSPF_IFTYPE_NBMA
1054 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1055 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1056 nbr->priority = hello->priority;
1057 nbr->d_router = hello->d_router;
1058 nbr->bd_router = hello->bd_router;
1059 return;
1060 }
1061
1062 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1063 size - OSPF_HELLO_MIN_SIZE)) {
1064 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1065 nbr->options |= hello->options;
1066 } else {
1067 /* If the router is DR_OTHER, RESTARTER will not wait
1068 * until it receives the hello from it if it receives
1069 * from DR and BDR.
1070 * So, helper might receives ONW_WAY hello from
1071 * RESTARTER. So not allowing to change the state if it
1072 * receives one_way hellow when it acts as HELPER for
1073 * that specific neighbor.
1074 */
1075 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1076 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1077 /* Set neighbor information. */
1078 nbr->priority = hello->priority;
1079 nbr->d_router = hello->d_router;
1080 nbr->bd_router = hello->bd_router;
1081 return;
1082 }
1083
1084 /* If neighbor itself declares DR and no BDR exists,
1085 cause event BackupSeen */
1086 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1087 if (hello->bd_router.s_addr == INADDR_ANY
1088 && oi->state == ISM_Waiting)
1089 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1090
1091 /* neighbor itself declares BDR. */
1092 if (oi->state == ISM_Waiting
1093 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1094 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1095
1096 /* had not previously. */
1097 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1098 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1099 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1100 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1101 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1102
1103 /* had not previously. */
1104 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1105 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1106 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1107 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1108 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1109
1110 /* Neighbor priority check. */
1111 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1112 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1113
1114 /* Set neighbor information. */
1115 nbr->priority = hello->priority;
1116 nbr->d_router = hello->d_router;
1117 nbr->bd_router = hello->bd_router;
1118 }
1119
1120 /* Save DD flags/options/Seqnum received. */
1121 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1122 struct ospf_db_desc *dd)
1123 {
1124 nbr->last_recv.flags = dd->flags;
1125 nbr->last_recv.options = dd->options;
1126 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1127 }
1128
1129 /* Process rest of DD packet. */
1130 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1131 struct ospf_neighbor *nbr,
1132 struct ospf_db_desc *dd, uint16_t size)
1133 {
1134 struct ospf_lsa *new, *find;
1135 struct lsa_header *lsah;
1136
1137 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1138 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1139 size -= OSPF_LSA_HEADER_SIZE) {
1140 lsah = (struct lsa_header *)stream_pnt(s);
1141 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1142
1143 /* Unknown LS type. */
1144 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1145 flog_warn(EC_OSPF_PACKET,
1146 "Packet [DD:RECV]: Unknown LS type %d.",
1147 lsah->type);
1148 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1149 return;
1150 }
1151
1152 if (IS_OPAQUE_LSA(lsah->type)
1153 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1154 flog_warn(EC_OSPF_PACKET,
1155 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1156 lsah->type, &lsah->id);
1157 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1158 return;
1159 }
1160
1161 switch (lsah->type) {
1162 case OSPF_AS_EXTERNAL_LSA:
1163 case OSPF_OPAQUE_AS_LSA:
1164 /* Check for stub area. Reject if AS-External from stub
1165 but
1166 allow if from NSSA. */
1167 if (oi->area->external_routing == OSPF_AREA_STUB) {
1168 flog_warn(
1169 EC_OSPF_PACKET,
1170 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1171 lsah->type, &lsah->id,
1172 (oi->area->external_routing
1173 == OSPF_AREA_STUB)
1174 ? "STUB"
1175 : "NSSA");
1176 OSPF_NSM_EVENT_SCHEDULE(nbr,
1177 NSM_SeqNumberMismatch);
1178 return;
1179 }
1180 break;
1181 default:
1182 break;
1183 }
1184
1185 /* Create LS-request object. */
1186 new = ospf_ls_request_new(lsah);
1187
1188 /* Lookup received LSA, then add LS request list. */
1189 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1190
1191 /* ospf_lsa_more_recent is fine with NULL pointers */
1192 switch (ospf_lsa_more_recent(find, new)) {
1193 case -1:
1194 /* Neighbour has a more recent LSA, we must request it
1195 */
1196 ospf_ls_request_add(nbr, new);
1197 /* fallthru */
1198 case 0:
1199 /* If we have a copy of this LSA, it's either less
1200 * recent
1201 * and we're requesting it from neighbour (the case
1202 * above), or
1203 * it's as recent and we both have same copy (this
1204 * case).
1205 *
1206 * In neither of these two cases is there any point in
1207 * describing our copy of the LSA to the neighbour in a
1208 * DB-Summary packet, if we're still intending to do so.
1209 *
1210 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1211 * backward compatible optimisation to OSPF DB Exchange
1212 * /
1213 * DB Description process implemented here.
1214 */
1215 if (find)
1216 ospf_lsdb_delete(&nbr->db_sum, find);
1217 ospf_lsa_discard(new);
1218 break;
1219 default:
1220 /* We have the more recent copy, nothing specific to do:
1221 * - no need to request neighbours stale copy
1222 * - must leave DB summary list copy alone
1223 */
1224 if (IS_DEBUG_OSPF_EVENT)
1225 zlog_debug(
1226 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1227 lsah->type, &lsah->id);
1228 ospf_lsa_discard(new);
1229 }
1230 }
1231
1232 /* Master */
1233 if (IS_SET_DD_MS(nbr->dd_flags)) {
1234 nbr->dd_seqnum++;
1235
1236 /* Both sides have no More, then we're done with Exchange */
1237 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1238 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1239 else
1240 ospf_db_desc_send(nbr);
1241 }
1242 /* Slave */
1243 else {
1244 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1245
1246 /* Send DD packet in reply.
1247 *
1248 * Must be done to acknowledge the Master's DD, regardless of
1249 * whether we have more LSAs ourselves to describe.
1250 *
1251 * This function will clear the 'More' bit, if after this DD
1252 * we have no more LSAs to describe to the master..
1253 */
1254 ospf_db_desc_send(nbr);
1255
1256 /* Slave can raise ExchangeDone now, if master is also done */
1257 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1258 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1259 }
1260
1261 /* Save received neighbor values from DD. */
1262 ospf_db_desc_save_current(nbr, dd);
1263
1264 if (!nbr->t_ls_req)
1265 ospf_ls_req_send(nbr);
1266 }
1267
1268 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1269 struct ospf_neighbor *nbr)
1270 {
1271 /* Is DD duplicated? */
1272 if (dd->options == nbr->last_recv.options
1273 && dd->flags == nbr->last_recv.flags
1274 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1275 return 1;
1276
1277 return 0;
1278 }
1279
1280 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1281 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1282 struct stream *s, struct ospf_interface *oi,
1283 uint16_t size)
1284 {
1285 struct ospf_db_desc *dd;
1286 struct ospf_neighbor *nbr;
1287
1288 /* Increment statistics. */
1289 oi->db_desc_in++;
1290
1291 dd = (struct ospf_db_desc *)stream_pnt(s);
1292
1293 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1294 if (nbr == NULL) {
1295 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1296 &ospfh->router_id);
1297 return;
1298 }
1299
1300 /* Check MTU. */
1301 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1302 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1303 flog_warn(
1304 EC_OSPF_PACKET,
1305 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1306 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
1307 oi->ifp->mtu);
1308 return;
1309 }
1310
1311 /*
1312 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1313 * not
1314 * required. In fact at least JunOS sends DD packets with P bit clear.
1315 * Until proper solution is developped, this hack should help.
1316 *
1317 * Update: According to the RFCs, N bit is specified /only/ for Hello
1318 * options, unfortunately its use in DD options is not specified. Hence
1319 * some
1320 * implementations follow E-bit semantics and set it in DD options, and
1321 * some
1322 * treat it as unspecified and hence follow the directive "default for
1323 * options is clear", ie unset.
1324 *
1325 * Reset the flag, as ospfd follows E-bit semantics.
1326 */
1327 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1328 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1329 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1330 if (IS_DEBUG_OSPF_EVENT)
1331 zlog_debug(
1332 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1333 &nbr->router_id);
1334 SET_FLAG(dd->options, OSPF_OPTION_NP);
1335 }
1336
1337 #ifdef REJECT_IF_TBIT_ON
1338 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1339 /*
1340 * In Hello protocol, optional capability must have checked
1341 * to prevent this T-bit enabled router be my neighbor.
1342 */
1343 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1344 &nbr->router_id);
1345 return;
1346 }
1347 #endif /* REJECT_IF_TBIT_ON */
1348
1349 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1350 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1351 /*
1352 * This node is not configured to handle O-bit, for now.
1353 * Clear it to ignore unsupported capability proposed by
1354 * neighbor.
1355 */
1356 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1357 }
1358
1359 /* Add event to thread. */
1360 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1361
1362 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1363 zlog_info(
1364 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
1365 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
1366 &nbr->router_id,
1367 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1368 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1369
1370 /* Process DD packet by neighbor status. */
1371 switch (nbr->state) {
1372 case NSM_Down:
1373 case NSM_Attempt:
1374 case NSM_TwoWay:
1375 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1376 zlog_info(
1377 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1378 &nbr->router_id,
1379 lookup_msg(ospf_nsm_state_msg, nbr->state,
1380 NULL));
1381 break;
1382 case NSM_Init:
1383 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1384 /* If the new state is ExStart, the processing of the current
1385 packet should then continue in this new state by falling
1386 through to case ExStart below. */
1387 if (nbr->state != NSM_ExStart)
1388 break;
1389 /* fallthru */
1390 case NSM_ExStart:
1391 /* Initial DBD */
1392 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1393 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1394 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1395 > 0) {
1396 /* We're Slave---obey */
1397 if (CHECK_FLAG(oi->ospf->config,
1398 OSPF_LOG_ADJACENCY_DETAIL))
1399 zlog_info(
1400 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1401 &nbr->router_id);
1402
1403 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1404
1405 /* Reset I/MS */
1406 UNSET_FLAG(nbr->dd_flags,
1407 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1408 } else {
1409 /* We're Master, ignore the initial DBD from
1410 * Slave */
1411 if (CHECK_FLAG(oi->ospf->config,
1412 OSPF_LOG_ADJACENCY_DETAIL))
1413 zlog_info(
1414 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1415 &nbr->router_id);
1416 break;
1417 }
1418 }
1419 /* Ack from the Slave */
1420 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1421 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1422 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1423 < 0) {
1424 zlog_info(
1425 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1426 &nbr->router_id);
1427 /* Reset I, leaving MS */
1428 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1429 } else {
1430 flog_warn(EC_OSPF_PACKET,
1431 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1432 &nbr->router_id);
1433 break;
1434 }
1435
1436 /* This is where the real Options are saved */
1437 nbr->options = dd->options;
1438
1439 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1440 if (IS_DEBUG_OSPF_EVENT)
1441 zlog_debug(
1442 "Neighbor[%pI4] is %sOpaque-capable.",
1443 &nbr->router_id,
1444 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1445 ? ""
1446 : "NOT ");
1447
1448 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1449 && IPV4_ADDR_SAME(&DR(oi),
1450 &nbr->address.u.prefix4)) {
1451 flog_warn(
1452 EC_OSPF_PACKET,
1453 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1454 &nbr->router_id);
1455 /* This situation is undesirable, but not a real
1456 * error. */
1457 }
1458 }
1459
1460 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1461
1462 /* continue processing rest of packet. */
1463 ospf_db_desc_proc(s, oi, nbr, dd, size);
1464 break;
1465 case NSM_Exchange:
1466 if (ospf_db_desc_is_dup(dd, nbr)) {
1467 if (IS_SET_DD_MS(nbr->dd_flags))
1468 /* Master: discard duplicated DD packet. */
1469 zlog_info(
1470 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1471 &nbr->router_id);
1472 else
1473 /* Slave: cause to retransmit the last Database
1474 Description. */
1475 {
1476 zlog_info(
1477 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1478 &nbr->router_id);
1479 ospf_db_desc_resend(nbr);
1480 }
1481 break;
1482 }
1483
1484 /* Otherwise DD packet should be checked. */
1485 /* Check Master/Slave bit mismatch */
1486 if (IS_SET_DD_MS(dd->flags)
1487 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1488 flog_warn(EC_OSPF_PACKET,
1489 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1490 &nbr->router_id);
1491 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1492 if (IS_DEBUG_OSPF_EVENT)
1493 zlog_debug(
1494 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1495 dd->flags, nbr->dd_flags);
1496 break;
1497 }
1498
1499 /* Check initialize bit is set. */
1500 if (IS_SET_DD_I(dd->flags)) {
1501 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1502 &nbr->router_id);
1503 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1504 break;
1505 }
1506
1507 /* Check DD Options. */
1508 if (dd->options != nbr->options) {
1509 flog_warn(EC_OSPF_PACKET,
1510 "Packet[DD]: Neighbor %pI4 options mismatch.",
1511 &nbr->router_id);
1512 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1513 break;
1514 }
1515
1516 /* Check DD sequence number. */
1517 if ((IS_SET_DD_MS(nbr->dd_flags)
1518 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1519 || (!IS_SET_DD_MS(nbr->dd_flags)
1520 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1521 flog_warn(
1522 EC_OSPF_PACKET,
1523 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1524 &nbr->router_id);
1525 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1526 break;
1527 }
1528
1529 /* Continue processing rest of packet. */
1530 ospf_db_desc_proc(s, oi, nbr, dd, size);
1531 break;
1532 case NSM_Loading:
1533 case NSM_Full:
1534 if (ospf_db_desc_is_dup(dd, nbr)) {
1535 if (IS_SET_DD_MS(nbr->dd_flags)) {
1536 /* Master should discard duplicate DD packet. */
1537 zlog_info(
1538 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1539 &nbr->router_id);
1540 break;
1541 } else {
1542 if (monotime_since(&nbr->last_send_ts, NULL)
1543 < nbr->v_inactivity * 1000000LL) {
1544 /* In states Loading and Full the slave
1545 must resend
1546 its last Database Description packet
1547 in response to
1548 duplicate Database Description
1549 packets received
1550 from the master. For this reason the
1551 slave must
1552 wait RouterDeadInterval seconds
1553 before freeing the
1554 last Database Description packet.
1555 Reception of a
1556 Database Description packet from the
1557 master after
1558 this interval will generate a
1559 SeqNumberMismatch
1560 neighbor event. RFC2328 Section 10.8
1561 */
1562 ospf_db_desc_resend(nbr);
1563 break;
1564 }
1565 }
1566 }
1567
1568 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1569 break;
1570 default:
1571 flog_warn(EC_OSPF_PACKET,
1572 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1573 &nbr->router_id, nbr->state);
1574 break;
1575 }
1576 }
1577
1578 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1579
1580 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1581 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1582 struct stream *s, struct ospf_interface *oi,
1583 uint16_t size)
1584 {
1585 struct ospf_neighbor *nbr;
1586 uint32_t ls_type;
1587 struct in_addr ls_id;
1588 struct in_addr adv_router;
1589 struct ospf_lsa *find;
1590 struct list *ls_upd;
1591 unsigned int length;
1592
1593 /* Increment statistics. */
1594 oi->ls_req_in++;
1595
1596 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1597 if (nbr == NULL) {
1598 flog_warn(EC_OSPF_PACKET,
1599 "Link State Request: Unknown Neighbor %pI4",
1600 &ospfh->router_id);
1601 return;
1602 }
1603
1604 /* Add event to thread. */
1605 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1606
1607 /* Neighbor State should be Exchange or later. */
1608 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1609 && nbr->state != NSM_Full) {
1610 flog_warn(
1611 EC_OSPF_PACKET,
1612 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1613 &ospfh->router_id,
1614 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1615 return;
1616 }
1617
1618 /* Send Link State Update for ALL requested LSAs. */
1619 ls_upd = list_new();
1620 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1621
1622 while (size >= OSPF_LSA_KEY_SIZE) {
1623 /* Get one slice of Link State Request. */
1624 ls_type = stream_getl(s);
1625 ls_id.s_addr = stream_get_ipv4(s);
1626 adv_router.s_addr = stream_get_ipv4(s);
1627
1628 /* Verify LSA type. */
1629 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1630 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1631 list_delete(&ls_upd);
1632 return;
1633 }
1634
1635 /* Search proper LSA in LSDB. */
1636 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1637 adv_router);
1638 if (find == NULL) {
1639 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1640 list_delete(&ls_upd);
1641 return;
1642 }
1643
1644 /* Packet overflows MTU size, send immediately. */
1645 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1646 if (oi->type == OSPF_IFTYPE_NBMA)
1647 ospf_ls_upd_send(nbr, ls_upd,
1648 OSPF_SEND_PACKET_DIRECT, 0);
1649 else
1650 ospf_ls_upd_send(nbr, ls_upd,
1651 OSPF_SEND_PACKET_INDIRECT, 0);
1652
1653 /* Only remove list contents. Keep ls_upd. */
1654 list_delete_all_node(ls_upd);
1655
1656 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1657 }
1658
1659 /* Append LSA to update list. */
1660 listnode_add(ls_upd, find);
1661 length += ntohs(find->data->length);
1662
1663 size -= OSPF_LSA_KEY_SIZE;
1664 }
1665
1666 /* Send rest of Link State Update. */
1667 if (listcount(ls_upd) > 0) {
1668 if (oi->type == OSPF_IFTYPE_NBMA)
1669 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1670 0);
1671 else
1672 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1673 0);
1674
1675 list_delete(&ls_upd);
1676 } else
1677 list_delete(&ls_upd);
1678 }
1679
1680 /* Get the list of LSAs from Link State Update packet.
1681 And process some validation -- RFC2328 Section 13. (1)-(2). */
1682 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1683 struct stream *s,
1684 struct ospf_interface *oi, size_t size)
1685 {
1686 uint16_t count, sum;
1687 uint32_t length;
1688 struct lsa_header *lsah;
1689 struct ospf_lsa *lsa;
1690 struct list *lsas;
1691
1692 lsas = list_new();
1693
1694 count = stream_getl(s);
1695 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1696
1697 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1698 size -= length, stream_forward_getp(s, length), count--) {
1699 lsah = (struct lsa_header *)stream_pnt(s);
1700 length = ntohs(lsah->length);
1701
1702 if (length > size) {
1703 flog_warn(
1704 EC_OSPF_PACKET,
1705 "Link State Update: LSA length exceeds packet size.");
1706 break;
1707 }
1708
1709 /* Validate the LSA's LS checksum. */
1710 sum = lsah->checksum;
1711 if (!ospf_lsa_checksum_valid(lsah)) {
1712 /* (bug #685) more details in a one-line message make it
1713 * possible
1714 * to identify problem source on the one hand and to
1715 * have a better
1716 * chance to compress repeated messages in syslog on the
1717 * other */
1718 flog_warn(
1719 EC_OSPF_PACKET,
1720 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1721 sum, lsah->checksum, &lsah->id,
1722 &nbr->src, &nbr->router_id,
1723 &lsah->adv_router);
1724 continue;
1725 }
1726
1727 /* Examine the LSA's LS type. */
1728 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1729 flog_warn(EC_OSPF_PACKET,
1730 "Link State Update: Unknown LS type %d",
1731 lsah->type);
1732 continue;
1733 }
1734
1735 /*
1736 * What if the received LSA's age is greater than MaxAge?
1737 * Treat it as a MaxAge case -- endo.
1738 */
1739 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1740 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1741
1742 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1743 #ifdef STRICT_OBIT_USAGE_CHECK
1744 if ((IS_OPAQUE_LSA(lsah->type)
1745 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1746 || (!IS_OPAQUE_LSA(lsah->type)
1747 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1748 /*
1749 * This neighbor must know the exact usage of
1750 * O-bit;
1751 * the bit will be set in Type-9,10,11 LSAs
1752 * only.
1753 */
1754 flog_warn(EC_OSPF_PACKET,
1755 "LSA[Type%d:%pI4]: O-bit abuse?",
1756 lsah->type, &lsah->id);
1757 continue;
1758 }
1759 #endif /* STRICT_OBIT_USAGE_CHECK */
1760
1761 /* Do not take in AS External Opaque-LSAs if we are a
1762 * stub. */
1763 if (lsah->type == OSPF_OPAQUE_AS_LSA
1764 && nbr->oi->area->external_routing
1765 != OSPF_AREA_DEFAULT) {
1766 if (IS_DEBUG_OSPF_EVENT)
1767 zlog_debug(
1768 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
1769 lsah->type,
1770 &lsah->id);
1771 continue;
1772 }
1773 } else if (IS_OPAQUE_LSA(lsah->type)) {
1774 flog_warn(EC_OSPF_PACKET,
1775 "LSA[Type%d:%pI4]: Opaque capability mismatch?",
1776 lsah->type, &lsah->id);
1777 continue;
1778 }
1779
1780 /* Create OSPF LSA instance. */
1781 lsa = ospf_lsa_new_and_data(length);
1782
1783 lsa->vrf_id = oi->ospf->vrf_id;
1784 /* We may wish to put some error checking if type NSSA comes in
1785 and area not in NSSA mode */
1786 switch (lsah->type) {
1787 case OSPF_AS_EXTERNAL_LSA:
1788 case OSPF_OPAQUE_AS_LSA:
1789 lsa->area = NULL;
1790 break;
1791 case OSPF_OPAQUE_LINK_LSA:
1792 lsa->oi = oi; /* Remember incoming interface for
1793 flooding control. */
1794 /* Fallthrough */
1795 default:
1796 lsa->area = oi->area;
1797 break;
1798 }
1799
1800 memcpy(lsa->data, lsah, length);
1801
1802 if (IS_DEBUG_OSPF_EVENT)
1803 zlog_debug(
1804 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1805 lsa->data->type, &lsa->data->id,
1806 (void *)lsa);
1807 listnode_add(lsas, lsa);
1808 }
1809
1810 return lsas;
1811 }
1812
1813 /* Cleanup Update list. */
1814 static void ospf_upd_list_clean(struct list *lsas)
1815 {
1816 struct listnode *node, *nnode;
1817 struct ospf_lsa *lsa;
1818
1819 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1820 ospf_lsa_discard(lsa);
1821
1822 list_delete(&lsas);
1823 }
1824
1825 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1826 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1827 struct ospf_header *ospfh, struct stream *s,
1828 struct ospf_interface *oi, uint16_t size)
1829 {
1830 struct ospf_neighbor *nbr;
1831 struct list *lsas;
1832 struct listnode *node, *nnode;
1833 struct ospf_lsa *lsa = NULL;
1834 /* unsigned long ls_req_found = 0; */
1835
1836 /* Dis-assemble the stream, update each entry, re-encapsulate for
1837 * flooding */
1838
1839 /* Increment statistics. */
1840 oi->ls_upd_in++;
1841
1842 /* Check neighbor. */
1843 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1844 if (nbr == NULL) {
1845 flog_warn(EC_OSPF_PACKET,
1846 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1847 &ospfh->router_id, IF_NAME(oi));
1848 return;
1849 }
1850
1851 /* Add event to thread. */
1852 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1853
1854 /* Check neighbor state. */
1855 if (nbr->state < NSM_Exchange) {
1856 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1857 zlog_debug(
1858 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1859 &ospfh->router_id,
1860 lookup_msg(ospf_nsm_state_msg, nbr->state,
1861 NULL));
1862 return;
1863 }
1864
1865 /* Get list of LSAs from Link State Update packet. - Also performs
1866 * Stages 1 (validate LSA checksum) and 2 (check for LSA consistent
1867 * type) of section 13.
1868 */
1869 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1870
1871 if (lsas == NULL)
1872 return;
1873 #define DISCARD_LSA(L, N) \
1874 { \
1875 if (IS_DEBUG_OSPF_EVENT) \
1876 zlog_debug( \
1877 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1878 " Type-%d", \
1879 N, (void *)lsa, (int)lsa->data->type); \
1880 ospf_lsa_discard(L); \
1881 continue; \
1882 }
1883
1884 /* Process each LSA received in the one packet.
1885 *
1886 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1887 * text below are from the steps in RFC 2328, Section 13.
1888 */
1889 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1890 struct ospf_lsa *ls_ret, *current;
1891 int ret = 1;
1892
1893 if (IS_DEBUG_OSPF(lsa, LSA))
1894 zlog_debug("LSA Type-%d from %pI4, ID: %pI4, ADV: %pI4",
1895 lsa->data->type, &ospfh->router_id,
1896 &lsa->data->id, &lsa->data->adv_router);
1897
1898 listnode_delete(lsas,
1899 lsa); /* We don't need it in list anymore */
1900
1901 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1902 */
1903
1904 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1905
1906 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1907 */
1908
1909 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1910 */
1911
1912 /* Do take in Type-7's if we are an NSSA */
1913
1914 /* If we are also an ABR, later translate them to a Type-5
1915 * packet */
1916
1917 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1918 translate them to a separate Type-5 packet. */
1919
1920 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1921 /* Reject from STUB or NSSA */
1922 if (nbr->oi->area->external_routing
1923 != OSPF_AREA_DEFAULT) {
1924 if (IS_DEBUG_OSPF_NSSA)
1925 zlog_debug(
1926 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1927 DISCARD_LSA(lsa, 1);
1928 }
1929
1930 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1931 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1932 if (IS_DEBUG_OSPF_NSSA)
1933 zlog_debug(
1934 "Incoming NSSA LSA Discarded: Not NSSA Area");
1935 DISCARD_LSA(lsa, 2);
1936 }
1937
1938 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1939 if (lsa->data->type == OSPF_ROUTER_LSA)
1940 if (!IPV4_ADDR_SAME(&lsa->data->id,
1941 &lsa->data->adv_router)) {
1942 flog_err(
1943 EC_OSPF_ROUTER_LSA_MISMATCH,
1944 "Incoming Router-LSA from %pI4 with Adv-ID[%pI4] != LS-ID[%pI4]",
1945 &ospfh->router_id, &lsa->data->id,
1946 &lsa->data->adv_router);
1947 flog_err(
1948 EC_OSPF_DOMAIN_CORRUPT,
1949 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
1950 DISCARD_LSA(lsa, 0);
1951 }
1952
1953 /* Find the LSA in the current database. */
1954
1955 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1956
1957 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1958 currently
1959 no instance of the LSA in the router's link state database,
1960 and none of router's neighbors are in states Exchange or
1961 Loading,
1962 then take the following actions: */
1963
1964 if (IS_LSA_MAXAGE(lsa) && !current
1965 && ospf_check_nbr_status(oi->ospf)) {
1966 /* (4a) Response Link State Acknowledgment. */
1967 ospf_ls_ack_send(nbr, lsa);
1968
1969 /* (4b) Discard LSA. */
1970 if (IS_DEBUG_OSPF(lsa, LSA)) {
1971 zlog_debug(
1972 "Link State Update[%s]: LS age is equal to MaxAge.",
1973 dump_lsa_key(lsa));
1974 }
1975 DISCARD_LSA(lsa, 3);
1976 }
1977
1978 if (IS_OPAQUE_LSA(lsa->data->type)
1979 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1980 &oi->ospf->router_id)) {
1981 /*
1982 * Even if initial flushing seems to be completed, there
1983 * might
1984 * be a case that self-originated LSA with MaxAge still
1985 * remain
1986 * in the routing domain.
1987 * Just send an LSAck message to cease retransmission.
1988 */
1989 if (IS_LSA_MAXAGE(lsa)) {
1990 zlog_info("LSA[%s]: Boomerang effect?",
1991 dump_lsa_key(lsa));
1992 ospf_ls_ack_send(nbr, lsa);
1993 ospf_lsa_discard(lsa);
1994
1995 if (current != NULL && !IS_LSA_MAXAGE(current))
1996 ospf_opaque_lsa_refresh_schedule(
1997 current);
1998 continue;
1999 }
2000
2001 /*
2002 * If an instance of self-originated Opaque-LSA is not
2003 * found
2004 * in the LSDB, there are some possible cases here.
2005 *
2006 * 1) This node lost opaque-capability after restart.
2007 * 2) Else, a part of opaque-type is no more supported.
2008 * 3) Else, a part of opaque-id is no more supported.
2009 *
2010 * Anyway, it is still this node's responsibility to
2011 * flush it.
2012 * Otherwise, the LSA instance remains in the routing
2013 * domain
2014 * until its age reaches to MaxAge.
2015 */
2016 /* XXX: We should deal with this for *ALL* LSAs, not
2017 * just opaque */
2018 if (current == NULL) {
2019 if (IS_DEBUG_OSPF_EVENT)
2020 zlog_debug(
2021 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
2022 dump_lsa_key(lsa));
2023
2024 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2025
2026 ospf_ls_ack_send(nbr, lsa);
2027
2028 if (!ospf->gr_info.restart_in_progress) {
2029 ospf_opaque_self_originated_lsa_received(
2030 nbr, lsa);
2031 continue;
2032 }
2033 }
2034 }
2035
2036 /* It might be happen that received LSA is self-originated
2037 * network LSA, but
2038 * router ID is changed. So, we should check if LSA is a
2039 * network-LSA whose
2040 * Link State ID is one of the router's own IP interface
2041 * addresses but whose
2042 * Advertising Router is not equal to the router's own Router ID
2043 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2044 * flushed.
2045 */
2046
2047 if (lsa->data->type == OSPF_NETWORK_LSA) {
2048 struct listnode *oinode, *oinnode;
2049 struct ospf_interface *out_if;
2050 int Flag = 0;
2051
2052 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2053 oinnode, out_if)) {
2054 if (out_if == NULL)
2055 break;
2056
2057 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2058 &lsa->data->id))
2059 && (!(IPV4_ADDR_SAME(
2060 &oi->ospf->router_id,
2061 &lsa->data->adv_router)))) {
2062 if (out_if->network_lsa_self) {
2063 ospf_lsa_flush_area(
2064 lsa, out_if->area);
2065 if (IS_DEBUG_OSPF_EVENT)
2066 zlog_debug(
2067 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2068 (void *)lsa,
2069 (int)lsa->data
2070 ->type);
2071 ospf_lsa_discard(lsa);
2072 Flag = 1;
2073 }
2074 break;
2075 }
2076 }
2077 if (Flag)
2078 continue;
2079 }
2080
2081 /* (5) Find the instance of this LSA that is currently contained
2082 in the router's link state database. If there is no
2083 database copy, or the received LSA is more recent than
2084 the database copy the following steps must be performed.
2085 (The sub steps from RFC 2328 section 13 step (5) will be
2086 performed in
2087 ospf_flood() ) */
2088
2089 if (current == NULL
2090 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2091 /* CVE-2017-3224 */
2092 if (current && (lsa->data->ls_seqnum ==
2093 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2094 && !IS_LSA_MAXAGE(lsa))) {
2095 zlog_debug(
2096 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2097 dump_lsa_key(lsa));
2098
2099 DISCARD_LSA(lsa, 4);
2100 }
2101
2102 /* Actual flooding procedure. */
2103 if (ospf_flood(oi->ospf, nbr, current, lsa)
2104 < 0) /* Trap NSSA later. */
2105 DISCARD_LSA(lsa, 5);
2106 continue;
2107 }
2108
2109 /* (6) Else, If there is an instance of the LSA on the sending
2110 neighbor's Link state request list, an error has occurred in
2111 the Database Exchange process. In this case, restart the
2112 Database Exchange process by generating the neighbor event
2113 BadLSReq for the sending neighbor and stop processing the
2114 Link State Update packet. */
2115
2116 if (ospf_ls_request_lookup(nbr, lsa)) {
2117 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2118 flog_warn(
2119 EC_OSPF_PACKET,
2120 "LSA[%s] instance exists on Link state request list",
2121 dump_lsa_key(lsa));
2122
2123 /* Clean list of LSAs. */
2124 ospf_upd_list_clean(lsas);
2125 /* this lsa is not on lsas list already. */
2126 ospf_lsa_discard(lsa);
2127 return;
2128 }
2129
2130 /* If the received LSA is the same instance as the database copy
2131 (i.e., neither one is more recent) the following two steps
2132 should be performed: */
2133
2134 if (ret == 0) {
2135 /* If the LSA is listed in the Link state retransmission
2136 list
2137 for the receiving adjacency, the router itself is
2138 expecting
2139 an acknowledgment for this LSA. The router should
2140 treat the
2141 received LSA as an acknowledgment by removing the LSA
2142 from
2143 the Link state retransmission list. This is termed
2144 an
2145 "implied acknowledgment". */
2146
2147 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2148
2149 if (ls_ret != NULL) {
2150 ospf_ls_retransmit_delete(nbr, ls_ret);
2151
2152 /* Delayed acknowledgment sent if advertisement
2153 received
2154 from Designated Router, otherwise do nothing.
2155 */
2156 if (oi->state == ISM_Backup)
2157 if (NBR_IS_DR(nbr))
2158 listnode_add(
2159 oi->ls_ack,
2160 ospf_lsa_lock(lsa));
2161
2162 DISCARD_LSA(lsa, 6);
2163 } else
2164 /* Acknowledge the receipt of the LSA by sending a
2165 Link State Acknowledgment packet back out the
2166 receiving
2167 interface. */
2168 {
2169 ospf_ls_ack_send(nbr, lsa);
2170 DISCARD_LSA(lsa, 7);
2171 }
2172 }
2173
2174 /* The database copy is more recent. If the database copy
2175 has LS age equal to MaxAge and LS sequence number equal to
2176 MaxSequenceNumber, simply discard the received LSA without
2177 acknowledging it. (In this case, the LSA's LS sequence number
2178 is
2179 wrapping, and the MaxSequenceNumber LSA must be completely
2180 flushed before any new LSA instance can be introduced). */
2181
2182 else if (ret > 0) /* Database copy is more recent */
2183 {
2184 if (IS_LSA_MAXAGE(current)
2185 && current->data->ls_seqnum
2186 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2187 DISCARD_LSA(lsa, 8);
2188 }
2189 /* Otherwise, as long as the database copy has not been
2190 sent in a
2191 Link State Update within the last MinLSArrival
2192 seconds, send the
2193 database copy back to the sending neighbor,
2194 encapsulated within
2195 a Link State Update Packet. The Link State Update
2196 Packet should
2197 be sent directly to the neighbor. In so doing, do not
2198 put the
2199 database copy of the LSA on the neighbor's link state
2200 retransmission list, and do not acknowledge the
2201 received (less
2202 recent) LSA instance. */
2203 else {
2204 if (monotime_since(&current->tv_orig, NULL)
2205 >= ospf->min_ls_arrival * 1000LL)
2206 /* Trap NSSA type later.*/
2207 ospf_ls_upd_send_lsa(
2208 nbr, current,
2209 OSPF_SEND_PACKET_DIRECT);
2210 DISCARD_LSA(lsa, 9);
2211 }
2212 }
2213 }
2214 #undef DISCARD_LSA
2215
2216 assert(listcount(lsas) == 0);
2217 list_delete(&lsas);
2218
2219 if (ospf->gr_info.restart_in_progress)
2220 ospf_gr_check_lsdb_consistency(oi->ospf, oi->area);
2221 }
2222
2223 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2224 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2225 struct stream *s, struct ospf_interface *oi,
2226 uint16_t size)
2227 {
2228 struct ospf_neighbor *nbr;
2229
2230 /* increment statistics. */
2231 oi->ls_ack_in++;
2232
2233 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2234 if (nbr == NULL) {
2235 flog_warn(EC_OSPF_PACKET,
2236 "Link State Acknowledgment: Unknown Neighbor %pI4",
2237 &ospfh->router_id);
2238 return;
2239 }
2240
2241 /* Add event to thread. */
2242 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2243
2244 if (nbr->state < NSM_Exchange) {
2245 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2246 zlog_debug(
2247 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2248 &ospfh->router_id,
2249 lookup_msg(ospf_nsm_state_msg, nbr->state,
2250 NULL));
2251 return;
2252 }
2253
2254 while (size >= OSPF_LSA_HEADER_SIZE) {
2255 struct ospf_lsa *lsa, *lsr;
2256
2257 lsa = ospf_lsa_new();
2258 lsa->data = (struct lsa_header *)stream_pnt(s);
2259 lsa->vrf_id = oi->ospf->vrf_id;
2260
2261 /* lsah = (struct lsa_header *) stream_pnt (s); */
2262 size -= OSPF_LSA_HEADER_SIZE;
2263 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2264
2265 if (lsa->data->type < OSPF_MIN_LSA
2266 || lsa->data->type >= OSPF_MAX_LSA) {
2267 lsa->data = NULL;
2268 ospf_lsa_discard(lsa);
2269 continue;
2270 }
2271
2272 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2273
2274 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2275 ospf_ls_retransmit_delete(nbr, lsr);
2276
2277 lsa->data = NULL;
2278 ospf_lsa_discard(lsa);
2279 }
2280
2281 return;
2282 }
2283
2284 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2285 struct interface **ifp,
2286 struct stream *ibuf)
2287 {
2288 int ret;
2289 struct ip *iph;
2290 uint16_t ip_len;
2291 ifindex_t ifindex = 0;
2292 struct iovec iov;
2293 /* Header and data both require alignment. */
2294 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2295 struct msghdr msgh;
2296
2297 memset(&msgh, 0, sizeof(struct msghdr));
2298 msgh.msg_iov = &iov;
2299 msgh.msg_iovlen = 1;
2300 msgh.msg_control = (caddr_t)buff;
2301 msgh.msg_controllen = sizeof(buff);
2302
2303 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2304 OSPF_MAX_PACKET_SIZE + 1);
2305 if (ret < 0) {
2306 if (errno != EAGAIN && errno != EWOULDBLOCK)
2307 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2308 safe_strerror(errno));
2309 return NULL;
2310 }
2311 if ((unsigned int)ret < sizeof(struct ip)) {
2312 flog_warn(
2313 EC_OSPF_PACKET,
2314 "ospf_recv_packet: discarding runt packet of length %d (ip header size is %u)",
2315 ret, (unsigned int)sizeof(iph));
2316 return NULL;
2317 }
2318
2319 /* Note that there should not be alignment problems with this assignment
2320 because this is at the beginning of the stream data buffer. */
2321 iph = (struct ip *)STREAM_DATA(ibuf);
2322 sockopt_iphdrincl_swab_systoh(iph);
2323
2324 ip_len = iph->ip_len;
2325
2326 #if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
2327 /*
2328 * Kernel network code touches incoming IP header parameters,
2329 * before protocol specific processing.
2330 *
2331 * 1) Convert byteorder to host representation.
2332 * --> ip_len, ip_id, ip_off
2333 *
2334 * 2) Adjust ip_len to strip IP header size!
2335 * --> If user process receives entire IP packet via RAW
2336 * socket, it must consider adding IP header size to
2337 * the "ip_len" field of "ip" structure.
2338 *
2339 * For more details, see <netinet/ip_input.c>.
2340 */
2341 ip_len = ip_len + (iph->ip_hl << 2);
2342 #endif
2343
2344 #if defined(__DragonFly__)
2345 /*
2346 * in DragonFly's raw socket, ip_len/ip_off are read
2347 * in network byte order.
2348 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2349 */
2350 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2351 #endif
2352
2353 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2354
2355 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2356
2357 if (ret != ip_len) {
2358 flog_warn(
2359 EC_OSPF_PACKET,
2360 "ospf_recv_packet read length mismatch: ip_len is %d, but recvmsg returned %d",
2361 ip_len, ret);
2362 return NULL;
2363 }
2364
2365 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2366 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2367 ospf_get_name(ospf), ifindex,
2368 *ifp ? (*ifp)->name : "Unknown");
2369 return ibuf;
2370 }
2371
2372 static struct ospf_interface *
2373 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2374 struct ip *iph, struct ospf_header *ospfh)
2375 {
2376 struct ospf_interface *rcv_oi;
2377 struct ospf_vl_data *vl_data;
2378 struct ospf_area *vl_area;
2379 struct listnode *node;
2380
2381 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2382 || !OSPF_IS_AREA_BACKBONE(ospfh))
2383 return NULL;
2384
2385 /* look for local OSPF interface matching the destination
2386 * to determine Area ID. We presume therefore the destination address
2387 * is unique, or at least (for "unnumbered" links), not used in other
2388 * areas
2389 */
2390 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2391 == NULL)
2392 return NULL;
2393
2394 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2395 vl_area =
2396 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2397 if (!vl_area)
2398 continue;
2399
2400 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2401 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2402 if (IS_DEBUG_OSPF_EVENT)
2403 zlog_debug("associating packet with %s",
2404 IF_NAME(vl_data->vl_oi));
2405 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2406 if (IS_DEBUG_OSPF_EVENT)
2407 zlog_debug(
2408 "This VL is not up yet, sorry");
2409 return NULL;
2410 }
2411
2412 return vl_data->vl_oi;
2413 }
2414 }
2415
2416 if (IS_DEBUG_OSPF_EVENT)
2417 zlog_debug("couldn't find any VL to associate the packet with");
2418
2419 return NULL;
2420 }
2421
2422 static int ospf_check_area_id(struct ospf_interface *oi,
2423 struct ospf_header *ospfh)
2424 {
2425 /* Check match the Area ID of the receiving interface. */
2426 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2427 return 1;
2428
2429 return 0;
2430 }
2431
2432 /* Unbound socket will accept any Raw IP packets if proto is matched.
2433 To prevent it, compare src IP address and i/f address with masking
2434 i/f network mask. */
2435 static int ospf_check_network_mask(struct ospf_interface *oi,
2436 struct in_addr ip_src)
2437 {
2438 struct in_addr mask, me, him;
2439
2440 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2441 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2442 return 1;
2443
2444 /* Ignore mask check for max prefix length (32) */
2445 if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
2446 && oi->address->prefixlen == IPV4_MAX_BITLEN)
2447 return 1;
2448
2449 masklen2ip(oi->address->prefixlen, &mask);
2450
2451 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2452 him.s_addr = ip_src.s_addr & mask.s_addr;
2453
2454 if (IPV4_ADDR_SAME(&me, &him))
2455 return 1;
2456
2457 return 0;
2458 }
2459
2460 /* Return 1, if the packet is properly authenticated and checksummed,
2461 0 otherwise. In particular, check that AuType header field is valid and
2462 matches the locally configured AuType, and that D.5 requirements are met. */
2463 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2464 {
2465 struct crypt_key *ck;
2466 uint16_t iface_auth_type;
2467 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2468
2469 switch (pkt_auth_type) {
2470 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2471 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2472 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2473 flog_warn(
2474 EC_OSPF_PACKET,
2475 "interface %s: auth-type mismatch, local %s, rcvd Null",
2476 IF_NAME(oi),
2477 lookup_msg(ospf_auth_type_str,
2478 iface_auth_type, NULL));
2479 return 0;
2480 }
2481 if (!ospf_check_sum(ospfh)) {
2482 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2483 flog_warn(
2484 EC_OSPF_PACKET,
2485 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
2486 IF_NAME(oi),
2487 &ospfh->router_id);
2488 return 0;
2489 }
2490 return 1;
2491 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2492 if (OSPF_AUTH_SIMPLE
2493 != (iface_auth_type = ospf_auth_type(oi))) {
2494 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2495 flog_warn(
2496 EC_OSPF_PACKET,
2497 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2498 IF_NAME(oi),
2499 lookup_msg(ospf_auth_type_str,
2500 iface_auth_type, NULL));
2501 return 0;
2502 }
2503 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2504 OSPF_AUTH_SIMPLE_SIZE)) {
2505 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2506 flog_warn(EC_OSPF_PACKET,
2507 "interface %s: Simple auth failed",
2508 IF_NAME(oi));
2509 return 0;
2510 }
2511 if (!ospf_check_sum(ospfh)) {
2512 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2513 flog_warn(
2514 EC_OSPF_PACKET,
2515 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
2516 IF_NAME(oi),
2517 &ospfh->router_id);
2518 return 0;
2519 }
2520 return 1;
2521 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2522 if (OSPF_AUTH_CRYPTOGRAPHIC
2523 != (iface_auth_type = ospf_auth_type(oi))) {
2524 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2525 flog_warn(
2526 EC_OSPF_PACKET,
2527 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2528 IF_NAME(oi),
2529 lookup_msg(ospf_auth_type_str,
2530 iface_auth_type, NULL));
2531 return 0;
2532 }
2533 if (ospfh->checksum) {
2534 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2535 flog_warn(
2536 EC_OSPF_PACKET,
2537 "interface %s: OSPF header checksum is not 0",
2538 IF_NAME(oi));
2539 return 0;
2540 }
2541 /* only MD5 crypto method can pass ospf_packet_examin() */
2542 if (NULL == (ck = listgetdata(
2543 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2544 || ospfh->u.crypt.key_id != ck->key_id ||
2545 /* Condition above uses the last key ID on the list,
2546 which is
2547 different from what ospf_crypt_key_lookup() does. A
2548 bug? */
2549 !ospf_check_md5_digest(oi, ospfh)) {
2550 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2551 flog_warn(EC_OSPF_MD5,
2552 "interface %s: MD5 auth failed",
2553 IF_NAME(oi));
2554 return 0;
2555 }
2556 return 1;
2557 default:
2558 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2559 flog_warn(
2560 EC_OSPF_PACKET,
2561 "interface %s: invalid packet auth-type (%02x)",
2562 IF_NAME(oi), pkt_auth_type);
2563 return 0;
2564 }
2565 }
2566
2567 static int ospf_check_sum(struct ospf_header *ospfh)
2568 {
2569 uint32_t ret;
2570 uint16_t sum;
2571
2572 /* clear auth_data for checksum. */
2573 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2574
2575 /* keep checksum and clear. */
2576 sum = ospfh->checksum;
2577 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2578
2579 /* calculate checksum. */
2580 ret = in_cksum(ospfh, ntohs(ospfh->length));
2581
2582 if (ret != sum) {
2583 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2584 ret, sum);
2585 return 0;
2586 }
2587
2588 return 1;
2589 }
2590
2591 /* Verify, that given link/TOS records are properly sized/aligned and match
2592 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2593 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2594 uint16_t linkbytes,
2595 const uint16_t num_links)
2596 {
2597 unsigned counted_links = 0, thislinklen;
2598
2599 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
2600 thislinklen =
2601 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2602 if (thislinklen > linkbytes) {
2603 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2604 zlog_debug("%s: length error in link block #%u",
2605 __func__, counted_links);
2606 return MSG_NG;
2607 }
2608 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2609 linkbytes -= thislinklen;
2610 counted_links++;
2611 }
2612 if (counted_links != num_links) {
2613 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2614 zlog_debug("%s: %u link blocks declared, %u present",
2615 __func__, num_links, counted_links);
2616 return MSG_NG;
2617 }
2618 return MSG_OK;
2619 }
2620
2621 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2622 minimum length constraint). */
2623 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2624 const uint8_t headeronly)
2625 {
2626 unsigned ret;
2627 struct router_lsa *rlsa;
2628 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2629 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2630 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2631 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2632 lookup_msg(ospf_lsa_type_msg, lsah->type,
2633 NULL));
2634 return MSG_NG;
2635 }
2636 switch (lsah->type) {
2637 case OSPF_ROUTER_LSA: {
2638 /*
2639 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2640 * (12+)-byte link blocks
2641 */
2642 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2643 - OSPF_ROUTER_LSA_MIN_SIZE;
2644
2645 /*
2646 * LSA link blocks are variable length but always multiples of
2647 * 4; basic sanity check
2648 */
2649 if (linkbytes_len % 4 != 0)
2650 return MSG_NG;
2651
2652 if (headeronly)
2653 return MSG_OK;
2654
2655 rlsa = (struct router_lsa *)lsah;
2656
2657 ret = ospf_router_lsa_links_examin(
2658 (struct router_lsa_link *)rlsa->link,
2659 linkbytes_len,
2660 ntohs(rlsa->links));
2661 break;
2662 }
2663 case OSPF_AS_EXTERNAL_LSA:
2664 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2665 * blocks */
2666 case OSPF_AS_NSSA_LSA:
2667 /* RFC3101 C, idem */
2668 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2669 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2670 % 12
2671 ? MSG_NG
2672 : MSG_OK;
2673 break;
2674 /* Following LSA types are considered OK length-wise as soon as their
2675 * minimum
2676 * length constraint is met and length of the whole LSA is a multiple of
2677 * 4
2678 * (basic LSA header size is already a multiple of 4). */
2679 case OSPF_NETWORK_LSA:
2680 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2681 case OSPF_SUMMARY_LSA:
2682 case OSPF_ASBR_SUMMARY_LSA:
2683 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2684 * blocks */
2685 case OSPF_OPAQUE_LINK_LSA:
2686 case OSPF_OPAQUE_AREA_LSA:
2687 case OSPF_OPAQUE_AS_LSA:
2688 /* RFC5250 A.2, "some number of octets (of application-specific
2689 * data) padded to 32-bit alignment." This is considered
2690 * equivalent
2691 * to 4-byte alignment of all other LSA types, see
2692 * OSPF-ALIGNMENT.txt
2693 * file for the detailed analysis of this passage. */
2694 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2695 break;
2696 default:
2697 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2698 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2699 lsah->type);
2700 return MSG_NG;
2701 }
2702 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2703 zlog_debug("%s: alignment error in %s", __func__,
2704 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2705 return ret;
2706 }
2707
2708 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2709 includes verification of LSA blocks length/alignment and dispatching
2710 of deeper-level checks. */
2711 static unsigned
2712 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2713 size_t length, const uint8_t headeronly,
2714 /* When declared_num_lsas is not 0, compare it to the real
2715 number of LSAs
2716 and treat the difference as an error. */
2717 const uint32_t declared_num_lsas)
2718 {
2719 uint32_t counted_lsas = 0;
2720
2721 while (length) {
2722 uint16_t lsalen;
2723 if (length < OSPF_LSA_HEADER_SIZE) {
2724 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2725 zlog_debug(
2726 "%s: undersized (%zu B) trailing (#%u) LSA header",
2727 __func__, length, counted_lsas);
2728 return MSG_NG;
2729 }
2730 /* save on ntohs() calls here and in the LSA validator */
2731 lsalen = ntohs(lsah->length);
2732 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2733 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2734 zlog_debug(
2735 "%s: malformed LSA header #%u, declared length is %u B",
2736 __func__, counted_lsas, lsalen);
2737 return MSG_NG;
2738 }
2739 if (headeronly) {
2740 /* less checks here and in ospf_lsa_examin() */
2741 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2742 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2743 zlog_debug(
2744 "%s: malformed header-only LSA #%u",
2745 __func__, counted_lsas);
2746 return MSG_NG;
2747 }
2748 lsah = (struct lsa_header *)((caddr_t)lsah
2749 + OSPF_LSA_HEADER_SIZE);
2750 length -= OSPF_LSA_HEADER_SIZE;
2751 } else {
2752 /* make sure the input buffer is deep enough before
2753 * further checks */
2754 if (lsalen > length) {
2755 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2756 zlog_debug(
2757 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2758 __func__, counted_lsas, lsalen,
2759 length);
2760 return MSG_NG;
2761 }
2762 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2763 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2764 zlog_debug("%s: malformed LSA #%u",
2765 __func__, counted_lsas);
2766 return MSG_NG;
2767 }
2768 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2769 length -= lsalen;
2770 }
2771 counted_lsas++;
2772 }
2773
2774 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2775 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2776 zlog_debug(
2777 "%s: #LSAs declared (%u) does not match actual (%u)",
2778 __func__, declared_num_lsas, counted_lsas);
2779 return MSG_NG;
2780 }
2781 return MSG_OK;
2782 }
2783
2784 /* Verify a complete OSPF packet for proper sizing/alignment. */
2785 static unsigned ospf_packet_examin(struct ospf_header *oh,
2786 const unsigned bytesonwire)
2787 {
2788 uint16_t bytesdeclared, bytesauth;
2789 unsigned ret;
2790 struct ospf_ls_update *lsupd;
2791
2792 /* Length, 1st approximation. */
2793 if (bytesonwire < OSPF_HEADER_SIZE) {
2794 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2795 zlog_debug("%s: undersized (%u B) packet", __func__,
2796 bytesonwire);
2797 return MSG_NG;
2798 }
2799 /* Now it is safe to access header fields. Performing length check,
2800 * allow
2801 * for possible extra bytes of crypto auth/padding, which are not
2802 * counted
2803 * in the OSPF header "length" field. */
2804 if (oh->version != OSPF_VERSION) {
2805 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2806 zlog_debug("%s: invalid (%u) protocol version",
2807 __func__, oh->version);
2808 return MSG_NG;
2809 }
2810 bytesdeclared = ntohs(oh->length);
2811 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2812 bytesauth = 0;
2813 else {
2814 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2815 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2816 zlog_debug(
2817 "%s: unsupported crypto auth length (%u B)",
2818 __func__, oh->u.crypt.auth_data_len);
2819 return MSG_NG;
2820 }
2821 bytesauth = OSPF_AUTH_MD5_SIZE;
2822 }
2823 if (bytesdeclared + bytesauth > bytesonwire) {
2824 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2825 zlog_debug(
2826 "%s: packet length error (%u real, %u+%u declared)",
2827 __func__, bytesonwire, bytesdeclared,
2828 bytesauth);
2829 return MSG_NG;
2830 }
2831 /* Length, 2nd approximation. The type-specific constraint is checked
2832 against declared length, not amount of bytes on wire. */
2833 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2834 && bytesdeclared
2835 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2836 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2837 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2838 bytesdeclared,
2839 lookup_msg(ospf_packet_type_str, oh->type,
2840 NULL));
2841 return MSG_NG;
2842 }
2843 switch (oh->type) {
2844 case OSPF_MSG_HELLO:
2845 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2846 followed
2847 by N>=0 router-IDs. */
2848 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2849 % 4
2850 ? MSG_NG
2851 : MSG_OK;
2852 break;
2853 case OSPF_MSG_DB_DESC:
2854 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2855 followed
2856 by N>=0 header-only LSAs. */
2857 ret = ospf_lsaseq_examin(
2858 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2859 + OSPF_DB_DESC_MIN_SIZE),
2860 bytesdeclared - OSPF_HEADER_SIZE
2861 - OSPF_DB_DESC_MIN_SIZE,
2862 1, /* header-only LSAs */
2863 0);
2864 break;
2865 case OSPF_MSG_LS_REQ:
2866 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2867 * request blocks. */
2868 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2869 % OSPF_LSA_KEY_SIZE
2870 ? MSG_NG
2871 : MSG_OK;
2872 break;
2873 case OSPF_MSG_LS_UPD:
2874 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2875 followed
2876 by N>=0 full LSAs (with N declared beforehand). */
2877 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2878 + OSPF_HEADER_SIZE);
2879 ret = ospf_lsaseq_examin(
2880 (struct lsa_header *)((caddr_t)lsupd
2881 + OSPF_LS_UPD_MIN_SIZE),
2882 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2883 0, /* full LSAs */
2884 ntohl(lsupd->num_lsas) /* 32 bits */
2885 );
2886 break;
2887 case OSPF_MSG_LS_ACK:
2888 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2889 * LSAs. */
2890 ret = ospf_lsaseq_examin(
2891 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2892 + OSPF_LS_ACK_MIN_SIZE),
2893 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2894 1, /* header-only LSAs */
2895 0);
2896 break;
2897 default:
2898 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2899 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2900 oh->type);
2901 return MSG_NG;
2902 }
2903 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2904 zlog_debug("%s: malformed %s packet", __func__,
2905 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2906 return ret;
2907 }
2908
2909 /* OSPF Header verification. */
2910 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2911 struct ip *iph, struct ospf_header *ospfh)
2912 {
2913 /* Check Area ID. */
2914 if (!ospf_check_area_id(oi, ospfh)) {
2915 flog_warn(EC_OSPF_PACKET,
2916 "interface %s: ospf_read invalid Area ID %pI4",
2917 IF_NAME(oi), &ospfh->area_id);
2918 return -1;
2919 }
2920
2921 /* Check network mask, Silently discarded. */
2922 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2923 flog_warn(
2924 EC_OSPF_PACKET,
2925 "interface %s: ospf_read network address is not same [%pI4]",
2926 IF_NAME(oi), &iph->ip_src);
2927 return -1;
2928 }
2929
2930 /* Check authentication. The function handles logging actions, where
2931 * required. */
2932 if (!ospf_check_auth(oi, ospfh))
2933 return -1;
2934
2935 return 0;
2936 }
2937
2938 enum ospf_read_return_enum {
2939 OSPF_READ_ERROR,
2940 OSPF_READ_CONTINUE,
2941 };
2942
2943 static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
2944 {
2945 int ret;
2946 struct stream *ibuf;
2947 struct ospf_interface *oi;
2948 struct ip *iph;
2949 struct ospf_header *ospfh;
2950 uint16_t length;
2951 struct connected *c;
2952 struct interface *ifp = NULL;
2953
2954 stream_reset(ospf->ibuf);
2955 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2956 if (ibuf == NULL)
2957 return OSPF_READ_ERROR;
2958
2959 /*
2960 * This raw packet is known to be at least as big as its
2961 * IP header. Note that there should not be alignment problems with
2962 * this assignment because this is at the beginning of the
2963 * stream data buffer.
2964 */
2965 iph = (struct ip *)STREAM_DATA(ibuf);
2966 /*
2967 * Note that sockopt_iphdrincl_swab_systoh was called in
2968 * ospf_recv_packet.
2969 */
2970 if (ifp == NULL) {
2971 /*
2972 * Handle cases where the platform does not support
2973 * retrieving the ifindex, and also platforms (such as
2974 * Solaris 8) that claim to support ifindex retrieval but do
2975 * not.
2976 */
2977 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2978 ospf->vrf_id);
2979 if (c)
2980 ifp = c->ifp;
2981 if (ifp == NULL) {
2982 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2983 zlog_debug(
2984 "%s: Unable to determine incoming interface from: %pI4(%s)",
2985 __func__, &iph->ip_src,
2986 ospf_get_name(ospf));
2987 return OSPF_READ_CONTINUE;
2988 }
2989 }
2990
2991 if (ospf->vrf_id == VRF_DEFAULT && ospf->vrf_id != ifp->vrf_id) {
2992 /*
2993 * We may have a situation where l3mdev_accept == 1
2994 * let's just kindly drop the packet and move on.
2995 * ospf really really really does not like when
2996 * we receive the same packet multiple times.
2997 */
2998 return OSPF_READ_CONTINUE;
2999 }
3000
3001 /* Self-originated packet should be discarded silently. */
3002 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3003 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3004 zlog_debug(
3005 "ospf_read[%pI4]: Dropping self-originated packet",
3006 &iph->ip_src);
3007 }
3008 return OSPF_READ_CONTINUE;
3009 }
3010
3011 /* Check that we have enough for an IP header */
3012 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3013 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3014 flog_warn(
3015 EC_OSPF_PACKET,
3016 "Rx'd IP packet with OSPF protocol number but no payload");
3017 } else {
3018 flog_warn(
3019 EC_OSPF_PACKET,
3020 "IP header length field claims header is %u bytes, but we only have %zu",
3021 (unsigned int)(iph->ip_hl << 2),
3022 STREAM_READABLE(ibuf));
3023 }
3024
3025 return OSPF_READ_ERROR;
3026 }
3027 stream_forward_getp(ibuf, iph->ip_hl << 2);
3028
3029 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3030 if (MSG_OK
3031 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3032 - stream_get_getp(ibuf)))
3033 return OSPF_READ_CONTINUE;
3034 /* Now it is safe to access all fields of OSPF packet header. */
3035
3036 /* associate packet with ospf interface */
3037 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3038
3039 /*
3040 * ospf_verify_header() relies on a valid "oi" and thus can be called
3041 * only after the passive/backbone/other checks below are passed.
3042 * These checks in turn access the fields of unverified "ospfh"
3043 * structure for their own purposes and must remain very accurate
3044 * in doing this.
3045 */
3046
3047 /* If incoming interface is passive one, ignore it. */
3048 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3049 if (IS_DEBUG_OSPF_EVENT)
3050 zlog_debug(
3051 "ignoring packet from router %pI4 sent to %pI4, received on a passive interface, %pI4",
3052 &ospfh->router_id, &iph->ip_dst,
3053 &oi->address->u.prefix4);
3054
3055 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3056 /* Try to fix multicast membership.
3057 * Some OS:es may have problems in this area,
3058 * make sure it is removed.
3059 */
3060 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3061 ospf_if_set_multicast(oi);
3062 }
3063 return OSPF_READ_CONTINUE;
3064 }
3065
3066
3067 /* if no local ospf_interface,
3068 * or header area is backbone but ospf_interface is not
3069 * check for VLINK interface
3070 */
3071 if ((oi == NULL)
3072 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3073 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3074 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3075 == NULL) {
3076 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3077 zlog_debug(
3078 "Packet from [%pI4] received on link %s but no ospf_interface",
3079 &iph->ip_src, ifp->name);
3080 return OSPF_READ_CONTINUE;
3081 }
3082 }
3083
3084 /*
3085 * else it must be a local ospf interface, check it was
3086 * received on correct link
3087 */
3088 else if (oi->ifp != ifp) {
3089 if (IS_DEBUG_OSPF_EVENT)
3090 flog_warn(EC_OSPF_PACKET,
3091 "Packet from [%pI4] received on wrong link %s",
3092 &iph->ip_src, ifp->name);
3093 return OSPF_READ_CONTINUE;
3094 } else if (oi->state == ISM_Down) {
3095 flog_warn(
3096 EC_OSPF_PACKET,
3097 "Ignoring packet from %pI4 to %pI4 received on interface that is down [%s]; interface flags are %s",
3098 &iph->ip_src, &iph->ip_dst, ifp->name,
3099 if_flag_dump(ifp->flags));
3100 /* Fix multicast memberships? */
3101 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3102 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3103 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3104 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3105 if (oi->multicast_memberships)
3106 ospf_if_set_multicast(oi);
3107 return OSPF_READ_CONTINUE;
3108 }
3109
3110 /*
3111 * If the received packet is destined for AllDRouters, the
3112 * packet should be accepted only if the received ospf
3113 * interface state is either DR or Backup -- endo.
3114 *
3115 * I wonder who endo is?
3116 */
3117 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3118 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3119 flog_warn(
3120 EC_OSPF_PACKET,
3121 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3122 &iph->ip_src, IF_NAME(oi),
3123 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3124 /* Try to fix multicast membership. */
3125 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3126 ospf_if_set_multicast(oi);
3127 return OSPF_READ_CONTINUE;
3128 }
3129
3130 /* Verify more OSPF header fields. */
3131 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3132 if (ret < 0) {
3133 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3134 zlog_debug(
3135 "ospf_read[%pI4]: Header check failed, dropping.",
3136 &iph->ip_src);
3137 return OSPF_READ_CONTINUE;
3138 }
3139
3140 /* Show debug receiving packet. */
3141 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3142 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3143 zlog_debug(
3144 "-----------------------------------------------------");
3145 ospf_packet_dump(ibuf);
3146 }
3147
3148 zlog_debug("%s received from [%pI4] via [%s]",
3149 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3150 &ospfh->router_id, IF_NAME(oi));
3151 zlog_debug(" src [%pI4],", &iph->ip_src);
3152 zlog_debug(" dst [%pI4]", &iph->ip_dst);
3153
3154 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3155 zlog_debug(
3156 "-----------------------------------------------------");
3157 }
3158
3159 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3160
3161 /* Adjust size to message length. */
3162 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3163
3164 /* Read rest of the packet and call each sort of packet routine.
3165 */
3166 switch (ospfh->type) {
3167 case OSPF_MSG_HELLO:
3168 ospf_hello(iph, ospfh, ibuf, oi, length);
3169 break;
3170 case OSPF_MSG_DB_DESC:
3171 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3172 break;
3173 case OSPF_MSG_LS_REQ:
3174 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3175 break;
3176 case OSPF_MSG_LS_UPD:
3177 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3178 break;
3179 case OSPF_MSG_LS_ACK:
3180 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3181 break;
3182 default:
3183 flog_warn(
3184 EC_OSPF_PACKET,
3185 "interface %s(%s): OSPF packet header type %d is illegal",
3186 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3187 break;
3188 }
3189
3190 return OSPF_READ_CONTINUE;
3191 }
3192
3193 /* Starting point of packet process function. */
3194 int ospf_read(struct thread *thread)
3195 {
3196 struct ospf *ospf;
3197 int32_t count = 0;
3198 enum ospf_read_return_enum ret;
3199
3200 /* first of all get interface pointer. */
3201 ospf = THREAD_ARG(thread);
3202
3203 /* prepare for next packet. */
3204 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3205
3206 while (count < ospf->write_oi_count) {
3207 count++;
3208 ret = ospf_read_helper(ospf);
3209 switch (ret) {
3210 case OSPF_READ_ERROR:
3211 return -1;
3212 case OSPF_READ_CONTINUE:
3213 break;
3214 }
3215 }
3216
3217 return 0;
3218 }
3219
3220 /* Make OSPF header. */
3221 static void ospf_make_header(int type, struct ospf_interface *oi,
3222 struct stream *s)
3223 {
3224 struct ospf_header *ospfh;
3225
3226 ospfh = (struct ospf_header *)STREAM_DATA(s);
3227
3228 ospfh->version = (uint8_t)OSPF_VERSION;
3229 ospfh->type = (uint8_t)type;
3230
3231 ospfh->router_id = oi->ospf->router_id;
3232
3233 ospfh->checksum = 0;
3234 ospfh->area_id = oi->area->area_id;
3235 ospfh->auth_type = htons(ospf_auth_type(oi));
3236
3237 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3238
3239 stream_forward_endp(s, OSPF_HEADER_SIZE);
3240 }
3241
3242 /* Make Authentication Data. */
3243 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3244 {
3245 struct crypt_key *ck;
3246
3247 switch (ospf_auth_type(oi)) {
3248 case OSPF_AUTH_NULL:
3249 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3250 */
3251 break;
3252 case OSPF_AUTH_SIMPLE:
3253 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3254 OSPF_AUTH_SIMPLE_SIZE);
3255 break;
3256 case OSPF_AUTH_CRYPTOGRAPHIC:
3257 /* If key is not set, then set 0. */
3258 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3259 ospfh->u.crypt.zero = 0;
3260 ospfh->u.crypt.key_id = 0;
3261 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3262 } else {
3263 ck = listgetdata(
3264 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3265 ospfh->u.crypt.zero = 0;
3266 ospfh->u.crypt.key_id = ck->key_id;
3267 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3268 }
3269 /* note: the seq is done in ospf_make_md5_digest() */
3270 break;
3271 default:
3272 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
3273 */
3274 break;
3275 }
3276
3277 return 0;
3278 }
3279
3280 /* Fill rest of OSPF header. */
3281 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3282 uint16_t length)
3283 {
3284 struct ospf_header *ospfh;
3285
3286 ospfh = (struct ospf_header *)STREAM_DATA(s);
3287
3288 /* Fill length. */
3289 ospfh->length = htons(length);
3290
3291 /* Calculate checksum. */
3292 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3293 ospfh->checksum = in_cksum(ospfh, length);
3294 else
3295 ospfh->checksum = 0;
3296
3297 /* Add Authentication Data. */
3298 ospf_make_auth(oi, ospfh);
3299 }
3300
3301 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3302 {
3303 struct ospf_neighbor *nbr;
3304 struct route_node *rn;
3305 uint16_t length = OSPF_HELLO_MIN_SIZE;
3306 struct in_addr mask;
3307 unsigned long p;
3308 int flag = 0;
3309
3310 /* Set netmask of interface. */
3311 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3312 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3313 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3314 masklen2ip(oi->address->prefixlen, &mask);
3315 else
3316 memset((char *)&mask, 0, sizeof(struct in_addr));
3317 stream_put_ipv4(s, mask.s_addr);
3318
3319 /* Set Hello Interval. */
3320 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3321 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3322 else
3323 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3324
3325 if (IS_DEBUG_OSPF_EVENT)
3326 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3327 IF_NAME(oi));
3328
3329 /* Set Options. */
3330 stream_putc(s, OPTIONS(oi));
3331
3332 /* Set Router Priority. */
3333 stream_putc(s, PRIORITY(oi));
3334
3335 /* Set Router Dead Interval. */
3336 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3337
3338 /* Set Designated Router. */
3339 stream_put_ipv4(s, DR(oi).s_addr);
3340
3341 p = stream_get_endp(s);
3342
3343 /* Set Backup Designated Router. */
3344 stream_put_ipv4(s, BDR(oi).s_addr);
3345
3346 /* Add neighbor seen. */
3347 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3348 if ((nbr = rn->info))
3349 if (nbr->router_id.s_addr
3350 != INADDR_ANY) /* Ignore 0.0.0.0 node. */
3351 if (nbr->state
3352 != NSM_Attempt) /* Ignore Down neighbor. */
3353 if (nbr->state
3354 != NSM_Down) /* This is myself for
3355 DR election. */
3356 if (!IPV4_ADDR_SAME(
3357 &nbr->router_id,
3358 &oi->ospf->router_id)) {
3359 /* Check neighbor is
3360 * sane? */
3361 if (nbr->d_router.s_addr
3362 != INADDR_ANY
3363 && IPV4_ADDR_SAME(
3364 &nbr->d_router,
3365 &oi->address
3366 ->u
3367 .prefix4)
3368 && IPV4_ADDR_SAME(
3369 &nbr->bd_router,
3370 &oi->address
3371 ->u
3372 .prefix4))
3373 flag = 1;
3374
3375 /* Hello packet overflows interface MTU. */
3376 if (length + sizeof(uint32_t)
3377 > ospf_packet_max(oi)) {
3378 flog_err(
3379 EC_OSPF_LARGE_HELLO,
3380 "Oversized Hello packet! Larger than MTU. Not sending it out");
3381 return 0;
3382 }
3383
3384 stream_put_ipv4(
3385 s,
3386 nbr->router_id
3387 .s_addr);
3388 length += 4;
3389 }
3390
3391 /* Let neighbor generate BackupSeen. */
3392 if (flag == 1)
3393 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3394
3395 return length;
3396 }
3397
3398 static int ospf_make_db_desc(struct ospf_interface *oi,
3399 struct ospf_neighbor *nbr, struct stream *s)
3400 {
3401 struct ospf_lsa *lsa;
3402 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3403 uint8_t options;
3404 unsigned long pp;
3405 int i;
3406 struct ospf_lsdb *lsdb;
3407
3408 /* Set Interface MTU. */
3409 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3410 stream_putw(s, 0);
3411 else
3412 stream_putw(s, oi->ifp->mtu);
3413
3414 /* Set Options. */
3415 options = OPTIONS(oi);
3416 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3417 SET_FLAG(options, OSPF_OPTION_O);
3418 stream_putc(s, options);
3419
3420 /* DD flags */
3421 pp = stream_get_endp(s);
3422 stream_putc(s, nbr->dd_flags);
3423
3424 /* Set DD Sequence Number. */
3425 stream_putl(s, nbr->dd_seqnum);
3426
3427 /* shortcut unneeded walk of (empty) summary LSDBs */
3428 if (ospf_db_summary_isempty(nbr))
3429 goto empty;
3430
3431 /* Describe LSA Header from Database Summary List. */
3432 lsdb = &nbr->db_sum;
3433
3434 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3435 struct route_table *table = lsdb->type[i].db;
3436 struct route_node *rn;
3437
3438 for (rn = route_top(table); rn; rn = route_next(rn))
3439 if ((lsa = rn->info) != NULL) {
3440 if (IS_OPAQUE_LSA(lsa->data->type)
3441 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3442 /* Suppress advertising
3443 * opaque-information. */
3444 /* Remove LSA from DB summary list. */
3445 ospf_lsdb_delete(lsdb, lsa);
3446 continue;
3447 }
3448
3449 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3450 struct lsa_header *lsah;
3451 uint16_t ls_age;
3452
3453 /* DD packet overflows interface MTU. */
3454 if (length + OSPF_LSA_HEADER_SIZE
3455 > ospf_packet_max(oi))
3456 break;
3457
3458 /* Keep pointer to LS age. */
3459 lsah = (struct lsa_header
3460 *)(STREAM_DATA(s)
3461 + stream_get_endp(
3462 s));
3463
3464 /* Proceed stream pointer. */
3465 stream_put(s, lsa->data,
3466 OSPF_LSA_HEADER_SIZE);
3467 length += OSPF_LSA_HEADER_SIZE;
3468
3469 /* Set LS age. */
3470 ls_age = LS_AGE(lsa);
3471 lsah->ls_age = htons(ls_age);
3472 }
3473
3474 /* Remove LSA from DB summary list. */
3475 ospf_lsdb_delete(lsdb, lsa);
3476 }
3477 }
3478
3479 /* Update 'More' bit */
3480 if (ospf_db_summary_isempty(nbr)) {
3481 empty:
3482 if (nbr->state >= NSM_Exchange) {
3483 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3484 /* Rewrite DD flags */
3485 stream_putc_at(s, pp, nbr->dd_flags);
3486 } else {
3487 assert(IS_SET_DD_M(nbr->dd_flags));
3488 }
3489 }
3490 return length;
3491 }
3492
3493 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3494 unsigned long delta, struct ospf_neighbor *nbr,
3495 struct ospf_lsa *lsa)
3496 {
3497 struct ospf_interface *oi;
3498
3499 oi = nbr->oi;
3500
3501 /* LS Request packet overflows interface MTU
3502 * delta is just number of bytes required for 1 LS Req
3503 * ospf_packet_max will return the number of bytes can
3504 * be accomodated without ospf header. So length+delta
3505 * can be compared to ospf_packet_max
3506 * to check if it can fit another lsreq in the same packet.
3507 */
3508
3509 if (*length + delta > ospf_packet_max(oi))
3510 return 0;
3511
3512 stream_putl(s, lsa->data->type);
3513 stream_put_ipv4(s, lsa->data->id.s_addr);
3514 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3515
3516 ospf_lsa_unlock(&nbr->ls_req_last);
3517 nbr->ls_req_last = ospf_lsa_lock(lsa);
3518
3519 *length += 12;
3520 return 1;
3521 }
3522
3523 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3524 {
3525 struct ospf_lsa *lsa;
3526 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3527 unsigned long delta = 12;
3528 struct route_table *table;
3529 struct route_node *rn;
3530 int i;
3531 struct ospf_lsdb *lsdb;
3532
3533 lsdb = &nbr->ls_req;
3534
3535 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3536 table = lsdb->type[i].db;
3537 for (rn = route_top(table); rn; rn = route_next(rn))
3538 if ((lsa = (rn->info)) != NULL)
3539 if (ospf_make_ls_req_func(s, &length, delta,
3540 nbr, lsa)
3541 == 0) {
3542 route_unlock_node(rn);
3543 break;
3544 }
3545 }
3546 return length;
3547 }
3548
3549 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3550 {
3551 int age;
3552
3553 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3554
3555 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3556 }
3557
3558 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3559 struct stream *s)
3560 {
3561 struct ospf_lsa *lsa;
3562 struct listnode *node;
3563 uint16_t length = 0;
3564 unsigned int size_noauth;
3565 unsigned long delta = stream_get_endp(s);
3566 unsigned long pp;
3567 int count = 0;
3568
3569 if (IS_DEBUG_OSPF_EVENT)
3570 zlog_debug("ospf_make_ls_upd: Start");
3571
3572 pp = stream_get_endp(s);
3573 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3574 length += OSPF_LS_UPD_MIN_SIZE;
3575
3576 /* Calculate amount of packet usable for data. */
3577 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3578
3579 while ((node = listhead(update)) != NULL) {
3580 struct lsa_header *lsah;
3581 uint16_t ls_age;
3582
3583 lsa = listgetdata(node);
3584 assert(lsa->data);
3585
3586 if (IS_DEBUG_OSPF_EVENT)
3587 zlog_debug("%s: List Iteration %d LSA[%s]", __func__,
3588 count, dump_lsa_key(lsa));
3589
3590 /* Will it fit? Minimum it has to fit atleast one */
3591 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3592 (count > 0))
3593 break;
3594
3595 /* Keep pointer to LS age. */
3596 lsah = (struct lsa_header *)(STREAM_DATA(s)
3597 + stream_get_endp(s));
3598
3599 /* Put LSA to Link State Request. */
3600 stream_put(s, lsa->data, ntohs(lsa->data->length));
3601
3602 /* Set LS age. */
3603 /* each hop must increment an lsa_age by transmit_delay
3604 of OSPF interface */
3605 ls_age = ls_age_increment(lsa,
3606 OSPF_IF_PARAM(oi, transmit_delay));
3607 lsah->ls_age = htons(ls_age);
3608
3609 length += ntohs(lsa->data->length);
3610 count++;
3611
3612 list_delete_node(update, node);
3613 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3614 }
3615
3616 /* Now set #LSAs. */
3617 stream_putl_at(s, pp, count);
3618
3619 if (IS_DEBUG_OSPF_EVENT)
3620 zlog_debug("ospf_make_ls_upd: Stop");
3621 return length;
3622 }
3623
3624 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3625 struct stream *s)
3626 {
3627 struct listnode *node, *nnode;
3628 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3629 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3630 struct ospf_lsa *lsa;
3631
3632 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3633 assert(lsa);
3634
3635 /* LS Ack packet overflows interface MTU
3636 * delta is just number of bytes required for
3637 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3638 * the number of bytes can be accomodated without
3639 * ospf header. So length+delta can be compared
3640 * against ospf_packet_max to check if it can fit
3641 * another ls header in the same packet.
3642 */
3643 if ((length + delta) > ospf_packet_max(oi))
3644 break;
3645
3646 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3647 length += OSPF_LSA_HEADER_SIZE;
3648
3649 listnode_delete(ack, lsa);
3650 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3651 }
3652
3653 return length;
3654 }
3655
3656 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3657 {
3658 struct ospf_packet *op;
3659 uint16_t length = OSPF_HEADER_SIZE;
3660
3661 op = ospf_packet_new(oi->ifp->mtu);
3662
3663 /* Prepare OSPF common header. */
3664 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3665
3666 /* Prepare OSPF Hello body. */
3667 length += ospf_make_hello(oi, op->s);
3668 if (length == OSPF_HEADER_SIZE) {
3669 /* Hello overshooting MTU */
3670 ospf_packet_free(op);
3671 return;
3672 }
3673
3674 /* Fill OSPF header. */
3675 ospf_fill_header(oi, op->s, length);
3676
3677 /* Set packet length. */
3678 op->length = length;
3679
3680 op->dst.s_addr = addr;
3681
3682 if (IS_DEBUG_OSPF_EVENT) {
3683 if (oi->ospf->vrf_id)
3684 zlog_debug(
3685 "%s: Hello Tx interface %s ospf vrf %s id %u",
3686 __func__, oi->ifp->name,
3687 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3688 oi->ospf->vrf_id);
3689 }
3690 /* Add packet to the top of the interface output queue, so that they
3691 * can't get delayed by things like long queues of LS Update packets
3692 */
3693 ospf_packet_add_top(oi, op);
3694
3695 /* Hook thread to write packet. */
3696 OSPF_ISM_WRITE_ON(oi->ospf);
3697 }
3698
3699 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3700 {
3701 struct ospf_interface *oi;
3702
3703 oi = nbr_nbma->oi;
3704 assert(oi);
3705
3706 /* If this is passive interface, do not send OSPF Hello. */
3707 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3708 return;
3709
3710 if (oi->type != OSPF_IFTYPE_NBMA)
3711 return;
3712
3713 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3714 return;
3715
3716 if (PRIORITY(oi) == 0)
3717 return;
3718
3719 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3720 && oi->state != ISM_Backup)
3721 return;
3722
3723 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3724 }
3725
3726 int ospf_poll_timer(struct thread *thread)
3727 {
3728 struct ospf_nbr_nbma *nbr_nbma;
3729
3730 nbr_nbma = THREAD_ARG(thread);
3731 nbr_nbma->t_poll = NULL;
3732
3733 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3734 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3735 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
3736
3737 ospf_poll_send(nbr_nbma);
3738
3739 if (nbr_nbma->v_poll > 0)
3740 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3741 nbr_nbma->v_poll);
3742
3743 return 0;
3744 }
3745
3746
3747 int ospf_hello_reply_timer(struct thread *thread)
3748 {
3749 struct ospf_neighbor *nbr;
3750
3751 nbr = THREAD_ARG(thread);
3752 nbr->t_hello_reply = NULL;
3753
3754 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3755 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3756 IF_NAME(nbr->oi), &nbr->router_id);
3757
3758 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3759
3760 return 0;
3761 }
3762
3763 /* Send OSPF Hello. */
3764 void ospf_hello_send(struct ospf_interface *oi)
3765 {
3766 /* If this is passive interface, do not send OSPF Hello. */
3767 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3768 return;
3769
3770 if (oi->type == OSPF_IFTYPE_NBMA) {
3771 struct ospf_neighbor *nbr;
3772 struct route_node *rn;
3773
3774 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3775 if ((nbr = rn->info))
3776 if (nbr != oi->nbr_self)
3777 if (nbr->state != NSM_Down) {
3778 /* RFC 2328 Section 9.5.1
3779 If the router is not
3780 eligible to become Designated
3781 Router,
3782 it must periodically send
3783 Hello Packets to both the
3784 Designated Router and the
3785 Backup Designated Router (if
3786 they
3787 exist). */
3788 if (PRIORITY(oi) == 0
3789 && IPV4_ADDR_CMP(
3790 &DR(oi),
3791 &nbr->address.u
3792 .prefix4)
3793 && IPV4_ADDR_CMP(
3794 &BDR(oi),
3795 &nbr->address.u
3796 .prefix4))
3797 continue;
3798
3799 /* If the router is eligible to
3800 become Designated Router, it
3801 must periodically send Hello
3802 Packets to all neighbors that
3803 are also eligible. In
3804 addition, if the router is
3805 itself the
3806 Designated Router or Backup
3807 Designated Router, it must
3808 also
3809 send periodic Hello Packets
3810 to all other neighbors. */
3811
3812 if (nbr->priority == 0
3813 && oi->state == ISM_DROther)
3814 continue;
3815 /* if oi->state == Waiting, send
3816 * hello to all neighbors */
3817 ospf_hello_send_sub(
3818 oi,
3819 nbr->address.u.prefix4
3820 .s_addr);
3821 }
3822 } else {
3823 /* Decide destination address. */
3824 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3825 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3826 else
3827 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3828 }
3829 }
3830
3831 /* Send OSPF Database Description. */
3832 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3833 {
3834 struct ospf_interface *oi;
3835 struct ospf_packet *op;
3836 uint16_t length = OSPF_HEADER_SIZE;
3837
3838 oi = nbr->oi;
3839 op = ospf_packet_new(oi->ifp->mtu);
3840
3841 /* Prepare OSPF common header. */
3842 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3843
3844 /* Prepare OSPF Database Description body. */
3845 length += ospf_make_db_desc(oi, nbr, op->s);
3846
3847 /* Fill OSPF header. */
3848 ospf_fill_header(oi, op->s, length);
3849
3850 /* Set packet length. */
3851 op->length = length;
3852
3853 /* Decide destination address. */
3854 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3855 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3856 else
3857 op->dst = nbr->address.u.prefix4;
3858
3859 /* Add packet to the interface output queue. */
3860 ospf_packet_add(oi, op);
3861
3862 /* Hook thread to write packet. */
3863 OSPF_ISM_WRITE_ON(oi->ospf);
3864
3865 /* Remove old DD packet, then copy new one and keep in neighbor
3866 * structure. */
3867 if (nbr->last_send)
3868 ospf_packet_free(nbr->last_send);
3869 nbr->last_send = ospf_packet_dup(op);
3870 monotime(&nbr->last_send_ts);
3871 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3872 zlog_info(
3873 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
3874 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3875 &nbr->router_id, nbr->dd_seqnum,
3876 nbr->dd_flags);
3877 }
3878
3879 /* Re-send Database Description. */
3880 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3881 {
3882 struct ospf_interface *oi;
3883
3884 oi = nbr->oi;
3885
3886 /* Add packet to the interface output queue. */
3887 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3888
3889 /* Hook thread to write packet. */
3890 OSPF_ISM_WRITE_ON(oi->ospf);
3891 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3892 zlog_info(
3893 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
3894 (oi->ospf->name) ? oi->ospf->name : VRF_DEFAULT_NAME,
3895 &nbr->router_id, nbr->dd_seqnum,
3896 nbr->dd_flags);
3897 }
3898
3899 /* Send Link State Request. */
3900 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3901 {
3902 struct ospf_interface *oi;
3903 struct ospf_packet *op;
3904 uint16_t length = OSPF_HEADER_SIZE;
3905
3906 oi = nbr->oi;
3907 op = ospf_packet_new(oi->ifp->mtu);
3908
3909 /* Prepare OSPF common header. */
3910 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3911
3912 /* Prepare OSPF Link State Request body. */
3913 length += ospf_make_ls_req(nbr, op->s);
3914 if (length == OSPF_HEADER_SIZE) {
3915 ospf_packet_free(op);
3916 return;
3917 }
3918
3919 /* Fill OSPF header. */
3920 ospf_fill_header(oi, op->s, length);
3921
3922 /* Set packet length. */
3923 op->length = length;
3924
3925 /* Decide destination address. */
3926 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3927 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3928 else
3929 op->dst = nbr->address.u.prefix4;
3930
3931 /* Add packet to the interface output queue. */
3932 ospf_packet_add(oi, op);
3933
3934 /* Hook thread to write packet. */
3935 OSPF_ISM_WRITE_ON(oi->ospf);
3936
3937 /* Add Link State Request Retransmission Timer. */
3938 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3939 }
3940
3941 /* Send Link State Update with an LSA. */
3942 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3943 int flag)
3944 {
3945 struct list *update;
3946
3947 update = list_new();
3948
3949 listnode_add(update, lsa);
3950
3951 /*ospf instance is going down, send self originated
3952 * MAXAGE LSA update to neighbors to remove from LSDB */
3953 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3954 ospf_ls_upd_send(nbr, update, flag, 1);
3955 else
3956 ospf_ls_upd_send(nbr, update, flag, 0);
3957
3958 list_delete(&update);
3959 }
3960
3961 /* Determine size for packet. Must be at least big enough to accomodate next
3962 * LSA on list, which may be bigger than MTU size.
3963 *
3964 * Return pointer to new ospf_packet
3965 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3966 * on packet sizes (in which case offending LSA is deleted from update list)
3967 */
3968 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3969 struct ospf_interface *oi)
3970 {
3971 struct ospf_lsa *lsa;
3972 struct listnode *ln;
3973 size_t size;
3974 static char warned = 0;
3975
3976 lsa = listgetdata((ln = listhead(update)));
3977 assert(lsa->data);
3978
3979 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3980 > ospf_packet_max(oi)) {
3981 if (!warned) {
3982 flog_warn(
3983 EC_OSPF_LARGE_LSA,
3984 "ospf_ls_upd_packet_new: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'");
3985 warned = 1;
3986 }
3987
3988 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3989 zlog_debug(
3990 "ospf_ls_upd_packet_new: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
3991 &lsa->data->id,
3992 ntohs(lsa->data->length),
3993 &lsa->data->adv_router);
3994
3995 /*
3996 * Allocate just enough to fit this LSA only, to avoid including
3997 * other
3998 * LSAs in fragmented LSA Updates.
3999 */
4000 size = ntohs(lsa->data->length)
4001 + (oi->ifp->mtu - ospf_packet_max(oi))
4002 + OSPF_LS_UPD_MIN_SIZE;
4003 } else
4004 size = oi->ifp->mtu;
4005
4006 if (size > OSPF_MAX_PACKET_SIZE) {
4007 flog_warn(EC_OSPF_LARGE_LSA,
4008 "ospf_ls_upd_packet_new: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
4009 &lsa->data->id, ntohs(lsa->data->length),
4010 (long int)size);
4011 list_delete_node(update, ln);
4012 return NULL;
4013 }
4014
4015 /* IP header is built up separately by ospf_write(). This means, that we
4016 * must
4017 * reduce the "affordable" size just calculated by length of an IP
4018 * header.
4019 * This makes sure, that even if we manage to fill the payload with LSA
4020 * data
4021 * completely, the final packet (our data plus IP header) still fits
4022 * into
4023 * outgoing interface MTU. This correction isn't really meaningful for
4024 * an
4025 * oversized LSA, but for consistency the correction is done for both
4026 * cases.
4027 *
4028 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4029 */
4030 return ospf_packet_new(size - sizeof(struct ip));
4031 }
4032
4033 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4034 struct list *update, struct in_addr addr,
4035 int send_lsupd_now)
4036 {
4037 struct ospf_packet *op;
4038 uint16_t length = OSPF_HEADER_SIZE;
4039
4040 if (IS_DEBUG_OSPF_EVENT)
4041 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4042 IF_NAME(oi), &addr);
4043
4044 /* Check that we have really something to process */
4045 if (listcount(update) == 0)
4046 return;
4047
4048 op = ospf_ls_upd_packet_new(update, oi);
4049
4050 /* Prepare OSPF common header. */
4051 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4052
4053 /* Prepare OSPF Link State Update body.
4054 * Includes Type-7 translation.
4055 */
4056 length += ospf_make_ls_upd(oi, update, op->s);
4057
4058 /* Fill OSPF header. */
4059 ospf_fill_header(oi, op->s, length);
4060
4061 /* Set packet length. */
4062 op->length = length;
4063
4064 /* Decide destination address. */
4065 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4066 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4067 else
4068 op->dst.s_addr = addr.s_addr;
4069
4070 /* Add packet to the interface output queue. */
4071 ospf_packet_add(oi, op);
4072 /* Call ospf_write() right away to send ospf packets to neighbors */
4073 if (send_lsupd_now) {
4074 struct thread os_packet_thd;
4075
4076 os_packet_thd.arg = (void *)oi->ospf;
4077 if (oi->on_write_q == 0) {
4078 listnode_add(oi->ospf->oi_write_q, oi);
4079 oi->on_write_q = 1;
4080 }
4081 ospf_write(&os_packet_thd);
4082 /*
4083 * We are fake calling ospf_write with a fake
4084 * thread. Imagine that we have oi_a already
4085 * enqueued and we have turned on the write
4086 * thread(t_write).
4087 * Now this function calls this for oi_b
4088 * so the on_write_q has oi_a and oi_b on
4089 * it, ospf_write runs and clears the packets
4090 * for both oi_a and oi_b. Removing them from
4091 * the on_write_q. After this thread of execution
4092 * finishes we will execute the t_write thread
4093 * with nothing in the on_write_q causing an
4094 * assert. So just make sure that the t_write
4095 * is actually turned off.
4096 */
4097 if (list_isempty(oi->ospf->oi_write_q))
4098 OSPF_TIMER_OFF(oi->ospf->t_write);
4099 } else {
4100 /* Hook thread to write packet. */
4101 OSPF_ISM_WRITE_ON(oi->ospf);
4102 }
4103 }
4104
4105 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4106 {
4107 struct ospf_interface *oi = THREAD_ARG(thread);
4108 struct route_node *rn;
4109 struct route_node *rnext;
4110 struct list *update;
4111 char again = 0;
4112
4113 oi->t_ls_upd_event = NULL;
4114
4115 if (IS_DEBUG_OSPF_EVENT)
4116 zlog_debug("ospf_ls_upd_send_queue start");
4117
4118 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4119 rnext = route_next(rn);
4120
4121 if (rn->info == NULL)
4122 continue;
4123
4124 update = (struct list *)rn->info;
4125
4126 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4127
4128 /* list might not be empty. */
4129 if (listcount(update) == 0) {
4130 list_delete((struct list **)&rn->info);
4131 route_unlock_node(rn);
4132 } else
4133 again = 1;
4134 }
4135
4136 if (again != 0) {
4137 if (IS_DEBUG_OSPF_EVENT)
4138 zlog_debug(
4139 "ospf_ls_upd_send_queue: update lists not cleared, %d nodes to try again, raising new event",
4140 again);
4141 oi->t_ls_upd_event = NULL;
4142 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4143 &oi->t_ls_upd_event);
4144 }
4145
4146 if (IS_DEBUG_OSPF_EVENT)
4147 zlog_debug("ospf_ls_upd_send_queue stop");
4148
4149 return 0;
4150 }
4151
4152 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4153 int send_lsupd_now)
4154 {
4155 struct ospf_interface *oi;
4156 struct ospf_lsa *lsa;
4157 struct prefix_ipv4 p;
4158 struct route_node *rn;
4159 struct listnode *node;
4160
4161 oi = nbr->oi;
4162
4163 p.family = AF_INET;
4164 p.prefixlen = IPV4_MAX_BITLEN;
4165
4166 /* Decide destination address. */
4167 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4168 p.prefix = oi->vl_data->peer_addr;
4169 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4170 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4171 else if (flag == OSPF_SEND_PACKET_DIRECT)
4172 p.prefix = nbr->address.u.prefix4;
4173 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4174 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4175 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4176 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4177 else
4178 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4179
4180 if (oi->type == OSPF_IFTYPE_NBMA) {
4181 if (flag == OSPF_SEND_PACKET_INDIRECT)
4182 flog_warn(
4183 EC_OSPF_PACKET,
4184 "* LS-Update is directly sent on NBMA network.");
4185 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4186 flog_warn(EC_OSPF_PACKET,
4187 "* LS-Update is sent to myself.");
4188 }
4189
4190 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4191
4192 if (rn->info == NULL)
4193 rn->info = list_new();
4194 else
4195 route_unlock_node(rn);
4196
4197 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4198 listnode_add(rn->info,
4199 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4200 if (send_lsupd_now) {
4201 struct list *send_update_list;
4202 struct route_node *rnext;
4203
4204 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4205 rnext = route_next(rn);
4206
4207 if (rn->info == NULL)
4208 continue;
4209
4210 send_update_list = (struct list *)rn->info;
4211
4212 ospf_ls_upd_queue_send(oi, send_update_list,
4213 rn->p.u.prefix4, 1);
4214 }
4215 } else
4216 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4217 &oi->t_ls_upd_event);
4218 }
4219
4220 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4221 struct in_addr dst)
4222 {
4223 struct ospf_packet *op;
4224 uint16_t length = OSPF_HEADER_SIZE;
4225
4226 op = ospf_packet_new(oi->ifp->mtu);
4227
4228 /* Prepare OSPF common header. */
4229 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4230
4231 /* Prepare OSPF Link State Acknowledgment body. */
4232 length += ospf_make_ls_ack(oi, ack, op->s);
4233
4234 /* Fill OSPF header. */
4235 ospf_fill_header(oi, op->s, length);
4236
4237 /* Set packet length. */
4238 op->length = length;
4239
4240 /* Decide destination address. */
4241 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4242 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4243 else
4244 op->dst.s_addr = dst.s_addr;
4245
4246 /* Add packet to the interface output queue. */
4247 ospf_packet_add(oi, op);
4248
4249 /* Hook thread to write packet. */
4250 OSPF_ISM_WRITE_ON(oi->ospf);
4251 }
4252
4253 static int ospf_ls_ack_send_event(struct thread *thread)
4254 {
4255 struct ospf_interface *oi = THREAD_ARG(thread);
4256
4257 oi->t_ls_ack_direct = NULL;
4258
4259 while (listcount(oi->ls_ack_direct.ls_ack))
4260 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4261 oi->ls_ack_direct.dst);
4262
4263 return 0;
4264 }
4265
4266 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4267 {
4268 struct ospf_interface *oi = nbr->oi;
4269
4270 if (IS_GRACE_LSA(lsa)) {
4271 if (IS_DEBUG_OSPF_GR)
4272 zlog_debug("%s, Sending GRACE ACK to Restarter.",
4273 __func__);
4274 }
4275
4276 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4277 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4278
4279 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4280
4281 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4282 &oi->t_ls_ack_direct);
4283 }
4284
4285 /* Send Link State Acknowledgment delayed. */
4286 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4287 {
4288 struct in_addr dst;
4289
4290 /* Decide destination address. */
4291 /* RFC2328 Section 13.5 On non-broadcast
4292 networks, delayed Link State Acknowledgment packets must be
4293 unicast separately over each adjacency (i.e., neighbor whose
4294 state is >= Exchange). */
4295 if (oi->type == OSPF_IFTYPE_NBMA) {
4296 struct ospf_neighbor *nbr;
4297 struct route_node *rn;
4298
4299 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4300 if ((nbr = rn->info) != NULL)
4301 if (nbr != oi->nbr_self
4302 && nbr->state >= NSM_Exchange)
4303 while (listcount(oi->ls_ack))
4304 ospf_ls_ack_send_list(
4305 oi, oi->ls_ack,
4306 nbr->address.u.prefix4);
4307 return;
4308 }
4309 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4310 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4311 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4312 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4313 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4314 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4315 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4316 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4317 else
4318 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4319
4320 while (listcount(oi->ls_ack))
4321 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4322 }
4323
4324 /*
4325 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4326 * address. As a result, the kernel does not need to learn the interface
4327 * MAC of the OSPF neighbor. However, in our world, this will delay
4328 * convergence. Take the case when due to a link flap, all routes now
4329 * want to use an interface which was deemed to be costlier prior to this
4330 * event. For routes that will be installed, the missing MAC will have
4331 * punt-to-CPU set on them. This may overload the CPU control path that
4332 * can be avoided if the MAC was known apriori.
4333 */
4334 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4335 {
4336 if (!nbr || !nbr->oi->ospf->proactive_arp)
4337 return;
4338
4339 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
4340 }
FRRouting mirror